Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My PC is Sick and acting so weird :( [Solved]

Started by frichieny , Jun 19 2013 09:18 AM

  • This topic is locked This topic is locked

#1
frichieny
Posted 19 June 2013 - 09:18 AM

frichieny

    Member

  • Member
  • PipPipPip
  • 192 posts
OTL logfile created on: 6/19/2013 11:11:18 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 40.82% Memory free
3.85 Gb Paging File | 2.66 Gb Available in Paging File | 69.06% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 61.15 Gb Total Space | 3.80 Gb Free Space | 6.21% Space Free | Partition Type: NTFS
Drive D: | 87.89 Gb Total Space | 9.72 Gb Free Space | 11.06% Space Free | Partition Type: NTFS

Computer Name: DELACRUZ | User Name: Dela Cruz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/19 21:41:10 | 000,051,370 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Temp\winatul.exe
PRC - [2013/06/19 21:36:34 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Temp\winexjxgs.exe
PRC - [2013/06/19 21:04:22 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Temp\qguu.exe
PRC - [2013/06/19 11:38:49 | 009,942,832 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe
PRC - [2013/05/29 13:27:40 | 000,891,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2013/04/16 13:59:50 | 000,672,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs\OTL.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2012/11/14 08:50:14 | 003,614,144 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2008/04/14 05:42:20 | 001,551,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/19 21:41:10 | 000,051,370 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Temp\winatul.exe
MOD - [2013/06/19 21:36:34 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Temp\winexjxgs.exe
MOD - [2013/06/19 21:04:22 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Temp\qguu.exe
MOD - [2013/06/19 11:39:15 | 000,236,336 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\PluginNews.dll
MOD - [2013/06/19 11:39:14 | 000,856,880 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\ggplugin.dll
MOD - [2013/06/19 11:39:14 | 000,098,608 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\PlatformPlugin.dll
MOD - [2013/06/19 11:39:12 | 000,287,024 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\DailyTaskPlugin.dll
MOD - [2013/06/19 11:39:12 | 000,133,936 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\ClanBoxPlugin.dll
MOD - [2013/06/19 11:39:10 | 000,027,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\VersionModule.dll
MOD - [2013/06/19 11:39:03 | 001,903,920 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggspawn.dll
MOD - [2013/06/19 11:38:49 | 009,942,832 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe
MOD - [2013/06/13 18:29:52 | 013,140,872 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
MOD - [2013/05/29 20:21:27 | 000,957,232 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\XLL.dll
MOD - [2013/05/29 20:21:06 | 000,799,536 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\gagmhook.dll
MOD - [2013/05/29 13:27:38 | 000,393,168 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll
MOD - [2013/05/29 13:27:35 | 004,051,408 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 13:26:36 | 001,597,392 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/04/25 19:31:02 | 001,543,984 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\FileSender.dll
MOD - [2013/04/25 19:30:54 | 000,436,528 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\GarenaTalkPlugin.dll
MOD - [2013/04/10 17:23:12 | 000,170,800 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\fs\YYFileSystem.dll
MOD - [2013/04/10 17:22:55 | 000,155,440 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\libmpg123.dll
MOD - [2013/03/13 18:05:59 | 000,374,064 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\Http.dll
MOD - [2013/03/07 10:10:42 | 000,106,288 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\UILayout.dll
MOD - [2013/03/07 10:10:39 | 000,224,560 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\StatsPlugin.dll
MOD - [2013/03/07 10:10:22 | 000,487,216 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\CxImage.dll
MOD - [2013/02/07 17:11:25 | 000,025,392 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginModule.dll
MOD - [2013/02/07 17:11:24 | 000,087,344 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginKernel.dll
MOD - [2013/02/07 17:11:22 | 000,192,816 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ImageModule.dll
MOD - [2013/02/07 17:11:17 | 000,051,504 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\FileLoader.dll
MOD - [2013/02/07 17:11:15 | 000,033,584 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\DibModule.dll
MOD - [2013/02/01 13:42:29 | 000,153,088 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\libzmq.dll
MOD - [2013/01/30 16:27:09 | 000,194,864 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\xim\plugin_yahoo.dll
MOD - [2013/01/30 16:27:07 | 000,590,128 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\xim\plugin_msn.dll
MOD - [2013/01/30 16:26:41 | 002,941,232 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggdownloader.dll
MOD - [2013/01/30 16:26:38 | 000,104,752 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\CommonLib.dll
MOD - [2013/01/14 19:57:52 | 001,092,912 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\GaFileTransfer.dll
MOD - [2013/01/14 19:57:46 | 000,219,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\TaskManagerLib.dll
MOD - [2012/12/17 11:03:08 | 000,460,744 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\xim\plugin_xmpp.dll
MOD - [2012/12/17 11:02:49 | 000,147,400 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\xIM.dll
MOD - [2012/09/13 14:19:19 | 000,048,640 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\XmlUIModule.dll
MOD - [2012/08/31 03:10:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2012/07/27 14:59:42 | 000,010,240 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\ClientTcp.dll
MOD - [2012/07/27 14:59:28 | 000,061,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\UdtLib.dll
MOD - [2012/04/24 09:19:16 | 000,238,592 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\MediaEngine.dll
MOD - [2012/04/13 11:12:18 | 000,059,392 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\AudioMixerLib.dll
MOD - [2012/04/13 11:12:18 | 000,019,968 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ServerMemAlloc.dll
MOD - [2012/03/08 16:56:40 | 000,510,464 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\RSALib.dll
MOD - [2012/02/22 16:52:18 | 000,162,304 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lame_enc.dll
MOD - [2012/02/22 16:52:16 | 000,573,100 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\sqlite3.dll
MOD - [2012/02/22 16:52:16 | 000,178,176 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\MP3Module.dll
MOD - [2012/02/22 16:52:16 | 000,122,136 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggcode.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/01/31 11:33:24 | 000,032,768 | ---- | M] () -- C:\Program Files\Vtune\TBPanelExt.dll


========== Services (SafeList) ==========

SRV - [2013/06/14 10:54:47 | 000,190,872 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 18:59:10 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/03 21:40:49 | 000,319,840 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Smart Bro\UpdateDog\ouc.exe -- (Smart Bro. RunOuc)
SRV - [2013/04/02 03:01:48 | 000,305,800 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.233.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/04/02 03:01:48 | 000,267,400 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.233.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/11/26 18:35:10 | 000,810,904 | ---- | M] (Tunngle.net GmbH) [Disabled | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/09/21 14:46:21 | 000,227,304 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/08/31 03:10:00 | 001,332,584 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/08/13 13:33:30 | 003,141,824 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/05/03 08:31:10 | 000,240,264 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/11 08:06:10 | 000,143,056 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2012/04/11 07:59:14 | 000,616,280 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012/04/03 02:46:58 | 000,399,176 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011/11/16 02:26:48 | 000,441,160 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011/10/19 12:13:38 | 000,144,712 | ---- | M] (H+H Software GmbH) [Disabled | Stopped] -- C:\Program Files\Virtual CD v10\System\VC10SecS.exe -- (VC10SecS)
SRV - [2011/03/14 23:27:28 | 000,337,248 | ---- | M] () [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010/03/25 10:25:22 | 031,038,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\vtany.sys -- (vtany)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\DELACR~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kjlsmn.sys -- (amsint32)
DRV - [2013/04/21 15:04:16 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\apf003.sys -- (apf003)
DRV - [2013/04/10 03:14:50 | 000,013,816 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\WINDOWS\system32\unikey.sys -- (phunter)
DRV - [2013/04/03 21:40:51 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2013/04/03 21:40:51 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013/04/03 21:40:51 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013/04/03 21:40:51 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013/02/22 15:17:04 | 000,181,784 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/02/22 15:17:04 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/02/05 17:52:46 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012/12/06 01:13:58 | 000,022,112 | -HS- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Room\safedrv.sys -- (GGSAFERDriver)
DRV - [2012/11/22 08:43:14 | 000,112,480 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2012/08/24 15:57:00 | 000,113,104 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012/04/11 23:40:28 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2012/04/07 02:15:10 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2012/02/22 18:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/01/11 14:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2011/10/19 02:53:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011/04/19 08:52:48 | 000,186,392 | ---- | M] (H+H Software GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vdrv1000.sys -- (vdrv1000)
DRV - [2011/03/31 19:36:10 | 000,204,384 | ---- | M] (SHADOWDEFENDER.COM) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\diskpt.sys -- (diskpt)
DRV - [2010/04/09 08:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2010/03/23 00:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2010/03/10 17:34:34 | 000,013,952 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HH10Help.sys -- (HH10Help.sys)
DRV - [2010/03/05 00:02:10 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010/03/05 00:02:08 | 000,070,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009/11/18 14:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 14:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/09/16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=UP62
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2718116
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.msn.com/?...=OIE8HP&PC=UP62
IE - HKCU\..\URLSearchHook: {e3600b2b-4c86-4697-96bc-74d4d209f6bc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.com/RCplugin: C:\Documents and Settings\Dela Cruz\Application Data\raidcall\plugins\webplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Dela Cruz\Application Data\IDM\idmmzcc5 [2013/01/17 22:23:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\Dela Cruz\Application Data\IDM\idmmzcc5 [2013/01/17 22:23:43 | 000,000,000 | ---D | M]

[2012/06/05 14:03:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Extensions
[2013/06/03 00:29:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions
[2012/09/25 20:35:42 | 000,621,521 | ---- | M] () (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions\[email protected]
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/06/14 10:54:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/14 10:54:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/14 10:54:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\distribution\extensions
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Documents and Settings\Dela Cruz\Application Data\raidcall\plugins\webplugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Garena Talk Plugin (Enabled) = D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
CHR - Extension: Fabulous = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ambjmeohlajelahhhniggkkceagdlcgj\28.4_0\
CHR - Extension: FB Refresh = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdlfdaajmclngiomogmleihllaejcnni\2.0.1_0\
CHR - Extension: Adblock Plus = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google One Piece = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gacclaplhgkomiijkahnnkjiofngfkhd\1.0_0\
CHR - Extension: AirMech = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\17760_0\
CHR - Extension: IDM Integration = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.12.2_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: My Chrome Theme = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\

O1 HOSTS File: ([2013/06/07 21:28:06 | 000,000,788 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {e3600b2b-4c86-4697-96bc-74d4d209f6bc} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E3600B2B-4C86-4697-96BC-74D4D209F6BC} - No CLSID value found.
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [GarenaPlus] D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D926CD09-FB59-497F-9FE5-0436F3AC5EF7}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/06/05 13:00:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/04/15 18:57:52 | 000,000,274 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/11/07 19:49:08 | 000,001,331 | ---- | M] () - D:\AutoHotkey.ahk -- [ NTFS ]
O32 - AutoRun File - [2012/08/03 05:24:44 | 000,969,216 | ---- | M] () - D:\AutoHotkey.exe -- [ NTFS ]
O32 - AutoRun File - [2007/04/15 18:57:52 | 000,000,247 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{388cb639-058b-11e2-a8d9-0024215b0d23}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\AutOplaY\cOmmAND - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\AutoRun\command - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\EXplorE\CommAnD - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\opeN\cOMmaNd - "" = E:\mibsbd.pif
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell\AutoRun\command - "" = F:\steambackup2.EXE
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/19 23:01:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dela Cruz\Recent
[2013/06/19 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Carpe Fulgur
[2013/06/19 15:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Carpe Fulgur
[2013/06/16 08:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/06/15 03:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion Limited
[2013/06/15 03:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2013/06/14 13:28:30 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2013/06/14 13:28:30 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2013/06/14 13:28:27 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2013/06/14 10:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/10 05:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\YourFileDownloader
[2013/06/10 02:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Desktop\PokeMMO.eu
[2013/06/06 23:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\[email protected]
[2013/06/06 23:12:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\CasperWiMACHunter
[2013/06/06 23:10:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\syntaxerror00100
[2013/06/06 09:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2013/06/04 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\My Documents\Imba summoners
[2013/06/02 10:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Aeria Games
[2013/06/02 10:27:58 | 000,000,000 | ---D | C] -- C:\ProgramData
[2013/06/02 10:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Start Menu\Programs\AeriaGames
[2013/06/02 10:14:40 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2013/06/02 10:14:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AeriaGames
[2013/06/02 10:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Aeria Games
[2013/06/02 04:09:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Akamai
[2013/06/02 04:09:49 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2013/05/28 01:48:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\Carbon
[2013/05/26 21:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Monaco What's Yours Is Mine
[2013/05/23 06:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\My Documents\Klei
[2013/05/23 04:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Steam
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/19 22:56:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/19 22:15:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003UA.job
[2013/06/19 21:21:18 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
[2013/06/19 21:20:01 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003UA.job
[2013/06/19 21:12:31 | 000,267,555 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\dannce.jpg
[2013/06/19 21:11:35 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013/06/19 21:10:35 | 000,504,286 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/19 21:10:35 | 000,088,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/19 21:00:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/19 20:37:33 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/19 15:17:52 | 000,001,916 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Recettear - An Item Shops Tale.lnk
[2013/06/19 14:50:15 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2013/06/19 14:48:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\5469
[2013/06/19 14:48:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/17 03:15:00 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003Core.job
[2013/06/16 12:20:01 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003Core.job
[2013/06/16 08:43:31 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iFunbox.lnk
[2013/06/14 22:17:03 | 001,094,820 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/06/14 22:17:03 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/06/14 22:16:56 | 001,094,820 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/06/14 13:28:52 | 000,000,197 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI
[2013/06/10 08:40:17 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 20:46:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4bed
[2013/06/09 09:53:10 | 000,003,574 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\recently-used.xbel
[2013/06/09 07:15:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4d64
[2013/06/08 12:08:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4e7d
[2013/06/08 09:44:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\5014
[2013/06/07 21:28:06 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/07 21:28:06 | 000,000,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.umbrella
[2013/06/07 20:31:19 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Wifi Connected.url
[2013/06/06 23:13:15 | 000,099,328 | RHS- | M] () -- C:\lnts.pif
[2013/06/06 19:20:51 | 000,002,334 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/06 19:20:50 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Google Chrome.lnk
[2013/06/05 20:20:54 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Internet Explorer.lnk
[2013/06/04 22:21:05 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2013/06/03 15:25:40 | 000,006,370 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\Backup .001
[2013/06/03 13:56:13 | 000,169,813 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\FAIL.jpg
[2013/06/02 21:55:53 | 000,003,076 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\Hey.reg
[2013/06/02 10:27:20 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Soldier Front 2.lnk
[2013/06/02 10:14:34 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aeria Ignite.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/19 21:12:31 | 000,267,555 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\dannce.jpg
[2013/06/19 15:17:52 | 000,001,916 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Recettear - An Item Shops Tale.lnk
[2013/06/19 14:48:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\5469
[2013/06/14 13:28:17 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013/06/14 13:25:55 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2013/06/14 13:25:55 | 000,012,210 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013/06/10 05:12:14 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
[2013/06/09 20:46:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4bed
[2013/06/09 09:53:10 | 000,003,574 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\recently-used.xbel
[2013/06/09 07:15:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4d64
[2013/06/08 12:08:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4e7d
[2013/06/08 09:44:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\5014
[2013/06/07 20:31:10 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Wifi Connected.url
[2013/06/06 23:13:22 | 000,000,274 | RHS- | C] () -- C:\autorun.inf
[2013/06/06 23:13:15 | 000,099,328 | RHS- | C] () -- C:\lnts.pif
[2013/06/05 20:20:54 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Internet Explorer.lnk
[2013/06/03 15:25:38 | 000,006,370 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\Backup .001
[2013/06/03 13:56:13 | 000,169,813 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\FAIL.jpg
[2013/06/02 21:55:51 | 000,003,076 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\Hey.reg
[2013/06/02 10:27:20 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Soldier Front 2.lnk
[2013/06/02 10:14:34 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aeria Ignite.lnk
[2013/04/23 13:01:46 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\.gtk-bookmarks
[2013/04/21 15:04:16 | 000,016,304 | ---- | C] () -- C:\WINDOWS\System32\apl003.sys
[2013/04/21 15:04:16 | 000,013,232 | ---- | C] () -- C:\WINDOWS\System32\apf003.sys
[2013/04/16 13:33:17 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\Dela Cruz\ntuser.pol
[2013/04/16 13:21:31 | 000,201,802 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\poclbm130302GeForce 9500 GTv1w256l4.bin
[2013/04/10 03:12:40 | 000,013,816 | ---- | C] () -- C:\WINDOWS\System32\unikey.sys
[2013/04/04 03:09:36 | 000,002,759 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\.TransferManager.db
[2013/02/05 17:52:54 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013/02/05 17:52:50 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013/02/05 17:52:50 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013/02/05 17:52:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013/02/05 17:52:50 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013/01/15 19:58:31 | 000,000,320 | ---- | C] () -- C:\WINDOWS\con_34195430.ini
[2013/01/03 17:38:34 | 000,803,956 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-1659004503-725345543-1003-0.dat
[2013/01/03 17:38:31 | 000,287,434 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/12/29 19:19:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2012/12/05 15:45:33 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/08/01 00:46:38 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\fusioncache.dat
[2012/07/13 16:41:14 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/01 14:46:41 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2012/07/01 01:40:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2012/06/05 20:51:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/05 17:18:44 | 000,163,584 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/06/05 17:01:53 | 001,094,820 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/05 17:01:53 | 001,094,820 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/05 17:01:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/06/05 16:55:34 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/06/05 14:22:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\diskpt.dat
[2012/06/05 14:09:08 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/05 13:33:25 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2012/06/05 13:30:08 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/06/05 13:28:11 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012/06/05 13:02:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/06/05 12:58:12 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2012/06/05 13:31:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 003,682,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/11/25 23:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Caphyon
[2012/11/14 00:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2013/04/10 03:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService
[2012/09/13 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2013/01/22 01:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Garena
[2013/06/19 21:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger
[2012/06/11 23:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hotspot Shield
[2013/06/16 08:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/03/29 14:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2012/12/20 15:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2012/12/05 15:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2013/04/04 02:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013/04/03 21:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smart Bro
[2013/05/23 04:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steam
[2012/06/11 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2012/12/31 22:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2012/12/01 22:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft
[2013/02/09 19:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013/03/20 13:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\.minecraft
[2012/12/01 22:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\AnvSoft
[2012/12/02 00:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Audacity
[2012/06/11 15:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Camfrog
[2013/05/28 01:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Carbon
[2013/05/05 18:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\com.shirogames.evoland
[2012/11/14 07:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\DAEMON Tools Lite
[2013/06/19 21:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\DMCache
[2013/03/01 18:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Enterbrain
[2013/03/01 18:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\FFSJ
[2013/04/26 11:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\fltk.org
[2012/10/09 10:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\FreeBurner
[2013/01/22 01:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Garena
[2013/06/19 21:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\GarenaPlus
[2012/12/01 22:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\HandBrake
[2013/06/19 23:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\IDM
[2013/03/22 10:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\iFunbox_UserCache
[2012/07/01 01:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\LolClient
[2012/06/05 17:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\LolClient2
[2012/12/30 20:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\ManyCam
[2013/04/18 00:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Nettalk
[2012/09/30 03:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\PowerISO
[2012/07/13 16:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\raidcall
[2013/05/04 16:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Rainmeter
[2013/02/10 13:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\redsn0w
[2013/04/04 01:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Samsung
[2012/06/05 14:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Shadow Defender
[2012/12/31 18:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\SystemRequirementsLab
[2013/01/05 00:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\TeamViewer
[2013/03/10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Tunngle
[2002/01/01 00:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\TypingMaster7
[2013/03/10 20:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Unity
[2013/06/03 15:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\uTorrent
[2013/01/03 17:01:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Virtual CD v10
[2012/12/01 22:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Xilisoft
[2012/12/02 00:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\xim
[2012/12/16 21:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\YaTQA
[2013/06/10 05:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\YourFileDownloader

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
frichieny
Posted 19 June 2013 - 09:21 AM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
My PC is acting weird i dont know why :( But now its the worst :( I cant use Ccleaner because after i clean Visual ++ error and I lag at some games :( And now I cant Download anything :( it always stuck's to 99.99 Percent :(
  • 0

#3
Phel
Posted 19 June 2013 - 09:23 AM

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hello, frichieny and welcome to GeeksToGo!

You can call me Phel and today I will try to help you with your trouble.

Please, read these instructions carefully, because they contain some very useful information.

Please, let me know, if you don't understand something. It is really important to understand any instruction. Also, please read all instructions carefully before performing them. Feel free to ask questions, if you aren't sure.

Please, be patient. You should stay here until your computer will become really clean. Malware Removal isn't very fast procedure, it usually has multiple steps, but result should be glad.;)

Please, wait for a while now, currently I'm analyzing your logs. Please note, that my answers could come with a slight delay, because they are checked by my teacher.
  • 0

#4
frichieny
Posted 19 June 2013 - 09:29 AM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Oh hello again Phel :) Thank for being my helper again :)
  • 0

#5
Phel
Posted 19 June 2013 - 11:53 AM

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hey,

Warning! Your computer is infected with file infector Sality.

That means that most part of your executable files (.exe) contains malicious code inside. When you launch infected file, the modified part of program starts too and it searches for another executable files to infect them as well. So that's why removal of file infectors is so difficult and I can't ever guarantee that we'll completely remove this infection.

However, I have good news for you. We can try to remove this infection and probability of success is really high. So, please, follow these steps:

Step 1. SalityKiller scan.

  • Download and unpack the file SalityKiller.exe in the root of disk C:\.
  • Press Win+R key sequence.
  • In the new window copy and paste the following:
  • C:\SalityKiller.exe -l C:\sklog.txt
  • Click OK button.
  • A reboot might be required after disinfection.
  • Download the file Sality_RegKeys.zip.
  • Unpack the file Sality_RegKeys.zip (using WinZip).
  • Run the file Disable_autorun.reg from the archive Sality_RegKeys.zip.
  • Click Yes to confirm adding the information to the registry.
  • Post contents of C:\sklog.txt file in your next message.

Step 2. OTL scan.

  • Open OTL again.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, one at a time and post them in your topic.

So, please, don't forget to post in your next message:

  • sklog.txt
  • OTL.txt

  • 0

#6
frichieny
Posted 19 June 2013 - 03:26 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Oh no :( That was the Virus that killed my PC back then because of the External hard drive of my cousin :( how come its not removed :/ Can you teach me to how to reformat a Hard drive too so i wont get infected again :(
  • 0

#7
frichieny
Posted 19 June 2013 - 09:46 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Sklog

05:50:26:187 16000 scanning threads ...
05:50:36:312 16000
05:50:36:312 16000 scanning processes ...
05:50:36:328 16000
05:50:36:328 16000 fixing registry ...
05:50:36:328 14676
Monitoring thread started
05:50:36:328 16000 SalityRegCure: Restoring general registry keys
05:50:36:328 16000 SalityRegCure: Fixing system.ini
05:50:36:328 16000
05:50:36:328 16000 scanning drives ...
05:50:36:328 16000 scanning C:\ ...
05:54:04:812 16000 C:\NVIDIA\DisplayDriver\301.42\WinXP\International\Display.NView\nvTaskbar.exe infected Virus.Win32.Sality.bh ...05:54:04:812 16000 cured
05:54:09:625 16000 C:\NVIDIA\DisplayDriver\301.42\WinXP\International\Display.NView\nwiz.exe infected Virus.Win32.Sality.bh ...05:54:09:625 16000 cured
05:54:13:406 16000 C:\NVIDIA\DisplayDriver\301.42\WinXP\International\Display.Update\ComUpdatus.exe infected Virus.Win32.Sality.bh ...05:54:13:406 16000 cured
05:54:17:218 16000 C:\NVIDIA\DisplayDriver\301.42\WinXP\International\Display.Update\daemonu.exe infected Virus.Win32.Sality.bh ...05:54:17:218 16000 cured
05:54:22:953 16000 C:\NVIDIA\DisplayDriver\301.42\WinXP\International\setup.exe infected Virus.Win32.Sality.bh ...05:54:22:953 16000 cured
05:54:26:531 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.Driver\dbInstaller.exe infected Virus.Win32.Sality.bh ...05:54:26:531 16000 cured
05:54:31:546 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.Driver\nvcplsetupeng.exe infected Virus.Win32.Sality.bh ...05:54:31:546 16000 cured
05:54:35:765 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.Driver\NvStereoUtilityOGL.exe infected Virus.Win32.Sality.bh ...05:54:35:765 16000 cured
05:54:39:593 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.NView\Keystone.exe infected Virus.Win32.Sality.bh ...05:54:39:593 16000 cured
05:54:43:421 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.NView\nvAppBar.exe infected Virus.Win32.Sality.bh ...05:54:43:421 16000 cured
05:54:47:156 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.NView\nvDspSch.exe infected Virus.Win32.Sality.bh ...05:54:47:156 16000 cured
05:54:51:015 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.NView\nvTaskbar.exe infected Virus.Win32.Sality.bh ...05:54:51:015 16000 cured
05:54:56:015 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.NView\nwiz.exe infected Virus.Win32.Sality.bh ...05:54:56:015 16000 cured
05:54:59:718 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.Update\ComUpdatus.exe infected Virus.Win32.Sality.bh ...05:54:59:718 16000 cured
05:55:03:375 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\Display.Update\daemonu.exe infected Virus.Win32.Sality.bh ...05:55:03:375 16000 cured
05:55:08:328 16000 C:\NVIDIA\DisplayDriver\306.23\WinXP\English\setup.exe infected Virus.Win32.Sality.bh ...05:55:08:328 16000 cured
05:55:12:109 16000 C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe infected Virus.Win32.Sality.bh ...05:55:12:109 16000 cured
05:55:15:875 16000 C:\Program Files\Adobe\Acrobat 6.0\Reader\AdobeUpdateManager.exe infected Virus.Win32.Sality.bh ...05:55:15:890 16000 cured
05:55:21:609 16000 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Printme\ConsoleApp.exe infected Virus.Win32.Sality.bh ...05:55:21:609 16000 cured
05:55:25:921 16000 C:\Program Files\Adobe\Acrobat 6.0\Reader\Updater\acroaum.exe infected Virus.Win32.Sality.bh ...05:55:25:921 16000 cured
05:55:30:406 16000 C:\Program Files\AMD\AMD Processor Driver\DPInst.exe infected Virus.Win32.Sality.bh ...05:55:30:406 16000 cured
05:55:35:812 16000 C:\Program Files\AnvSoft\Any Video Converter\gnu\avc\mencoder.exe infected Virus.Win32.Sality.bh ...05:55:35:812 16000 cured
05:55:39:593 16000 C:\Program Files\AnvSoft\Any Video Converter\gnu\avc\mplayer.exe infected Virus.Win32.Sality.bh ...05:55:39:593 16000 cured
05:55:43:406 16000 C:\Program Files\AnvSoft\Any Video Converter\gnu\dvdauthor.exe infected Virus.Win32.Sality.bh ...05:55:43:421 16000 cured
05:55:47:062 16000 C:\Program Files\AnvSoft\Any Video Converter\gnu\ffmpeg.exe infected Virus.Win32.Sality.bh ...05:55:47:062 16000 cured
05:55:50:812 16000 C:\Program Files\AnvSoft\Any Video Converter\gnu\genisoimage\genisoimage.exe infected Virus.Win32.Sality.bh ...05:55:50:812 16000 cured
05:55:54:625 16000 C:\Program Files\AnvSoft\Any Video Converter\gnu\mp4box.exe infected Virus.Win32.Sality.bh ...05:55:54:625 16000 cured
05:55:58:375 16000 C:\Program Files\AnvSoft\Any Video Converter\gnu\mp4creator.exe infected Virus.Win32.Sality.bh ...05:55:58:375 16000 cured
05:56:02:125 16000 C:\Program Files\AnvSoft\Any Video Converter\gnu\tsmuxer.exe infected Virus.Win32.Sality.bh ...05:56:02:125 16000 cured
05:56:07:093 16000 C:\Program Files\AnvSoft\Any Video Converter\sendsignal.exe infected Virus.Win32.Sality.bh ...05:56:07:093 16000 cured
05:56:11:234 16000 C:\Program Files\AnvSoft\Any Video Converter\unins000.exe infected Virus.Win32.Sality.bh ...05:56:11:234 16000 cured
05:56:15:000 16000 C:\Program Files\AnvSoft\Any Video Converter\VideoConverter.exe infected Virus.Win32.Sality.bh ...05:56:15:000 16000 cured
05:56:18:906 16000 C:\Program Files\Apple Software Update\SoftwareUpdate.exe infected Virus.Win32.Sality.bh ...05:56:18:906 16000 cured
05:56:23:046 16000 C:\Program Files\ArmA 2\#PATCH#\ARMA2_OA_Build_93965.exe infected Virus.Win32.Sality.bh ...05:56:23:046 16000 cured
05:56:27:437 16000 C:\Program Files\ArmA 2\xampp\apache\bin\ab.exe infected Virus.Win32.Sality.bh ...05:56:27:437 16000 cured
05:56:31:296 16000 C:\Program Files\ArmA 2\xampp\apache\bin\abs.exe infected Virus.Win32.Sality.bh ...05:56:31:296 16000 cured
05:56:35:031 16000 C:\Program Files\ArmA 2\xampp\apache\bin\ApacheMonitor.exe infected Virus.Win32.Sality.bh ...05:56:35:031 16000 cured
05:56:38:750 16000 C:\Program Files\ArmA 2\xampp\apache\bin\htcacheclean.exe infected Virus.Win32.Sality.bh ...05:56:38:750 16000 cured
05:56:42:453 16000 C:\Program Files\ArmA 2\xampp\apache\bin\htdbm.exe infected Virus.Win32.Sality.bh ...05:56:42:453 16000 cured
05:56:46:171 16000 C:\Program Files\ArmA 2\xampp\apache\bin\htdigest.exe infected Virus.Win32.Sality.bh ...05:56:46:171 16000 cured
05:56:49:781 16000 C:\Program Files\ArmA 2\xampp\apache\bin\htpasswd.exe infected Virus.Win32.Sality.bh ...05:56:49:796 16000 cured
05:56:53:484 16000 C:\Program Files\ArmA 2\xampp\apache\bin\httpd.exe infected Virus.Win32.Sality.bh ...05:56:53:484 16000 cured
05:56:57:296 16000 C:\Program Files\ArmA 2\xampp\apache\bin\httxt2dbm.exe infected Virus.Win32.Sality.bh ...05:56:57:296 16000 cured
05:57:02:390 16000 C:\Program Files\ArmA 2\xampp\apache\bin\logresolve.exe infected Virus.Win32.Sality.bh ...05:57:02:390 16000 cured
05:57:06:171 16000 C:\Program Files\ArmA 2\xampp\apache\bin\openssl.exe infected Virus.Win32.Sality.bh ...05:57:06:171 16000 cured
05:57:09:968 16000 C:\Program Files\ArmA 2\xampp\apache\bin\pv.exe infected Virus.Win32.Sality.bh ...05:57:09:968 16000 cured
05:57:13:656 16000 C:\Program Files\ArmA 2\xampp\apache\bin\rotatelogs.exe infected Virus.Win32.Sality.bh ...05:57:13:656 16000 cured
05:57:17:484 16000 C:\Program Files\ArmA 2\xampp\apache\bin\wintty.exe infected Virus.Win32.Sality.bh ...05:57:17:484 16000 cured
05:57:23:984 16000 C:\Program Files\ArmA 2\xampp\install\awk.exe infected Virus.Win32.Sality.bh ...05:57:23:984 16000 cured
05:57:29:562 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\echo.exe infected Virus.Win32.Sality.bh ...05:57:29:562 16000 cured
05:57:33:187 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\myisamchk.exe infected Virus.Win32.Sality.bh ...05:57:33:203 16000 cured
05:57:37:062 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\myisamlog.exe infected Virus.Win32.Sality.bh ...05:57:37:062 16000 cured
05:57:40:921 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\myisampack.exe infected Virus.Win32.Sality.bh ...05:57:40:921 16000 cured
05:57:44:593 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\myisam_ftdump.exe infected Virus.Win32.Sality.bh ...05:57:44:593 16000 cured
05:57:48:109 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysql.exe infected Virus.Win32.Sality.bh ...05:57:48:109 16000 cured
05:57:51:859 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqladmin.exe infected Virus.Win32.Sality.bh ...05:57:51:859 16000 cured
05:57:55:546 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqlbinlog.exe infected Virus.Win32.Sality.bh ...05:57:55:546 16000 cured
05:57:59:250 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqlcheck.exe infected Virus.Win32.Sality.bh ...05:57:59:250 16000 cured
05:58:03:000 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqld-debug.exe infected Virus.Win32.Sality.bh ...05:58:03:000 16000 cured
05:58:06:703 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqld.exe infected Virus.Win32.Sality.bh ...05:58:06:703 16000 cured
05:58:10:343 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqldump.exe infected Virus.Win32.Sality.bh ...05:58:10:343 16000 cured
05:58:14:015 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqlimport.exe infected Virus.Win32.Sality.bh ...05:58:14:015 16000 cured
05:58:17:750 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqlshow.exe infected Virus.Win32.Sality.bh ...05:58:17:750 16000 cured
05:58:21:578 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqlslap.exe infected Virus.Win32.Sality.bh ...05:58:21:578 16000 cured
05:58:25:390 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqltest.exe infected Virus.Win32.Sality.bh ...05:58:25:390 16000 cured
05:58:29:062 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysqltest_embedded.exe infected Virus.Win32.Sality.bh ...05:58:29:062 16000 cured
05:58:32:671 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysql_client_test.exe infected Virus.Win32.Sality.bh ...05:58:32:671 16000 cured
05:58:36:468 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysql_client_test_embedded.exe infected Virus.Win32.Sality.bh ...05:58:36:468 16000 cured
05:58:40:218 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysql_embedded.exe infected Virus.Win32.Sality.bh ...05:58:40:218 16000 cured
05:58:43:937 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysql_plugin.exe infected Virus.Win32.Sality.bh ...05:58:43:937 16000 cured
05:58:47:640 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysql_tzinfo_to_sql.exe infected Virus.Win32.Sality.bh ...05:58:47:640 16000 cured
05:58:51:343 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\mysql_upgrade.exe infected Virus.Win32.Sality.bh ...05:58:51:343 16000 cured
05:58:55:015 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\my_print_defaults.exe infected Virus.Win32.Sality.bh ...05:58:55:015 16000 cured
05:58:58:703 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\perror.exe infected Virus.Win32.Sality.bh ...05:58:58:703 16000 cured
05:59:02:359 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\replace.exe infected Virus.Win32.Sality.bh ...05:59:02:359 16000 cured
05:59:12:687 16000 C:\Program Files\ArmA 2\xampp\mysql\bin\resolveip.exe infected Virus.Win32.Sality.ag ...05:59:12:687 16000 cured
05:59:20:156 16000 C:\Program Files\ArmA 2\xampp\perl\bin\perl.exe infected Virus.Win32.Sality.bh ...05:59:20:156 16000 cured
05:59:23:890 16000 C:\Program Files\ArmA 2\xampp\perl\bin\perl5.10.1.exe infected Virus.Win32.Sality.bh ...05:59:23:890 16000 cured
05:59:27:671 16000 C:\Program Files\ArmA 2\xampp\perl\bin\perlglob.exe infected Virus.Win32.Sality.bh ...05:59:27:671 16000 cured
05:59:31:296 16000 C:\Program Files\ArmA 2\xampp\perl\bin\wperl.exe infected Virus.Win32.Sality.bh ...05:59:31:296 16000 cured
05:59:37:859 16000 C:\Program Files\ArmA 2\xampp\php\extras\openssl\openssl.exe infected Virus.Win32.Sality.bh ...05:59:37:859 16000 cured
05:59:59:328 16000 C:\Program Files\ArmA 2\xampp\php\php-cgi.exe infected Virus.Win32.Sality.bh ...05:59:59:328 16000 cured
06:00:02:968 16000 C:\Program Files\ArmA 2\xampp\php\php-win.exe infected Virus.Win32.Sality.bh ...06:00:02:968 16000 cured
06:00:06:609 16000 C:\Program Files\ArmA 2\xampp\php\php.exe infected Virus.Win32.Sality.bh ...06:00:06:609 16000 cured
06:00:15:296 16000 C:\Program Files\ArmA 2\xampp\sendmail\sendmail.exe infected Virus.Win32.Sality.bh ...06:00:15:296 16000 cured
06:00:18:921 16000 C:\Program Files\ArmA 2\xampp\service.exe infected Virus.Win32.Sality.bh ...06:00:18:921 16000 cured
06:00:22:812 16000 C:\Program Files\ArmA 2\xampp\src\xampp-control-panel\KILL.exe infected Virus.Win32.Sality.bh ...06:00:22:812 16000 cured
06:00:26:390 16000 C:\Program Files\ArmA 2\xampp\src\xampp-control-panel\SERVICE.exe infected Virus.Win32.Sality.bh ...06:00:26:390 16000 cured
06:00:30:062 16000 C:\Program Files\ArmA 2\xampp\src\xampp-control-panel\SHOW.exe infected Virus.Win32.Sality.bh ...06:00:30:062 16000 cured
06:00:33:750 16000 C:\Program Files\ArmA 2\xampp\src\xampp-control-panel\STOP.EXE infected Virus.Win32.Sality.bh ...06:00:33:750 16000 cured
06:00:38:203 16000 C:\Program Files\ArmA 2\xampp\xampp-control.exe infected Virus.Win32.Sality.bh ...06:00:38:203 16000 cured
06:00:41:937 16000 C:\Program Files\ArmA 2\xampp\xampp_start.exe infected Virus.Win32.Sality.bh ...06:00:41:937 16000 cured
06:00:45:687 16000 C:\Program Files\ArmA 2\xampp\xampp_stop.exe infected Virus.Win32.Sality.bh ...06:00:45:687 16000 cured
06:00:49:359 16000 C:\Program Files\Audacity\audacity.exe infected Virus.Win32.Sality.bh ...06:00:49:359 16000 cured
06:01:03:671 16000 C:\Program Files\Audacity\unins000.exe infected Virus.Win32.Sality.bh ...06:01:03:671 16000 cured
06:01:07:328 16000 C:\Program Files\AutoHotkey\AU3_Spy.exe infected Virus.Win32.Sality.bh ...06:01:07:328 16000 cured
06:01:10:937 16000 C:\Program Files\AutoHotkey\AutoHotkey.exe infected Virus.Win32.Sality.bh ...06:01:10:937 16000 cured
06:01:14:562 16000 C:\Program Files\AutoHotkey\AutoHotkeyA32.exe infected Virus.Win32.Sality.bh ...06:01:14:562 16000 cured
06:01:18:421 16000 C:\Program Files\AutoHotkey\AutoHotkeyU32.exe infected Virus.Win32.Sality.bh ...06:01:18:421 16000 cured
06:01:22:250 16000 C:\Program Files\AutoHotkey\Compiler\Ahk2Exe.exe infected Virus.Win32.Sality.bh ...06:01:22:250 16000 cured
06:01:26:140 16000 C:\Program Files\Bonjour\mDNSResponder.exe infected Virus.Win32.Sality.bh ...06:01:26:140 16000 cured
06:01:30:015 16000 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe infected Virus.Win32.Sality.bh ...06:01:30:015 16000 cured
06:01:33:703 16000 C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogHandler.exe infected Virus.Win32.Sality.bh ...06:01:33:703 16000 cured
06:01:37:421 16000 C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNET.exe infected Virus.Win32.Sality.bh ...06:01:37:421 16000 cured
06:01:41:390 16000 C:\Program Files\Camfrog\Camfrog Video Chat\CrashSender.exe infected Virus.Win32.Sality.bh ...06:01:41:390 16000 cured
06:01:45:453 16000 C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe infected Virus.Win32.Sality.bh ...06:01:45:453 16000 cured
06:02:01:968 16000 C:\Program Files\Carpe Fulgur\Recettear - An Item Shops Tale\custom.exe infected Virus.Win32.Sality.bh ...06:02:01:968 16000 cured
06:02:06:359 16000 C:\Program Files\Carpe Fulgur\Recettear - An Item Shops Tale\recettear.exe infected Virus.Win32.Sality.bh ...06:02:06:359 16000 cured
06:02:10:234 16000 C:\Program Files\Carpe Fulgur\Recettear - An Item Shops Tale\unins000.exe infected Virus.Win32.Sality.bh ...06:02:10:234 16000 cured
06:02:18:265 16000 C:\Program Files\CCleaner\CCleaner.exe infected Virus.Win32.Sality.bh ...06:02:18:265 16000 cured
06:02:23:031 16000 C:\Program Files\CCleaner\uninst.exe infected Virus.Win32.Sality.bh ...06:02:23:031 16000 cured
06:02:26:687 16000 C:\Program Files\Cheat Engine 6.2\ceregreset.exe infected Virus.Win32.Sality.bh ...06:02:26:687 16000 cured
06:02:31:140 16000 C:\Program Files\Cheat Engine 6.2\unins000.exe infected Virus.Win32.Sality.bh ...06:02:31:140 16000 cured
06:02:34:828 16000 C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe infected Virus.Win32.Sality.bh ...06:02:34:828 16000 cured
06:02:38:656 16000 C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe infected Virus.Win32.Sality.bh ...06:02:38:656 16000 cured
06:02:42:500 16000 C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe infected Virus.Win32.Sality.bh ...06:02:42:500 16000 cured
06:02:47:109 16000 C:\Program Files\Common Files\Apple\Apple Application Support\defaults.exe infected Virus.Win32.Sality.bh ...06:02:47:109 16000 cured
06:02:50:718 16000 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe infected Virus.Win32.Sality.bh ...06:02:50:718 16000 cured
06:02:54:906 16000 C:\Program Files\Common Files\Apple\Apple Application Support\plutil.exe infected Virus.Win32.Sality.bh ...06:02:54:906 16000 cured
06:02:59:921 16000 C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe infected Virus.Win32.Sality.bh ...06:02:59:921 16000 cured
06:03:03:765 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe infected Virus.Win32.Sality.bh ...06:03:03:765 16000 cured
06:03:07:546 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe infected Virus.Win32.Sality.bh ...06:03:07:546 16000 cured
06:03:11:437 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe infected Virus.Win32.Sality.bh ...06:03:11:437 16000 cured
06:03:15:093 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileSync.exe infected Virus.Win32.Sality.bh ...06:03:15:093 16000 cured
06:03:18:953 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\ATH.exe infected Virus.Win32.Sality.bh ...06:03:18:953 16000 cured
06:03:22:593 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.exe infected Virus.Win32.Sality.bh ...06:03:22:593 16000 cured
06:03:26:625 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.exe infected Virus.Win32.Sality.bh ...06:03:26:625 16000 cured
06:03:30:359 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.exe infected Virus.Win32.Sality.bh ...06:03:30:359 16000 cured
06:03:34:125 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.exe infected Virus.Win32.Sality.bh ...06:03:34:125 16000 cured
06:03:37:968 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.exe infected Virus.Win32.Sality.bh ...06:03:37:968 16000 cured
06:03:41:781 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\com.google.ContactSync.client.exe infected Virus.Win32.Sality.bh ...06:03:41:781 16000 cured
06:03:45:593 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.exe infected Virus.Win32.Sality.bh ...06:03:45:593 16000 cured
06:03:49:250 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.resources\Formatter.bundle\Contents\Windows\Formatter.exe infected Virus.Win32.Sality.bh ...06:03:49:250 16000 cured
06:03:53:390 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe infected Virus.Win32.Sality.bh ...06:03:53:390 16000 cured
06:03:57:250 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\Mingler.exe infected Virus.Win32.Sality.bh ...06:03:57:250 16000 cured
06:04:01:156 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\SyncDiagnostics.exe infected Virus.Win32.Sality.bh ...06:04:01:156 16000 cured
06:04:04:968 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\syncli.exe infected Virus.Win32.Sality.bh ...06:04:04:968 16000 cured
06:04:12:046 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\SyncPlanObserver.exe infected Virus.Win32.Sality.ag ...06:04:12:046 16000 cured
06:04:13:640 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe infected Virus.Win32.Sality.ag ...06:04:13:640 16000 cured
06:04:19:375 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\SyncUIHandler.exe infected Virus.Win32.Sality.bh ...06:04:19:375 16000 cured
06:04:25:562 16000 C:\Program Files\Common Files\Apple\Mobile Device Support\upgradedb.exe infected Virus.Win32.Sality.ag ...06:04:25:562 16000 cured
06:04:39:937 16000 C:\Program Files\Common Files\Enterbrain\RGSS3\RPGVXAce\unins000.exe infected Virus.Win32.Sality.bh ...06:04:39:937 16000 cured
06:04:43:718 16000 C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe infected Virus.Win32.Sality.bh ...06:04:43:718 16000 cured
06:04:47:296 16000 C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver2.exe infected Virus.Win32.Sality.bh ...06:04:47:296 16000 cured
06:04:51:281 16000 C:\Program Files\Common Files\Java\Java Update\jaucheck.exe infected Virus.Win32.Sality.bh ...06:04:51:281 16000 cured
06:04:54:984 16000 C:\Program Files\Common Files\Java\Java Update\jaureg.exe infected Virus.Win32.Sality.bh ...06:04:54:984 16000 cured
06:04:58:890 16000 C:\Program Files\Common Files\Java\Java Update\jucheck.exe infected Virus.Win32.Sality.bh ...06:04:58:890 16000 cured
06:05:02:625 16000 C:\Program Files\Common Files\Java\Java Update\jusched.exe infected Virus.Win32.Sality.bh ...06:05:02:625 16000 cured
06:05:06:718 16000 C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE infected Virus.Win32.Sality.bh ...06:05:06:718 16000 cured
06:05:10:437 16000 C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE infected Virus.Win32.Sality.bh ...06:05:10:437 16000 cured
06:05:14:234 16000 C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE infected Virus.Win32.Sality.bh ...06:05:14:234 16000 cured
06:05:20:437 16000 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE infected Virus.Win32.Sality.bh ...06:05:20:437 16000 cured
06:05:24:046 16000 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE infected Virus.Win32.Sality.bh ...06:05:24:046 16000 cured
06:05:27:984 16000 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE infected Virus.Win32.Sality.bh ...06:05:27:984 16000 cured
06:05:31:921 16000 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe infected Virus.Win32.Sality.bh ...06:05:31:921 16000 cured
06:05:35:734 16000 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe infected Virus.Win32.Sality.bh ...06:05:35:734 16000 cured
06:05:40:203 16000 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe infected Virus.Win32.Sality.bh ...06:05:40:203 16000 cured
06:05:44:000 16000 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFLB.EXE infected Virus.Win32.Sality.bh ...06:05:44:000 16000 cured
06:05:48:015 16000 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE infected Virus.Win32.Sality.bh ...06:05:48:015 16000 cured
06:05:51:750 16000 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE infected Virus.Win32.Sality.bh ...06:05:51:750 16000 cured
06:05:56:296 16000 C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe infected Virus.Win32.Sality.bh ...06:05:56:296 16000 cured
06:05:59:937 16000 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE infected Virus.Win32.Sality.bh ...06:05:59:937 16000 cured
06:06:03:906 16000 C:\Program Files\Common Files\Microsoft Shared\TextConv\WksConv\Wkconv.exe infected Virus.Win32.Sality.bh ...06:06:03:906 16000 cured
06:06:12:703 16000 C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe infected Virus.Win32.Sality.bh ...06:06:12:703 16000 cured
06:06:17:687 16000 C:\Program Files\Defraggler\Defraggler.exe infected Virus.Win32.Sality.bh ...06:06:17:687 16000 cured
06:06:21:437 16000 C:\Program Files\Defraggler\df.exe infected Virus.Win32.Sality.bh ...06:06:21:437 16000 cured
06:06:33:046 16000 C:\Program Files\Defraggler\uninst.exe infected Virus.Win32.Sality.ag ...06:06:33:046 16000 cured
06:06:36:781 16000 C:\Program Files\Don't Starve\bin\dontstarve_steam.exe infected Virus.Win32.Sality.bh ...06:06:36:781 16000 cured
06:06:40:796 16000 C:\Program Files\Don't Starve\bin_alt\dontstarve_steam.exe infected Virus.Win32.Sality.bh ...06:06:40:796 16000 cured
06:07:03:265 16000 C:\Program Files\Don't Starve\dont_starve\bin\dontstarve_steam.exe infected Virus.Win32.Sality.bh ...06:07:03:265 16000 cured
06:07:07:515 16000 C:\Program Files\Don't Starve\dont_starve\bin_alt\dontstarve_steam.exe infected Virus.Win32.Sality.bh ...06:07:07:515 16000 cured
06:07:38:343 16000 C:\Program Files\Don't Starve\dont_starve\Redist\dxwebsetup.exe infected Virus.Win32.Sality.bh ...06:07:38:343 16000 cured
06:07:42:109 16000 C:\Program Files\Don't Starve\dont_starve\Redist\vcredist_x86.exe infected Virus.Win32.Sality.bh ...06:07:42:109 16000 cured
06:07:47:171 16000 C:\Program Files\Don't Starve\DXRedist\DXSETUP.exe infected Virus.Win32.Sality.bh ...06:07:47:171 16000 cured
06:07:52:796 16000 C:\Program Files\Don't Starve\Redist\dxwebsetup.exe infected Virus.Win32.Sality.bh ...06:07:52:796 16000 cured
06:07:56:671 16000 C:\Program Files\Don't Starve\Redist\vcredist_x86.exe infected Virus.Win32.Sality.bh ...06:07:56:671 16000 cured
06:08:00:562 16000 C:\Program Files\Don't Starve\unins000.exe infected Virus.Win32.Sality.bh ...06:08:00:562 16000 cured
06:08:04:203 16000 C:\Program Files\Don't Starve\VCRedist\vcredist_x86.exe infected Virus.Win32.Sality.bh ...06:08:04:203 16000 cured
06:08:25:171 16000 C:\Program Files\Enterbrain\RPGVXAce\RPGVXAce.EXE infected Virus.Win32.Sality.bh ...06:08:25:171 16000 cured
06:08:32:140 16000 C:\Program Files\Enterbrain\RPGVXAce\unins000.exe infected Virus.Win32.Sality.bh ...06:08:32:140 16000 cured
06:08:38:562 16000 C:\Program Files\Evoland\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe infected Virus.Win32.Sality.bh ...06:08:38:562 16000 cured
06:08:42:203 16000 C:\Program Files\Evoland\Evoland.exe infected Virus.Win32.Sality.bh ...06:08:42:203 16000 cured
06:09:15:046 16000 C:\Program Files\Firaxis Games\Sid Meier's Pirates!\Pirates!.exe infected Virus.Win32.Sality.bh ...06:09:15:046 16000 cured
06:09:19:109 16000 C:\Program Files\Game Dev Tycoon\unins000.exe infected Virus.Win32.Sality.bh ...06:09:19:109 16000 cured
06:09:22:890 16000 C:\Program Files\GIMP 2\bin\bzip2.exe infected Virus.Win32.Sality.bh ...06:09:22:890 16000 cured
06:09:26:625 16000 C:\Program Files\GIMP 2\bin\gimp-2.8.exe infected Virus.Win32.Sality.bh ...06:09:26:625 16000 cured
06:09:30:296 16000 C:\Program Files\GIMP 2\bin\gimp-console-2.8.exe infected Virus.Win32.Sality.bh ...06:09:30:296 16000 cured
06:09:34:031 16000 C:\Program Files\GIMP 2\bin\gimptool-2.0.exe infected Virus.Win32.Sality.bh ...06:09:34:031 16000 cured
06:09:37:812 16000 C:\Program Files\GIMP 2\bin\gspawn-win32-helper-console.exe infected Virus.Win32.Sality.bh ...06:09:37:812 16000 cured
06:09:41:312 16000 C:\Program Files\GIMP 2\bin\gspawn-win32-helper.exe infected Virus.Win32.Sality.bh ...06:09:41:312 16000 cured
06:09:49:312 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\alien-map.exe infected Virus.Win32.Sality.bh ...06:09:49:312 16000 cured
06:09:53:187 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\align-layers.exe infected Virus.Win32.Sality.bh ...06:09:53:187 16000 cured
06:09:56:843 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-optimize.exe infected Virus.Win32.Sality.bh ...06:09:56:843 16000 cured
06:10:00:562 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-play.exe infected Virus.Win32.Sality.bh ...06:10:00:562 16000 cured
06:10:04:468 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\antialias.exe infected Virus.Win32.Sality.bh ...06:10:04:468 16000 cured
06:10:08:187 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\apply-canvas.exe infected Virus.Win32.Sality.bh ...06:10:08:187 16000 cured
06:10:11:781 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blinds.exe infected Virus.Win32.Sality.bh ...06:10:11:781 16000 cured
06:10:15:593 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-gauss-selective.exe infected Virus.Win32.Sality.bh ...06:10:15:593 16000 cured
06:10:19:203 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-gauss.exe infected Virus.Win32.Sality.bh ...06:10:19:203 16000 cured
06:10:22:906 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-motion.exe infected Virus.Win32.Sality.bh ...06:10:22:906 16000 cured
06:10:26:578 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur.exe infected Virus.Win32.Sality.bh ...06:10:26:578 16000 cured
06:10:30:359 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\border-average.exe infected Virus.Win32.Sality.bh ...06:10:30:359 16000 cured
06:10:34:171 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\bump-map.exe infected Virus.Win32.Sality.bh ...06:10:34:171 16000 cured
06:10:37:765 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cartoon.exe infected Virus.Win32.Sality.bh ...06:10:37:765 16000 cured
06:10:41:437 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\channel-mixer.exe infected Virus.Win32.Sality.bh ...06:10:41:437 16000 cured
06:10:45:250 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\checkerboard.exe infected Virus.Win32.Sality.bh ...06:10:45:250 16000 cured
06:10:48:984 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cml-explorer.exe infected Virus.Win32.Sality.bh ...06:10:48:984 16000 cured
06:10:52:703 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-cube-analyze.exe infected Virus.Win32.Sality.bh ...06:10:52:703 16000 cured
06:10:56:406 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-enhance.exe infected Virus.Win32.Sality.bh ...06:10:56:406 16000 cured
06:11:00:281 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-exchange.exe infected Virus.Win32.Sality.bh ...06:11:00:281 16000 cured
06:11:03:953 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-rotate.exe infected Virus.Win32.Sality.bh ...06:11:03:953 16000 cured
06:11:07:750 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-to-alpha.exe infected Virus.Win32.Sality.bh ...06:11:07:750 16000 cured
06:11:11:500 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colorify.exe infected Virus.Win32.Sality.bh ...06:11:11:500 16000 cured
06:11:15:031 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colormap-remap.exe infected Virus.Win32.Sality.bh ...06:11:15:046 16000 cured
06:11:18:671 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\compose.exe infected Virus.Win32.Sality.bh ...06:11:18:671 16000 cured
06:11:22:468 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-normalize.exe infected Virus.Win32.Sality.bh ...06:11:22:468 16000 cured
06:11:26:265 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-retinex.exe infected Virus.Win32.Sality.bh ...06:11:26:265 16000 cured
06:11:29:812 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-stretch-hsv.exe infected Virus.Win32.Sality.bh ...06:11:29:812 16000 cured
06:11:33:562 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-stretch.exe infected Virus.Win32.Sality.bh ...06:11:33:562 16000 cured
06:11:37:359 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\convolution-matrix.exe infected Virus.Win32.Sality.bh ...06:11:37:359 16000 cured
06:11:40:968 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\crop-auto.exe infected Virus.Win32.Sality.bh ...06:11:40:968 16000 cured
06:11:44:734 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\crop-zealous.exe infected Virus.Win32.Sality.bh ...06:11:44:734 16000 cured
06:11:48:546 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cubism.exe infected Virus.Win32.Sality.bh ...06:11:48:546 16000 cured
06:11:52:203 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\curve-bend.exe infected Virus.Win32.Sality.bh ...06:11:52:203 16000 cured
06:11:55:921 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\decompose.exe infected Virus.Win32.Sality.bh ...06:11:55:921 16000 cured
06:11:59:546 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\deinterlace.exe infected Virus.Win32.Sality.bh ...06:11:59:546 16000 cured
06:12:03:406 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\depth-merge.exe infected Virus.Win32.Sality.bh ...06:12:03:406 16000 cured
06:12:07:156 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\despeckle.exe infected Virus.Win32.Sality.bh ...06:12:07:156 16000 cured
06:12:10:890 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\destripe.exe infected Virus.Win32.Sality.bh ...06:12:10:890 16000 cured
06:12:14:640 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\diffraction.exe infected Virus.Win32.Sality.bh ...06:12:14:640 16000 cured
06:12:18:281 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\displace.exe infected Virus.Win32.Sality.bh ...06:12:18:281 16000 cured
06:12:21:953 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-dog.exe infected Virus.Win32.Sality.bh ...06:12:21:953 16000 cured
06:12:25:609 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-laplace.exe infected Virus.Win32.Sality.bh ...06:12:25:609 16000 cured
06:12:29:234 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-neon.exe infected Virus.Win32.Sality.bh ...06:12:29:234 16000 cured
06:12:32:984 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-sobel.exe infected Virus.Win32.Sality.bh ...06:12:32:984 16000 cured
06:12:36:781 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge.exe infected Virus.Win32.Sality.bh ...06:12:36:781 16000 cured
06:12:40:328 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\emboss.exe infected Virus.Win32.Sality.bh ...06:12:40:328 16000 cured
06:12:44:093 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\engrave.exe infected Virus.Win32.Sality.bh ...06:12:44:093 16000 cured
06:12:47:890 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-bmp.exe infected Virus.Win32.Sality.bh ...06:12:47:890 16000 cured
06:12:51:484 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-cel.exe infected Virus.Win32.Sality.bh ...06:12:51:484 16000 cured
06:12:55:250 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-compressor.exe infected Virus.Win32.Sality.bh ...06:12:55:250 16000 cured
06:12:58:937 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-csource.exe infected Virus.Win32.Sality.bh ...06:12:58:937 16000 cured
06:13:02:609 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-desktop-link.exe infected Virus.Win32.Sality.bh ...06:13:02:609 16000 cured
06:13:06:328 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-dicom.exe infected Virus.Win32.Sality.bh ...06:13:06:328 16000 cured
06:13:10:046 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-faxg3.exe infected Virus.Win32.Sality.bh ...06:13:10:046 16000 cured
06:13:13:750 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fits.exe infected Virus.Win32.Sality.bh ...06:13:13:750 16000 cured
06:13:17:375 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fli.exe infected Virus.Win32.Sality.bh ...06:13:17:375 16000 cured
06:13:21:156 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gbr.exe infected Virus.Win32.Sality.bh ...06:13:21:156 16000 cured
06:13:24:921 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-load.exe infected Virus.Win32.Sality.bh ...06:13:24:921 16000 cured
06:13:28:640 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-save.exe infected Virus.Win32.Sality.bh ...06:13:28:640 16000 cured
06:13:32:343 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gih.exe infected Virus.Win32.Sality.bh ...06:13:32:343 16000 cured
06:13:35:906 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-glob.exe infected Virus.Win32.Sality.bh ...06:13:35:906 16000 cured
06:13:39:671 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-header.exe infected Virus.Win32.Sality.bh ...06:13:39:671 16000 cured
06:13:43:390 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-html-table.exe infected Virus.Win32.Sality.bh ...06:13:43:390 16000 cured
06:13:47:109 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ico.exe infected Virus.Win32.Sality.bh ...06:13:47:109 16000 cured
06:13:50:937 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jp2-load.exe infected Virus.Win32.Sality.bh ...06:13:50:937 16000 cured
06:13:54:703 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jpeg.exe infected Virus.Win32.Sality.bh ...06:13:54:703 16000 cured
06:13:58:359 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-mng.exe infected Virus.Win32.Sality.bh ...06:13:58:359 16000 cured
06:14:02:109 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pat.exe infected Virus.Win32.Sality.bh ...06:14:02:109 16000 cured
06:14:05:906 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pcx.exe infected Virus.Win32.Sality.bh ...06:14:05:906 16000 cured
06:14:09:656 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-load.exe infected Virus.Win32.Sality.bh ...06:14:09:656 16000 cured
06:14:13:265 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-save.exe infected Virus.Win32.Sality.bh ...06:14:13:265 16000 cured
06:14:16:953 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pix.exe infected Virus.Win32.Sality.bh ...06:14:16:953 16000 cured
06:14:20:718 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-png.exe infected Virus.Win32.Sality.bh ...06:14:20:718 16000 cured
06:14:24:375 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pnm.exe infected Virus.Win32.Sality.bh ...06:14:24:375 16000 cured
06:14:28:125 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ps.exe infected Virus.Win32.Sality.bh ...06:14:28:125 16000 cured
06:14:31:765 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psd-load.exe infected Virus.Win32.Sality.bh ...06:14:31:765 16000 cured
06:14:35:453 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psd-save.exe infected Virus.Win32.Sality.bh ...06:14:35:453 16000 cured
06:14:39:218 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psp.exe infected Virus.Win32.Sality.bh ...06:14:39:218 16000 cured
06:14:42:953 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-raw.exe infected Virus.Win32.Sality.bh ...06:14:42:953 16000 cured
06:14:46:718 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sgi.exe infected Virus.Win32.Sality.bh ...06:14:46:718 16000 cured
06:14:50:437 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sunras.exe infected Virus.Win32.Sality.bh ...06:14:50:437 16000 cured
06:14:54:281 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-svg.exe infected Virus.Win32.Sality.bh ...06:14:54:281 16000 cured
06:14:57:906 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tga.exe infected Virus.Win32.Sality.bh ...06:14:57:906 16000 cured
06:15:01:640 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tiff-load.exe infected Virus.Win32.Sality.bh ...06:15:01:640 16000 cured
06:15:05:359 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tiff-save.exe infected Virus.Win32.Sality.bh ...06:15:05:359 16000 cured
06:15:09:140 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-uri.exe infected Virus.Win32.Sality.bh ...06:15:09:140 16000 cured
06:15:12:781 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-wmf.exe infected Virus.Win32.Sality.bh ...06:15:12:781 16000 cured
06:15:16:515 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xbm.exe infected Virus.Win32.Sality.bh ...06:15:16:515 16000 cured
06:15:20:328 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xpm.exe infected Virus.Win32.Sality.bh ...06:15:20:328 16000 cured
06:15:24:046 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xwd.exe infected Virus.Win32.Sality.bh ...06:15:24:046 16000 cured
06:15:27:687 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\film.exe infected Virus.Win32.Sality.bh ...06:15:27:687 16000 cured
06:15:31:281 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\filter-pack.exe infected Virus.Win32.Sality.bh ...06:15:31:281 16000 cured
06:15:35:046 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\flame.exe infected Virus.Win32.Sality.bh ...06:15:35:046 16000 cured
06:15:38:765 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-explorer.exe infected Virus.Win32.Sality.bh ...06:15:38:765 16000 cured
06:15:42:562 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-trace.exe infected Virus.Win32.Sality.bh ...06:15:42:562 16000 cured
06:15:46:390 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gfig.exe infected Virus.Win32.Sality.bh ...06:15:46:390 16000 cured
06:15:50:109 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gimpressionist.exe infected Virus.Win32.Sality.bh ...06:15:50:109 16000 cured
06:15:53:953 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-flare.exe infected Virus.Win32.Sality.bh ...06:15:53:953 16000 cured
06:15:57:593 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-map.exe infected Virus.Win32.Sality.bh ...06:15:57:593 16000 cured
06:16:01:343 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\grid.exe infected Virus.Win32.Sality.bh ...06:16:01:343 16000 cured
06:16:05:000 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\guillotine.exe infected Virus.Win32.Sality.bh ...06:16:05:000 16000 cured
06:16:08:687 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help-browser.exe infected Virus.Win32.Sality.bh ...06:16:08:687 16000 cured
06:16:12:281 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help.exe infected Virus.Win32.Sality.bh ...06:16:12:281 16000 cured
06:16:15:906 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\hot.exe infected Virus.Win32.Sality.bh ...06:16:15:906 16000 cured
06:16:19:765 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ifs-compose.exe infected Virus.Win32.Sality.bh ...06:16:19:765 16000 cured
06:16:23:359 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\illusion.exe infected Virus.Win32.Sality.bh ...06:16:23:359 16000 cured
06:16:27:000 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\imagemap.exe infected Virus.Win32.Sality.bh ...06:16:27:000 16000 cured
06:16:30:734 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\iwarp.exe infected Virus.Win32.Sality.bh ...06:16:30:734 16000 cured
06:16:34:375 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\jigsaw.exe infected Virus.Win32.Sality.bh ...06:16:34:375 16000 cured
06:16:38:093 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lcms.exe infected Virus.Win32.Sality.bh ...06:16:38:093 16000 cured
06:16:41:734 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-apply.exe infected Virus.Win32.Sality.bh ...06:16:41:734 16000 cured
06:16:45:484 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-distortion.exe infected Virus.Win32.Sality.bh ...06:16:45:484 16000 cured
06:16:49:218 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-flare.exe infected Virus.Win32.Sality.bh ...06:16:49:218 16000 cured
06:16:52:984 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lighting.exe infected Virus.Win32.Sality.bh ...06:16:52:984 16000 cured
06:16:56:671 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\map-object.exe infected Virus.Win32.Sality.bh ...06:16:56:671 16000 cured
06:17:00:390 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\max-rgb.exe infected Virus.Win32.Sality.bh ...06:17:00:390 16000 cured
06:17:04:078 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\maze.exe infected Virus.Win32.Sality.bh ...06:17:04:078 16000 cured
06:17:07:750 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata.exe infected Virus.Win32.Sality.bh ...06:17:07:750 16000 cured
06:17:11:593 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\mosaic.exe infected Virus.Win32.Sality.bh ...06:17:11:593 16000 cured
06:17:15:265 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\newsprint.exe infected Virus.Win32.Sality.bh ...06:17:15:265 16000 cured
06:17:19:000 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nl-filter.exe infected Virus.Win32.Sality.bh ...06:17:19:000 16000 cured
06:17:22:781 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-hsv.exe infected Virus.Win32.Sality.bh ...06:17:22:781 16000 cured
06:17:26:468 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-randomize.exe infected Virus.Win32.Sality.bh ...06:17:26:468 16000 cured
06:17:30:203 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-rgb.exe infected Virus.Win32.Sality.bh ...06:17:30:203 16000 cured
06:17:35:437 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-solid.exe infected Virus.Win32.Sality.ag ...06:17:35:437 16000 cured
06:17:39:078 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-spread.exe infected Virus.Win32.Sality.bh ...06:17:39:078 16000 cured
06:17:42:843 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nova.exe infected Virus.Win32.Sality.bh ...06:17:42:843 16000 cured
06:17:46:656 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\oilify.exe infected Virus.Win32.Sality.bh ...06:17:46:671 16000 cured
06:17:50:234 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pagecurl.exe infected Virus.Win32.Sality.bh ...06:17:50:234 16000 cured
06:17:54:125 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\photocopy.exe infected Virus.Win32.Sality.bh ...06:17:54:125 16000 cured
06:17:57:921 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pixelize.exe infected Virus.Win32.Sality.bh ...06:17:57:921 16000 cured
06:18:01:640 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plasma.exe infected Virus.Win32.Sality.bh ...06:18:01:656 16000 cured
06:18:05:390 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plugin-browser.exe infected Virus.Win32.Sality.bh ...06:18:05:390 16000 cured
06:18:09:203 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\polar-coords.exe infected Virus.Win32.Sality.bh ...06:18:09:203 16000 cured
06:18:12:968 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\print.exe infected Virus.Win32.Sality.bh ...06:18:12:968 16000 cured
06:18:16:718 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\procedure-browser.exe infected Virus.Win32.Sality.bh ...06:18:16:718 16000 cured
06:18:20:578 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\qbist.exe infected Virus.Win32.Sality.bh ...06:18:20:578 16000 cured
06:18:24:328 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\red-eye-removal.exe infected Virus.Win32.Sality.bh ...06:18:24:328 16000 cured
06:18:28:093 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ripple.exe infected Virus.Win32.Sality.bh ...06:18:28:093 16000 cured
06:18:31:890 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\rotate.exe infected Virus.Win32.Sality.bh ...06:18:31:890 16000 cured
06:18:35:718 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sample-colorize.exe infected Virus.Win32.Sality.bh ...06:18:35:718 16000 cured
06:18:39:250 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe infected Virus.Win32.Sality.bh ...06:18:39:250 16000 cured
06:18:42:921 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\selection-to-path.exe infected Virus.Win32.Sality.bh ...06:18:42:921 16000 cured
06:18:46:609 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\semi-flatten.exe infected Virus.Win32.Sality.bh ...06:18:46:609 16000 cured
06:18:50:406 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sharpen.exe infected Virus.Win32.Sality.bh ...06:18:50:406 16000 cured
06:18:54:125 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\shift.exe infected Virus.Win32.Sality.bh ...06:18:54:125 16000 cured
06:18:57:937 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sinus.exe infected Virus.Win32.Sality.bh ...06:18:57:937 16000 cured
06:19:01:625 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\smooth-palette.exe infected Virus.Win32.Sality.bh ...06:19:01:625 16000 cured
06:19:05:343 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\softglow.exe infected Virus.Win32.Sality.bh ...06:19:05:343 16000 cured
06:19:09:234 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sparkle.exe infected Virus.Win32.Sality.bh ...06:19:09:234 16000 cured
06:19:12:875 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sphere-designer.exe infected Virus.Win32.Sality.bh ...06:19:12:875 16000 cured
06:19:16:531 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\threshold-alpha.exe infected Virus.Win32.Sality.bh ...06:19:16:531 16000 cured
06:19:20:203 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-glass.exe infected Virus.Win32.Sality.bh ...06:19:20:203 16000 cured
06:19:23:921 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-paper.exe infected Virus.Win32.Sality.bh ...06:19:23:921 16000 cured
06:19:27:656 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-seamless.exe infected Virus.Win32.Sality.bh ...06:19:27:656 16000 cured
06:19:31:359 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-small.exe infected Virus.Win32.Sality.bh ...06:19:31:359 16000 cured
06:19:35:109 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile.exe infected Virus.Win32.Sality.bh ...06:19:35:109 16000 cured
06:19:38:812 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\twain.exe infected Virus.Win32.Sality.bh ...06:19:38:812 16000 cured
06:19:42:437 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\unit-editor.exe infected Virus.Win32.Sality.bh ...06:19:42:437 16000 cured
06:19:46:109 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\unsharp-mask.exe infected Virus.Win32.Sality.bh ...06:19:46:109 16000 cured
06:19:49:859 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\value-invert.exe infected Virus.Win32.Sality.bh ...06:19:49:859 16000 cured
06:19:53:609 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\value-propagate.exe infected Virus.Win32.Sality.bh ...06:19:53:609 16000 cured
06:19:57:421 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\van-gogh-lic.exe infected Virus.Win32.Sality.bh ...06:19:57:421 16000 cured
06:20:01:187 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\video.exe infected Virus.Win32.Sality.bh ...06:20:01:187 16000 cured
06:20:04:937 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\warp.exe infected Virus.Win32.Sality.bh ...06:20:04:937 16000 cured
06:20:08:671 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\waves.exe infected Virus.Win32.Sality.bh ...06:20:08:671 16000 cured
06:20:12:390 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-browser.exe infected Virus.Win32.Sality.bh ...06:20:12:390 16000 cured
06:20:16:015 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-page.exe infected Virus.Win32.Sality.bh ...06:20:16:015 16000 cured
06:20:19:718 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\whirl-pinch.exe infected Virus.Win32.Sality.bh ...06:20:19:718 16000 cured
06:20:23:296 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\win-snap.exe infected Virus.Win32.Sality.bh ...06:20:23:296 16000 cured
06:20:26:906 16000 C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\wind.exe infected Virus.Win32.Sality.bh ...06:20:26:906 16000 cured
06:20:30:953 16000 C:\Program Files\GIMP 2\libexec\dbus-bash-completion-helper.exe infected Virus.Win32.Sality.bh ...06:20:30:953 16000 cured
06:20:36:531 16000 C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-6.0.exe infected Virus.Win32.Sality.bh ...06:20:36:531 16000 cured
06:20:40:203 16000 C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-7.1.exe infected Virus.Win32.Sality.bh ...06:20:40:203 16000 cured
06:20:43:734 16000 C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-8.0.exe infected Virus.Win32.Sality.bh ...06:20:43:734 16000 cured
06:20:47:390 16000 C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-9.0.exe infected Virus.Win32.Sality.bh ...06:20:47:390 16000 cured
06:21:00:015 16000 C:\Program Files\GIMP 2\Python\python.exe infected Virus.Win32.Sality.bh ...06:21:00:015 16000 cured
06:21:03:640 16000 C:\Program Files\GIMP 2\Python\pythonw.exe infected Virus.Win32.Sality.bh ...06:21:03:640 16000 cured
06:21:49:000 16000 C:\Program Files\GIMP 2\uninst\unins000.exe infected Virus.Win32.Sality.bh ...06:21:49:000 16000 cured
06:21:53:187 16000 C:\Program Files\Google\Google Talk\googletalk.exe infected Virus.Win32.Sality.bh ...06:21:53:187 16000 cured
06:21:56:984 16000 C:\Program Files\Google\Google Talk\uninstall.exe infected Virus.Win32.Sality.bh ...06:21:56:984 16000 cured
06:22:00:796 16000 C:\Program Files\Hotspot Shield\bin\af_proxy_cmd.exe infected Virus.Win32.Sality.bh ...06:22:00:796 16000 cured
06:22:04:500 16000 C:\Program Files\Hotspot Shield\bin\cfg_mgr.exe infected Virus.Win32.Sality.bh ...06:22:04:500 16000 cured
06:22:08:484 16000 C:\Program Files\Hotspot Shield\bin\fbw.exe infected Virus.Win32.Sality.bh ...06:22:08:484 16000 cured
06:22:12:156 16000 C:\Program Files\Hotspot Shield\bin\ffinst.exe infected Virus.Win32.Sality.bh ...06:22:12:156 16000 cured
06:22:15:843 16000 C:\Program Files\Hotspot Shield\bin\hssfixme.exe infected Virus.Win32.Sality.bh ...06:22:15:843 16000 cured
06:22:19:671 16000 C:\Program Files\Hotspot Shield\bin\HssInstaller.exe infected Virus.Win32.Sality.bh ...06:22:19:671 16000 cured
06:22:23:515 16000 C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe infected Virus.Win32.Sality.bh ...06:22:23:515 16000 cured
06:22:27:187 16000 C:\Program Files\Hotspot Shield\bin\hsswd.exe infected Virus.Win32.Sality.bh ...06:22:27:187 16000 cured
06:22:31:218 16000 C:\Program Files\Hotspot Shield\bin\openvpn.exe infected Virus.Win32.Sality.bh ...06:22:31:218 16000 cured
06:22:35:062 16000 C:\Program Files\Hotspot Shield\bin\openvpnas.exe infected Virus.Win32.Sality.bh ...06:22:35:062 16000 cured
06:22:38:984 16000 C:\Program Files\Hotspot Shield\bin\openvpntray.exe infected Virus.Win32.Sality.bh ...06:22:38:984 16000 cured
06:22:42:765 16000 C:\Program Files\Hotspot Shield\bin\tapinstall.exe infected Virus.Win32.Sality.bh ...06:22:42:765 16000 cured
06:22:46:875 16000 C:\Program Files\Hotspot Shield\HssWPR\HssInstaller.exe infected Virus.Win32.Sality.bh ...06:22:46:875 16000 cured
06:22:50:453 16000 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe infected Virus.Win32.Sality.bh ...06:22:50:453 16000 cured
06:22:54:968 16000 C:\Program Files\Hotspot Shield\Uninstall.exe infected Virus.Win32.Sality.bh ...06:22:54:968 16000 cured
06:22:58:859 16000 C:\Program Files\i-Funbox DevTeam\ifb_conn.exe infected Virus.Win32.Sality.bh ...06:22:58:859 16000 cured
06:23:03:140 16000 C:\Program Files\i-Funbox DevTeam\iFunBox.exe infected Virus.Win32.Sality.bh ...06:23:03:140 16000 cured
06:23:07:437 16000 C:\Program Files\i-Funbox DevTeam\unins000.exe infected Virus.Win32.Sality.bh ...06:23:07:437 16000 cured
06:23:11:171 16000 C:\Program Files\i-Funbox DevTeam\updater.exe infected Virus.Win32.Sality.bh ...06:23:11:171 16000 cured
06:23:15:265 16000 C:\Program Files\InstallShield Installation Information\{10C51313-A308-4B40-90E3-B368D5882660}\setup.exe infected Virus.Win32.Sality.bh ...06:23:15:265 16000 cured
06:23:19:578 16000 C:\Program Files\InstallShield Installation Information\{3566D7DB-EA10-49DE-A95B-F4AB41FC0A93}\setup.exe infected Virus.Win32.Sality.bh ...06:23:19:578 16000 cured
06:23:23:578 16000 C:\Program Files\InstallShield Installation Information\{662140BE-138C-4DC1-B4CD-B62C6C855A25}\setup.exe infected Virus.Win32.Sality.bh ...06:23:23:578 16000 cured
06:23:27:750 16000 C:\Program Files\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe infected Virus.Win32.Sality.bh ...06:23:27:750 16000 cured
06:23:31:796 16000 C:\Program Files\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe infected Virus.Win32.Sality.bh ...06:23:31:796 16000 cured
06:23:35:796 16000 C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe infected Virus.Win32.Sality.bh ...06:23:35:796 16000 cured
06:23:39:687 16000 C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe infected Virus.Win32.Sality.bh ...06:23:39:687 16000 cured
06:23:43:578 16000 C:\Program Files\Internet Download Manager\IDMan.exe infected Virus.Win32.Sality.bh ...06:23:43:578 16000 cured
06:23:45:421 16000 C:\Program Files\Internet Download Manager\idmBroker.exe infected Virus.Win32.Sality.ag ...06:23:45:421 16000 cured
06:23:49:578 16000 C:\Program Files\Internet Download Manager\IDMGrHlp.exe infected Virus.Win32.Sality.bh ...06:23:49:578 16000 cured
06:23:54:093 16000 C:\Program Files\Internet Download Manager\Uninstall.exe infected Virus.Win32.Sality.bh ...06:23:54:093 16000 cured
06:23:58:500 16000 C:\Program Files\Internet Explorer\ExtExport.exe infected Virus.Win32.Sality.bh ...06:23:58:500 16000 cured
06:24:02:546 16000 C:\Program Files\iPod\bin\iPodService.exe infected Virus.Win32.Sality.bh ...06:24:02:546 16000 cured
06:24:08:203 16000 C:\Program Files\iTunes\iTunes.exe infected Virus.Win32.Sality.bh ...06:24:08:203 16000 cured
06:24:40:906 16000 C:\Program Files\iTunes\iTunesHelper.exe infected Virus.Win32.Sality.bh ...06:24:40:906 16000 cured
06:24:46:937 16000 C:\Program Files\Java\jre7\bin\jabswitch.exe infected Virus.Win32.Sality.bh ...06:24:46:937 16000 cured
06:24:50:578 16000 C:\Program Files\Java\jre7\bin\java-rmi.exe infected Virus.Win32.Sality.bh ...06:24:50:578 16000 cured
06:24:54:312 16000 C:\Program Files\Java\jre7\bin\java.exe infected Virus.Win32.Sality.bh ...06:24:54:312 16000 cured
06:24:56:609 16000 C:\Program Files\Java\jre7\bin\javacpl.exe infected Virus.Win32.Sality.ag ...06:24:56:609 16000 cured
06:25:00:468 16000 C:\Program Files\Java\jre7\bin\javaw.exe infected Virus.Win32.Sality.bh ...06:25:00:468 16000 cured
06:25:04:203 16000 C:\Program Files\Java\jre7\bin\javaws.exe infected Virus.Win32.Sality.bh ...06:25:04:203 16000 cured
06:25:08:250 16000 C:\Program Files\Java\jre7\bin\jp2launcher.exe infected Virus.Win32.Sality.bh ...06:25:08:250 16000 cured
06:25:11:984 16000 C:\Program Files\Java\jre7\bin\jqs.exe infected Virus.Win32.Sality.bh ...06:25:11:984 16000 cured
06:25:15:843 16000 C:\Program Files\Java\jre7\bin\keytool.exe infected Virus.Win32.Sality.bh ...06:25:15:843 16000 cured
06:25:19:500 16000 C:\Program Files\Java\jre7\bin\kinit.exe infected Virus.Win32.Sality.bh ...06:25:19:500 16000 cured
06:25:23:171 16000 C:\Program Files\Java\jre7\bin\klist.exe infected Virus.Win32.Sality.bh ...06:25:23:171 16000 cured
06:25:26:828 16000 C:\Program Files\Java\jre7\bin\ktab.exe infected Virus.Win32.Sality.bh ...06:25:26:828 16000 cured
06:25:30:921 16000 C:\Program Files\Java\jre7\bin\orbd.exe infected Virus.Win32.Sality.bh ...06:25:30:921 16000 cured
06:25:34:671 16000 C:\Program Files\Java\jre7\bin\pack200.exe infected Virus.Win32.Sality.bh ...06:25:34:671 16000 cured
06:25:38:531 16000 C:\Program Files\Java\jre7\bin\policytool.exe infected Virus.Win32.Sality.bh ...06:25:38:531 16000 cured
06:25:42:343 16000 C:\Program Files\Java\jre7\bin\rmid.exe infected Virus.Win32.Sality.bh ...06:25:42:343 16000 cured
06:25:46:078 16000 C:\Program Files\Java\jre7\bin\rmiregistry.exe infected Virus.Win32.Sality.bh ...06:25:46:078 16000 cured
06:25:49:875 16000 C:\Program Files\Java\jre7\bin\servertool.exe infected Virus.Win32.Sality.bh ...06:25:49:875 16000 cured
06:25:53:718 16000 C:\Program Files\Java\jre7\bin\ssvagent.exe infected Virus.Win32.Sality.bh ...06:25:53:718 16000 cured
06:25:57:609 16000 C:\Program Files\Java\jre7\bin\tnameserv.exe infected Virus.Win32.Sality.bh ...06:25:57:609 16000 cured
06:26:07:687 16000 C:\Program Files\Java\jre7\bin\unpack200.exe infected Virus.Win32.Sality.ag ...06:26:07:687 16000 cured
06:26:13:359 16000 C:\Program Files\MarkAny\ContentSafer\MaAgent.exe infected Virus.Win32.Sality.bh ...06:26:13:359 16000 cured
06:26:17:234 16000 C:\Program Files\MarkAny\ContentSafer\MaCSMgr.exe infected Virus.Win32.Sality.bh ...06:26:17:234 16000 cured
06:26:21:000 16000 C:\Program Files\MarkAny\ContentSafer\MAWebControl.exe infected Virus.Win32.Sality.bh ...06:26:21:000 16000 cured
06:26:24:750 16000 C:\Program Files\MarkAny\ContentSafer\MPXBox.exe infected Virus.Win32.Sality.bh ...06:26:24:750 16000 cured
06:26:28:609 16000 C:\Program Files\MarkAny\ContentSafer\UpdateClient\MAUpdate.exe infected Virus.Win32.Sality.bh ...06:26:28:609 16000 cured
06:26:32:421 16000 C:\Program Files\MarkAny\ContentSafer\UpdateClient\MAUpdateBoot.exe infected Virus.Win32.Sality.bh ...06:26:32:421 16000 cured
06:26:36:140 16000 C:\Program Files\MarkAny\ContentSafer\UpdateClient\MaUpdateClient.exe infected Virus.Win32.Sality.bh ...06:26:36:140 16000 cured
06:26:40:156 16000 C:\Program Files\Messenger\msmsgs.exe infected Virus.Win32.Sality.bh ...06:26:40:156 16000 cured
06:26:44:781 16000 C:\Program Files\Microsoft\BingBar\7.1.391.0oemBingBarSetup-Partner.EXE infected Virus.Win32.Sality.bh ...06:26:44:781 16000 cured
06:27:14:296 16000 C:\Program Files\Microsoft\BingBar\7.2.233.0\BBSvc.EXE infected Virus.Win32.Sality.bh ...06:27:14:296 16000 cured
06:27:18:109 16000 C:\Program Files\Microsoft\BingBar\7.2.233.0\BingApp.exe infected Virus.Win32.Sality.bh ...06:27:18:109 16000 cured
06:27:22:109 16000 C:\Program Files\Microsoft\BingBar\7.2.233.0\BingBar.exe infected Virus.Win32.Sality.bh ...06:27:22:109 16000 cured
06:27:25:859 16000 C:\Program Files\Microsoft\BingBar\7.2.233.0\bingsurrogate.exe infected Virus.Win32.Sality.bh ...06:27:25:859 16000 cured
06:27:30:093 16000 C:\Program Files\Microsoft\BingBar\7.2.233.0\SeaPort.EXE infected Virus.Win32.Sality.bh ...06:27:30:093 16000 cured
06:27:34:609 16000 C:\Program Files\Microsoft\BingBar\7.2.233.0oemBingBarSetup-Partner.EXE infected Virus.Win32.Sality.bh ...06:27:34:609 16000 cured
06:28:05:546 16000 C:\Program Files\Microsoft Office\Office14\1033\ONELEV.EXE infected Virus.Win32.Sality.bh ...06:28:05:546 16000 cured
06:28:19:109 16000 C:\Program Files\Microsoft Office\Office14\BCSSync.exe infected Virus.Win32.Sality.bh ...06:28:19:109 16000 cured
06:28:23:750 16000 C:\Program Files\Microsoft Office\Office14\CLVIEW.EXE infected Virus.Win32.Sality.bh ...06:28:23:750 16000 cured
06:28:27:531 16000 C:\Program Files\Microsoft Office\Office14\CNFNOT32.EXE infected Virus.Win32.Sality.bh ...06:28:27:531 16000 cured
06:28:35:375 16000 C:\Program Files\Microsoft Office\Office14\EXCEL.EXE infected Virus.Win32.Sality.bh ...06:28:35:375 16000 cured
06:28:42:093 16000 C:\Program Files\Microsoft Office\Office14\excelcnv.exe infected Virus.Win32.Sality.bh ...06:28:42:093 16000 cured
06:28:47:125 16000 C:\Program Files\Microsoft Office\Office14\GRAPH.EXE infected Virus.Win32.Sality.bh ...06:28:47:125 16000 cured
06:29:05:546 16000 C:\Program Files\Microsoft Office\Office14\GROOVE.EXE infected Virus.Win32.Sality.bh ...06:29:05:546 16000 cured
06:29:09:562 16000 C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE infected Virus.Win32.Sality.bh ...06:29:09:562 16000 cured
06:29:13:625 16000 C:\Program Files\Microsoft Office\Office14\IEContentService.exe infected Virus.Win32.Sality.bh ...06:29:13:625 16000 cured
06:29:17:921 16000 C:\Program Files\Microsoft Office\Office14\INFOPATH.EXE infected Virus.Win32.Sality.bh ...06:29:17:921 16000 cured
06:29:25:843 16000 C:\Program Files\Microsoft Office\Office14\MSACCESS.EXE infected Virus.Win32.Sality.bh ...06:29:25:843 16000 cured
06:29:30:656 16000 C:\Program Files\Microsoft Office\Office14\MSOHTMED.EXE infected Virus.Win32.Sality.bh ...06:29:30:656 16000 cured
06:29:36:609 16000 C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE infected Virus.Win32.Sality.ag ...06:29:36:609 16000 cured
06:29:40:468 16000 C:\Program Files\Microsoft Office\Office14\MSOUC.EXE infected Virus.Win32.Sality.bh ...06:29:40:468 16000 cured
06:29:45:812 16000 C:\Program Files\Microsoft Office\Office14\MSPUB.EXE infected Virus.Win32.Sality.bh ...06:29:45:812 16000 cured
06:29:49:671 16000 C:\Program Files\Microsoft Office\Office14\MSQRY32.EXE infected Virus.Win32.Sality.bh ...06:29:49:671 16000 cured
06:29:53:609 16000 C:\Program Files\Microsoft Office\Office14\MSTORDB.EXE infected Virus.Win32.Sality.bh ...06:29:53:609 16000 cured
06:29:57:296 16000 C:\Program Files\Microsoft Office\Office14\MSTORE.EXE infected Virus.Win32.Sality.bh ...06:29:57:296 16000 cured
06:30:01:140 16000 C:\Program Files\Microsoft Office\Office14\NAMECONTROLSERVER.EXE infected Virus.Win32.Sality.bh ...06:30:01:140 16000 cured
06:30:05:625 16000 C:\Program Files\Microsoft Office\Office14\OIS.EXE infected Virus.Win32.Sality.bh ...06:30:05:625 16000 cured
06:30:10:312 16000 C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE infected Virus.Win32.Sality.bh ...06:30:10:312 16000 cured
06:30:14:187 16000 C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE infected Virus.Win32.Sality.bh ...06:30:14:187 16000 cured
06:30:18:484 16000 C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE infected Virus.Win32.Sality.bh ...06:30:18:484 16000 cured
06:30:24:843 16000 C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE infected Virus.Win32.Sality.bh ...06:30:24:843 16000 cured
06:30:34:296 16000 C:\Program Files\Microsoft Office\Office14\SCANPST.EXE infected Virus.Win32.Sality.bh ...06:30:34:296 16000 cured
06:30:38:015 16000 C:\Program Files\Microsoft Office\Office14\SELFCERT.EXE infected Virus.Win32.Sality.bh ...06:30:38:015 16000 cured
06:30:41:781 16000 C:\Program Files\Microsoft Office\Office14\SETLANG.EXE infected Virus.Win32.Sality.bh ...06:30:41:781 16000 cured
06:30:45:765 16000 C:\Program Files\Microsoft Office\Office14\VPREVIEW.EXE infected Virus.Win32.Sality.bh ...06:30:45:765 16000 cured
06:30:49:875 16000 C:\Program Files\Microsoft Office\Office14\WINWORD.EXE infected Virus.Win32.Sality.bh ...06:30:49:875 16000 cured
06:30:53:609 16000 C:\Program Files\Microsoft Office\Office14\Wordconv.exe infected Virus.Win32.Sality.bh ...06:30:53:609 16000 cured
06:31:02:484 16000 C:\Program Files\mIRC\mirc.exe infected Virus.Win32.Sality.bh ...06:31:02:484 16000 cured
06:31:06:312 16000 C:\Program Files\mIRC\uninstall.exe infected Virus.Win32.Sality.bh ...06:31:06:312 16000 cured
06:31:10:656 16000 C:\Program Files\Mozilla Firefox\crashreporter.exe infected Virus.Win32.Sality.bh ...06:31:10:656 16000 cured
06:31:14:703 16000 C:\Program Files\Mozilla Firefox\firefox.exe infected Virus.Win32.Sality.bh ...06:31:14:703 16000 cured
06:31:18:718 16000 C:\Program Files\Mozilla Firefox\maintenanceservice.exe infected Virus.Win32.Sality.bh ...06:31:18:718 16000 cured
06:31:22:562 16000 C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe infected Virus.Win32.Sality.bh ...06:31:22:562 16000 cured
06:31:26:750 16000 C:\Program Files\Mozilla Firefox\plugin-container.exe infected Virus.Win32.Sality.bh ...06:31:26:750 16000 cured
06:31:30:265 16000 C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe infected Virus.Win32.Sality.bh ...06:31:30:265 16000 cured
06:31:34:250 16000 C:\Program Files\Mozilla Firefox\uninstall\helper.exe infected Virus.Win32.Sality.bh ...06:31:34:250 16000 cured
06:31:38:015 16000 C:\Program Files\Mozilla Firefox\updater.exe infected Virus.Win32.Sality.bh ...06:31:38:015 16000 cured
06:31:41:656 16000 C:\Program Files\Mozilla Firefox\webapp-uninstaller.exe infected Virus.Win32.Sality.bh ...06:31:41:656 16000 cured
06:31:45:453 16000 C:\Program Files\Mozilla Firefox\webapprt-stub.exe infected Virus.Win32.Sality.bh ...06:31:45:453 16000 cured
06:31:49:312 16000 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe infected Virus.Win32.Sality.bh ...06:31:49:312 16000 cured
06:31:53:125 16000 C:\Program Files\Mozilla Maintenance Service\Uninstall.exe infected Virus.Win32.Sality.bh ...06:31:53:125 16000 cured
06:31:56:828 16000 C:\Program Files\MP3 Cutter\MP3cutter.exe infected Virus.Win32.Sality.bh ...06:31:56:828 16000 cured
06:32:00:687 16000 C:\Program Files\MP3 Cutter\unins000.exe infected Virus.Win32.Sality.bh ...06:32:00:687 16000 cured
06:32:04:609 16000 C:\Program Files\MSI\DualCoreCenter\DelReg.exe infected Virus.Win32.Sality.bh ...06:32:04:609 16000 cured
06:32:33:984 16000 C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe infected Virus.Win32.Sality.bh ...06:32:33:984 16000 cured
06:32:38:156 16000 C:\Program Files\MSI\DualCoreCenter\Green Power Center\GreenPowerCenter.exe infected Virus.Win32.Sality.bh ...06:32:38:156 16000 cured
06:32:43:531 16000 C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe infected Virus.Win32.Sality.bh ...06:32:43:531 16000 cured
06:32:47:265 16000 C:\Program Files\MSI\DualCoreCenter\unins000.exe infected Virus.Win32.Sality.bh ...06:32:47:265 16000 cured
06:32:51:359 16000 C:\Program Files\MSI\Live Update 3\ATI\ATIFlash.exe infected Virus.Win32.Sality.bh ...06:32:51:359 16000 cured
06:32:55:328 16000 C:\Program Files\MSI\Live Update 3\DUAC.exe infected Virus.Win32.Sality.bh ...06:32:55:328 16000 cured
06:32:59:140 16000 C:\Program Files\MSI\Live Update 3\FlashUty\AMI\AFUWIN\AFUWIN.EXE infected Virus.Win32.Sality.bh ...06:32:59:140 16000 cured
06:33:02:984 16000 C:\Program Files\MSI\Live Update 3\FlashUty\AMI\EFIWIN\AEFUWIN.exe infected Virus.Win32.Sality.bh ...06:33:02:984 16000 cured
06:33:06:640 16000 C:\Program Files\MSI\Live Update 3\FlashUty\AMI\WinSFI\WinSFI.exe infected Virus.Win32.Sality.bh ...06:33:06:656 16000 cured
06:33:10:468 16000 C:\Program Files\MSI\Live Update 3\FlashUty\AMI\WinSFI.exe infected Virus.Win32.Sality.bh ...06:33:10:468 16000 cured
06:33:14:265 16000 C:\Program Files\MSI\Live Update 3\FlashUty\Award\WinFlash.exe infected Virus.Win32.Sality.bh ...06:33:14:265 16000 cured
06:33:18:046 16000 C:\Program Files\MSI\Live Update 3\FlashUty\NB\AFUWIN\AFU414_W.EXE infected Virus.Win32.Sality.bh ...06:33:18:046 16000 cured
06:33:25:187 16000 C:\Program Files\MSI\Live Update 3\FlashUty\OSD\OSDWinFM.exe infected Virus.Win32.Sality.ag ...06:33:25:187 16000 cured
06:33:28:984 16000 C:\Program Files\MSI\Live Update 3\FlashUty\OSD\OSDWinFS.exe infected Virus.Win32.Sality.bh ...06:33:28:984 16000 cured
06:33:33:593 16000 C:\Program Files\MSI\Live Update 3\LMonitor.exe infected Virus.Win32.Sality.bh ...06:33:33:593 16000 cured
06:33:38:406 16000 C:\Program Files\MSI\Live Update 3\MSIDevRg.exe infected Virus.Win32.Sality.bh ...06:33:38:406 16000 cured
06:33:42:312 16000 C:\Program Files\MSI\Live Update 3\MSIFlash.exe infected Virus.Win32.Sality.bh ...06:33:42:312 16000 cured
06:33:46:140 16000 C:\Program Files\MSI\Live Update 3\MSIWUPro.exe infected Virus.Win32.Sality.bh ...06:33:46:140 16000 cured
06:33:50:062 16000 C:\Program Files\MSI\Live Update 3\Setupx32.exe infected Virus.Win32.Sality.bh ...06:33:50:078 16000 cured
06:33:53:781 16000 C:\Program Files\MSI\Live Update 3\VBWINSYS.exe infected Virus.Win32.Sality.bh ...06:33:53:781 16000 cured
06:33:57:640 16000 C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe infected Virus.Win32.Sality.bh ...06:33:57:640 16000 cured
06:34:02:609 16000 C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe infected Virus.Win32.Sality.bh ...06:34:02:609 16000 cured
06:34:06:515 16000 C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe infected Virus.Win32.Sality.bh ...06:34:06:515 16000 cured
06:34:11:500 16000 C:\Program Files\Nettalk6\Nettalk.exe infected Virus.Win32.Sality.bh ...06:34:11:500 16000 cured
06:34:15:531 16000 C:\Program Files\Nettalk6\unins000.exe infected Virus.Win32.Sality.bh ...06:34:15:531 16000 cured
06:34:19:234 16000 C:\Program Files\Nettalk6\Update.exe infected Virus.Win32.Sality.bh ...06:34:19:234 16000 cured
06:34:23:265 16000 C:\Program Files\NVIDIA Corporation\3D Vision\NVStereoUtilityOGL.exe infected Virus.Win32.Sality.bh ...06:34:23:265 16000 cured
06:34:28:062 16000 C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe infected Virus.Win32.Sality.ag ...06:34:28:062 16000 cured
06:34:34:218 16000 C:\Program Files\NVIDIA Corporation\CPLInstallerCache\NvCplSetupEng.exe infected Virus.Win32.Sality.bh ...06:34:34:218 16000 cured
06:34:38:593 16000 C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe infected Virus.Win32.Sality.bh ...06:34:38:593 16000 cured
06:34:43:453 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\keystone.exe infected Virus.Win32.Sality.bh ...06:34:43:453 16000 cured
06:34:54:750 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\nvAppBar.exe infected Virus.Win32.Sality.ag ...06:34:54:750 16000 cured
06:34:58:609 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\nvcolor.exe infected Virus.Win32.Sality.bh ...06:34:58:609 16000 cured
06:35:02:875 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\nvcplui.exe infected Virus.Win32.Sality.bh ...06:35:02:875 16000 cured
06:35:06:921 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\nvDspSch.exe infected Virus.Win32.Sality.bh ...06:35:06:921 16000 cured
06:35:11:203 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\nvSmartMaxapp.exe infected Virus.Win32.Sality.bh ...06:35:11:203 16000 cured
06:35:14:812 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\nvsvc32.exe infected Virus.Win32.Sality.bh ...06:35:14:812 16000 cured
06:35:19:031 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\nwiz.exe infected Virus.Win32.Sality.bh ...06:35:19:031 16000 cured
06:35:23:046 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.1\Setup.exe infected Virus.Win32.Sality.bh ...06:35:23:046 16000 cured
06:35:26:734 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\dbInstaller.exe infected Virus.Win32.Sality.bh ...06:35:26:734 16000 cured
06:35:33:375 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\nvcplsetupeng.exe infected Virus.Win32.Sality.bh ...06:35:33:375 16000 cured
06:35:37:875 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\NvStereoUtilityOGL.exe infected Virus.Win32.Sality.bh ...06:35:37:875 16000 cured
06:35:41:828 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.NView.1\Keystone.exe infected Virus.Win32.Sality.bh ...06:35:41:828 16000 cured
06:35:45:734 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.NView.1\nvAppBar.exe infected Virus.Win32.Sality.bh ...06:35:45:734 16000 cured
06:35:49:453 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.NView.1\nvDspSch.exe infected Virus.Win32.Sality.bh ...06:35:49:453 16000 cured
06:35:53:625 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.NView.1\nvTaskbar.exe infected Virus.Win32.Sality.bh ...06:35:53:625 16000 cured
06:35:57:843 16000 C:\Program Files\NVIDIA Corporation\Installer2\Display.NView.1\nwiz.exe infected Virus.Win32.Sality.bh ...06:35:57:843 16000 cured
06:36:02:125 16000 C:\Program Files\NVIDIA Corporation\Installer2\installer.0\Setup.exe infected Virus.Win32.Sality.bh ...06:36:02:125 16000 cured
06:36:06:468 16000 C:\Program Files\NVIDIA Corporation\Installer2\installer.2\setup.exe infected Virus.Win32.Sality.bh ...06:36:06:468 16000 cured
06:36:10:390 16000 C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.1\ComUpdatus.exe infected Virus.Win32.Sality.bh ...06:36:10:390 16000 cured
06:36:14:234 16000 C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.1\daemonu.exe infected Virus.Win32.Sality.bh ...06:36:14:234 16000 cured
06:36:18:140 16000 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe infected Virus.Win32.Sality.bh ...06:36:18:140 16000 cured
06:36:21:953 16000 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe infected Virus.Win32.Sality.bh ...06:36:21:953 16000 cured
06:36:25:750 16000 C:\Program Files\NVIDIA Corporation\nView\keystone.exe infected Virus.Win32.Sality.bh ...06:36:25:750 16000 cured
06:36:27:875 16000 C:\Program Files\NVIDIA Corporation\nView\nvAppBar.exe infected Virus.Win32.Sality.ag ...06:36:27:875 16000 cured
06:36:31:593 16000 C:\Program Files\NVIDIA Corporation\nView\nvDspSch.exe infected Virus.Win32.Sality.bh ...06:36:31:593 16000 cured
06:36:35:765 16000 C:\Program Files\NVIDIA Corporation\nView\nwiz.exe infected Virus.Win32.Sality.bh ...06:36:35:765 16000 cured
06:36:42:687 16000 C:\Program Files\NVIDIA Corporation\Uninstall\nvunrm.exe infected Virus.Win32.Sality.bh ...06:36:42:687 16000 cured
06:36:46:500 16000 C:\Program Files\NVIDIA Corporation\Uninstall\nvusmb.exe infected Virus.Win32.Sality.bh ...06:36:46:515 16000 cured
06:36:50:250 16000 C:\Program Files\NVIDIA Corporation\Uninstall\nvusmu.exe infected Virus.Win32.Sality.bh ...06:36:50:250 16000 cured
06:36:54:531 16000 C:\Program Files\Pando Networks\Media Booster\BsSndRpt.exe infected Virus.Win32.Sality.bh ...06:36:54:531 16000 cured
06:36:59:093 16000 C:\Program Files\Pando Networks\Media Booster\PMB.exe infected Virus.Win32.Sality.bh ...06:36:59:093 16000 cured
06:37:03:078 16000 C:\Program Files\Pando Networks\Media Booster\uninst.exe infected Virus.Win32.Sality.bh ...06:37:03:078 16000 cured
06:37:07:437 16000 C:\Program Files\PowerISO\piso.exe infected Virus.Win32.Sality.bh ...06:37:07:437 16000 cured
06:37:11:406 16000 C:\Program Files\PowerISO\PowerISO.exe infected Virus.Win32.Sality.bh ...06:37:11:406 16000 cured
06:37:15:203 16000 C:\Program Files\PowerISO\PWRISOVM.EXE infected Virus.Win32.Sality.bh ...06:37:15:203 16000 cured
06:37:18:921 16000 C:\Program Files\PowerISO\uninstall.exe infected Virus.Win32.Sality.bh ...06:37:18:921 16000 cured
06:37:23:718 16000 C:\Program Files\Rainmeter\SkinInstaller.exe infected Virus.Win32.Sality.bh ...06:37:23:718 16000 cured
06:37:27:468 16000 C:\Program Files\Rainmeter\uninst.exe infected Virus.Win32.Sality.bh ...06:37:27:468 16000 cured
06:37:31:265 16000 C:\Program Files\Realtek\Audio\InstallShield\Alcmtr.exe infected Virus.Win32.Sality.bh ...06:37:31:265 16000 cured
06:37:35:484 16000 C:\Program Files\Realtek\Audio\InstallShield\AlcWzrd.exe infected Virus.Win32.Sality.bh ...06:37:35:484 16000 cured
06:37:39:312 16000 C:\Program Files\Realtek\Audio\InstallShield\ChCfg.exe infected Virus.Win32.Sality.bh ...06:37:39:312 16000 cured
06:37:43:656 16000 C:\Program Files\Realtek\Audio\InstallShield\KB888111xpsp2.exe infected Virus.Win32.Sality.bh ...06:37:43:656 16000 cured
06:37:47:468 16000 C:\Program Files\Realtek\Audio\InstallShield\MicCal.exe infected Virus.Win32.Sality.bh ...06:37:47:468 16000 cured
06:37:53:390 16000 C:\Program Files\Realtek\Audio\InstallShield\RTHDCPL.exe infected Virus.Win32.Sality.bh ...06:37:53:390 16000 cured
06:37:58:406 16000 C:\Program Files\Realtek\Audio\InstallShield\RTLCPL.exe infected Virus.Win32.Sality.bh ...06:37:58:406 16000 cured
06:38:02:359 16000 C:\Program Files\Realtek\Audio\InstallShield\RtlUpd.exe infected Virus.Win32.Sality.bh ...06:38:02:359 16000 cured
06:38:06:281 16000 C:\Program Files\Realtek\Audio\InstallShield\SkyTel.exe infected Virus.Win32.Sality.bh ...06:38:06:281 16000 cured
06:38:10:062 16000 C:\Program Files\Realtek\Audio\InstallShield\SoundMan.exe infected Virus.Win32.Sality.bh ...06:38:10:062 16000 cured
06:38:15:843 16000 C:\Program Files\Samsung\Kies\DriverChecker.exe infected Virus.Win32.Sality.bh ...06:38:15:843 16000 cured
06:38:20:015 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\ConnectionManager.exe infected Virus.Win32.Sality.bh ...06:38:20:015 16000 cured
06:38:24:609 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\DeviceDataService.exe infected Virus.Win32.Sality.bh ...06:38:24:609 16000 cured
06:38:28:406 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\DeviceManager.exe infected Virus.Win32.Sality.bh ...06:38:28:406 16000 cured
06:38:32:421 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\ErrorReport.exe infected Virus.Win32.Sality.bh ...06:38:32:421 16000 cured
06:38:36:093 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\FsUsbExAdmin.exe infected Virus.Win32.Sality.bh ...06:38:36:093 16000 cured
06:38:39:937 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\FsUsbExService.exe infected Virus.Win32.Sality.bh ...06:38:39:937 16000 cured
06:38:43:656 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\FUSBCommander.exe infected Virus.Win32.Sality.bh ...06:38:43:656 16000 cured
06:38:48:890 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\NPSSendMessage.exe infected Virus.Win32.Sality.bh ...06:38:48:890 16000 cured
06:38:52:734 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\PBRefresher.exe infected Virus.Win32.Sality.bh ...06:38:52:734 16000 cured
06:38:56:468 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\RegisterCOM.exe infected Virus.Win32.Sality.bh ...06:38:56:468 16000 cured
06:39:00:343 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\SetupNPSRapiServer.exe infected Virus.Win32.Sality.bh ...06:39:00:343 16000 cured
06:39:04:062 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\SetupNPSRapiServer_GT-B7320.exe infected Virus.Win32.Sality.bh ...06:39:04:062 16000 cured
06:39:07:796 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\SetupNPSRapiServer_GT-B7320L.exe infected Virus.Win32.Sality.bh ...06:39:07:796 16000 cured
06:39:11:656 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\SetupNPSRapiServer_GT-B7330.exe infected Virus.Win32.Sality.bh ...06:39:11:656 16000 cured
06:39:15:296 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\SetupNPSRapiServer_SGH-i637.exe infected Virus.Win32.Sality.bh ...06:39:15:296 16000 cured
06:39:18:984 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\SetupNPSRapiServer_SGH-i900.exe infected Virus.Win32.Sality.bh ...06:39:18:984 16000 cured
06:39:22:546 16000 C:\Program Files\Samsung\Kies\External\DeviceModules\SetupNPSRapiServer_SWD-M100.exe infected Virus.Win32.Sality.bh ...06:39:22:546 16000 cured
06:39:26:859 16000 C:\Program Files\Samsung\Kies\External\FirmwareUpdate\AdminDelegator.exe infected Virus.Win32.Sality.bh ...06:39:26:859 16000 cured
06:39:30:656 16000 C:\Program Files\Samsung\Kies\External\FirmwareUpdate\AgentInstaller.exe infected Virus.Win32.Sality.bh ...06:39:30:656 16000 cured
06:39:34:312 16000 C:\Program Files\Samsung\Kies\External\FirmwareUpdate\AgentUpdate.exe infected Virus.Win32.Sality.bh ...06:39:34:312 16000 cured
06:39:38:250 16000 C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe infected Virus.Win32.Sality.bh ...06:39:38:250 16000 cured
06:39:44:625 16000 C:\Program Files\Samsung\Kies\External\MediaModules\MyFreeCodecPack.exe infected Virus.Win32.Sality.bh ...06:39:44:625 16000 cured
06:39:50:515 16000 C:\Program Files\Samsung\Kies\External\TransModules\SelfMV.exe infected Virus.Win32.Sality.bh ...06:39:50:515 16000 cured
06:39:54:421 16000 C:\Program Files\Samsung\Kies\External\TransModules\SelfMV2.exe infected Virus.Win32.Sality.bh ...06:39:54:421 16000 cured
06:39:58:453 16000 C:\Program Files\Samsung\Kies\External\TransModules\TG_CAM.exe infected Virus.Win32.Sality.bh ...06:39:58:453 16000 cured
06:40:03:640 16000 C:\Program Files\Samsung\Kies\KiesAgent.exe infected Virus.Win32.Sality.bh ...06:40:03:640 16000 cured
06:40:07:593 16000 C:\Program Files\Samsung\Kies\KiesSilentUpdateAgent.exe infected Virus.Win32.Sality.bh ...06:40:07:593 16000 cured
06:40:11:437 16000 C:\Program Files\Samsung\Kies\KiesTrayAgent.exe infected Virus.Win32.Sality.bh ...06:40:11:437 16000 cured
06:40:15:187 16000 C:\Program Files\Samsung\Kies\lame.exe infected Virus.Win32.Sality.bh ...06:40:15:187 16000 cured
06:40:20:250 16000 C:\Program Files\Samsung\Kies\oggenc.exe infected Virus.Win32.Sality.bh ...06:40:20:250 16000 cured
06:40:27:968 16000 C:\Program Files\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe infected Virus.Win32.Sality.bh ...06:40:27:968 16000 cured
06:40:37:593 16000 C:\Program Files\Samsung\USB Drivers\Uninstall.exe infected Virus.Win32.Sality.bh ...06:40:37:593 16000 cured
06:40:42:515 16000 C:\Program Files\Sanny Builder 3\sanny.exe infected Virus.Win32.Sality.bh ...06:40:42:515 16000 cured
06:40:46:671 16000 C:\Program Files\Sanny Builder 3\tools\Source Converter\sconvert.exe infected Virus.Win32.Sality.bh ...06:40:46:671 16000 cured
06:40:50:375 16000 C:\Program Files\Sanny Builder 3\unins000.exe infected Virus.Win32.Sality.bh ...06:40:50:375 16000 cured
06:40:54:296 16000 C:\Program Files\Shadow Defender\Commit.exe infected Virus.Win32.Sality.bh ...06:40:54:296 16000 cured
06:40:58:093 16000 C:\Program Files\Shadow Defender\Defender.exe infected Virus.Win32.Sality.bh ...06:40:58:093 16000 cured
06:41:02:171 16000 C:\Program Files\Shadow Defender\Uninstall.exe infected Virus.Win32.Sality.bh ...06:41:02:171 16000 cured
06:41:07:593 16000 C:\Program Files\Skype\Phone\Skype.exe infected Virus.Win32.Sality.bh ...06:41:07:593 16000 cured
06:41:11:421 16000 C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe infected Virus.Win32.Sality.bh ...06:41:11:421 16000 cured
06:41:15:375 16000 C:\Program Files\Skype\Toolbars\Skype for Chromium\MSIExecWatcher.exe infected Virus.Win32.Sality.bh ...06:41:15:375 16000 cured
06:41:19:218 16000 C:\Program Files\Skype\Updater\Updater.exe infected Virus.Win32.Sality.bh ...06:41:19:218 16000 cured
06:41:22:890 16000 C:\Program Files\Smart Bro\AddPbk.exe infected Virus.Win32.Sality.bh ...06:41:22:890 16000 cured
06:41:26:734 16000 C:\Program Files\Smart Bro\AutoRun\AutoRunSetup.exe infected Virus.Win32.Sality.bh ...06:41:26:734 16000 cured
06:41:30:640 16000 C:\Program Files\Smart Bro\AutoRun\AutoRunUninstall.exe infected Virus.Win32.Sality.bh ...06:41:30:640 16000 cured
06:41:34:906 16000 C:\Program Files\Smart Bro\Driver\devsetup32.exe infected Virus.Win32.Sality.bh ...06:41:34:906 16000 cured
06:41:40:218 16000 C:\Program Files\Smart Bro\Driver\DriverSetup.exe infected Virus.Win32.Sality.bh ...06:41:40:218 16000 cured
06:41:44:000 16000 C:\Program Files\Smart Bro\Driver\DriverUninstall.exe infected Virus.Win32.Sality.bh ...06:41:44:000 16000 cured
06:41:47:937 16000 C:\Program Files\Smart Bro\eap\wifimansvc.exe infected Virus.Win32.Sality.bh ...06:41:47:937 16000 cured
06:41:51:718 16000 C:\Program Files\Smart Bro\eap\wifiman_inistall.exe infected Virus.Win32.Sality.bh ...06:41:51:718 16000 cured
06:41:55:875 16000 C:\Program Files\Smart Bro\eap\WinPcap_4_0_2.exe infected Virus.Win32.Sality.bh ...06:41:55:875 16000 cured
06:42:00:062 16000 C:\Program Files\Smart Bro\mt.exe infected Virus.Win32.Sality.bh ...06:42:00:062 16000 cured
06:42:06:500 16000 C:\Program Files\Smart Bro\plugins\WLANPlugin\mobilepartner.exe infected Virus.Win32.Sality.bh ...06:42:06:500 16000 cured
06:42:13:750 16000 C:\Program Files\Smart Bro\Smart Bro.exe infected Virus.Win32.Sality.bh ...06:42:13:750 16000 cured
06:42:17:609 16000 C:\Program Files\Smart Bro\subinacl.exe infected Virus.Win32.Sality.bh ...06:42:17:609 16000 cured
06:42:21:296 16000 C:\Program Files\Smart Bro\TerminateProcess.exe infected Virus.Win32.Sality.bh ...06:42:21:296 16000 cured
06:42:25:062 16000 C:\Program Files\Smart Bro\uninst.exe infected Virus.Win32.Sality.bh ...06:42:25:062 16000 cured
06:42:29:156 16000 C:\Program Files\Smart Bro\UpdateDog\LiveUpd.exe infected Virus.Win32.Sality.bh ...06:42:29:156 16000 cured
06:42:32:921 16000 C:\Program Files\Smart Bro\UpdateDog\ouc.exe infected Virus.Win32.Sality.bh ...06:42:32:921 16000 cured
06:42:37:031 16000 C:\Program Files\Smart Bro\UpdateDog\RunLiveUpd.exe infected Virus.Win32.Sality.bh ...06:42:37:031 16000 cured
06:42:40:578 16000 C:\Program Files\Smart Bro\UpdateDog\RunOuc.exe infected Virus.Win32.Sality.bh ...06:42:40:578 16000 cured
06:42:46:859 16000 C:\Program Files\SQUARE ENIX\Sleeping Dogs\HKShip.exe infected Virus.Win32.Sality.bh ...06:42:46:859 16000 cured
06:42:52:812 16000 C:\Program Files\Steffen L\Dead Island Save Editor\dise.exe infected Virus.Win32.Sality.bh ...06:42:52:812 16000 cured
06:42:59:093 16000 C:\Program Files\Steffen L\Dead Island Save Editor\unins000.exe infected Virus.Win32.Sality.ag ...06:42:59:093 16000 cured
06:43:03:562 16000 C:\Program Files\TeamViewer\Version7\TeamViewer.exe infected Virus.Win32.Sality.bh ...06:43:03:562 16000 cured
06:43:07:312 16000 C:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe infected Virus.Win32.Sality.bh ...06:43:07:312 16000 cured
06:43:12:671 16000 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe infected Virus.Win32.Sality.bh ...06:43:12:671 16000 cured
06:43:16:359 16000 C:\Program Files\TeamViewer\Version7\uninstall.exe infected Virus.Win32.Sality.bh ...06:43:16:359 16000 cured
06:43:21:093 16000 C:\Program Files\Tunngle\Driver\32bit\tapinstall.exe infected Virus.Win32.Sality.bh ...06:43:21:093 16000 cured
06:43:24:906 16000 C:\Program Files\Tunngle\Driver\Helper.exe infected Virus.Win32.Sality.bh ...06:43:24:906 16000 cured
06:43:29:125 16000 C:\Program Files\Tunngle\Launcher.exe infected Virus.Win32.Sality.bh ...06:43:29:125 16000 cured
06:43:32:843 16000 C:\Program Files\Tunngle\TnglCtrl.exe infected Virus.Win32.Sality.bh ...06:43:32:859 16000 cured
06:43:36:921 16000 C:\Program Files\Tunngle\Tunngle.exe infected Virus.Win32.Sality.bh ...06:43:36:921 16000 cured
06:43:40:750 16000 C:\Program Files\Tunngle\unins000.exe infected Virus.Win32.Sality.bh ...06:43:40:750 16000 cured
06:43:44:578 16000 C:\Program Files\VentSrv\ventrilo_srv.exe infected Virus.Win32.Sality.bh ...06:43:44:578 16000 cured
06:43:48:281 16000 C:\Program Files\VentSrv\ventrilo_status.exe infected Virus.Win32.Sality.bh ...06:43:48:281 16000 cured
06:43:51:843 16000 C:\Program Files\VentSrv\ventrilo_svc.exe infected Virus.Win32.Sality.bh ...06:43:51:843 16000 cured
06:44:03:953 16000 C:\Program Files\VideoLAN\VLC\uninstall.exe infected Virus.Win32.Sality.bh ...06:44:03:953 16000 cured
06:44:07:781 16000 C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe infected Virus.Win32.Sality.bh ...06:44:07:781 16000 cured
06:44:11:515 16000 C:\Program Files\VideoLAN\VLC\vlc.exe infected Virus.Win32.Sality.bh ...06:44:11:515 16000 cured
06:44:15:296 16000 C:\Program Files\Virtual CD v10\API\examples\MFC\VcdAPITest\Debug\VcdAPITest.exe infected Virus.Win32.Sality.bh ...06:44:15:296 16000 cured
06:44:19:140 16000 C:\Program Files\Virtual CD v10\API\examples\MFC\VcdAPITest\Release\VcdAPITest.exe infected Virus.Win32.Sality.bh ...06:44:19:140 16000 cured
06:44:29:468 16000 C:\Program Files\Virtual CD v10\System\vc10dbc.exe infected Virus.Win32.Sality.bh ...06:44:29:468 16000 cured
06:44:34:812 16000 C:\Program Files\Vtune\DXTOOL.EXE infected Virus.Win32.Sality.bh ...06:44:34:812 16000 cured
06:44:38:781 16000 C:\Program Files\Vtune\TBPANEL.exe infected Virus.Win32.Sality.bh ...06:44:38:781 16000 cured
06:44:42:593 16000 C:\Program Files\Vtune\TBZOOM.EXE infected Virus.Win32.Sality.bh ...06:44:42:593 16000 cured
06:44:46:859 16000 C:\Program Files\Vtune\unins000.exe infected Virus.Win32.Sality.bh ...06:44:46:859 16000 cured
06:44:50:640 16000 C:\Program Files\Windows Media Player\dlimport.exe infected Virus.Win32.Sality.bh ...06:44:50:640 16000 cured
06:44:54:703 16000 C:\Program Files\Windows Media Player\wmsetsdk.exe infected Virus.Win32.Sality.bh ...06:44:54:703 16000 cured
06:44:58:625 16000 C:\Program Files\Windows NT\hypertrm.exe infected Virus.Win32.Sality.bh ...06:44:58:625 16000 cured
06:45:03:125 16000 C:\Program Files\WinRAR\Rar.exe infected Virus.Win32.Sality.bh ...06:45:03:125 16000 cured
06:45:14:562 16000 C:\Program Files\WinRAR\Uninstall.exe infected Virus.Win32.Sality.ag ...06:45:14:562 16000 cured
06:45:18:234 16000 C:\Program Files\WinRAR\UnRAR.exe infected Virus.Win32.Sality.bh ...06:45:18:234 16000 cured
06:45:22:109 16000 C:\Program Files\WinRAR\WinRAR.exe infected Virus.Win32.Sality.bh ...06:45:22:109 16000 cured
06:45:26:093 16000 C:\Program Files\Xilisoft\Audio Converter 6\ac.exe infected Virus.Win32.Sality.bh ...06:45:26:093 16000 cured
06:45:29:718 16000 C:\Program Files\Xilisoft\Audio Converter 6\acloader.exe infected Virus.Win32.Sality.bh ...06:45:29:718 16000 cured
06:45:33:500 16000 C:\Program Files\Xilisoft\Audio Converter 6\ac_buy.exe infected Virus.Win32.Sality.bh ...06:45:33:500 16000 cured
06:45:37:296 16000 C:\Program Files\Xilisoft\Audio Converter 6\audiomuxer.exe infected Virus.Win32.Sality.bh ...06:45:37:296 16000 cured
06:45:41:000 16000 C:\Program Files\Xilisoft\Audio Converter 6\avc.exe infected Virus.Win32.Sality.bh ...06:45:41:000 16000 cured
06:45:44:906 16000 C:\Program Files\Xilisoft\Audio Converter 6\cdrecord.exe infected Virus.Win32.Sality.bh ...06:45:44:906 16000 cured
06:45:48:765 16000 C:\Program Files\Xilisoft\Audio Converter 6\crashreport.exe infected Virus.Win32.Sality.bh ...06:45:48:765 16000 cured
06:45:52:625 16000 C:\Program Files\Xilisoft\Audio Converter 6\devchange.exe infected Virus.Win32.Sality.bh ...06:45:52:625 16000 cured
06:45:56:359 16000 C:\Program Files\Xilisoft\Audio Converter 6\gifshow.exe infected Virus.Win32.Sality.bh ...06:45:56:359 16000 cured
06:46:01:203 16000 C:\Program Files\Xilisoft\Audio Converter 6\immdevice.exe infected Virus.Win32.Sality.bh ...06:46:01:203 16000 cured
06:46:05:218 16000 C:\Program Files\Xilisoft\Audio Converter 6\imminfo.exe infected Virus.Win32.Sality.bh ...06:46:05:218 16000 cured
06:46:10:906 16000 C:\Program Files\Xilisoft\Audio Converter 6\makeidx.exe infected Virus.Win32.Sality.bh ...06:46:10:906 16000 cured
06:46:14:781 16000 C:\Program Files\Xilisoft\Audio Converter 6\mkisofs.exe infected Virus.Win32.Sality.bh ...06:46:14:781 16000 cured
06:46:18:812 16000 C:\Program Files\Xilisoft\Audio Converter 6\player.exe infected Virus.Win32.Sality.bh ...06:46:18:812 16000 cured
06:46:30:687 16000 C:\Program Files\Xilisoft\Audio Converter 6\swfconverter.exe infected Virus.Win32.Sality.bh ...06:46:30:687 16000 cured
06:46:34:453 16000 C:\Program Files\Xilisoft\Audio Converter 6\Uninstall.exe infected Virus.Win32.Sality.bh ...06:46:34:453 16000 cured
06:46:38:203 16000 C:\Program Files\Xilisoft\Audio Converter 6\videomixer.exe infected Virus.Win32.Sality.bh ...06:46:38:203 16000 cured
06:46:42:343 16000 C:\Program Files\Xilisoft\Audio Converter 6\Xilisoft Audio Converter 6 Update.exe infected Virus.Win32.Sality.bh ...06:46:42:343 16000 cured
06:46:55:390 16000 C:\Program Files\Yahoo!\Messenger\UNWISE.EXE infected Virus.Win32.Sality.bh ...06:46:55:390 16000 cured
06:46:59:562 16000 C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe infected Virus.Win32.Sality.bh ...06:46:59:562 16000 cured
06:47:03:718 16000 C:\Program Files\YaTQA\yatqa.exe infected Virus.Win32.Sality.bh ...06:47:03:718 16000 cured
06:47:09:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182806.pif infected Virus.Win32.Sality.bh ...06:47:09:859 16000 cured
06:47:13:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182808.exe infected Virus.Win32.Sality.bh ...06:47:13:593 16000 cured
06:47:17:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182809.exe infected Virus.Win32.Sality.bh ...06:47:17:265 16000 cured
06:47:20:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182810.exe infected Virus.Win32.Sality.bh ...06:47:20:984 16000 cured
06:47:24:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182811.exe infected Virus.Win32.Sality.bh ...06:47:24:562 16000 cured
06:47:28:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182818.exe infected Virus.Win32.Sality.bh ...06:47:28:343 16000 cured
06:47:32:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182819.exe infected Virus.Win32.Sality.bh ...06:47:32:250 16000 cured
06:47:35:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182820.exe infected Virus.Win32.Sality.bh ...06:47:35:953 16000 cured
06:47:39:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182821.exe infected Virus.Win32.Sality.bh ...06:47:39:593 16000 cured
06:47:43:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182823.exe infected Virus.Win32.Sality.bh ...06:47:43:578 16000 cured
06:47:47:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182825.exe infected Virus.Win32.Sality.bh ...06:47:47:296 16000 cured
06:47:51:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182826.exe infected Virus.Win32.Sality.bh ...06:47:51:046 16000 cured
06:47:54:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182827.exe infected Virus.Win32.Sality.bh ...06:47:54:828 16000 cured
06:47:58:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182830.exe infected Virus.Win32.Sality.bh ...06:47:58:656 16000 cured
06:48:02:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182831.exe infected Virus.Win32.Sality.bh ...06:48:02:437 16000 cured
06:48:06:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182832.exe infected Virus.Win32.Sality.bh ...06:48:06:187 16000 cured
06:48:09:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182833.exe infected Virus.Win32.Sality.bh ...06:48:09:843 16000 cured
06:48:13:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182834.exe infected Virus.Win32.Sality.bh ...06:48:13:531 16000 cured
06:48:17:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182835.exe infected Virus.Win32.Sality.bh ...06:48:17:218 16000 cured
06:48:20:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182836.exe infected Virus.Win32.Sality.bh ...06:48:20:968 16000 cured
06:48:24:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182837.exe infected Virus.Win32.Sality.bh ...06:48:24:546 16000 cured
06:48:28:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182839.exe infected Virus.Win32.Sality.bh ...06:48:28:437 16000 cured
06:48:32:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182841.exe infected Virus.Win32.Sality.bh ...06:48:32:203 16000 cured
06:48:35:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182843.exe infected Virus.Win32.Sality.bh ...06:48:35:906 16000 cured
06:48:39:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182853.exe infected Virus.Win32.Sality.bh ...06:48:39:640 16000 cured
06:48:43:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182854.exe infected Virus.Win32.Sality.bh ...06:48:43:234 16000 cured
06:48:46:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182855.exe infected Virus.Win32.Sality.bh ...06:48:46:875 16000 cured
06:48:50:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182856.exe infected Virus.Win32.Sality.bh ...06:48:50:703 16000 cured
06:48:54:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182857.exe infected Virus.Win32.Sality.bh ...06:48:54:484 16000 cured
06:49:00:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183068.exe infected Virus.Win32.Sality.bh ...06:49:00:265 16000 cured
06:49:04:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183119.exe infected Virus.Win32.Sality.bh ...06:49:04:062 16000 cured
06:49:07:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183120.exe infected Virus.Win32.Sality.bh ...06:49:07:625 16000 cured
06:49:11:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183121.exe infected Virus.Win32.Sality.bh ...06:49:11:218 16000 cured
06:49:14:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183122.exe infected Virus.Win32.Sality.bh ...06:49:14:843 16000 cured
06:49:18:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183123.exe infected Virus.Win32.Sality.bh ...06:49:18:515 16000 cured
06:49:22:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183125.exe infected Virus.Win32.Sality.bh ...06:49:22:343 16000 cured
06:49:26:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183126.exe infected Virus.Win32.Sality.bh ...06:49:26:125 16000 cured
06:49:29:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183131.pif infected Virus.Win32.Sality.bh ...06:49:29:671 16000 cured
06:49:33:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183132.exe infected Virus.Win32.Sality.bh ...06:49:33:421 16000 cured
06:49:37:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183139.exe infected Virus.Win32.Sality.bh ...06:49:37:140 16000 cured
06:49:40:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183148.exe infected Virus.Win32.Sality.bh ...06:49:40:937 16000 cured
06:49:44:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183149.exe infected Virus.Win32.Sality.bh ...06:49:44:640 16000 cured
06:49:48:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183154.exe infected Virus.Win32.Sality.bh ...06:49:48:375 16000 cured
06:49:51:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183155.exe infected Virus.Win32.Sality.bh ...06:49:51:968 16000 cured
06:49:55:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183160.exe infected Virus.Win32.Sality.bh ...06:49:55:546 16000 cured
06:49:59:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183163.exe infected Virus.Win32.Sality.bh ...06:49:59:312 16000 cured
06:50:02:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183164.exe infected Virus.Win32.Sality.bh ...06:50:02:953 16000 cured
06:50:06:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183165.exe infected Virus.Win32.Sality.bh ...06:50:06:765 16000 cured
06:50:10:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183166.exe infected Virus.Win32.Sality.bh ...06:50:10:500 16000 cured
06:50:14:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183168.exe infected Virus.Win32.Sality.bh ...06:50:14:437 16000 cured
06:50:18:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183169.exe infected Virus.Win32.Sality.bh ...06:50:18:125 16000 cured
06:50:23:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183374.exe infected Virus.Win32.Sality.bh ...06:50:23:703 16000 cured
06:50:27:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183426.exe infected Virus.Win32.Sality.bh ...06:50:27:453 16000 cured
06:50:31:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183427.exe infected Virus.Win32.Sality.bh ...06:50:31:031 16000 cured
06:50:34:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183428.exe infected Virus.Win32.Sality.bh ...06:50:34:625 16000 cured
06:50:38:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183429.exe infected Virus.Win32.Sality.bh ...06:50:38:250 16000 cured
06:50:41:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183430.exe infected Virus.Win32.Sality.bh ...06:50:41:890 16000 cured
06:50:45:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183432.exe infected Virus.Win32.Sality.bh ...06:50:45:687 16000 cured
06:50:49:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183437.pif infected Virus.Win32.Sality.bh ...06:50:49:265 16000 cured
06:50:53:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183438.exe infected Virus.Win32.Sality.bh ...06:50:53:000 16000 cured
06:50:56:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183442.exe infected Virus.Win32.Sality.bh ...06:50:56:640 16000 cured
06:51:00:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183447.exe infected Virus.Win32.Sality.bh ...06:51:00:328 16000 cured
06:51:04:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183448.exe infected Virus.Win32.Sality.bh ...06:51:04:015 16000 cured
06:51:07:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183449.exe infected Virus.Win32.Sality.bh ...06:51:07:734 16000 cured
06:51:11:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183454.exe infected Virus.Win32.Sality.bh ...06:51:11:453 16000 cured
06:51:15:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183455.exe infected Virus.Win32.Sality.bh ...06:51:15:031 16000 cured
06:51:18:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183462.exe infected Virus.Win32.Sality.bh ...06:51:18:812 16000 cured
06:51:22:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183463.exe infected Virus.Win32.Sality.bh ...06:51:22:406 16000 cured
06:51:26:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183464.exe infected Virus.Win32.Sality.bh ...06:51:26:328 16000 cured
06:51:30:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183465.exe infected Virus.Win32.Sality.bh ...06:51:30:000 16000 cured
06:51:33:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183466.exe infected Virus.Win32.Sality.bh ...06:51:33:640 16000 cured
06:51:37:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183467.exe infected Virus.Win32.Sality.bh ...06:51:37:515 16000 cured
06:51:41:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183468.exe infected Virus.Win32.Sality.bh ...06:51:41:265 16000 cured
06:51:46:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183656.exe infected Virus.Win32.Sality.bh ...06:51:46:359 16000 cured
06:51:50:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183681.exe infected Virus.Win32.Sality.bh ...06:51:50:609 16000 cured
06:51:54:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183733.exe infected Virus.Win32.Sality.bh ...06:51:54:375 16000 cured
06:51:57:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183734.exe infected Virus.Win32.Sality.bh ...06:51:57:953 16000 cured
06:52:01:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183735.exe infected Virus.Win32.Sality.bh ...06:52:01:546 16000 cured
06:52:05:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183736.exe infected Virus.Win32.Sality.bh ...06:52:05:171 16000 cured
06:52:08:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183737.exe infected Virus.Win32.Sality.bh ...06:52:08:828 16000 cured
06:52:12:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183739.exe infected Virus.Win32.Sality.bh ...06:52:12:640 16000 cured
06:52:16:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183740.exe infected Virus.Win32.Sality.bh ...06:52:16:421 16000 cured
06:52:20:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183742.exe infected Virus.Win32.Sality.bh ...06:52:20:218 16000 cured
06:52:24:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183743.exe infected Virus.Win32.Sality.bh ...06:52:24:218 16000 cured
06:52:27:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183745.exe infected Virus.Win32.Sality.bh ...06:52:27:937 16000 cured
06:52:31:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183746.exe infected Virus.Win32.Sality.bh ...06:52:31:671 16000 cured
06:52:35:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183747.exe infected Virus.Win32.Sality.bh ...06:52:35:453 16000 cured
06:52:39:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183750.exe infected Virus.Win32.Sality.bh ...06:52:39:359 16000 cured
06:52:43:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183751.exe infected Virus.Win32.Sality.bh ...06:52:43:140 16000 cured
06:52:46:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183752.exe infected Virus.Win32.Sality.bh ...06:52:46:906 16000 cured
06:52:50:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183753.exe infected Virus.Win32.Sality.bh ...06:52:50:578 16000 cured
06:52:54:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183754.exe infected Virus.Win32.Sality.bh ...06:52:54:265 16000 cured
06:52:57:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183755.exe infected Virus.Win32.Sality.bh ...06:52:57:921 16000 cured
06:53:01:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183756.exe infected Virus.Win32.Sality.bh ...06:53:01:656 16000 cured
06:53:05:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183757.exe infected Virus.Win32.Sality.bh ...06:53:05:203 16000 cured
06:53:09:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183759.exe infected Virus.Win32.Sality.bh ...06:53:09:109 16000 cured
06:53:12:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183760.exe infected Virus.Win32.Sality.bh ...06:53:12:796 16000 cured
06:53:16:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183761.exe infected Virus.Win32.Sality.bh ...06:53:16:406 16000 cured
06:53:20:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183762.exe infected Virus.Win32.Sality.bh ...06:53:20:125 16000 cured
06:53:23:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183763.exe infected Virus.Win32.Sality.bh ...06:53:23:765 16000 cured
06:53:27:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183765.exe infected Virus.Win32.Sality.bh ...06:53:27:406 16000 cured
06:53:31:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183766.exe infected Virus.Win32.Sality.bh ...06:53:31:078 16000 cured
06:53:34:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183768.exe infected Virus.Win32.Sality.bh ...06:53:34:687 16000 cured
06:53:38:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183769.exe infected Virus.Win32.Sality.bh ...06:53:38:343 16000 cured
06:53:42:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183770.exe infected Virus.Win32.Sality.bh ...06:53:42:031 16000 cured
06:53:45:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183771.exe infected Virus.Win32.Sality.bh ...06:53:45:687 16000 cured
06:53:49:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183772.exe infected Virus.Win32.Sality.bh ...06:53:49:328 16000 cured
06:53:53:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183773.exe infected Virus.Win32.Sality.bh ...06:53:53:203 16000 cured
06:53:56:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183774.exe infected Virus.Win32.Sality.bh ...06:53:56:812 16000 cured
06:54:00:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183776.exe infected Virus.Win32.Sality.bh ...06:54:00:718 16000 cured
06:54:04:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183778.exe infected Virus.Win32.Sality.bh ...06:54:04:500 16000 cured
06:54:08:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183779.exe infected Virus.Win32.Sality.bh ...06:54:08:140 16000 cured
06:54:11:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183780.exe infected Virus.Win32.Sality.bh ...06:54:11:812 16000 cured
06:54:15:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183781.exe infected Virus.Win32.Sality.bh ...06:54:15:671 16000 cured
06:54:19:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183782.exe infected Virus.Win32.Sality.bh ...06:54:19:421 16000 cured
06:54:23:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183783.exe infected Virus.Win32.Sality.bh ...06:54:23:234 16000 cured
06:54:27:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183785.exe infected Virus.Win32.Sality.bh ...06:54:27:171 16000 cured
06:54:31:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183787.exe infected Virus.Win32.Sality.bh ...06:54:31:375 16000 cured
06:54:35:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183788.exe infected Virus.Win32.Sality.bh ...06:54:35:437 16000 cured
06:54:39:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183789.exe infected Virus.Win32.Sality.bh ...06:54:39:171 16000 cured
06:54:43:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183791.exe infected Virus.Win32.Sality.bh ...06:54:43:031 16000 cured
06:54:46:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183792.exe infected Virus.Win32.Sality.bh ...06:54:46:750 16000 cured
06:54:50:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183793.exe infected Virus.Win32.Sality.bh ...06:54:50:437 16000 cured
06:54:54:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183794.exe infected Virus.Win32.Sality.bh ...06:54:54:187 16000 cured
06:54:57:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183796.exe infected Virus.Win32.Sality.bh ...06:54:57:843 16000 cured
06:55:00:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183797.exe infected Virus.Win32.Sality.ag ...06:55:00:890 16000 cured
06:55:04:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183798.exe infected Virus.Win32.Sality.bh ...06:55:04:718 16000 cured
06:55:08:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183799.exe infected Virus.Win32.Sality.bh ...06:55:08:437 16000 cured
06:55:12:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183800.exe infected Virus.Win32.Sality.bh ...06:55:12:171 16000 cured
06:55:15:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183801.exe infected Virus.Win32.Sality.bh ...06:55:15:921 16000 cured
06:55:19:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183804.exe infected Virus.Win32.Sality.bh ...06:55:19:484 16000 cured
06:55:23:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183805.exe infected Virus.Win32.Sality.bh ...06:55:23:203 16000 cured
06:55:26:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183806.exe infected Virus.Win32.Sality.bh ...06:55:26:921 16000 cured
06:55:30:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183807.exe infected Virus.Win32.Sality.bh ...06:55:30:750 16000 cured
06:55:34:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183808.exe infected Virus.Win32.Sality.bh ...06:55:34:593 16000 cured
06:55:38:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183809.exe infected Virus.Win32.Sality.bh ...06:55:38:328 16000 cured
06:55:42:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183810.exe infected Virus.Win32.Sality.bh ...06:55:42:140 16000 cured
06:55:46:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183811.exe infected Virus.Win32.Sality.bh ...06:55:46:000 16000 cured
06:55:49:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183812.exe infected Virus.Win32.Sality.bh ...06:55:49:640 16000 cured
06:55:53:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183813.exe infected Virus.Win32.Sality.bh ...06:55:53:531 16000 cured
06:55:57:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183814.exe infected Virus.Win32.Sality.bh ...06:55:57:375 16000 cured
06:56:01:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183815.exe infected Virus.Win32.Sality.bh ...06:56:01:062 16000 cured
06:56:04:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183816.exe infected Virus.Win32.Sality.bh ...06:56:04:765 16000 cured
06:56:08:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183817.exe infected Virus.Win32.Sality.bh ...06:56:08:468 16000 cured
06:56:12:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183818.exe infected Virus.Win32.Sality.bh ...06:56:12:203 16000 cured
06:56:15:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183819.exe infected Virus.Win32.Sality.bh ...06:56:15:968 16000 cured
06:56:19:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183820.exe infected Virus.Win32.Sality.bh ...06:56:19:625 16000 cured
06:56:23:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183821.exe infected Virus.Win32.Sality.bh ...06:56:23:250 16000 cured
06:56:27:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183822.exe infected Virus.Win32.Sality.bh ...06:56:27:031 16000 cured
06:56:30:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183823.exe infected Virus.Win32.Sality.bh ...06:56:30:546 16000 cured
06:56:34:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183824.exe infected Virus.Win32.Sality.bh ...06:56:34:187 16000 cured
06:56:38:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183826.exe infected Virus.Win32.Sality.bh ...06:56:38:000 16000 cured
06:56:41:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183827.exe infected Virus.Win32.Sality.bh ...06:56:41:828 16000 cured
06:56:45:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183828.exe infected Virus.Win32.Sality.bh ...06:56:45:500 16000 cured
06:56:49:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183829.exe infected Virus.Win32.Sality.bh ...06:56:49:125 16000 cured
06:56:52:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183831.exe infected Virus.Win32.Sality.bh ...06:56:52:765 16000 cured
06:56:56:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183833.exe infected Virus.Win32.Sality.bh ...06:56:56:484 16000 cured
06:57:00:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183834.exe infected Virus.Win32.Sality.bh ...06:57:00:062 16000 cured
06:57:03:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183835.exe infected Virus.Win32.Sality.bh ...06:57:03:656 16000 cured
06:57:07:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183836.exe infected Virus.Win32.Sality.bh ...06:57:07:359 16000 cured
06:57:11:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183837.exe infected Virus.Win32.Sality.bh ...06:57:11:015 16000 cured
06:57:14:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183838.exe infected Virus.Win32.Sality.bh ...06:57:14:828 16000 cured
06:57:26:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183839.exe infected Virus.Win32.Sality.ag ...06:57:26:218 16000 cured
06:57:29:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183889.exe infected Virus.Win32.Sality.bh ...06:57:29:859 16000 cured
06:57:57:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183890.exe infected Virus.Win32.Sality.bh ...06:57:57:437 16000 cured
06:58:07:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183891.exe infected Virus.Win32.Sality.ag ...06:58:07:515 16000 cured
06:58:14:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183892.exe infected Virus.Win32.Sality.ag ...06:58:14:109 16000 cured
06:58:20:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183894.exe infected Virus.Win32.Sality.ag ...06:58:20:734 16000 cured
06:58:24:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183895.exe infected Virus.Win32.Sality.bh ...06:58:24:593 16000 cured
06:58:28:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183896.exe infected Virus.Win32.Sality.bh ...06:58:28:187 16000 cured
06:58:31:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183897.exe infected Virus.Win32.Sality.bh ...06:58:31:828 16000 cured
06:58:35:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183898.EXE infected Virus.Win32.Sality.bh ...06:58:35:437 16000 cured
06:58:39:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183899.exe infected Virus.Win32.Sality.bh ...06:58:39:062 16000 cured
06:58:42:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183900.exe infected Virus.Win32.Sality.bh ...06:58:42:796 16000 cured
06:58:46:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183901.exe infected Virus.Win32.Sality.bh ...06:58:46:406 16000 cured
06:58:50:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183902.exe infected Virus.Win32.Sality.bh ...06:58:50:046 16000 cured
06:58:53:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183903.exe infected Virus.Win32.Sality.bh ...06:58:53:625 16000 cured
06:58:57:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183904.exe infected Virus.Win32.Sality.bh ...06:58:57:359 16000 cured
06:59:01:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183905.exe infected Virus.Win32.Sality.bh ...06:59:01:093 16000 cured
06:59:04:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183906.exe infected Virus.Win32.Sality.bh ...06:59:04:812 16000 cured
06:59:08:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183907.exe infected Virus.Win32.Sality.bh ...06:59:08:578 16000 cured
06:59:12:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183908.exe infected Virus.Win32.Sality.bh ...06:59:12:343 16000 cured
06:59:16:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183910.exe infected Virus.Win32.Sality.bh ...06:59:16:000 16000 cured
06:59:19:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183911.exe infected Virus.Win32.Sality.bh ...06:59:19:578 16000 cured
06:59:25:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183912.exe infected Virus.Win32.Sality.bh ...06:59:25:328 16000 cured
06:59:29:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183913.exe infected Virus.Win32.Sality.bh ...06:59:29:031 16000 cured
06:59:32:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183914.exe infected Virus.Win32.Sality.bh ...06:59:32:703 16000 cured
06:59:36:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183915.exe infected Virus.Win32.Sality.bh ...06:59:36:515 16000 cured
06:59:40:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183916.exe infected Virus.Win32.Sality.bh ...06:59:40:234 16000 cured
06:59:43:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183917.exe infected Virus.Win32.Sality.bh ...06:59:43:875 16000 cured
06:59:47:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183918.exe infected Virus.Win32.Sality.bh ...06:59:47:562 16000 cured
06:59:51:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183919.exe infected Virus.Win32.Sality.bh ...06:59:51:218 16000 cured
06:59:54:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183920.exe infected Virus.Win32.Sality.bh ...06:59:54:828 16000 cured
06:59:58:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183922.exe infected Virus.Win32.Sality.bh ...06:59:58:484 16000 cured
07:00:02:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183923.exe infected Virus.Win32.Sality.bh ...07:00:02:140 16000 cured
07:00:05:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183924.exe infected Virus.Win32.Sality.bh ...07:00:05:796 16000 cured
07:00:09:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183925.exe infected Virus.Win32.Sality.bh ...07:00:09:453 16000 cured
07:00:13:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183926.exe infected Virus.Win32.Sality.bh ...07:00:13:171 16000 cured
07:00:16:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183930.exe infected Virus.Win32.Sality.bh ...07:00:16:765 16000 cured
07:00:20:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183931.exe infected Virus.Win32.Sality.bh ...07:00:20:500 16000 cured
07:00:24:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183932.exe infected Virus.Win32.Sality.bh ...07:00:24:156 16000 cured
07:00:27:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183933.exe infected Virus.Win32.Sality.bh ...07:00:27:750 16000 cured
07:00:31:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183934.exe infected Virus.Win32.Sality.bh ...07:00:31:421 16000 cured
07:00:35:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183935.exe infected Virus.Win32.Sality.bh ...07:00:35:125 16000 cured
07:00:38:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183936.exe infected Virus.Win32.Sality.bh ...07:00:38:796 16000 cured
07:00:42:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183937.exe infected Virus.Win32.Sality.bh ...07:00:42:578 16000 cured
07:00:46:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183938.exe infected Virus.Win32.Sality.bh ...07:00:46:312 16000 cured
07:00:49:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183939.exe infected Virus.Win32.Sality.bh ...07:00:49:890 16000 cured
07:00:53:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183940.exe infected Virus.Win32.Sality.bh ...07:00:53:593 16000 cured
07:00:57:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183941.exe infected Virus.Win32.Sality.bh ...07:00:57:328 16000 cured
07:01:01:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183942.exe infected Virus.Win32.Sality.bh ...07:01:01:062 16000 cured
07:01:04:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183943.exe infected Virus.Win32.Sality.bh ...07:01:04:859 16000 cured
07:01:08:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183944.exe infected Virus.Win32.Sality.bh ...07:01:08:437 16000 cured
07:01:12:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183945.exe infected Virus.Win32.Sality.bh ...07:01:12:265 16000 cured
07:01:16:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183946.exe infected Virus.Win32.Sality.bh ...07:01:16:000 16000 cured
07:01:19:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183947.exe infected Virus.Win32.Sality.bh ...07:01:19:671 16000 cured
07:01:23:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183948.exe infected Virus.Win32.Sality.bh ...07:01:23:390 16000 cured
07:01:27:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183949.exe infected Virus.Win32.Sality.bh ...07:01:27:093 16000 cured
07:01:30:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183950.exe infected Virus.Win32.Sality.bh ...07:01:30:703 16000 cured
07:01:34:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183951.exe infected Virus.Win32.Sality.bh ...07:01:34:375 16000 cured
07:01:38:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183952.exe infected Virus.Win32.Sality.bh ...07:01:38:187 16000 cured
07:01:41:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183953.exe infected Virus.Win32.Sality.bh ...07:01:41:796 16000 cured
07:01:45:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183954.exe infected Virus.Win32.Sality.bh ...07:01:45:531 16000 cured
07:01:49:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183955.exe infected Virus.Win32.Sality.bh ...07:01:49:312 16000 cured
07:01:52:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183956.exe infected Virus.Win32.Sality.bh ...07:01:52:968 16000 cured
07:01:56:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183957.exe infected Virus.Win32.Sality.bh ...07:01:56:765 16000 cured
07:02:00:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183958.exe infected Virus.Win32.Sality.bh ...07:02:00:328 16000 cured
07:02:03:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183959.exe infected Virus.Win32.Sality.bh ...07:02:03:890 16000 cured
07:02:07:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183960.exe infected Virus.Win32.Sality.bh ...07:02:07:562 16000 cured
07:02:11:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183961.exe infected Virus.Win32.Sality.bh ...07:02:11:328 16000 cured
07:02:15:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183962.exe infected Virus.Win32.Sality.bh ...07:02:15:171 16000 cured
07:02:18:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183963.exe infected Virus.Win32.Sality.bh ...07:02:18:828 16000 cured
07:02:22:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183964.exe infected Virus.Win32.Sality.bh ...07:02:22:359 16000 cured
07:02:26:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183965.exe infected Virus.Win32.Sality.bh ...07:02:26:093 16000 cured
07:02:29:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183966.exe infected Virus.Win32.Sality.bh ...07:02:29:781 16000 cured
07:02:33:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183967.exe infected Virus.Win32.Sality.bh ...07:02:33:500 16000 cured
07:02:37:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183968.exe infected Virus.Win32.Sality.bh ...07:02:37:265 16000 cured
07:02:41:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183969.exe infected Virus.Win32.Sality.bh ...07:02:41:015 16000 cured
07:02:44:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183970.exe infected Virus.Win32.Sality.bh ...07:02:44:640 16000 cured
07:02:48:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183971.exe infected Virus.Win32.Sality.bh ...07:02:48:250 16000 cured
07:02:51:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183972.exe infected Virus.Win32.Sality.bh ...07:02:51:984 16000 cured
07:02:55:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183973.exe infected Virus.Win32.Sality.bh ...07:02:55:796 16000 cured
07:02:59:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183974.exe infected Virus.Win32.Sality.bh ...07:02:59:593 16000 cured
07:03:03:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183975.exe infected Virus.Win32.Sality.bh ...07:03:03:250 16000 cured
07:03:06:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183976.exe infected Virus.Win32.Sality.bh ...07:03:06:843 16000 cured
07:03:10:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183977.exe infected Virus.Win32.Sality.bh ...07:03:10:593 16000 cured
07:03:14:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183978.exe infected Virus.Win32.Sality.bh ...07:03:14:328 16000 cured
07:03:18:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183979.exe infected Virus.Win32.Sality.bh ...07:03:18:031 16000 cured
07:03:21:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183980.exe infected Virus.Win32.Sality.bh ...07:03:21:718 16000 cured
07:03:25:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183981.exe infected Virus.Win32.Sality.bh ...07:03:25:406 16000 cured
07:03:29:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183982.exe infected Virus.Win32.Sality.bh ...07:03:29:031 16000 cured
07:03:32:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183983.exe infected Virus.Win32.Sality.bh ...07:03:32:703 16000 cured
07:03:36:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183984.exe infected Virus.Win32.Sality.bh ...07:03:36:359 16000 cured
07:03:46:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183985.exe infected Virus.Win32.Sality.ag ...07:03:46:640 16000 cured
07:03:50:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183986.exe infected Virus.Win32.Sality.bh ...07:03:50:265 16000 cured
07:03:53:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183987.exe infected Virus.Win32.Sality.bh ...07:03:53:984 16000 cured
07:03:57:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183988.exe infected Virus.Win32.Sality.bh ...07:03:57:734 16000 cured
07:04:01:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183989.exe infected Virus.Win32.Sality.bh ...07:04:01:343 16000 cured
07:04:05:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183990.exe infected Virus.Win32.Sality.bh ...07:04:05:062 16000 cured
07:04:08:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183993.EXE infected Virus.Win32.Sality.bh ...07:04:08:750 16000 cured
07:04:12:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183999.exe infected Virus.Win32.Sality.bh ...07:04:12:593 16000 cured
07:04:16:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0184000.exe infected Virus.Win32.Sality.bh ...07:04:16:218 16000 cured
07:04:19:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0184001.exe infected Virus.Win32.Sality.bh ...07:04:19:843 16000 cured
07:04:24:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184002.exe infected Virus.Win32.Sality.bh ...07:04:24:109 16000 cured
07:04:27:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184003.exe infected Virus.Win32.Sality.bh ...07:04:27:718 16000 cured
07:04:31:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184004.exe infected Virus.Win32.Sality.bh ...07:04:31:546 16000 cured
07:04:35:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184005.exe infected Virus.Win32.Sality.bh ...07:04:35:093 16000 cured
07:04:38:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184006.exe infected Virus.Win32.Sality.bh ...07:04:38:750 16000 cured
07:04:42:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184007.EXE infected Virus.Win32.Sality.bh ...07:04:42:421 16000 cured
07:04:46:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184008.exe infected Virus.Win32.Sality.bh ...07:04:46:125 16000 cured
07:04:49:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184009.exe infected Virus.Win32.Sality.bh ...07:04:49:859 16000 cured
07:04:53:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184010.exe infected Virus.Win32.Sality.bh ...07:04:53:593 16000 cured
07:04:57:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184011.exe infected Virus.Win32.Sality.bh ...07:04:57:234 16000 cured
07:05:01:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184020.exe infected Virus.Win32.Sality.bh ...07:05:01:078 16000 cured
07:05:04:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184021.exe infected Virus.Win32.Sality.bh ...07:05:04:656 16000 cured
07:05:08:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184022.exe infected Virus.Win32.Sality.bh ...07:05:08:281 16000 cured
07:05:11:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184023.exe infected Virus.Win32.Sality.bh ...07:05:11:890 16000 cured
07:05:15:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184024.exe infected Virus.Win32.Sality.bh ...07:05:15:718 16000 cured
07:05:19:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184025.exe infected Virus.Win32.Sality.bh ...07:05:19:500 16000 cured
07:05:23:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184028.exe infected Virus.Win32.Sality.bh ...07:05:23:218 16000 cured
07:05:27:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184029.exe infected Virus.Win32.Sality.bh ...07:05:27:015 16000 cured
07:05:30:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184030.exe infected Virus.Win32.Sality.bh ...07:05:30:687 16000 cured
07:05:34:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184031.exe infected Virus.Win32.Sality.bh ...07:05:34:390 16000 cured
07:05:38:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184032.exe infected Virus.Win32.Sality.bh ...07:05:38:187 16000 cured
07:05:41:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184033.exe infected Virus.Win32.Sality.bh ...07:05:41:812 16000 cured
07:05:45:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184039.exe infected Virus.Win32.Sality.bh ...07:05:45:625 16000 cured
07:05:49:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184041.exe infected Virus.Win32.Sality.bh ...07:05:49:234 16000 cured
07:05:52:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184045.exe infected Virus.Win32.Sality.bh ...07:05:52:953 16000 cured
07:05:56:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184046.exe infected Virus.Win32.Sality.bh ...07:05:56:484 16000 cured
07:06:00:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184047.exe infected Virus.Win32.Sality.bh ...07:06:00:093 16000 cured
07:06:03:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184054.exe infected Virus.Win32.Sality.bh ...07:06:03:843 16000 cured
07:06:07:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184056.exe infected Virus.Win32.Sality.bh ...07:06:07:375 16000 cured
07:06:11:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184057.exe infected Virus.Win32.Sality.bh ...07:06:11:093 16000 cured
07:06:14:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184059.exe infected Virus.Win32.Sality.bh ...07:06:14:765 16000 cured
07:06:18:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184064.exe infected Virus.Win32.Sality.bh ...07:06:18:437 16000 cured
07:06:22:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184065.exe infected Virus.Win32.Sality.bh ...07:06:22:000 16000 cured
07:06:25:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184066.exe infected Virus.Win32.Sality.bh ...07:06:25:656 16000 cured
07:06:29:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184068.exe infected Virus.Win32.Sality.bh ...07:06:29:406 16000 cured
07:06:33:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184069.exe infected Virus.Win32.Sality.bh ...07:06:33:046 16000 cured
07:06:36:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184070.exe infected Virus.Win32.Sality.bh ...07:06:36:828 16000 cured
07:06:40:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184071.exe infected Virus.Win32.Sality.bh ...07:06:40:437 16000 cured
07:06:44:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184072.exe infected Virus.Win32.Sality.bh ...07:06:44:156 16000 cured
07:06:47:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184073.exe infected Virus.Win32.Sality.bh ...07:06:47:765 16000 cured
07:06:51:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184074.exe infected Virus.Win32.Sality.bh ...07:06:51:562 16000 cured
07:06:55:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184075.exe infected Virus.Win32.Sality.bh ...07:06:55:156 16000 cured
07:06:58:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184076.exe infected Virus.Win32.Sality.bh ...07:06:58:750 16000 cured
07:07:02:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184077.exe infected Virus.Win32.Sality.bh ...07:07:02:484 16000 cured
07:07:06:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184078.exe infected Virus.Win32.Sality.bh ...07:07:06:171 16000 cured
07:07:09:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184079.exe infected Virus.Win32.Sality.bh ...07:07:09:843 16000 cured
07:07:13:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184080.exe infected Virus.Win32.Sality.bh ...07:07:13:453 16000 cured
07:07:17:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184081.exe infected Virus.Win32.Sality.bh ...07:07:17:265 16000 cured
07:07:21:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184082.exe infected Virus.Win32.Sality.bh ...07:07:21:046 16000 cured
07:07:24:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184083.exe infected Virus.Win32.Sality.bh ...07:07:24:703 16000 cured
07:07:28:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184084.exe infected Virus.Win32.Sality.bh ...07:07:28:437 16000 cured
07:07:35:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184085.exe infected Virus.Win32.Sality.ag ...07:07:35:453 16000 cured
07:07:37:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184086.exe infected Virus.Win32.Sality.ag ...07:07:37:000 16000 cured
07:07:40:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184087.exe infected Virus.Win32.Sality.bh ...07:07:40:703 16000 cured
07:07:44:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184088.exe infected Virus.Win32.Sality.bh ...07:07:44:390 16000 cured
07:07:48:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184091.exe infected Virus.Win32.Sality.bh ...07:07:48:031 16000 cured
07:07:51:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184100.exe infected Virus.Win32.Sality.bh ...07:07:51:750 16000 cured
07:07:55:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184101.exe infected Virus.Win32.Sality.bh ...07:07:55:343 16000 cured
07:07:58:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184102.exe infected Virus.Win32.Sality.bh ...07:07:58:968 16000 cured
07:08:02:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184103.exe infected Virus.Win32.Sality.bh ...07:08:02:781 16000 cured
07:08:06:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184104.exe infected Virus.Win32.Sality.bh ...07:08:06:500 16000 cured
07:08:10:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184124.exe infected Virus.Win32.Sality.bh ...07:08:10:218 16000 cured
07:08:13:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184125.exe infected Virus.Win32.Sality.bh ...07:08:13:953 16000 cured
07:08:17:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184131.exe infected Virus.Win32.Sality.bh ...07:08:17:609 16000 cured
07:08:21:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184143.exe infected Virus.Win32.Sality.bh ...07:08:21:421 16000 cured
07:08:25:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184150.exe infected Virus.Win32.Sality.bh ...07:08:25:046 16000 cured
07:08:28:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184151.exe infected Virus.Win32.Sality.bh ...07:08:28:687 16000 cured
07:08:32:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184152.exe infected Virus.Win32.Sality.bh ...07:08:32:500 16000 cured
07:08:36:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184153.exe infected Virus.Win32.Sality.bh ...07:08:36:218 16000 cured
07:08:40:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184231.exe infected Virus.Win32.Sality.bh ...07:08:40:156 16000 cured
07:08:45:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184362.exe infected Virus.Win32.Sality.bh ...07:08:45:109 16000 cured
07:08:48:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184369.exe infected Virus.Win32.Sality.bh ...07:08:48:906 16000 cured
07:08:52:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184421.exe infected Virus.Win32.Sality.bh ...07:08:52:687 16000 cured
07:08:56:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184422.exe infected Virus.Win32.Sality.bh ...07:08:56:234 16000 cured
07:08:59:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184423.exe infected Virus.Win32.Sality.bh ...07:08:59:812 16000 cured
07:09:03:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184424.exe infected Virus.Win32.Sality.bh ...07:09:03:421 16000 cured
07:09:07:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184425.exe infected Virus.Win32.Sality.bh ...07:09:07:062 16000 cured
07:09:10:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184427.exe infected Virus.Win32.Sality.bh ...07:09:10:890 16000 cured
07:09:14:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184428.exe infected Virus.Win32.Sality.bh ...07:09:14:687 16000 cured
07:09:18:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184430.exe infected Virus.Win32.Sality.bh ...07:09:18:515 16000 cured
07:09:22:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184431.exe infected Virus.Win32.Sality.bh ...07:09:22:484 16000 cured
07:09:26:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184433.exe infected Virus.Win32.Sality.bh ...07:09:26:203 16000 cured
07:09:29:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184434.exe infected Virus.Win32.Sality.bh ...07:09:29:968 16000 cured
07:09:33:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184435.exe infected Virus.Win32.Sality.bh ...07:09:33:765 16000 cured
07:09:37:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184438.exe infected Virus.Win32.Sality.bh ...07:09:37:562 16000 cured
07:09:41:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184439.exe infected Virus.Win32.Sality.bh ...07:09:41:328 16000 cured
07:09:45:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184440.exe infected Virus.Win32.Sality.bh ...07:09:45:078 16000 cured
07:09:48:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184441.exe infected Virus.Win32.Sality.bh ...07:09:48:718 16000 cured
07:09:52:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184442.exe infected Virus.Win32.Sality.bh ...07:09:52:375 16000 cured
07:09:56:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184443.exe infected Virus.Win32.Sality.bh ...07:09:56:046 16000 cured
07:09:59:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184444.exe infected Virus.Win32.Sality.bh ...07:09:59:765 16000 cured
07:10:03:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184445.exe infected Virus.Win32.Sality.bh ...07:10:03:343 16000 cured
07:10:07:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184447.exe infected Virus.Win32.Sality.bh ...07:10:07:203 16000 cured
07:10:11:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184457.exe infected Virus.Win32.Sality.bh ...07:10:11:125 16000 cured
07:10:15:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184459.exe infected Virus.Win32.Sality.bh ...07:10:15:000 16000 cured
07:10:18:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184460.exe infected Virus.Win32.Sality.bh ...07:10:18:625 16000 cured
07:10:22:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184465.exe infected Virus.Win32.Sality.bh ...07:10:22:328 16000 cured
07:10:25:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184466.exe infected Virus.Win32.Sality.bh ...07:10:25:921 16000 cured
07:10:29:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184467.exe infected Virus.Win32.Sality.bh ...07:10:29:609 16000 cured
07:10:33:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184470.exe infected Virus.Win32.Sality.bh ...07:10:33:265 16000 cured
07:10:36:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184472.exe infected Virus.Win32.Sality.bh ...07:10:36:890 16000 cured
07:10:40:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184473.exe infected Virus.Win32.Sality.bh ...07:10:40:546 16000 cured
07:10:44:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184475.exe infected Virus.Win32.Sality.bh ...07:10:44:156 16000 cured
07:10:47:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184476.exe infected Virus.Win32.Sality.bh ...07:10:47:796 16000 cured
07:10:51:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184477.exe infected Virus.Win32.Sality.bh ...07:10:51:500 16000 cured
07:10:55:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184478.exe infected Virus.Win32.Sality.bh ...07:10:55:171 16000 cured
07:10:58:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184479.exe infected Virus.Win32.Sality.bh ...07:10:58:781 16000 cured
07:11:02:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184480.exe infected Virus.Win32.Sality.bh ...07:11:02:625 16000 cured
07:11:06:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184481.exe infected Virus.Win32.Sality.bh ...07:11:06:234 16000 cured
07:11:10:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184483.exe infected Virus.Win32.Sality.bh ...07:11:10:125 16000 cured
07:11:13:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184485.exe infected Virus.Win32.Sality.bh ...07:11:13:906 16000 cured
07:11:17:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184486.exe infected Virus.Win32.Sality.bh ...07:11:17:531 16000 cured
07:11:21:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184487.exe infected Virus.Win32.Sality.bh ...07:11:21:171 16000 cured
07:11:25:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184488.exe infected Virus.Win32.Sality.bh ...07:11:25:046 16000 cured
07:11:28:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184489.exe infected Virus.Win32.Sality.bh ...07:11:28:796 16000 cured
07:11:32:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184490.exe infected Virus.Win32.Sality.bh ...07:11:32:531 16000 cured
07:11:36:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184492.exe infected Virus.Win32.Sality.bh ...07:11:36:406 16000 cured
07:11:40:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184494.exe infected Virus.Win32.Sality.bh ...07:11:40:171 16000 cured
07:11:44:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184495.exe infected Virus.Win32.Sality.bh ...07:11:44:125 16000 cured
07:11:47:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184496.exe infected Virus.Win32.Sality.bh ...07:11:47:843 16000 cured
07:11:51:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184498.exe infected Virus.Win32.Sality.bh ...07:11:51:656 16000 cured
07:11:55:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184499.exe infected Virus.Win32.Sality.bh ...07:11:55:328 16000 cured
07:11:59:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184500.exe infected Virus.Win32.Sality.bh ...07:11:59:000 16000 cured
07:12:02:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184501.exe infected Virus.Win32.Sality.bh ...07:12:02:796 16000 cured
07:12:06:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184503.exe infected Virus.Win32.Sality.bh ...07:12:06:421 16000 cured
07:12:09:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184504.exe infected Virus.Win32.Sality.ag ...07:12:09:453 16000 cured
07:12:13:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184505.exe infected Virus.Win32.Sality.bh ...07:12:13:281 16000 cured
07:12:16:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184506.exe infected Virus.Win32.Sality.bh ...07:12:16:984 16000 cured
07:12:20:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184507.exe infected Virus.Win32.Sality.bh ...07:12:20:703 16000 cured
07:12:24:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184508.exe infected Virus.Win32.Sality.bh ...07:12:24:453 16000 cured
07:12:28:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184509.EXE infected Virus.Win32.Sality.bh ...07:12:28:140 16000 cured
07:12:31:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184512.exe infected Virus.Win32.Sality.bh ...07:12:31:812 16000 cured
07:12:35:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184514.exe infected Virus.Win32.Sality.bh ...07:12:35:343 16000 cured
07:12:39:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184515.exe infected Virus.Win32.Sality.bh ...07:12:39:062 16000 cured
07:12:42:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184516.exe infected Virus.Win32.Sality.bh ...07:12:42:796 16000 cured
07:12:46:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184517.exe infected Virus.Win32.Sality.bh ...07:12:46:625 16000 cured
07:12:50:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184518.exe infected Virus.Win32.Sality.bh ...07:12:50:421 16000 cured
07:12:54:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184519.exe infected Virus.Win32.Sality.bh ...07:12:54:218 16000 cured
07:12:58:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184520.exe infected Virus.Win32.Sality.bh ...07:12:58:093 16000 cured
07:13:01:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184521.exe infected Virus.Win32.Sality.bh ...07:13:01:906 16000 cured
07:13:05:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184522.exe infected Virus.Win32.Sality.bh ...07:13:05:546 16000 cured
07:13:09:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184523.exe infected Virus.Win32.Sality.bh ...07:13:09:546 16000 cured
07:13:13:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184524.exe infected Virus.Win32.Sality.bh ...07:13:13:421 16000 cured
07:13:17:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184525.exe infected Virus.Win32.Sality.bh ...07:13:17:093 16000 cured
07:13:20:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184526.exe infected Virus.Win32.Sality.bh ...07:13:20:781 16000 cured
07:13:24:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184527.exe infected Virus.Win32.Sality.bh ...07:13:24:437 16000 cured
07:13:28:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184528.exe infected Virus.Win32.Sality.bh ...07:13:28:125 16000 cured
07:13:31:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184529.exe infected Virus.Win32.Sality.bh ...07:13:31:828 16000 cured
07:13:35:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184530.exe infected Virus.Win32.Sality.bh ...07:13:35:484 16000 cured
07:13:39:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184531.exe infected Virus.Win32.Sality.bh ...07:13:39:109 16000 cured
07:13:42:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184532.exe infected Virus.Win32.Sality.bh ...07:13:42:859 16000 cured
07:13:46:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184533.exe infected Virus.Win32.Sality.bh ...07:13:46:359 16000 cured
07:13:49:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184534.exe infected Virus.Win32.Sality.bh ...07:13:49:984 16000 cured
07:13:53:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184536.exe infected Virus.Win32.Sality.bh ...07:13:53:812 16000 cured
07:13:57:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184537.exe infected Virus.Win32.Sality.bh ...07:13:57:609 16000 cured
07:14:01:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184538.exe infected Virus.Win32.Sality.bh ...07:14:01:281 16000 cured
07:14:04:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184539.exe infected Virus.Win32.Sality.bh ...07:14:04:906 16000 cured
07:14:08:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184541.exe infected Virus.Win32.Sality.bh ...07:14:08:500 16000 cured
07:14:12:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184543.exe infected Virus.Win32.Sality.bh ...07:14:12:187 16000 cured
07:14:15:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184544.exe infected Virus.Win32.Sality.bh ...07:14:15:765 16000 cured
07:14:19:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184545.exe infected Virus.Win32.Sality.bh ...07:14:19:359 16000 cured
07:14:23:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184546.exe infected Virus.Win32.Sality.bh ...07:14:23:062 16000 cured
07:14:26:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184547.exe infected Virus.Win32.Sality.bh ...07:14:26:703 16000 cured
07:14:30:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184548.exe infected Virus.Win32.Sality.bh ...07:14:30:500 16000 cured
07:14:41:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184549.exe infected Virus.Win32.Sality.ag ...07:14:41:875 16000 cured
07:14:45:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184556.exe infected Virus.Win32.Sality.bh ...07:14:45:515 16000 cured
07:15:13:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184557.exe infected Virus.Win32.Sality.bh ...07:15:13:078 16000 cured
07:15:23:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184558.exe infected Virus.Win32.Sality.ag ...07:15:23:156 16000 cured
07:15:29:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184568.exe infected Virus.Win32.Sality.ag ...07:15:29:750 16000 cured
07:15:36:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184571.exe infected Virus.Win32.Sality.ag ...07:15:36:359 16000 cured
07:15:40:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184606.exe infected Virus.Win32.Sality.bh ...07:15:40:203 16000 cured
07:15:43:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184607.exe infected Virus.Win32.Sality.bh ...07:15:43:843 16000 cured
07:15:47:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184608.exe infected Virus.Win32.Sality.bh ...07:15:47:484 16000 cured
07:15:51:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184609.EXE infected Virus.Win32.Sality.bh ...07:15:51:109 16000 cured
07:15:54:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184610.exe infected Virus.Win32.Sality.bh ...07:15:54:703 16000 cured
07:15:58:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184611.exe infected Virus.Win32.Sality.bh ...07:15:58:406 16000 cured
07:16:02:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184612.exe infected Virus.Win32.Sality.bh ...07:16:02:000 16000 cured
07:16:05:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184613.exe infected Virus.Win32.Sality.bh ...07:16:05:625 16000 cured
07:16:09:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184614.exe infected Virus.Win32.Sality.bh ...07:16:09:203 16000 cured
07:16:12:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184615.exe infected Virus.Win32.Sality.bh ...07:16:12:921 16000 cured
07:16:16:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184616.exe infected Virus.Win32.Sality.bh ...07:16:16:625 16000 cured
07:16:20:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184617.exe infected Virus.Win32.Sality.bh ...07:16:20:343 16000 cured
07:16:24:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184618.exe infected Virus.Win32.Sality.bh ...07:16:24:093 16000 cured
07:16:27:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184619.exe infected Virus.Win32.Sality.bh ...07:16:27:875 16000 cured
07:16:31:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184621.exe infected Virus.Win32.Sality.bh ...07:16:31:531 16000 cured
07:16:35:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184622.exe infected Virus.Win32.Sality.bh ...07:16:35:109 16000 cured
07:16:39:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184623.exe infected Virus.Win32.Sality.bh ...07:16:39:687 16000 cured
07:16:43:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184624.exe infected Virus.Win32.Sality.bh ...07:16:43:375 16000 cured
07:16:47:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184625.exe infected Virus.Win32.Sality.bh ...07:16:47:062 16000 cured
07:16:50:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184626.exe infected Virus.Win32.Sality.bh ...07:16:50:859 16000 cured
07:16:54:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184627.exe infected Virus.Win32.Sality.bh ...07:16:54:546 16000 cured
07:16:58:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184628.exe infected Virus.Win32.Sality.bh ...07:16:58:156 16000 cured
07:17:01:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184629.exe infected Virus.Win32.Sality.bh ...07:17:01:843 16000 cured
07:17:05:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184630.exe infected Virus.Win32.Sality.bh ...07:17:05:484 16000 cured
07:17:09:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184631.exe infected Virus.Win32.Sality.bh ...07:17:09:093 16000 cured
07:17:12:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184633.exe infected Virus.Win32.Sality.bh ...07:17:12:734 16000 cured
07:17:16:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184634.exe infected Virus.Win32.Sality.bh ...07:17:16:390 16000 cured
07:17:20:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184635.exe infected Virus.Win32.Sality.bh ...07:17:20:000 16000 cured
07:17:23:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184636.exe infected Virus.Win32.Sality.bh ...07:17:23:640 16000 cured
07:17:27:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184637.exe infected Virus.Win32.Sality.bh ...07:17:27:359 16000 cured
07:17:31:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184641.exe infected Virus.Win32.Sality.bh ...07:17:31:015 16000 cured
07:17:34:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184642.exe infected Virus.Win32.Sality.bh ...07:17:34:765 16000 cured
07:17:38:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184643.exe infected Virus.Win32.Sality.bh ...07:17:38:437 16000 cured
07:17:42:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184644.exe infected Virus.Win32.Sality.bh ...07:17:42:031 16000 cured
07:17:45:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184645.exe infected Virus.Win32.Sality.bh ...07:17:45:671 16000 cured
07:17:49:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184646.exe infected Virus.Win32.Sality.bh ...07:17:49:312 16000 cured
07:17:52:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184647.exe infected Virus.Win32.Sality.bh ...07:17:52:937 16000 cured
07:17:56:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184648.exe infected Virus.Win32.Sality.bh ...07:17:56:671 16000 cured
07:18:00:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184649.exe infected Virus.Win32.Sality.bh ...07:18:00:390 16000 cured
07:18:03:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184650.exe infected Virus.Win32.Sality.bh ...07:18:03:968 16000 cured
07:18:07:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184651.exe infected Virus.Win32.Sality.bh ...07:18:07:671 16000 cured
07:18:11:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184652.exe infected Virus.Win32.Sality.bh ...07:18:11:390 16000 cured
07:18:15:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184653.exe infected Virus.Win32.Sality.bh ...07:18:15:125 16000 cured
07:18:18:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184654.exe infected Virus.Win32.Sality.bh ...07:18:18:875 16000 cured
07:18:22:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184655.exe infected Virus.Win32.Sality.bh ...07:18:22:468 16000 cured
07:18:26:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184656.exe infected Virus.Win32.Sality.bh ...07:18:26:390 16000 cured
07:18:30:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184657.exe infected Virus.Win32.Sality.bh ...07:18:30:109 16000 cured
07:18:33:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184658.exe infected Virus.Win32.Sality.bh ...07:18:33:781 16000 cured
07:18:37:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184659.exe infected Virus.Win32.Sality.bh ...07:18:37:468 16000 cured
07:18:41:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184660.exe infected Virus.Win32.Sality.bh ...07:18:41:156 16000 cured
07:18:44:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184661.exe infected Virus.Win32.Sality.bh ...07:18:44:750 16000 cured
07:18:48:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184662.exe infected Virus.Win32.Sality.bh ...07:18:48:421 16000 cured
07:18:52:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184663.exe infected Virus.Win32.Sality.bh ...07:18:52:218 16000 cured
07:18:55:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184664.exe infected Virus.Win32.Sality.bh ...07:18:55:828 16000 cured
07:18:59:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184665.exe infected Virus.Win32.Sality.bh ...07:18:59:531 16000 cured
07:19:03:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184666.exe infected Virus.Win32.Sality.bh ...07:19:03:328 16000 cured
07:19:06:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184667.exe infected Virus.Win32.Sality.bh ...07:19:06:984 16000 cured
07:19:10:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184668.exe infected Virus.Win32.Sality.bh ...07:19:10:765 16000 cured
07:19:14:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184669.exe infected Virus.Win32.Sality.bh ...07:19:14:296 16000 cured
07:19:17:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184670.exe infected Virus.Win32.Sality.bh ...07:19:17:828 16000 cured
07:19:21:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184671.exe infected Virus.Win32.Sality.bh ...07:19:21:453 16000 cured
07:19:25:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184672.exe infected Virus.Win32.Sality.bh ...07:19:25:203 16000 cured
07:19:29:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184673.exe infected Virus.Win32.Sality.bh ...07:19:29:015 16000 cured
07:19:32:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184674.exe infected Virus.Win32.Sality.bh ...07:19:32:671 16000 cured
07:19:36:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184675.exe infected Virus.Win32.Sality.bh ...07:19:36:218 16000 cured
07:19:39:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184676.exe infected Virus.Win32.Sality.bh ...07:19:39:968 16000 cured
07:19:43:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184677.exe infected Virus.Win32.Sality.bh ...07:19:43:656 16000 cured
07:19:47:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184678.exe infected Virus.Win32.Sality.bh ...07:19:47:359 16000 cured
07:19:51:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184679.exe infected Virus.Win32.Sality.bh ...07:19:51:078 16000 cured
07:19:54:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184680.exe infected Virus.Win32.Sality.bh ...07:19:54:781 16000 cured
07:19:58:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184681.exe infected Virus.Win32.Sality.bh ...07:19:58:375 16000 cured
07:20:02:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184682.exe infected Virus.Win32.Sality.bh ...07:20:02:000 16000 cured
07:20:05:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184683.exe infected Virus.Win32.Sality.bh ...07:20:05:718 16000 cured
07:20:09:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184684.exe infected Virus.Win32.Sality.bh ...07:20:09:546 16000 cured
07:20:13:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184685.exe infected Virus.Win32.Sality.bh ...07:20:13:343 16000 cured
07:20:17:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184686.exe infected Virus.Win32.Sality.bh ...07:20:17:015 16000 cured
07:20:20:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184687.exe infected Virus.Win32.Sality.bh ...07:20:20:562 16000 cured
07:20:24:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184688.exe infected Virus.Win32.Sality.bh ...07:20:24:343 16000 cured
07:20:28:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184689.exe infected Virus.Win32.Sality.bh ...07:20:28:062 16000 cured
07:20:31:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184690.exe infected Virus.Win32.Sality.bh ...07:20:31:765 16000 cured
07:20:35:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184691.exe infected Virus.Win32.Sality.bh ...07:20:35:437 16000 cured
07:20:39:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184692.exe infected Virus.Win32.Sality.bh ...07:20:39:125 16000 cured
07:20:42:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184693.exe infected Virus.Win32.Sality.bh ...07:20:42:750 16000 cured
07:20:46:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184694.exe infected Virus.Win32.Sality.bh ...07:20:46:421 16000 cured
07:20:50:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184695.exe infected Virus.Win32.Sality.bh ...07:20:50:046 16000 cured
07:21:00:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184696.exe infected Virus.Win32.Sality.ag ...07:21:00:328 16000 cured
07:21:03:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184697.exe infected Virus.Win32.Sality.bh ...07:21:03:937 16000 cured
07:21:07:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184698.exe infected Virus.Win32.Sality.bh ...07:21:07:640 16000 cured
07:21:11:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184699.exe infected Virus.Win32.Sality.bh ...07:21:11:375 16000 cured
07:21:15:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184700.exe infected Virus.Win32.Sality.bh ...07:21:15:000 16000 cured
07:21:18:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184701.exe infected Virus.Win32.Sality.bh ...07:21:18:718 16000 cured
07:21:22:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184702.exe infected Virus.Win32.Sality.bh ...07:21:22:515 16000 cured
07:21:26:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184703.exe infected Virus.Win32.Sality.bh ...07:21:26:125 16000 cured
07:21:29:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184704.exe infected Virus.Win32.Sality.bh ...07:21:29:750 16000 cured
07:21:33:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184705.exe infected Virus.Win32.Sality.bh ...07:21:33:359 16000 cured
07:21:36:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184706.exe infected Virus.Win32.Sality.bh ...07:21:36:953 16000 cured
07:21:40:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184707.exe infected Virus.Win32.Sality.bh ...07:21:40:781 16000 cured
07:21:44:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184708.exe infected Virus.Win32.Sality.bh ...07:21:44:328 16000 cured
07:21:48:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184709.exe infected Virus.Win32.Sality.bh ...07:21:48:000 16000 cured
07:21:51:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184710.EXE infected Virus.Win32.Sality.bh ...07:21:51:671 16000 cured
07:21:55:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184711.exe infected Virus.Win32.Sality.bh ...07:21:55:390 16000 cured
07:21:59:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184712.exe infected Virus.Win32.Sality.bh ...07:21:59:109 16000 cured
  • 0

#8
frichieny
Posted 19 June 2013 - 09:47 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
07:22:02:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184713.exe infected Virus.Win32.Sality.bh ...07:22:02:843 16000 cured
07:22:06:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184714.exe infected Virus.Win32.Sality.bh ...07:22:06:484 16000 cured
07:22:10:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184715.exe infected Virus.Win32.Sality.bh ...07:22:10:296 16000 cured
07:22:13:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184716.exe infected Virus.Win32.Sality.bh ...07:22:13:875 16000 cured
07:22:17:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184717.exe infected Virus.Win32.Sality.bh ...07:22:17:484 16000 cured
07:22:21:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184718.exe infected Virus.Win32.Sality.bh ...07:22:21:109 16000 cured
07:22:24:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184719.exe infected Virus.Win32.Sality.bh ...07:22:24:968 16000 cured
07:22:28:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184720.exe infected Virus.Win32.Sality.bh ...07:22:28:750 16000 cured
07:22:32:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184721.exe infected Virus.Win32.Sality.bh ...07:22:32:421 16000 cured
07:22:36:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184722.exe infected Virus.Win32.Sality.bh ...07:22:36:203 16000 cured
07:22:39:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184723.exe infected Virus.Win32.Sality.bh ...07:22:39:875 16000 cured
07:22:43:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184724.exe infected Virus.Win32.Sality.bh ...07:22:43:562 16000 cured
07:22:47:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184725.exe infected Virus.Win32.Sality.bh ...07:22:47:343 16000 cured
07:22:50:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184726.exe infected Virus.Win32.Sality.bh ...07:22:50:968 16000 cured
07:22:54:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184727.exe infected Virus.Win32.Sality.bh ...07:22:54:562 16000 cured
07:22:58:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184728.exe infected Virus.Win32.Sality.bh ...07:22:58:250 16000 cured
07:23:01:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184729.exe infected Virus.Win32.Sality.bh ...07:23:01:781 16000 cured
07:23:05:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184730.exe infected Virus.Win32.Sality.bh ...07:23:05:390 16000 cured
07:23:09:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184737.exe infected Virus.Win32.Sality.bh ...07:23:09:156 16000 cured
07:23:12:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184739.exe infected Virus.Win32.Sality.bh ...07:23:12:687 16000 cured
07:23:16:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184740.exe infected Virus.Win32.Sality.bh ...07:23:16:390 16000 cured
07:23:20:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184742.exe infected Virus.Win32.Sality.bh ...07:23:20:062 16000 cured
07:23:23:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184743.exe infected Virus.Win32.Sality.bh ...07:23:23:687 16000 cured
07:23:27:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184744.exe infected Virus.Win32.Sality.bh ...07:23:27:281 16000 cured
07:23:30:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184745.exe infected Virus.Win32.Sality.bh ...07:23:30:937 16000 cured
07:23:34:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184746.exe infected Virus.Win32.Sality.bh ...07:23:34:687 16000 cured
07:23:38:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184747.exe infected Virus.Win32.Sality.bh ...07:23:38:312 16000 cured
07:23:42:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184748.exe infected Virus.Win32.Sality.bh ...07:23:42:078 16000 cured
07:23:45:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184750.exe infected Virus.Win32.Sality.bh ...07:23:45:718 16000 cured
07:23:49:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184751.exe infected Virus.Win32.Sality.bh ...07:23:49:437 16000 cured
07:23:53:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184752.exe infected Virus.Win32.Sality.bh ...07:23:53:046 16000 cured
07:23:56:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184753.exe infected Virus.Win32.Sality.bh ...07:23:56:781 16000 cured
07:24:00:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184754.exe infected Virus.Win32.Sality.bh ...07:24:00:375 16000 cured
07:24:03:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184755.exe infected Virus.Win32.Sality.bh ...07:24:03:953 16000 cured
07:24:07:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184756.exe infected Virus.Win32.Sality.bh ...07:24:07:671 16000 cured
07:24:11:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184757.exe infected Virus.Win32.Sality.bh ...07:24:11:359 16000 cured
07:24:15:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184758.exe infected Virus.Win32.Sality.bh ...07:24:15:031 16000 cured
07:24:18:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184759.exe infected Virus.Win32.Sality.bh ...07:24:18:625 16000 cured
07:24:22:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184760.exe infected Virus.Win32.Sality.bh ...07:24:22:453 16000 cured
07:24:26:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184761.exe infected Virus.Win32.Sality.bh ...07:24:26:218 16000 cured
07:24:29:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184762.exe infected Virus.Win32.Sality.bh ...07:24:29:890 16000 cured
07:24:33:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184763.exe infected Virus.Win32.Sality.bh ...07:24:33:640 16000 cured
07:24:40:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184764.exe infected Virus.Win32.Sality.ag ...07:24:40:640 16000 cured
07:24:42:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184765.exe infected Virus.Win32.Sality.ag ...07:24:42:203 16000 cured
07:24:45:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184766.exe infected Virus.Win32.Sality.bh ...07:24:45:890 16000 cured
07:24:52:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184767.exe infected Virus.Win32.Sality.ag ...07:24:52:031 16000 cured
07:24:55:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184768.exe infected Virus.Win32.Sality.bh ...07:24:55:750 16000 cured
07:24:59:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184769.exe infected Virus.Win32.Sality.bh ...07:24:59:531 16000 cured
07:25:03:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184770.exe infected Virus.Win32.Sality.bh ...07:25:03:031 16000 cured
07:25:06:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184772.exe infected Virus.Win32.Sality.bh ...07:25:06:609 16000 cured
07:25:10:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184773.exe infected Virus.Win32.Sality.bh ...07:25:10:234 16000 cured
07:25:14:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184774.exe infected Virus.Win32.Sality.bh ...07:25:14:093 16000 cured
07:25:17:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184775.exe infected Virus.Win32.Sality.bh ...07:25:17:812 16000 cured
07:25:21:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184776.EXE infected Virus.Win32.Sality.bh ...07:25:21:609 16000 cured
07:25:25:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184777.EXE infected Virus.Win32.Sality.bh ...07:25:25:312 16000 cured
07:25:29:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184778.EXE infected Virus.Win32.Sality.bh ...07:25:29:000 16000 cured
07:25:32:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184779.EXE infected Virus.Win32.Sality.bh ...07:25:32:781 16000 cured
07:25:36:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184780.EXE infected Virus.Win32.Sality.bh ...07:25:36:265 16000 cured
07:25:39:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184782.EXE infected Virus.Win32.Sality.bh ...07:25:39:984 16000 cured
07:25:43:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184783.exe infected Virus.Win32.Sality.bh ...07:25:43:703 16000 cured
07:25:47:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184784.exe infected Virus.Win32.Sality.bh ...07:25:47:359 16000 cured
07:25:51:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184785.exe infected Virus.Win32.Sality.bh ...07:25:51:046 16000 cured
07:25:54:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184786.EXE infected Virus.Win32.Sality.bh ...07:25:54:750 16000 cured
07:25:58:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184787.EXE infected Virus.Win32.Sality.bh ...07:25:58:468 16000 cured
07:26:02:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184788.EXE infected Virus.Win32.Sality.bh ...07:26:02:156 16000 cured
07:26:05:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184789.exe infected Virus.Win32.Sality.bh ...07:26:05:812 16000 cured
07:26:09:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184790.EXE infected Virus.Win32.Sality.bh ...07:26:09:375 16000 cured
07:26:13:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184791.exe infected Virus.Win32.Sality.bh ...07:26:13:078 16000 cured
07:26:16:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184794.exe infected Virus.Win32.Sality.bh ...07:26:16:953 16000 cured
07:26:20:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184795.exe infected Virus.Win32.Sality.bh ...07:26:20:609 16000 cured
07:26:24:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184796.exe infected Virus.Win32.Sality.bh ...07:26:24:328 16000 cured
07:26:34:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184797.exe infected Virus.Win32.Sality.ag ...07:26:34:937 16000 cured
07:26:38:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184798.exe infected Virus.Win32.Sality.bh ...07:26:38:640 16000 cured
07:26:42:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184799.exe infected Virus.Win32.Sality.bh ...07:26:42:328 16000 cured
07:26:46:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184800.exe infected Virus.Win32.Sality.bh ...07:26:46:078 16000 cured
07:26:49:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184801.exe infected Virus.Win32.Sality.bh ...07:26:49:796 16000 cured
07:26:53:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184802.exe infected Virus.Win32.Sality.bh ...07:26:53:593 16000 cured
07:26:57:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184803.exe infected Virus.Win32.Sality.bh ...07:26:57:312 16000 cured
07:27:00:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184804.exe infected Virus.Win32.Sality.bh ...07:27:00:921 16000 cured
07:27:04:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184805.exe infected Virus.Win32.Sality.bh ...07:27:04:609 16000 cured
07:27:08:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184806.exe infected Virus.Win32.Sality.bh ...07:27:08:406 16000 cured
07:27:12:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184807.exe infected Virus.Win32.Sality.bh ...07:27:12:171 16000 cured
07:27:15:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184808.exe infected Virus.Win32.Sality.bh ...07:27:15:796 16000 cured
07:27:19:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184812.EXE infected Virus.Win32.Sality.bh ...07:27:19:343 16000 cured
07:27:23:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184813.exe infected Virus.Win32.Sality.bh ...07:27:23:046 16000 cured
07:27:27:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184821.exe infected Virus.Win32.Sality.bh ...07:27:27:046 16000 cured
07:27:30:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184822.exe infected Virus.Win32.Sality.bh ...07:27:30:593 16000 cured
07:27:34:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184823.exe infected Virus.Win32.Sality.bh ...07:27:34:437 16000 cured
07:27:38:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184824.exe infected Virus.Win32.Sality.bh ...07:27:38:140 16000 cured
07:27:41:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184825.exe infected Virus.Win32.Sality.bh ...07:27:41:812 16000 cured
07:27:45:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184826.exe infected Virus.Win32.Sality.bh ...07:27:45:484 16000 cured
07:27:49:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184827.exe infected Virus.Win32.Sality.bh ...07:27:49:140 16000 cured
07:27:52:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184828.exe infected Virus.Win32.Sality.bh ...07:27:52:859 16000 cured
07:27:56:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184829.exe infected Virus.Win32.Sality.bh ...07:27:56:625 16000 cured
07:28:00:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184830.exe infected Virus.Win32.Sality.bh ...07:28:00:109 16000 cured
07:28:03:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184831.exe infected Virus.Win32.Sality.bh ...07:28:03:890 16000 cured
07:28:07:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184832.exe infected Virus.Win32.Sality.bh ...07:28:07:718 16000 cured
07:28:11:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184833.exe infected Virus.Win32.Sality.bh ...07:28:11:359 16000 cured
07:28:15:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184834.exe infected Virus.Win32.Sality.bh ...07:28:15:062 16000 cured
07:28:18:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184835.exe infected Virus.Win32.Sality.bh ...07:28:18:921 16000 cured
07:28:22:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184836.exe infected Virus.Win32.Sality.bh ...07:28:22:609 16000 cured
07:28:26:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184837.exe infected Virus.Win32.Sality.bh ...07:28:26:218 16000 cured
07:28:30:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184838.exe infected Virus.Win32.Sality.bh ...07:28:30:015 16000 cured
07:28:33:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184839.exe infected Virus.Win32.Sality.bh ...07:28:33:609 16000 cured
07:28:37:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184840.exe infected Virus.Win32.Sality.bh ...07:28:37:281 16000 cured
07:28:40:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184841.exe infected Virus.Win32.Sality.bh ...07:28:40:968 16000 cured
07:28:44:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184842.exe infected Virus.Win32.Sality.bh ...07:28:44:734 16000 cured
07:28:48:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184843.exe infected Virus.Win32.Sality.bh ...07:28:48:515 16000 cured
07:28:52:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184844.exe infected Virus.Win32.Sality.bh ...07:28:52:078 16000 cured
07:28:55:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184845.exe infected Virus.Win32.Sality.bh ...07:28:55:734 16000 cured
07:28:59:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184846.exe infected Virus.Win32.Sality.bh ...07:28:59:515 16000 cured
07:29:03:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184847.exe infected Virus.Win32.Sality.bh ...07:29:03:234 16000 cured
07:29:06:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184848.exe infected Virus.Win32.Sality.bh ...07:29:06:921 16000 cured
07:29:10:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184849.exe infected Virus.Win32.Sality.bh ...07:29:10:625 16000 cured
07:29:14:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184850.exe infected Virus.Win32.Sality.bh ...07:29:14:484 16000 cured
07:29:18:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184851.exe infected Virus.Win32.Sality.bh ...07:29:18:093 16000 cured
07:29:21:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184852.exe infected Virus.Win32.Sality.bh ...07:29:21:859 16000 cured
07:29:25:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184853.exe infected Virus.Win32.Sality.bh ...07:29:25:562 16000 cured
07:29:29:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184854.exe infected Virus.Win32.Sality.bh ...07:29:29:078 16000 cured
07:29:32:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184855.exe infected Virus.Win32.Sality.bh ...07:29:32:671 16000 cured
07:29:36:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184856.exe infected Virus.Win32.Sality.bh ...07:29:36:437 16000 cured
07:29:40:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184857.exe infected Virus.Win32.Sality.bh ...07:29:40:203 16000 cured
07:29:43:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184858.exe infected Virus.Win32.Sality.bh ...07:29:43:718 16000 cured
07:29:47:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184859.exe infected Virus.Win32.Sality.bh ...07:29:47:453 16000 cured
07:29:51:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184860.exe infected Virus.Win32.Sality.bh ...07:29:51:187 16000 cured
07:29:54:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184861.exe infected Virus.Win32.Sality.bh ...07:29:54:765 16000 cured
07:29:58:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184862.exe infected Virus.Win32.Sality.bh ...07:29:58:500 16000 cured
07:30:02:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184863.exe infected Virus.Win32.Sality.bh ...07:30:02:281 16000 cured
07:30:05:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184864.exe infected Virus.Win32.Sality.bh ...07:30:05:921 16000 cured
07:30:09:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184865.exe infected Virus.Win32.Sality.bh ...07:30:09:593 16000 cured
07:30:13:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184866.exe infected Virus.Win32.Sality.bh ...07:30:13:203 16000 cured
07:30:17:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184867.exe infected Virus.Win32.Sality.bh ...07:30:17:031 16000 cured
07:30:20:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184868.exe infected Virus.Win32.Sality.bh ...07:30:20:750 16000 cured
07:30:24:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184869.exe infected Virus.Win32.Sality.bh ...07:30:24:484 16000 cured
07:30:28:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184870.exe infected Virus.Win32.Sality.bh ...07:30:28:187 16000 cured
07:30:31:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184871.exe infected Virus.Win32.Sality.bh ...07:30:31:828 16000 cured
07:30:35:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184872.exe infected Virus.Win32.Sality.bh ...07:30:35:468 16000 cured
07:30:39:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184873.exe infected Virus.Win32.Sality.bh ...07:30:39:109 16000 cured
07:30:42:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184874.exe infected Virus.Win32.Sality.bh ...07:30:42:734 16000 cured
07:30:46:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184875.exe infected Virus.Win32.Sality.bh ...07:30:46:453 16000 cured
07:30:50:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184876.exe infected Virus.Win32.Sality.bh ...07:30:50:218 16000 cured
07:30:53:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184877.exe infected Virus.Win32.Sality.bh ...07:30:53:750 16000 cured
07:30:57:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184878.exe infected Virus.Win32.Sality.bh ...07:30:57:484 16000 cured
07:31:01:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184879.exe infected Virus.Win32.Sality.bh ...07:31:01:296 16000 cured
07:31:04:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184880.exe infected Virus.Win32.Sality.bh ...07:31:04:875 16000 cured
07:31:08:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184881.exe infected Virus.Win32.Sality.bh ...07:31:08:640 16000 cured
07:31:12:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184882.exe infected Virus.Win32.Sality.bh ...07:31:12:281 16000 cured
07:31:15:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184883.exe infected Virus.Win32.Sality.bh ...07:31:15:937 16000 cured
07:31:19:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184884.exe infected Virus.Win32.Sality.bh ...07:31:19:640 16000 cured
07:31:23:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184885.exe infected Virus.Win32.Sality.bh ...07:31:23:312 16000 cured
07:31:26:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184886.exe infected Virus.Win32.Sality.bh ...07:31:26:968 16000 cured
07:31:30:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184887.exe infected Virus.Win32.Sality.bh ...07:31:30:578 16000 cured
07:31:34:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184888.exe infected Virus.Win32.Sality.bh ...07:31:34:359 16000 cured
07:31:38:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184889.exe infected Virus.Win32.Sality.bh ...07:31:38:078 16000 cured
07:31:41:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184890.exe infected Virus.Win32.Sality.bh ...07:31:41:781 16000 cured
07:31:45:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184891.exe infected Virus.Win32.Sality.bh ...07:31:45:468 16000 cured
07:31:48:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184892.exe infected Virus.Win32.Sality.bh ...07:31:48:968 16000 cured
07:31:52:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184893.exe infected Virus.Win32.Sality.bh ...07:31:52:687 16000 cured
07:31:56:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184894.exe infected Virus.Win32.Sality.bh ...07:31:56:437 16000 cured
07:32:00:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184895.exe infected Virus.Win32.Sality.bh ...07:32:00:125 16000 cured
07:32:03:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184896.exe infected Virus.Win32.Sality.bh ...07:32:03:953 16000 cured
07:32:07:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184897.exe infected Virus.Win32.Sality.bh ...07:32:07:687 16000 cured
07:32:11:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184898.exe infected Virus.Win32.Sality.bh ...07:32:11:359 16000 cured
07:32:15:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184899.exe infected Virus.Win32.Sality.bh ...07:32:15:109 16000 cured
07:32:18:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184900.exe infected Virus.Win32.Sality.bh ...07:32:18:875 16000 cured
07:32:22:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184901.exe infected Virus.Win32.Sality.bh ...07:32:22:640 16000 cured
07:32:26:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184902.exe infected Virus.Win32.Sality.bh ...07:32:26:234 16000 cured
07:32:29:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184903.exe infected Virus.Win32.Sality.bh ...07:32:29:921 16000 cured
07:32:33:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184904.exe infected Virus.Win32.Sality.bh ...07:32:33:687 16000 cured
07:32:37:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184905.exe infected Virus.Win32.Sality.bh ...07:32:37:328 16000 cured
07:32:41:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184906.exe infected Virus.Win32.Sality.bh ...07:32:41:078 16000 cured
07:32:44:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184907.exe infected Virus.Win32.Sality.bh ...07:32:44:671 16000 cured
07:32:48:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184908.exe infected Virus.Win32.Sality.bh ...07:32:48:359 16000 cured
07:32:52:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184909.exe infected Virus.Win32.Sality.bh ...07:32:52:109 16000 cured
07:32:55:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184910.exe infected Virus.Win32.Sality.bh ...07:32:55:875 16000 cured
07:32:59:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184911.exe infected Virus.Win32.Sality.bh ...07:32:59:656 16000 cured
07:33:03:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184912.exe infected Virus.Win32.Sality.bh ...07:33:03:343 16000 cured
07:33:07:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184913.exe infected Virus.Win32.Sality.bh ...07:33:07:203 16000 cured
07:33:10:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184914.exe infected Virus.Win32.Sality.bh ...07:33:10:843 16000 cured
07:33:14:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184915.exe infected Virus.Win32.Sality.bh ...07:33:14:562 16000 cured
07:33:18:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184916.exe infected Virus.Win32.Sality.bh ...07:33:18:281 16000 cured
07:33:22:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184917.exe infected Virus.Win32.Sality.bh ...07:33:22:046 16000 cured
07:33:25:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184918.exe infected Virus.Win32.Sality.bh ...07:33:25:671 16000 cured
07:33:29:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184919.exe infected Virus.Win32.Sality.bh ...07:33:29:375 16000 cured
07:33:33:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184920.exe infected Virus.Win32.Sality.bh ...07:33:33:187 16000 cured
07:33:36:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184921.exe infected Virus.Win32.Sality.bh ...07:33:36:906 16000 cured
07:33:40:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184922.exe infected Virus.Win32.Sality.bh ...07:33:40:500 16000 cured
07:33:44:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184923.exe infected Virus.Win32.Sality.bh ...07:33:44:078 16000 cured
07:33:47:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184924.exe infected Virus.Win32.Sality.bh ...07:33:47:765 16000 cured
07:33:51:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184925.exe infected Virus.Win32.Sality.bh ...07:33:51:406 16000 cured
07:33:55:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184926.exe infected Virus.Win32.Sality.bh ...07:33:55:156 16000 cured
07:33:58:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184927.exe infected Virus.Win32.Sality.bh ...07:33:58:968 16000 cured
07:34:02:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184928.exe infected Virus.Win32.Sality.bh ...07:34:02:656 16000 cured
07:34:06:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184929.exe infected Virus.Win32.Sality.bh ...07:34:06:484 16000 cured
07:34:10:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184930.exe infected Virus.Win32.Sality.bh ...07:34:10:109 16000 cured
07:34:13:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184931.exe infected Virus.Win32.Sality.bh ...07:34:13:828 16000 cured
07:34:17:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184932.exe infected Virus.Win32.Sality.bh ...07:34:17:468 16000 cured
07:34:21:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184933.exe infected Virus.Win32.Sality.bh ...07:34:21:140 16000 cured
07:34:24:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184934.exe infected Virus.Win32.Sality.bh ...07:34:24:718 16000 cured
07:34:28:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184935.exe infected Virus.Win32.Sality.bh ...07:34:28:343 16000 cured
07:34:32:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184936.exe infected Virus.Win32.Sality.bh ...07:34:32:203 16000 cured
07:34:35:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184937.exe infected Virus.Win32.Sality.bh ...07:34:35:781 16000 cured
07:34:39:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184938.exe infected Virus.Win32.Sality.bh ...07:34:39:406 16000 cured
07:34:43:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184939.exe infected Virus.Win32.Sality.bh ...07:34:43:109 16000 cured
07:34:46:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184940.exe infected Virus.Win32.Sality.bh ...07:34:46:734 16000 cured
07:34:50:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184941.exe infected Virus.Win32.Sality.bh ...07:34:50:406 16000 cured
07:34:54:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184942.exe infected Virus.Win32.Sality.bh ...07:34:54:015 16000 cured
07:34:57:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184943.exe infected Virus.Win32.Sality.bh ...07:34:57:750 16000 cured
07:35:01:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184944.exe infected Virus.Win32.Sality.bh ...07:35:01:515 16000 cured
07:35:05:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184945.exe infected Virus.Win32.Sality.bh ...07:35:05:250 16000 cured
07:35:08:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184946.exe infected Virus.Win32.Sality.bh ...07:35:08:921 16000 cured
07:35:12:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184947.exe infected Virus.Win32.Sality.bh ...07:35:12:625 16000 cured
07:35:16:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184948.exe infected Virus.Win32.Sality.bh ...07:35:16:312 16000 cured
07:35:19:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184949.exe infected Virus.Win32.Sality.bh ...07:35:19:953 16000 cured
07:35:23:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184950.exe infected Virus.Win32.Sality.bh ...07:35:23:765 16000 cured
07:35:27:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184951.exe infected Virus.Win32.Sality.bh ...07:35:27:406 16000 cured
07:35:31:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184952.exe infected Virus.Win32.Sality.bh ...07:35:31:125 16000 cured
07:35:34:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184953.exe infected Virus.Win32.Sality.bh ...07:35:34:875 16000 cured
07:35:38:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184954.exe infected Virus.Win32.Sality.bh ...07:35:38:578 16000 cured
07:35:42:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184955.exe infected Virus.Win32.Sality.bh ...07:35:42:234 16000 cured
07:35:47:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184956.exe infected Virus.Win32.Sality.ag ...07:35:47:421 16000 cured
07:35:51:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184957.exe infected Virus.Win32.Sality.bh ...07:35:51:015 16000 cured
07:35:54:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184958.exe infected Virus.Win32.Sality.bh ...07:35:54:750 16000 cured
07:35:58:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184959.exe infected Virus.Win32.Sality.bh ...07:35:58:562 16000 cured
07:36:02:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184960.exe infected Virus.Win32.Sality.bh ...07:36:02:156 16000 cured
07:36:05:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184961.exe infected Virus.Win32.Sality.bh ...07:36:05:968 16000 cured
07:36:09:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184962.exe infected Virus.Win32.Sality.bh ...07:36:09:750 16000 cured
07:36:13:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184963.exe infected Virus.Win32.Sality.bh ...07:36:13:468 16000 cured
07:36:17:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184964.exe infected Virus.Win32.Sality.bh ...07:36:17:187 16000 cured
07:36:20:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184965.exe infected Virus.Win32.Sality.bh ...07:36:20:968 16000 cured
07:36:24:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184966.exe infected Virus.Win32.Sality.bh ...07:36:24:734 16000 cured
07:36:28:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184967.exe infected Virus.Win32.Sality.bh ...07:36:28:468 16000 cured
07:36:32:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184968.exe infected Virus.Win32.Sality.bh ...07:36:32:218 16000 cured
07:36:35:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184969.exe infected Virus.Win32.Sality.bh ...07:36:35:953 16000 cured
07:36:39:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184970.exe infected Virus.Win32.Sality.bh ...07:36:39:687 16000 cured
07:36:43:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184971.exe infected Virus.Win32.Sality.bh ...07:36:43:468 16000 cured
07:36:47:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184972.exe infected Virus.Win32.Sality.bh ...07:36:47:281 16000 cured
07:36:50:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184973.exe infected Virus.Win32.Sality.bh ...07:36:50:765 16000 cured
07:36:54:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184974.exe infected Virus.Win32.Sality.bh ...07:36:54:406 16000 cured
07:36:58:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184975.exe infected Virus.Win32.Sality.bh ...07:36:58:062 16000 cured
07:37:01:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184976.exe infected Virus.Win32.Sality.bh ...07:37:01:828 16000 cured
07:37:05:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184977.exe infected Virus.Win32.Sality.bh ...07:37:05:546 16000 cured
07:37:09:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184978.exe infected Virus.Win32.Sality.bh ...07:37:09:343 16000 cured
07:37:13:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184979.exe infected Virus.Win32.Sality.bh ...07:37:13:031 16000 cured
07:37:16:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184980.exe infected Virus.Win32.Sality.bh ...07:37:16:718 16000 cured
07:37:20:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184981.exe infected Virus.Win32.Sality.bh ...07:37:20:625 16000 cured
07:37:24:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184982.exe infected Virus.Win32.Sality.bh ...07:37:24:265 16000 cured
07:37:27:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184983.exe infected Virus.Win32.Sality.bh ...07:37:27:953 16000 cured
07:37:31:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184984.exe infected Virus.Win32.Sality.bh ...07:37:31:609 16000 cured
07:37:35:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184985.exe infected Virus.Win32.Sality.bh ...07:37:35:312 16000 cured
07:37:39:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184986.exe infected Virus.Win32.Sality.bh ...07:37:39:046 16000 cured
07:37:42:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184987.exe infected Virus.Win32.Sality.bh ...07:37:42:750 16000 cured
07:37:46:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184988.exe infected Virus.Win32.Sality.bh ...07:37:46:500 16000 cured
07:37:50:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184989.exe infected Virus.Win32.Sality.bh ...07:37:50:187 16000 cured
07:37:53:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184990.exe infected Virus.Win32.Sality.bh ...07:37:53:828 16000 cured
07:37:57:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184991.exe infected Virus.Win32.Sality.bh ...07:37:57:500 16000 cured
07:38:01:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184992.exe infected Virus.Win32.Sality.bh ...07:38:01:234 16000 cured
07:38:04:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184993.exe infected Virus.Win32.Sality.bh ...07:38:05:000 16000 cured
07:38:08:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184994.exe infected Virus.Win32.Sality.bh ...07:38:08:781 16000 cured
07:38:12:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184995.exe infected Virus.Win32.Sality.bh ...07:38:12:515 16000 cured
07:38:16:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184996.exe infected Virus.Win32.Sality.bh ...07:38:16:218 16000 cured
07:38:19:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184997.exe infected Virus.Win32.Sality.bh ...07:38:19:921 16000 cured
07:38:23:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184998.exe infected Virus.Win32.Sality.bh ...07:38:23:625 16000 cured
07:38:27:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184999.exe infected Virus.Win32.Sality.bh ...07:38:27:250 16000 cured
07:38:30:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185000.exe infected Virus.Win32.Sality.bh ...07:38:30:937 16000 cured
07:38:34:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185001.exe infected Virus.Win32.Sality.bh ...07:38:34:500 16000 cured
07:38:38:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185002.exe infected Virus.Win32.Sality.bh ...07:38:38:093 16000 cured
07:38:41:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185003.exe infected Virus.Win32.Sality.bh ...07:38:41:765 16000 cured
07:38:45:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185004.exe infected Virus.Win32.Sality.bh ...07:38:45:578 16000 cured
07:38:49:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185005.exe infected Virus.Win32.Sality.bh ...07:38:49:218 16000 cured
07:38:52:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185006.exe infected Virus.Win32.Sality.bh ...07:38:52:765 16000 cured
07:38:56:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185008.exe infected Virus.Win32.Sality.bh ...07:38:56:390 16000 cured
07:39:00:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185009.exe infected Virus.Win32.Sality.bh ...07:39:00:140 16000 cured
07:39:03:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185010.exe infected Virus.Win32.Sality.bh ...07:39:03:718 16000 cured
07:39:07:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185011.pif infected Virus.Win32.Sality.bh ...07:39:07:265 16000 cured
07:39:11:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185013.exe infected Virus.Win32.Sality.bh ...07:39:11:015 16000 cured
07:39:14:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185014.exe infected Virus.Win32.Sality.bh ...07:39:14:781 16000 cured
07:39:18:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185015.exe infected Virus.Win32.Sality.bh ...07:39:18:468 16000 cured
07:39:22:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185016.exe infected Virus.Win32.Sality.bh ...07:39:22:046 16000 cured
07:39:25:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185017.exe infected Virus.Win32.Sality.bh ...07:39:25:687 16000 cured
07:39:29:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185018.exe infected Virus.Win32.Sality.bh ...07:39:29:453 16000 cured
07:39:33:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185019.exe infected Virus.Win32.Sality.bh ...07:39:33:109 16000 cured
07:39:36:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185020.exe infected Virus.Win32.Sality.bh ...07:39:36:703 16000 cured
07:39:40:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185021.exe infected Virus.Win32.Sality.bh ...07:39:40:453 16000 cured
07:39:44:234 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185022.exe infected Virus.Win32.Sality.bh ...07:39:44:234 16000 cured
07:39:47:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185023.exe infected Virus.Win32.Sality.bh ...07:39:47:906 16000 cured
07:39:51:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185024.exe infected Virus.Win32.Sality.bh ...07:39:51:531 16000 cured
07:39:55:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185025.exe infected Virus.Win32.Sality.bh ...07:39:55:312 16000 cured
07:39:59:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185026.exe infected Virus.Win32.Sality.bh ...07:39:59:125 16000 cured
07:40:02:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185027.exe infected Virus.Win32.Sality.bh ...07:40:02:859 16000 cured
07:40:06:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185028.exe infected Virus.Win32.Sality.bh ...07:40:06:546 16000 cured
07:40:10:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185029.exe infected Virus.Win32.Sality.bh ...07:40:10:093 16000 cured
07:40:13:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185030.exe infected Virus.Win32.Sality.bh ...07:40:13:796 16000 cured
07:40:17:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185031.exe infected Virus.Win32.Sality.bh ...07:40:17:328 16000 cured
07:40:21:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185032.exe infected Virus.Win32.Sality.bh ...07:40:21:015 16000 cured
07:40:24:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185033.exe infected Virus.Win32.Sality.bh ...07:40:24:593 16000 cured
07:40:28:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185034.exe infected Virus.Win32.Sality.bh ...07:40:28:265 16000 cured
07:40:32:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185035.exe infected Virus.Win32.Sality.bh ...07:40:32:000 16000 cured
07:40:35:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185036.exe infected Virus.Win32.Sality.bh ...07:40:35:781 16000 cured
07:40:39:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185037.exe infected Virus.Win32.Sality.bh ...07:40:39:468 16000 cured
07:40:43:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185038.exe infected Virus.Win32.Sality.bh ...07:40:43:078 16000 cured
07:40:46:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185039.exe infected Virus.Win32.Sality.bh ...07:40:46:765 16000 cured
07:40:50:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185040.exe infected Virus.Win32.Sality.bh ...07:40:50:406 16000 cured
07:40:54:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185041.exe infected Virus.Win32.Sality.bh ...07:40:54:078 16000 cured
07:40:55:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185042.exe infected Virus.Win32.Sality.ag ...07:40:55:828 16000 cured
07:40:59:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185043.exe infected Virus.Win32.Sality.bh ...07:40:59:656 16000 cured
07:41:03:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185044.exe infected Virus.Win32.Sality.bh ...07:41:03:375 16000 cured
07:41:07:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185045.exe infected Virus.Win32.Sality.bh ...07:41:07:187 16000 cured
07:41:10:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185046.exe infected Virus.Win32.Sality.bh ...07:41:10:765 16000 cured
07:41:14:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185047.exe infected Virus.Win32.Sality.bh ...07:41:14:421 16000 cured
07:41:18:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185048.exe infected Virus.Win32.Sality.bh ...07:41:18:156 16000 cured
07:41:21:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185049.exe infected Virus.Win32.Sality.bh ...07:41:21:906 16000 cured
07:41:25:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185050.exe infected Virus.Win32.Sality.bh ...07:41:25:515 16000 cured
07:41:29:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185051.exe infected Virus.Win32.Sality.bh ...07:41:29:156 16000 cured
07:41:31:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185052.exe infected Virus.Win32.Sality.ag ...07:41:31:328 16000 cured
07:41:35:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185053.exe infected Virus.Win32.Sality.bh ...07:41:35:093 16000 cured
07:41:38:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185054.exe infected Virus.Win32.Sality.bh ...07:41:38:750 16000 cured
07:41:42:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185055.exe infected Virus.Win32.Sality.bh ...07:41:42:421 16000 cured
07:41:46:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185056.exe infected Virus.Win32.Sality.bh ...07:41:46:000 16000 cured
07:41:49:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185057.exe infected Virus.Win32.Sality.bh ...07:41:49:687 16000 cured
07:41:53:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185058.exe infected Virus.Win32.Sality.bh ...07:41:53:296 16000 cured
07:41:56:921 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185059.exe infected Virus.Win32.Sality.bh ...07:41:56:921 16000 cured
07:42:00:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185060.exe infected Virus.Win32.Sality.bh ...07:42:00:515 16000 cured
07:42:04:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185061.exe infected Virus.Win32.Sality.bh ...07:42:04:250 16000 cured
07:42:07:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185062.exe infected Virus.Win32.Sality.bh ...07:42:07:906 16000 cured
07:42:11:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185063.exe infected Virus.Win32.Sality.bh ...07:42:11:625 16000 cured
07:42:15:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185064.exe infected Virus.Win32.Sality.bh ...07:42:15:328 16000 cured
07:42:19:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185065.exe infected Virus.Win32.Sality.bh ...07:42:19:000 16000 cured
07:42:22:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185066.exe infected Virus.Win32.Sality.bh ...07:42:22:718 16000 cured
07:42:26:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185067.exe infected Virus.Win32.Sality.bh ...07:42:26:437 16000 cured
07:42:30:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185068.exe infected Virus.Win32.Sality.bh ...07:42:30:125 16000 cured
07:42:40:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185069.exe infected Virus.Win32.Sality.ag ...07:42:40:109 16000 cured
07:42:43:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185070.exe infected Virus.Win32.Sality.bh ...07:42:43:812 16000 cured
07:42:47:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185071.exe infected Virus.Win32.Sality.bh ...07:42:47:515 16000 cured
07:42:51:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185072.exe infected Virus.Win32.Sality.bh ...07:42:51:109 16000 cured
07:42:54:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185073.exe infected Virus.Win32.Sality.bh ...07:42:54:781 16000 cured
07:42:58:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185074.exe infected Virus.Win32.Sality.bh ...07:42:58:578 16000 cured
07:43:02:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185075.exe infected Virus.Win32.Sality.bh ...07:43:02:343 16000 cured
07:43:05:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185076.exe infected Virus.Win32.Sality.bh ...07:43:05:984 16000 cured
07:43:09:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185077.exe infected Virus.Win32.Sality.bh ...07:43:09:703 16000 cured
07:43:13:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185078.EXE infected Virus.Win32.Sality.bh ...07:43:13:562 16000 cured
07:43:17:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185079.EXE infected Virus.Win32.Sality.bh ...07:43:17:312 16000 cured
07:43:21:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185080.exe infected Virus.Win32.Sality.bh ...07:43:21:000 16000 cured
07:43:24:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185081.exe infected Virus.Win32.Sality.bh ...07:43:24:765 16000 cured
07:43:28:359 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185082.exe infected Virus.Win32.Sality.bh ...07:43:28:359 16000 cured
07:43:32:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185083.EXE infected Virus.Win32.Sality.bh ...07:43:32:156 16000 cured
07:43:35:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185084.EXE infected Virus.Win32.Sality.bh ...07:43:35:718 16000 cured
07:43:39:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185085.EXE infected Virus.Win32.Sality.bh ...07:43:39:328 16000 cured
07:43:43:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185086.EXE infected Virus.Win32.Sality.bh ...07:43:43:000 16000 cured
07:43:46:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185087.EXE infected Virus.Win32.Sality.bh ...07:43:46:718 16000 cured
07:43:50:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185088.EXE infected Virus.Win32.Sality.bh ...07:43:50:406 16000 cured
07:43:54:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185089.exe infected Virus.Win32.Sality.bh ...07:43:54:203 16000 cured
07:43:57:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185090.EXE infected Virus.Win32.Sality.bh ...07:43:57:703 16000 cured
07:44:01:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185091.EXE infected Virus.Win32.Sality.bh ...07:44:01:484 16000 cured
07:44:05:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185092.EXE infected Virus.Win32.Sality.bh ...07:44:05:140 16000 cured
07:44:08:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185093.exe infected Virus.Win32.Sality.bh ...07:44:08:875 16000 cured
07:44:12:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185094.EXE infected Virus.Win32.Sality.bh ...07:44:12:578 16000 cured
07:44:16:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185095.EXE infected Virus.Win32.Sality.bh ...07:44:16:140 16000 cured
07:44:19:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185096.EXE infected Virus.Win32.Sality.bh ...07:44:19:828 16000 cured
07:44:25:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185097.EXE infected Virus.Win32.Sality.ag ...07:44:25:593 16000 cured
07:44:29:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185098.EXE infected Virus.Win32.Sality.bh ...07:44:29:296 16000 cured
07:44:33:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185099.EXE infected Virus.Win32.Sality.bh ...07:44:33:156 16000 cured
07:44:36:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185100.EXE infected Virus.Win32.Sality.bh ...07:44:36:796 16000 cured
07:44:40:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185101.EXE infected Virus.Win32.Sality.bh ...07:44:40:625 16000 cured
07:44:44:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185102.EXE infected Virus.Win32.Sality.bh ...07:44:44:265 16000 cured
07:44:47:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185103.EXE infected Virus.Win32.Sality.bh ...07:44:47:875 16000 cured
07:44:51:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185104.EXE infected Virus.Win32.Sality.bh ...07:44:51:546 16000 cured
07:44:55:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185105.EXE infected Virus.Win32.Sality.bh ...07:44:55:265 16000 cured
07:44:58:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185106.EXE infected Virus.Win32.Sality.bh ...07:44:58:968 16000 cured
07:45:02:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185107.EXE infected Virus.Win32.Sality.bh ...07:45:02:593 16000 cured
07:45:06:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185108.EXE infected Virus.Win32.Sality.bh ...07:45:06:281 16000 cured
07:45:09:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185109.EXE infected Virus.Win32.Sality.bh ...07:45:09:875 16000 cured
07:45:13:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185110.EXE infected Virus.Win32.Sality.bh ...07:45:13:625 16000 cured
07:45:17:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185111.EXE infected Virus.Win32.Sality.bh ...07:45:17:171 16000 cured
07:45:20:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185112.EXE infected Virus.Win32.Sality.bh ...07:45:20:953 16000 cured
07:45:24:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185113.exe infected Virus.Win32.Sality.bh ...07:45:24:531 16000 cured
07:45:28:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185114.exe infected Virus.Win32.Sality.bh ...07:45:28:156 16000 cured
07:45:31:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185115.exe infected Virus.Win32.Sality.bh ...07:45:31:796 16000 cured
07:45:35:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185116.exe infected Virus.Win32.Sality.bh ...07:45:35:437 16000 cured
07:45:39:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185117.exe infected Virus.Win32.Sality.bh ...07:45:39:203 16000 cured
07:45:42:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185118.exe infected Virus.Win32.Sality.bh ...07:45:42:937 16000 cured
07:45:46:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185119.exe infected Virus.Win32.Sality.bh ...07:45:46:734 16000 cured
07:45:50:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185120.exe infected Virus.Win32.Sality.bh ...07:45:50:640 16000 cured
07:45:54:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185121.exe infected Virus.Win32.Sality.bh ...07:45:54:093 16000 cured
07:45:57:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185122.exe infected Virus.Win32.Sality.bh ...07:45:57:812 16000 cured
07:46:01:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185123.exe infected Virus.Win32.Sality.bh ...07:46:01:515 16000 cured
07:46:05:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185124.exe infected Virus.Win32.Sality.bh ...07:46:05:078 16000 cured
07:46:08:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185125.exe infected Virus.Win32.Sality.bh ...07:46:08:734 16000 cured
07:46:12:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185126.exe infected Virus.Win32.Sality.bh ...07:46:12:484 16000 cured
07:46:16:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185127.exe infected Virus.Win32.Sality.bh ...07:46:16:203 16000 cured
07:46:19:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185128.exe infected Virus.Win32.Sality.bh ...07:46:19:859 16000 cured
07:46:23:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185129.exe infected Virus.Win32.Sality.bh ...07:46:23:640 16000 cured
07:46:27:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185130.exe infected Virus.Win32.Sality.bh ...07:46:27:265 16000 cured
07:46:54:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185131.exe infected Virus.Win32.Sality.bh ...07:46:54:640 16000 cured
07:46:58:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185132.exe infected Virus.Win32.Sality.bh ...07:46:58:437 16000 cured
07:47:02:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185133.exe infected Virus.Win32.Sality.bh ...07:47:02:187 16000 cured
07:47:05:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185134.exe infected Virus.Win32.Sality.bh ...07:47:05:750 16000 cured
07:47:09:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185135.exe infected Virus.Win32.Sality.bh ...07:47:09:562 16000 cured
07:47:13:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185136.exe infected Virus.Win32.Sality.bh ...07:47:13:203 16000 cured
07:47:16:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185137.EXE infected Virus.Win32.Sality.bh ...07:47:16:828 16000 cured
07:47:20:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185138.exe infected Virus.Win32.Sality.bh ...07:47:20:500 16000 cured
07:47:24:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185139.exe infected Virus.Win32.Sality.bh ...07:47:24:031 16000 cured
07:47:27:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185140.exe infected Virus.Win32.Sality.bh ...07:47:27:718 16000 cured
07:47:31:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185141.exe infected Virus.Win32.Sality.bh ...07:47:31:375 16000 cured
07:47:34:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185142.EXE infected Virus.Win32.Sality.bh ...07:47:34:968 16000 cured
07:47:41:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185143.exe infected Virus.Win32.Sality.ag ...07:47:41:953 16000 cured
07:47:45:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185144.exe infected Virus.Win32.Sality.bh ...07:47:45:687 16000 cured
07:47:49:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185145.exe infected Virus.Win32.Sality.bh ...07:47:49:421 16000 cured
07:47:53:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185146.exe infected Virus.Win32.Sality.bh ...07:47:53:062 16000 cured
07:47:56:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185147.exe infected Virus.Win32.Sality.bh ...07:47:56:796 16000 cured
07:48:00:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185148.exe infected Virus.Win32.Sality.bh ...07:48:00:468 16000 cured
07:48:04:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185149.exe infected Virus.Win32.Sality.bh ...07:48:04:250 16000 cured
07:48:07:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185150.exe infected Virus.Win32.Sality.bh ...07:48:07:843 16000 cured
07:48:11:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185151.exe infected Virus.Win32.Sality.bh ...07:48:11:500 16000 cured
07:48:15:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185152.exe infected Virus.Win32.Sality.bh ...07:48:15:281 16000 cured
07:48:18:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185153.exe infected Virus.Win32.Sality.bh ...07:48:18:937 16000 cured
07:48:22:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185154.exe infected Virus.Win32.Sality.bh ...07:48:22:703 16000 cured
07:48:26:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185155.exe infected Virus.Win32.Sality.bh ...07:48:26:453 16000 cured
07:48:30:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185156.exe infected Virus.Win32.Sality.bh ...07:48:30:109 16000 cured
07:48:33:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185157.exe infected Virus.Win32.Sality.bh ...07:48:33:875 16000 cured
07:48:37:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185158.exe infected Virus.Win32.Sality.ag ...07:48:37:765 16000 cured
07:48:42:062 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185159.exe infected Virus.Win32.Sality.bh ...07:48:42:062 16000 cured
07:48:45:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185160.exe infected Virus.Win32.Sality.bh ...07:48:45:781 16000 cured
07:48:49:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185161.exe infected Virus.Win32.Sality.bh ...07:48:49:343 16000 cured
07:49:00:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185162.exe infected Virus.Win32.Sality.ag ...07:49:00:484 16000 cured
07:49:04:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185163.exe infected Virus.Win32.Sality.bh ...07:49:04:281 16000 cured
07:49:07:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185164.exe infected Virus.Win32.Sality.bh ...07:49:07:968 16000 cured
07:49:11:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185165.exe infected Virus.Win32.Sality.bh ...07:49:11:734 16000 cured
07:49:15:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185166.exe infected Virus.Win32.Sality.bh ...07:49:15:468 16000 cured
07:49:18:953 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185167.exe infected Virus.Win32.Sality.bh ...07:49:18:953 16000 cured
07:49:22:625 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185168.exe infected Virus.Win32.Sality.bh ...07:49:22:625 16000 cured
07:49:26:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185169.exe infected Virus.Win32.Sality.bh ...07:49:26:390 16000 cured
07:49:29:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185170.exe infected Virus.Win32.Sality.bh ...07:49:29:890 16000 cured
07:49:34:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185171.exe infected Virus.Win32.Sality.bh ...07:49:34:265 16000 cured
07:49:38:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185172.exe infected Virus.Win32.Sality.bh ...07:49:38:109 16000 cured
07:49:41:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185173.exe infected Virus.Win32.Sality.bh ...07:49:41:781 16000 cured
07:49:45:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185174.exe infected Virus.Win32.Sality.bh ...07:49:45:593 16000 cured
07:49:49:093 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185175.exe infected Virus.Win32.Sality.bh ...07:49:49:093 16000 cured
07:49:52:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185176.exe infected Virus.Win32.Sality.bh ...07:49:52:937 16000 cured
07:49:56:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185177.exe infected Virus.Win32.Sality.bh ...07:49:56:640 16000 cured
07:50:00:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185178.exe infected Virus.Win32.Sality.bh ...07:50:00:515 16000 cured
07:50:04:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185179.exe infected Virus.Win32.Sality.bh ...07:50:04:140 16000 cured
07:50:07:812 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185180.exe infected Virus.Win32.Sality.bh ...07:50:07:812 16000 cured
07:50:11:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185181.exe infected Virus.Win32.Sality.bh ...07:50:11:500 16000 cured
07:50:15:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185182.exe infected Virus.Win32.Sality.bh ...07:50:15:015 16000 cured
07:50:18:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185183.exe infected Virus.Win32.Sality.bh ...07:50:18:687 16000 cured
07:50:22:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185184.exe infected Virus.Win32.Sality.bh ...07:50:22:406 16000 cured
07:50:24:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185185.exe infected Virus.Win32.Sality.ag ...07:50:24:468 16000 cured
07:50:28:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185186.exe infected Virus.Win32.Sality.bh ...07:50:28:109 16000 cured
07:50:31:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185187.exe infected Virus.Win32.Sality.bh ...07:50:31:734 16000 cured
07:50:35:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185188.exe infected Virus.Win32.Sality.bh ...07:50:35:406 16000 cured
07:50:39:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185189.exe infected Virus.Win32.Sality.bh ...07:50:39:156 16000 cured
07:50:42:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185190.exe infected Virus.Win32.Sality.bh ...07:50:42:796 16000 cured
07:50:46:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185191.exe infected Virus.Win32.Sality.bh ...07:50:46:500 16000 cured
07:50:50:328 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185192.exe infected Virus.Win32.Sality.bh ...07:50:50:328 16000 cured
07:50:54:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185193.exe infected Virus.Win32.Sality.bh ...07:50:54:000 16000 cured
07:50:57:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185194.exe infected Virus.Win32.Sality.bh ...07:50:57:718 16000 cured
07:51:01:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185195.exe infected Virus.Win32.Sality.bh ...07:51:01:406 16000 cured
07:51:05:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185196.EXE infected Virus.Win32.Sality.bh ...07:51:05:125 16000 cured
07:51:08:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185197.exe infected Virus.Win32.Sality.bh ...07:51:08:765 16000 cured
07:51:12:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185198.exe infected Virus.Win32.Sality.bh ...07:51:12:500 16000 cured
07:51:16:140 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185199.exe infected Virus.Win32.Sality.bh ...07:51:16:140 16000 cured
07:51:19:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185200.exe infected Virus.Win32.Sality.bh ...07:51:19:859 16000 cured
07:51:23:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185201.exe infected Virus.Win32.Sality.bh ...07:51:23:703 16000 cured
07:51:27:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185202.exe infected Virus.Win32.Sality.bh ...07:51:27:453 16000 cured
07:51:31:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185203.exe infected Virus.Win32.Sality.bh ...07:51:31:328 16000 cured
07:51:34:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185204.exe infected Virus.Win32.Sality.bh ...07:51:34:890 16000 cured
07:51:38:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185205.exe infected Virus.Win32.Sality.bh ...07:51:38:687 16000 cured
07:51:42:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185206.exe infected Virus.Win32.Sality.bh ...07:51:42:296 16000 cured
07:51:46:015 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185207.exe infected Virus.Win32.Sality.bh ...07:51:46:015 16000 cured
07:51:49:578 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185208.exe infected Virus.Win32.Sality.bh ...07:51:49:578 16000 cured
07:51:53:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185209.exe infected Virus.Win32.Sality.bh ...07:51:53:312 16000 cured
07:51:57:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185210.exe infected Virus.Win32.Sality.bh ...07:51:57:109 16000 cured
07:52:00:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185211.exe infected Virus.Win32.Sality.bh ...07:52:00:671 16000 cured
07:52:04:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185212.exe infected Virus.Win32.Sality.bh ...07:52:04:312 16000 cured
07:52:08:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185213.exe infected Virus.Win32.Sality.bh ...07:52:08:000 16000 cured
07:52:11:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185214.exe infected Virus.Win32.Sality.bh ...07:52:11:796 16000 cured
07:52:15:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185215.exe infected Virus.Win32.Sality.bh ...07:52:15:312 16000 cured
07:52:19:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185216.exe infected Virus.Win32.Sality.bh ...07:52:19:000 16000 cured
07:52:22:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185217.exe infected Virus.Win32.Sality.bh ...07:52:22:640 16000 cured
07:52:26:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185218.exe infected Virus.Win32.Sality.bh ...07:52:26:453 16000 cured
07:52:30:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185219.exe infected Virus.Win32.Sality.bh ...07:52:30:187 16000 cured
07:52:33:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185220.exe infected Virus.Win32.Sality.bh ...07:52:33:828 16000 cured
07:52:37:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185221.exe infected Virus.Win32.Sality.bh ...07:52:37:593 16000 cured
07:52:41:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185222.exe infected Virus.Win32.Sality.bh ...07:52:41:296 16000 cured
07:52:44:937 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185223.exe infected Virus.Win32.Sality.bh ...07:52:44:937 16000 cured
07:52:48:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185224.exe infected Virus.Win32.Sality.bh ...07:52:48:781 16000 cured
07:52:52:343 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185225.exe infected Virus.Win32.Sality.bh ...07:52:52:343 16000 cured
07:52:55:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185226.exe infected Virus.Win32.Sality.bh ...07:52:55:984 16000 cured
07:52:59:484 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185227.exe infected Virus.Win32.Sality.bh ...07:52:59:484 16000 cured
07:53:03:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185228.exe infected Virus.Win32.Sality.bh ...07:53:03:281 16000 cured
07:53:06:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185229.exe infected Virus.Win32.Sality.bh ...07:53:06:890 16000 cured
07:53:10:421 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185230.exe infected Virus.Win32.Sality.bh ...07:53:10:421 16000 cured
07:53:14:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185231.exe infected Virus.Win32.Sality.bh ...07:53:14:203 16000 cured
07:53:18:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185232.exe infected Virus.Win32.Sality.bh ...07:53:18:000 16000 cured
07:53:21:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185233.exe infected Virus.Win32.Sality.bh ...07:53:21:640 16000 cured
07:53:25:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185234.exe infected Virus.Win32.Sality.bh ...07:53:25:453 16000 cured
07:53:29:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185235.exe infected Virus.Win32.Sality.bh ...07:53:29:109 16000 cured
07:53:32:906 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185236.exe infected Virus.Win32.Sality.bh ...07:53:32:906 16000 cured
07:53:36:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185237.exe infected Virus.Win32.Sality.bh ...07:53:36:703 16000 cured
07:53:40:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185238.exe infected Virus.Win32.Sality.bh ...07:53:40:390 16000 cured
07:53:44:046 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185239.exe infected Virus.Win32.Sality.bh ...07:53:44:046 16000 cured
07:53:47:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185240.exe infected Virus.Win32.Sality.bh ...07:53:47:703 16000 cured
07:53:51:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185241.exe infected Virus.Win32.Sality.bh ...07:53:51:515 16000 cured
07:53:55:218 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185242.exe infected Virus.Win32.Sality.bh ...07:53:55:218 16000 cured
07:53:58:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185243.exe infected Virus.Win32.Sality.bh ...07:53:58:890 16000 cured
07:54:02:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185244.exe infected Virus.Win32.Sality.bh ...07:54:02:671 16000 cured
07:54:06:296 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185245.exe infected Virus.Win32.Sality.bh ...07:54:06:296 16000 cured
07:54:10:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185246.exe infected Virus.Win32.Sality.bh ...07:54:10:078 16000 cured
07:54:13:765 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185247.exe infected Virus.Win32.Sality.bh ...07:54:13:765 16000 cured
07:54:17:546 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185248.exe infected Virus.Win32.Sality.bh ...07:54:17:546 16000 cured
07:54:21:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185249.exe infected Virus.Win32.Sality.bh ...07:54:21:078 16000 cured
07:54:24:718 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185250.exe infected Virus.Win32.Sality.bh ...07:54:24:718 16000 cured
07:54:28:468 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185251.exe infected Virus.Win32.Sality.bh ...07:54:28:468 16000 cured
07:54:32:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185252.exe infected Virus.Win32.Sality.bh ...07:54:32:171 16000 cured
07:54:35:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185253.exe infected Virus.Win32.Sality.bh ...07:54:35:656 16000 cured
07:54:39:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185254.exe infected Virus.Win32.Sality.bh ...07:54:39:250 16000 cured
07:54:43:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185255.exe infected Virus.Win32.Sality.bh ...07:54:43:125 16000 cured
07:54:46:890 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185256.exe infected Virus.Win32.Sality.bh ...07:54:46:890 16000 cured
07:54:50:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185257.exe infected Virus.Win32.Sality.bh ...07:54:50:593 16000 cured
07:54:54:265 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185258.exe infected Virus.Win32.Sality.bh ...07:54:54:265 16000 cured
07:54:57:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185259.exe infected Virus.Win32.Sality.bh ...07:54:57:875 16000 cured
07:55:01:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185260.exe infected Virus.Win32.Sality.bh ...07:55:01:593 16000 cured
07:55:05:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185261.exe infected Virus.Win32.Sality.bh ...07:55:05:375 16000 cured
07:55:09:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185262.exe infected Virus.Win32.Sality.bh ...07:55:09:109 16000 cured
07:55:12:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185263.exe infected Virus.Win32.Sality.bh ...07:55:12:843 16000 cured
07:55:16:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185264.exe infected Virus.Win32.Sality.bh ...07:55:16:609 16000 cured
07:55:20:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185265.exe infected Virus.Win32.Sality.bh ...07:55:20:203 16000 cured
07:55:23:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185266.exe infected Virus.Win32.Sality.bh ...07:55:23:781 16000 cured
07:55:27:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185267.exe infected Virus.Win32.Sality.bh ...07:55:27:515 16000 cured
07:55:31:000 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185268.exe infected Virus.Win32.Sality.bh ...07:55:31:000 16000 cured
07:55:34:671 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185269.exe infected Virus.Win32.Sality.bh ...07:55:34:671 16000 cured
07:55:38:375 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185270.exe infected Virus.Win32.Sality.bh ...07:55:38:375 16000 cured
07:55:41:875 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185271.exe infected Virus.Win32.Sality.bh ...07:55:41:875 16000 cured
07:55:45:640 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185272.exe infected Virus.Win32.Sality.bh ...07:55:45:640 16000 cured
07:55:49:406 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185273.exe infected Virus.Win32.Sality.bh ...07:55:49:406 16000 cured
07:55:55:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185274.exe infected Virus.Win32.Sality.ag ...07:55:55:500 16000 cured
07:55:59:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185275.exe infected Virus.Win32.Sality.bh ...07:55:59:203 16000 cured
07:56:02:703 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185276.exe infected Virus.Win32.Sality.bh ...07:56:02:703 16000 cured
07:56:06:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185277.exe infected Virus.Win32.Sality.bh ...07:56:06:281 16000 cured
07:56:09:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185278.exe infected Virus.Win32.Sality.bh ...07:56:09:781 16000 cured
07:56:13:515 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185279.exe infected Virus.Win32.Sality.bh ...07:56:13:515 16000 cured
07:56:17:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185280.exe infected Virus.Win32.Sality.bh ...07:56:17:156 16000 cured
07:56:20:781 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185281.exe infected Virus.Win32.Sality.bh ...07:56:20:781 16000 cured
07:56:24:390 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185282.exe infected Virus.Win32.Sality.bh ...07:56:24:390 16000 cured
07:56:28:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185283.exe infected Virus.Win32.Sality.bh ...07:56:28:171 16000 cured
07:56:31:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185284.exe infected Virus.Win32.Sality.bh ...07:56:31:828 16000 cured
07:56:35:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185285.exe infected Virus.Win32.Sality.bh ...07:56:35:531 16000 cured
07:56:39:171 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185286.exe infected Virus.Win32.Sality.bh ...07:56:39:171 16000 cured
07:56:42:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185287.exe infected Virus.Win32.Sality.bh ...07:56:42:734 16000 cured
07:56:46:453 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185288.exe infected Virus.Win32.Sality.bh ...07:56:46:453 16000 cured
07:56:50:187 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185289.exe infected Virus.Win32.Sality.bh ...07:56:50:187 16000 cured
07:56:53:859 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185290.exe infected Virus.Win32.Sality.bh ...07:56:53:859 16000 cured
07:56:57:531 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185291.exe infected Virus.Win32.Sality.bh ...07:56:57:531 16000 cured
07:57:01:156 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185292.exe infected Virus.Win32.Sality.bh ...07:57:01:156 16000 cured
07:57:04:843 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185293.EXE infected Virus.Win32.Sality.bh ...07:57:04:843 16000 cured
07:57:08:593 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185294.exe infected Virus.Win32.Sality.bh ...07:57:08:593 16000 cured
07:57:12:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185295.EXE infected Virus.Win32.Sality.bh ...07:57:12:296 16000 cured
07:57:16:031 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185296.exe infected Virus.Win32.Sality.bh ...07:57:16:031 16000 cured
07:57:19:656 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185297.exe infected Virus.Win32.Sality.bh ...07:57:19:656 16000 cured
07:57:23:281 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185298.exe infected Virus.Win32.Sality.bh ...07:57:23:281 16000 cured
07:57:26:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185299.exe infected Virus.Win32.Sality.bh ...07:57:26:984 16000 cured
07:57:30:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185300.exe infected Virus.Win32.Sality.bh ...07:57:30:562 16000 cured
07:57:41:687 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185301.exe infected Virus.Win32.Sality.ag ...07:57:41:687 16000 cured
07:57:45:312 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185302.exe infected Virus.Win32.Sality.bh ...07:57:45:312 16000 cured
07:57:48:984 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185303.exe infected Virus.Win32.Sality.bh ...07:57:48:984 16000 cured
07:57:52:609 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185304.exe infected Virus.Win32.Sality.bh ...07:57:52:609 16000 cured
07:57:56:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185305.exe infected Virus.Win32.Sality.bh ...07:57:56:203 16000 cured
07:57:59:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185306.exe infected Virus.Win32.Sality.bh ...07:57:59:828 16000 cured
07:58:03:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185307.exe infected Virus.Win32.Sality.bh ...07:58:03:500 16000 cured
07:58:07:125 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185308.exe infected Virus.Win32.Sality.bh ...07:58:07:125 16000 cured
07:58:10:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185309.exe infected Virus.Win32.Sality.bh ...07:58:10:796 16000 cured
07:58:14:500 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185310.exe infected Virus.Win32.Sality.bh ...07:58:14:500 16000 cured
07:58:18:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185311.exe infected Virus.Win32.Sality.bh ...07:58:18:203 16000 cured
07:58:21:750 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185312.exe infected Virus.Win32.Sality.bh ...07:58:21:750 16000 cured
07:58:25:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185313.exe infected Virus.Win32.Sality.bh ...07:58:25:437 16000 cured
07:58:29:078 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185314.exe infected Virus.Win32.Sality.bh ...07:58:29:078 16000 cured
07:58:32:734 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185315.exe infected Virus.Win32.Sality.bh ...07:58:32:734 16000 cured
07:58:36:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185316.exe infected Virus.Win32.Sality.bh ...07:58:36:437 16000 cured
07:58:40:250 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185317.exe infected Virus.Win32.Sality.bh ...07:58:40:250 16000 cured
07:58:43:828 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185318.exe infected Virus.Win32.Sality.bh ...07:58:43:828 16000 cured
07:58:47:562 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185319.exe infected Virus.Win32.Sality.bh ...07:58:47:562 16000 cured
07:58:51:109 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185320.exe infected Virus.Win32.Sality.bh ...07:58:51:109 16000 cured
07:58:54:796 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185321.exe infected Virus.Win32.Sality.bh ...07:58:54:796 16000 cured
07:58:58:437 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185322.EXE infected Virus.Win32.Sality.bh ...07:58:58:437 16000 cured
07:59:02:203 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185323.exe infected Virus.Win32.Sality.bh ...07:59:02:203 16000 cured
07:59:05:968 16000 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185324.exe infected Virus.Win32.Sality.bh ...07:59:05:968 16000 cured
07:59:36:453 16000 C:\WINDOWS\ALCMTR.EXE infected Virus.Win32.Sality.bh ...07:59:36:453 16000 cured
07:59:40:500 16000 C:\WINDOWS\ALCWZRD.EXE infected Virus.Win32.Sality.bh ...07:59:40:515 16000 cured
08:02:28:125 16000 C:\WINDOWS\SOUNDMAN.EXE infected Virus.Win32.Sality.bh ...08:02:28:125 16000 cured
08:03:16:656 16000 C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe infected Virus.Win32.Sality.bh ...08:03:16:656 16000 cured
08:03:39:750 16000 C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\ALCMTR.EXE infected Virus.Win32.Sality.bh ...08:03:39:750 16000 cured
08:03:45:656 16000 C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\RTHDCPL.EXE infected Virus.Win32.Sality.bh ...08:03:45:656 16000 cured
08:04:32:000 16000 C:\_OTL\MovedFiles\04162013_224254\C_Documents and Settings\All Users\Application Data\BRowsE2soave\uninstall.exe infected Virus.Win32.Sality.bh ...08:04:32:000 16000 cured
08:04:35:953 16000 C:\_OTL\MovedFiles\04162013_224254\C_Documents and Settings\Dela Cruz\Application Data\B1Toolbar\hpet.exe infected Virus.Win32.Sality.bh ...08:04:35:953 16000 cured
08:04:39:796 16000 C:\_OTL\MovedFiles\04162013_224254\C_Documents and Settings\Dela Cruz\Application Data\Windows\Data\cgminer.exe infected Virus.Win32.Sality.bh ...08:04:39:796 16000 cured
08:04:44:093 16000 C:\_OTL\MovedFiles\04162013_224254\C_WINDOWS\unins000.exe infected Virus.Win32.Sality.bh ...08:04:44:093 16000 cured
08:04:44:140 16000 scanning D:\ ...
08:05:06:906 16000 D:\7z920.exe infected Virus.Win32.Sality.bh ...08:05:06:906 16000 cured
08:05:11:015 16000 D:\AeriaGames\SoldierFront2\aeria_launcher.exe infected Virus.Win32.Sality.bh ...08:05:11:015 16000 cured
08:05:15:468 16000 D:\AeriaGames\SoldierFront2\Binaries\Win32\sf2.exe infected Virus.Win32.Sality.bh ...08:05:15:468 16000 cured
08:05:19:343 16000 D:\AeriaGames\SoldierFront2\DFUBG.exe infected Virus.Win32.Sality.bh ...08:05:19:343 16000 cured
08:05:23:031 16000 D:\AeriaGames\SoldierFront2\DFUFG.exe infected Virus.Win32.Sality.bh ...08:05:23:031 16000 cured
08:05:26:859 16000 D:\AeriaGames\SoldierFront2\DFUM.exe infected Virus.Win32.Sality.bh ...08:05:26:859 16000 cured
08:05:48:265 16000 D:\AeriaGames\SoldierFront2\Uninst.exe infected Virus.Win32.Sality.bh ...08:05:48:265 16000 cured
08:05:51:984 16000 D:\Age.of.Empires.II.HD.Update.v4.5.1742.4476-RELOADED\AoK HD.exe infected Virus.Win32.Sality.bh ...08:05:52:000 16000 cured
08:05:56:515 16000 D:\AutoHotkey.exe infected Virus.Win32.Sality.bh ...08:05:56:515 16000 cured
08:06:00:437 16000 D:\Avatar Star\asup.exe infected Virus.Win32.Sality.bh ...08:06:00:437 16000 cured
08:06:04:031 16000 D:\Avatar Star\AvatarStar.exe infected Virus.Win32.Sality.bh ...08:06:04:031 16000 cured
08:06:31:546 16000 D:\Avatar Star\AvatarStar2.exe infected Virus.Win32.Sality.bh ...08:06:31:546 16000 cured
08:06:35:781 16000 D:\Avatar Star\client.exe infected Virus.Win32.Sality.bh ...08:06:35:781 16000 cured
08:06:39:656 16000 D:\Avatar Star\LoginUpdate\asup.exe infected Virus.Win32.Sality.bh ...08:06:39:656 16000 cured
08:07:07:234 16000 D:\Avatar Star\LoginUpdate\AvatarStar.exe infected Virus.Win32.Sality.bh ...08:07:07:234 16000 cured
08:07:10:796 16000 D:\Avatar Star\LoginUpdate\Update.exe infected Virus.Win32.Sality.bh ...08:07:10:796 16000 cured
08:07:14:734 16000 D:\Avatar Star\Update.exe infected Virus.Win32.Sality.bh ...08:07:14:734 16000 cured
08:07:42:781 16000 D:\BOIE8_ENUS_BO0077_XP.EXE infected Virus.Win32.Sality.bh ...08:07:42:781 16000 cured
08:07:46:671 16000 D:\dead island update 2\deadislandgame.exe infected Virus.Win32.Sality.bh ...08:07:46:671 16000 cured
08:07:51:031 16000 D:\Dead.Island.Update.1-RELOADED\DeadIslandGame.exe infected Virus.Win32.Sality.bh ...08:07:51:031 16000 cured
08:08:02:671 16000 D:\Documents and Settings\Dela Cruz\My Documents\Plants vs Zombies\PlantsVsZombies.exe infected Virus.Win32.Sality.bh ...08:08:02:671 16000 cured
08:08:07:218 16000 D:\ei_win_1.0.1_2492\EpicInventorUpdater.exe infected Virus.Win32.Sality.bh ...08:08:07:218 16000 cured
08:08:11:125 16000 D:\ei_win_1.0.1_2492\rt\bin\cleanup.exe infected Virus.Win32.Sality.bh ...08:08:11:125 16000 cured
08:08:15:250 16000 D:\ei_win_1.0.1_2492\rt\bin\unpack200.exe infected Virus.Win32.Sality.bh ...08:08:15:250 16000 cured
08:08:20:687 16000 D:\isodisk_setup.exe infected Virus.Win32.Sality.bh ...08:08:20:687 16000 cured
08:08:25:906 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\java-rmi.exe infected Virus.Win32.Sality.bh ...08:08:25:906 16000 cured
08:08:29:656 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\java.exe infected Virus.Win32.Sality.bh ...08:08:29:656 16000 cured
08:08:33:265 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\javacpl.exe infected Virus.Win32.Sality.bh ...08:08:33:265 16000 cured
08:08:36:875 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\javaw.exe infected Virus.Win32.Sality.bh ...08:08:36:875 16000 cured
08:08:40:640 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\jbroker.exe infected Virus.Win32.Sality.bh ...08:08:40:640 16000 cured
08:08:44:421 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\jp2launcher.exe infected Virus.Win32.Sality.bh ...08:08:44:421 16000 cured
08:08:48:234 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\jqs.exe infected Virus.Win32.Sality.bh ...08:08:48:234 16000 cured
08:08:52:000 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\jqsnotify.exe infected Virus.Win32.Sality.bh ...08:08:52:000 16000 cured
08:08:55:625 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\keytool.exe infected Virus.Win32.Sality.bh ...08:08:55:625 16000 cured
08:08:59:328 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\kinit.exe infected Virus.Win32.Sality.bh ...08:08:59:328 16000 cured
08:09:03:062 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\klist.exe infected Virus.Win32.Sality.bh ...08:09:03:078 16000 cured
08:09:06:796 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\ktab.exe infected Virus.Win32.Sality.bh ...08:09:06:796 16000 cured
08:09:10:703 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\orbd.exe infected Virus.Win32.Sality.bh ...08:09:10:703 16000 cured
08:09:14:421 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\pack200.exe infected Virus.Win32.Sality.bh ...08:09:14:421 16000 cured
08:09:18:062 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\policytool.exe infected Virus.Win32.Sality.bh ...08:09:18:062 16000 cured
08:09:21:812 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\rmid.exe infected Virus.Win32.Sality.bh ...08:09:21:812 16000 cured
08:09:25:484 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\rmiregistry.exe infected Virus.Win32.Sality.bh ...08:09:25:484 16000 cured
08:09:29:218 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\servertool.exe infected Virus.Win32.Sality.bh ...08:09:29:218 16000 cured
08:09:32:828 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\ssvagent.exe infected Virus.Win32.Sality.bh ...08:09:32:828 16000 cured
08:09:36:453 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\tnameserv.exe infected Virus.Win32.Sality.bh ...08:09:36:453 16000 cured
08:09:40:015 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\bin\unpack200.exe infected Virus.Win32.Sality.bh ...08:09:40:015 16000 cured
08:09:44:718 16000 D:\Loers\asdasdsad\common\spiral knights\java_vm\lib\launcher.exe infected Virus.Win32.Sality.bh ...08:09:44:734 16000 cured
08:09:58:750 16000 D:\MeinCraft\Minecraft_Server.exe infected Virus.Win32.Sality.bh ...08:09:58:750 16000 cured
08:10:02:609 16000 D:\Monaco\setup.exe infected Virus.Win32.Sality.bh ...08:10:02:609 16000 cured
08:10:09:093 16000 D:\Music\Things\Crack\IDMan.exe infected Virus.Win32.Sality.bh ...08:10:09:093 16000 cured
08:10:13:281 16000 D:\New Folder 123\1\pSX_1_13\cep.exe infected Virus.Win32.Sality.bh ...08:10:13:281 16000 cured
08:10:16:984 16000 D:\New Folder 123\1\pSX_1_13\pSX Frontend.exe infected Virus.Win32.Sality.bh ...08:10:16:984 16000 cured
08:10:20:703 16000 D:\New Folder 123\1\pSX_1_13\psxfin.exe infected Virus.Win32.Sality.bh ...08:10:20:703 16000 cured
08:10:24:625 16000 D:\New Folder 123\1\pSX_1_13\utils\cdztool.exe infected Virus.Win32.Sality.bh ...08:10:24:625 16000 cured
08:10:28:531 16000 D:\New Folder 123\2\ePSXe.exe infected Virus.Win32.Sality.bh ...08:10:28:531 16000 cured
08:10:32:343 16000 D:\New Folder 123\2\New Folder\b2gme_batch.exe infected Virus.Win32.Sality.bh ...08:10:32:343 16000 cured
08:10:36:078 16000 D:\New Folder 123\2\New Folder\b2vgs_batch.exe infected Virus.Win32.Sality.bh ...08:10:36:078 16000 cured
08:10:39:843 16000 D:\New Folder 123\2\New Folder\gme2b_batch.exe infected Virus.Win32.Sality.bh ...08:10:39:843 16000 cured
08:10:43:500 16000 D:\New Folder 123\2\New Folder\gme2vgs_batch.exe infected Virus.Win32.Sality.bh ...08:10:43:500 16000 cured
08:10:47:109 16000 D:\New Folder 123\2\New Folder\MemoryConverter.exe infected Virus.Win32.Sality.bh ...08:10:47:109 16000 cured
08:10:50:609 16000 D:\New Folder 123\2\New Folder\MemTools.exe infected Virus.Win32.Sality.bh ...08:10:50:609 16000 cured
08:10:54:281 16000 D:\New Folder 123\2\New Folder\vgs2b.exe infected Virus.Win32.Sality.bh ...08:10:54:281 16000 cured
08:10:58:015 16000 D:\New Folder 123\2\New Folder\vgs2gme_batch.exe infected Virus.Win32.Sality.bh ...08:10:58:015 16000 cured
08:11:02:406 16000 D:\New Folder 123\3\PSXeven_v0.19.exe infected Virus.Win32.Sality.bh ...08:11:02:406 16000 cured
08:11:06:375 16000 D:\New Folder 123\Brigandine - Grand Edition (Japan) (Disc 1)\Brigandine version .5 Patch\ppf-o-matic3.exe infected Virus.Win32.Sality.bh ...08:11:06:375 16000 cured
08:11:10:171 16000 D:\New Folder 123\Brigandine - Grand Edition (Japan) (Disc 1)\ecm tools\ecm.exe infected Virus.Win32.Sality.bh ...08:11:10:171 16000 cured
08:11:13:718 16000 D:\New Folder 123\Brigandine - Grand Edition (Japan) (Disc 1)\ecm tools\unecm.exe infected Virus.Win32.Sality.bh ...08:11:13:718 16000 cured
08:11:17:453 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\bin2iso.exe infected Virus.Win32.Sality.bh ...08:11:17:453 16000 cured
08:11:21:171 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\bincomp.exe infected Virus.Win32.Sality.bh ...08:11:21:171 16000 cured
08:11:24:937 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\brrrip.exe infected Virus.Win32.Sality.bh ...08:11:24:937 16000 cured
08:11:28:593 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\byteshuf.exe infected Virus.Win32.Sality.bh ...08:11:28:593 16000 cured
08:11:32:296 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\byteswap.exe infected Virus.Win32.Sality.bh ...08:11:32:296 16000 cured
08:11:35:921 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\cdpatch.exe infected Virus.Win32.Sality.bh ...08:11:35:921 16000 cured
08:11:39:593 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\ecm.exe infected Virus.Win32.Sality.bh ...08:11:39:593 16000 cured
08:11:43:078 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\fakecrc.exe infected Virus.Win32.Sality.bh ...08:11:43:078 16000 cured
08:11:46:843 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\hax65816.exe infected Virus.Win32.Sality.bh ...08:11:46:843 16000 cured
08:11:50:687 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\id3point.exe infected Virus.Win32.Sality.bh ...08:11:50:687 16000 cured
08:11:54:453 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\pecompat.exe infected Virus.Win32.Sality.bh ...08:11:54:453 16000 cured
08:11:58:171 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\rels.exe infected Virus.Win32.Sality.bh ...08:11:58:187 16000 cured
08:12:01:765 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\screamf.exe infected Virus.Win32.Sality.bh ...08:12:01:765 16000 cured
08:12:05:671 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\subfile.exe infected Virus.Win32.Sality.bh ...08:12:05:671 16000 cured
08:12:09:390 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\uips.exe infected Virus.Win32.Sality.bh ...08:12:09:390 16000 cured
08:12:13:062 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\unecm.exe infected Virus.Win32.Sality.bh ...08:12:13:062 16000 cured
08:12:16:718 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\usfv.exe infected Virus.Win32.Sality.bh ...08:12:16:718 16000 cured
08:12:20:515 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\vb2rip.exe infected Virus.Win32.Sality.bh ...08:12:20:515 16000 cured
08:12:24:281 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\wordadd.exe infected Virus.Win32.Sality.bh ...08:12:24:281 16000 cured
08:12:27:890 16000 D:\New Folder 123\cmdpack-1.03-win32-i386\zerofill.exe infected Virus.Win32.Sality.bh ...08:12:27:890 16000 cured
08:12:32:265 16000 D:\Paws\evasi0n-win-1.5.3\evasi0n.exe infected Virus.Win32.Sality.bh ...08:12:32:265 16000 cured
08:12:36:546 16000 D:\Paws\iTools.exe infected Virus.Win32.Sality.bh ...08:12:36:546 16000 cured
08:12:40:187 16000 D:\Paws\tinyumbrella-6.10.03.exe infected Virus.Win32.Sality.bh ...08:12:40:187 16000 cured
08:12:44:234 16000 D:\Prison Architect - Alpha 9 (Windows)\prison architect.exe infected Virus.Win32.Sality.bh ...08:12:44:234 16000 cured
08:12:48:078 16000 D:\Program Files\Age of Empires 2 HD\9815564741-AGE2HDR\Redist\DirectX\DXSETUP.exe infected Virus.Win32.Sality.bh ...08:12:48:078 16000 cured
08:12:51:859 16000 D:\Program Files\Age of Empires 2 HD\9815564741-AGE2HDR\Redist\vcredist_x86.exe infected Virus.Win32.Sality.bh ...08:12:51:859 16000 cured
08:12:55:640 16000 D:\Program Files\Age of Empires 2 HD\9815564741-AGE2HDR\setup.exe infected Virus.Win32.Sality.bh ...08:12:55:640 16000 cured
08:12:59:390 16000 D:\Program Files\AutoHotkey\AU3_Spy.exe infected Virus.Win32.Sality.bh ...08:12:59:390 16000 cured
08:13:03:140 16000 D:\Program Files\AutoHotkey\AutoHotkey.exe infected Virus.Win32.Sality.bh ...08:13:03:140 16000 cured
08:13:06:828 16000 D:\Program Files\AutoHotkey\AutoHotkeyA32.exe infected Virus.Win32.Sality.bh ...08:13:06:828 16000 cured
08:13:10:578 16000 D:\Program Files\AutoHotkey\AutoHotkeyU32.exe infected Virus.Win32.Sality.bh ...08:13:10:578 16000 cured
08:13:14:296 16000 D:\Program Files\AutoHotkey\Compiler\Ahk2Exe.exe infected Virus.Win32.Sality.bh ...08:13:14:296 16000 cured
08:13:18:125 16000 D:\Program Files\CamStudio 2.6b\camstudio_cl.exe infected Virus.Win32.Sality.bh ...08:13:18:125 16000 cured
08:13:22:187 16000 D:\Program Files\CamStudio 2.6b\Player.exe infected Virus.Win32.Sality.bh ...08:13:22:187 16000 cured
08:13:25:812 16000 D:\Program Files\CamStudio 2.6b\PlayerPlus.exe infected Virus.Win32.Sality.bh ...08:13:25:812 16000 cured
08:13:29:578 16000 D:\Program Files\CamStudio 2.6b\Producer.exe infected Virus.Win32.Sality.bh ...08:13:29:578 16000 cured
08:13:33:296 16000 D:\Program Files\CamStudio 2.6b\Recorder.exe infected Virus.Win32.Sality.bh ...08:13:33:296 16000 cured
08:13:37:000 16000 D:\Program Files\CamStudio 2.6b\unins000.exe infected Virus.Win32.Sality.bh ...08:13:37:000 16000 cured
08:13:40:843 16000 D:\Program Files\Climb to the Top of the Castle\Climb to the Top of the Castle!.exe infected Virus.Win32.Sality.bh ...08:13:40:843 16000 cured
08:13:51:203 16000 D:\Program Files\Climb to the Top of the Castle\Uninstall.exe infected Virus.Win32.Sality.bh ...08:13:51:203 16000 cured
08:13:54:968 16000 D:\Program Files\GarenaHoN\GameData\Apps\HoN\AwesomiumProcess.exe infected Virus.Win32.Sality.bh ...08:13:54:968 16000 cured
08:13:59:187 16000 D:\Program Files\GarenaHoN\GameData\Apps\HoN\directxredist\DXSETUP.exe infected Virus.Win32.Sality.bh ...08:13:59:187 16000 cured
08:14:06:875 16000 D:\Program Files\GarenaHoN\GameData\Apps\HoN\hon.exe infected Virus.Win32.Sality.bh ...08:14:06:875 16000 cured
08:14:10:515 16000 D:\Program Files\GarenaHoN\GameData\Apps\HoN\hon_update.exe infected Virus.Win32.Sality.bh ...08:14:10:515 16000 cured
08:14:14:656 16000 D:\Program Files\GarenaHoN\GameData\Apps\HoN\uninst.exe infected Virus.Win32.Sality.bh ...08:14:14:656 16000 cured
08:14:26:796 16000 D:\Program Files\GarenaHoN\GameData\Apps\HoN\uninstall.exe infected Virus.Win32.Sality.ag ...08:14:26:796 16000 cured
08:14:31:078 16000 D:\Program Files\GarenaHoN\GameData\Apps\HoN\vcredist_x86.exe infected Virus.Win32.Sality.bh ...08:14:31:078 16000 cured
08:14:34:921 16000 D:\Program Files\GarenaHoN\HONLauncher.exe infected Virus.Win32.Sality.bh ...08:14:34:921 16000 cured
08:14:38:656 16000 D:\Program Files\GarenaHoN\uninst.exe infected Virus.Win32.Sality.bh ...08:14:38:656 16000 cured
08:14:42:296 16000 D:\Program Files\GarenaHoN\vcredist_x86.exe infected Virus.Win32.Sality.bh ...08:14:42:296 16000 cured
08:14:46:343 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Air\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe infected Virus.Win32.Sality.bh ...08:14:46:343 16000 cured
08:15:35:406 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Air\LolClient.exe infected Virus.Win32.Sality.bh ...08:15:35:406 16000 cured
08:16:06:593 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Game\League of Legends.exe infected Virus.Win32.Sality.bh ...08:16:06:593 16000 cured
08:16:22:843 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\BBTalk.exe infected Virus.Win32.Sality.bh ...08:16:22:843 16000 cured
08:16:26:718 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\GarenaTalkOverlay.exe infected Virus.Win32.Sality.bh ...08:16:26:718 16000 cured
08:16:31:984 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\update\temp\restore\10104\BBTalk.exe infected Virus.Win32.Sality.bh ...08:16:31:984 16000 cured
08:16:35:765 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\update\temp\restore\10104\GarenaTalkOverlay.exe infected Virus.Win32.Sality.bh ...08:16:35:765 16000 cured
08:16:48:531 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\update\temp\restore\10104\Update.exe infected Virus.Win32.Sality.ag ...08:16:48:531 16000 cured
08:16:52:421 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\Update.exe infected Virus.Win32.Sality.bh ...08:16:52:421 16000 cured
08:16:56:687 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe infected Virus.Win32.Sality.bh ...08:16:56:687 16000 cured
08:17:01:156 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\GaTransfer.exe infected Virus.Win32.Sality.bh ...08:17:01:156 16000 cured
08:17:04:937 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\GaVoice.exe infected Virus.Win32.Sality.bh ...08:17:04:937 16000 cured
08:17:09:328 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginAdminExec.exe infected Virus.Win32.Sality.bh ...08:17:09:328 16000 cured
08:17:13:328 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\bbtalk\BBTalk.exe infected Virus.Win32.Sality.bh ...08:17:13:328 16000 cured
08:17:16:906 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\bbtalk\BTalkLoader.exe infected Virus.Win32.Sality.bh ...08:17:16:906 16000 cured
08:17:20:515 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\bbtalk\GarenaTalkOverlay.exe infected Virus.Win32.Sality.bh ...08:17:20:515 16000 cured
08:17:24:531 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\bbtalk\Update.exe infected Virus.Win32.Sality.bh ...08:17:24:531 16000 cured
08:17:28:406 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\GarenaMessenger.exe infected Virus.Win32.Sality.bh ...08:17:28:406 16000 cured
08:17:32:093 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\GaTransfer.exe infected Virus.Win32.Sality.bh ...08:17:32:093 16000 cured
08:17:35:734 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\GaVoice.exe infected Virus.Win32.Sality.bh ...08:17:35:734 16000 cured
08:17:39:984 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\UpdateEx.exe infected Virus.Win32.Sality.bh ...08:17:39:984 16000 cured
08:17:43:703 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore\UpdateManager.exe infected Virus.Win32.Sality.bh ...08:17:43:703 16000 cured
08:17:47:531 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore_\GarenaMessenger.exe infected Virus.Win32.Sality.bh ...08:17:47:531 16000 cured
08:17:51:218 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore_\PluginAdminExec.exe infected Virus.Win32.Sality.bh ...08:17:51:218 16000 cured
08:17:55:031 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore_\UpdateEx.exe infected Virus.Win32.Sality.bh ...08:17:55:031 16000 cured
08:17:58:765 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\restore_\UpdateManager.exe infected Virus.Win32.Sality.bh ...08:17:58:765 16000 cured
08:18:02:484 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\Room\AutoUpdate.exe infected Virus.Win32.Sality.bh ...08:18:02:484 16000 cured
08:18:06:296 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\Room\AutoUpdate2.exe infected Virus.Win32.Sality.bh ...08:18:06:296 16000 cured
08:18:10:171 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\Room\CrashSender.exe infected Virus.Win32.Sality.bh ...08:18:10:171 16000 cured
08:18:13:953 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\Room\garena_room.exe infected Virus.Win32.Sality.bh ...08:18:13:953 16000 cured
08:18:18:406 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\UpdateEx.exe infected Virus.Win32.Sality.bh ...08:18:18:406 16000 cured
08:18:22:125 16000 D:\Program Files\GarenaLoLPH_Launcher\GameData\UpdateManager.exe infected Virus.Win32.Sality.bh ...08:18:22:125 16000 cured
08:18:25:984 16000 D:\Program Files\GarenaLoLPH_Launcher\LoLPHLauncher.exe infected Virus.Win32.Sality.bh ...08:18:25:984 16000 cured
08:18:29:765 16000 D:\Program Files\GarenaLoLPH_Launcher\uninst.exe infected Virus.Win32.Sality.bh ...08:18:29:765 16000 cured
08:18:33:625 16000 D:\Program Files\GarenaLoLPH_Launcher\vcredist_x86.exe infected Virus.Win32.Sality.bh ...08:18:33:625 16000 cured
08:18:37:203 16000 D:\Program Files\Hotspot Shield\bin\af_proxy_cmd.exe infected Virus.Win32.Sality.bh ...08:18:37:203 16000 cured
08:18:40:875 16000 D:\Program Files\Hotspot Shield\bin\cfg_mgr.exe infected Virus.Win32.Sality.bh ...08:18:40:875 16000 cured
08:18:44:671 16000 D:\Program Files\Hotspot Shield\bin\fbw.exe infected Virus.Win32.Sality.bh ...08:18:44:671 16000 cured
08:18:48:375 16000 D:\Program Files\Hotspot Shield\bin\ffinst.exe infected Virus.Win32.Sality.bh ...08:18:48:375 16000 cured
08:18:52:156 16000 D:\Program Files\Hotspot Shield\bin\hssfixme.exe infected Virus.Win32.Sality.bh ...08:18:52:156 16000 cured
08:18:55:781 16000 D:\Program Files\Hotspot Shield\bin\HssInstaller.exe infected Virus.Win32.Sality.bh ...08:18:55:781 16000 cured
08:18:59:515 16000 D:\Program Files\Hotspot Shield\bin\HSSTrayService.exe infected Virus.Win32.Sality.bh ...08:18:59:515 16000 cured
08:19:03:187 16000 D:\Program Files\Hotspot Shield\bin\hsswd.exe infected Virus.Win32.Sality.bh ...08:19:03:187 16000 cured
08:19:07:015 16000 D:\Program Files\Hotspot Shield\bin\openvpn.exe infected Virus.Win32.Sality.bh ...08:19:07:015 16000 cured
08:19:10:593 16000 D:\Program Files\Hotspot Shield\bin\openvpnas.exe infected Virus.Win32.Sality.bh ...08:19:10:593 16000 cured
08:19:14:171 16000 D:\Program Files\Hotspot Shield\bin\openvpntray.exe infected Virus.Win32.Sality.bh ...08:19:14:171 16000 cured
08:19:17:843 16000 D:\Program Files\Hotspot Shield\bin\tapinstall.exe infected Virus.Win32.Sality.bh ...08:19:17:843 16000 cured
08:19:21:718 16000 D:\Program Files\Hotspot Shield\HssWPR\HssInstaller.exe infected Virus.Win32.Sality.bh ...08:19:21:718 16000 cured
08:19:25:187 16000 D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe infected Virus.Win32.Sality.bh ...08:19:25:187 16000 cured
08:19:30:062 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe infected Virus.Win32.Sality.bh ...08:19:30:062 16000 cured
08:19:33:796 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe infected Virus.Win32.Sality.bh ...08:19:33:796 16000 cured
08:19:37:671 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe infected Virus.Win32.Sality.bh ...08:19:37:671 16000 cured
08:19:41:390 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe AIR\Versions\1.0\Resources\Template.exe infected Virus.Win32.Sality.bh ...08:19:41:390 16000 cured
08:20:22:265 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe infected Virus.Win32.Sality.bh ...08:20:22:265 16000 cured
08:20:30:578 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_game_client\releases\0.0.0.100\deploy\BsSndRpt.exe infected Virus.Win32.Sality.bh ...08:20:30:578 16000 cured
08:20:34:437 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_game_client\releases\0.0.0.100\deploy\League of Legends.exe infected Virus.Win32.Sality.bh ...08:20:34:437 16000 cured
08:20:38:218 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_game_client\releases\0.0.0.77\deploy\BsSndRpt.exe infected Virus.Win32.Sality.bh ...08:20:38:218 16000 cured
08:20:42:171 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_game_client\releases\0.0.0.77\deploy\League of Legends.exe infected Virus.Win32.Sality.bh ...08:20:42:171 16000 cured
08:20:46:234 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_game_client\releases\0.0.0.97\deploy\BsSndRpt.exe infected Virus.Win32.Sality.bh ...08:20:46:234 16000 cured
08:20:50:031 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_game_client\releases\0.0.0.97\deploy\League of Legends.exe infected Virus.Win32.Sality.bh ...08:20:50:031 16000 cured
08:20:54:468 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_launcher\releases\0.0.0.71\deploy\LoLLauncher.exe infected Virus.Win32.Sality.bh ...08:20:54:468 16000 cured
08:20:58:156 16000 D:\Program Files\Hotspot Shield\RADS\projects\lol_launcher\releases\0.0.0.71\deploy\Riot_SafetyCheck.exe infected Virus.Win32.Sality.bh ...08:20:58:156 16000 cured
08:21:02:015 16000 D:\Program Files\Hotspot Shield\RADS\solutions\lol_game_client_sln\releases\0.0.0.156\deploy\BsSndRpt.exe infected Virus.Win32.Sality.bh ...08:21:02:015 16000 cured
08:21:05:984 16000 D:\Program Files\Hotspot Shield\RADS\solutions\lol_game_client_sln\releases\0.0.0.156\deploy\League of Legends.exe infected Virus.Win32.Sality.bh ...08:21:05:984 16000 cured
08:21:09:734 16000 D:\Program Files\Hotspot Shield\Uninstall.exe infected Virus.Win32.Sality.bh ...08:21:09:734 16000 cured
08:21:13:437 16000 D:\Program Files\Internet Download Manager\IDMan.exe infected Virus.Win32.Sality.bh ...08:21:13:437 16000 cured
08:21:17:390 16000 D:\Program Files\Internet Download Manager\IDMGrHlp.exe infected Virus.Win32.Sality.bh ...08:21:17:390 16000 cured
08:21:21:390 16000 D:\Program Files\Internet Download Manager\IEMonitor.exe infected Virus.Win32.Sality.bh ...08:21:21:390 16000 cured
08:21:25:562 16000 D:\Program Files\Internet Download Manager\Uninstall.exe infected Virus.Win32.Sality.bh ...08:21:25:562 16000 cured
08:21:29:375 16000 D:\Program Files\Mark of the Ninja\bin\game.exe infected Virus.Win32.Sality.bh ...08:21:29:375 16000 cured
08:21:49:328 16000 D:\Program Files\Mark of the Ninja\data-pc\DirectX\DXSETUP.exe infected Virus.Win32.Sality.bh ...08:21:49:328 16000 cured
08:22:08:437 16000 D:\Program Files\Mark of the Ninja\unins000.exe infected Virus.Win32.Sality.bh ...08:22:08:437 16000 cured
08:22:12:062 16000 D:\Program Files\Massive Gaming\Mercenary Online\MaDownload.exe infected Virus.Win32.Sality.bh ...08:22:12:062 16000 cured
08:22:15:671 16000 D:\Program Files\Massive Gaming\Mercenary Online\MaRepair.exe infected Virus.Win32.Sality.bh ...08:22:15:671 16000 cured
08:22:19:281 16000 D:\Program Files\Massive Gaming\Mercenary Online\MercenaryOnlineLauncher.exe infected Virus.Win32.Sality.bh ...08:22:19:281 16000 cured
08:22:23:015 16000 D:\Program Files\Massive Gaming\Mercenary Online\REDIST\DirectX\DXSETUP.exe infected Virus.Win32.Sality.bh ...08:22:23:015 16000 cured
08:22:26:765 16000 D:\Program Files\Massive Gaming\Mercenary Online\REDIST\rootsupd.exe infected Virus.Win32.Sality.bh ...08:22:26:765 16000 cured
08:22:30:562 16000 D:\Program Files\Massive Gaming\Mercenary Online\UnrealEngine3\Binaries\Win32\ErrReport.exe infected Virus.Win32.Sality.bh ...08:22:30:562 16000 cured
08:22:34:250 16000 D:\Program Files\Massive Gaming\Mercenary Online\UnrealEngine3\Binaries\Win32\MarsGame.exe infected Virus.Win32.Sality.bh ...08:22:34:250 16000 cured
08:22:53:578 16000 D:\Program Files\Monaco\MONACO.exe infected Virus.Win32.Sality.bh ...08:22:53:578 16000 cured
08:22:57:265 16000 D:\Program Files\Monaco\Redist\dotNetFx40_Full_setup.exe infected Virus.Win32.Sality.bh ...08:22:57:265 16000 cured
08:23:00:953 16000 D:\Program Files\Monaco\Redist\dxwebsetup.exe infected Virus.Win32.Sality.bh ...08:23:00:953 16000 cured
08:23:04:703 16000 D:\Program Files\Monaco\Redist\vcredist_x86.exe infected Virus.Win32.Sality.bh ...08:23:04:703 16000 cured
08:23:14:390 16000 D:\Program Files\Monaco\unins000.exe infected Virus.Win32.Sality.bh ...08:23:14:390 16000 cured
08:23:22:953 16000 D:\Program Files\Team Scorpion\G-Reaver Mouse\G-ReaverMonitor.exe infected Virus.Win32.Sality.bh ...08:23:22:953 16000 cured
08:23:26:625 16000 D:\Program Files\Team Scorpion\G-Reaver Mouse\G-ReaverOption.exe infected Virus.Win32.Sality.bh ...08:23:26:625 16000 cured
08:23:30:453 16000 D:\Program Files\Team Scorpion\G-Reaver Mouse\metadata\InstallMetaData.EXE infected Virus.Win32.Sality.bh ...08:23:30:453 16000 cured
08:23:37:484 16000 D:\Program Files\TeamSpeak 3 Client\createfileassoc.exe infected Virus.Win32.Sality.bh ...08:23:37:484 16000 cured
08:23:41:125 16000 D:\Program Files\TeamSpeak 3 Client\error_report.exe infected Virus.Win32.Sality.bh ...08:23:41:125 16000 cured
08:23:45:671 16000 D:\Program Files\TeamSpeak 3 Client\package_inst.exe infected Virus.Win32.Sality.bh ...08:23:45:671 16000 cured
08:23:49:906 16000 D:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\ICCompressorChoose_win32.exe infected Virus.Win32.Sality.bh ...08:23:49:906 16000 cured
08:23:53:546 16000 D:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe infected Virus.Win32.Sality.bh ...08:23:53:546 16000 cured
08:24:00:609 16000 D:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe infected Virus.Win32.Sality.bh ...08:24:00:609 16000 cured
08:24:04:390 16000 D:\Program Files\TeamSpeak 3 Client\Uninstall.exe infected Virus.Win32.Sality.bh ...08:24:04:390 16000 cured
08:24:08:234 16000 D:\Program Files\TeamSpeak 3 Client\update.exe infected Virus.Win32.Sality.bh ...08:24:08:234 16000 cured
08:24:11:859 16000 D:\Program Files\uTorrent\uTorrent.exe infected Virus.Win32.Sality.bh ...08:24:11:859 16000 cured
08:24:15:640 16000 D:\RADS\raidcall_6.3.6.exe infected Virus.Win32.Sality.bh ...08:24:15:656 16000 cured
08:24:20:171 16000 D:\Slender v0.9.5\Slender.exe infected Virus.Win32.Sality.bh ...08:24:20:171 16000 cured
08:24:24:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182807.exe infected Virus.Win32.Sality.bh ...08:24:24:718 16000 cured
08:24:28:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182812.exe infected Virus.Win32.Sality.bh ...08:24:28:437 16000 cured
08:24:31:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182813.exe infected Virus.Win32.Sality.bh ...08:24:31:984 16000 cured
08:24:35:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182814.exe infected Virus.Win32.Sality.bh ...08:24:35:718 16000 cured
08:24:39:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182816.exe infected Virus.Win32.Sality.bh ...08:24:39:343 16000 cured
08:24:42:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182817.exe infected Virus.Win32.Sality.bh ...08:24:42:968 16000 cured
08:24:46:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182842.exe infected Virus.Win32.Sality.bh ...08:24:46:703 16000 cured
08:24:50:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182844.exe infected Virus.Win32.Sality.bh ...08:24:50:421 16000 cured
08:24:54:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182848.exe infected Virus.Win32.Sality.bh ...08:24:54:156 16000 cured
08:24:57:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182849.exe infected Virus.Win32.Sality.bh ...08:24:57:703 16000 cured
08:25:01:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182850.exe infected Virus.Win32.Sality.bh ...08:25:01:406 16000 cured
08:25:05:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182851.exe infected Virus.Win32.Sality.bh ...08:25:05:281 16000 cured
08:25:08:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182859.exe infected Virus.Win32.Sality.bh ...08:25:08:890 16000 cured
08:25:12:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182860.exe infected Virus.Win32.Sality.bh ...08:25:12:562 16000 cured
08:25:16:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182861.exe infected Virus.Win32.Sality.bh ...08:25:16:062 16000 cured
08:25:19:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182862.exe infected Virus.Win32.Sality.bh ...08:25:19:890 16000 cured
08:25:23:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182863.exe infected Virus.Win32.Sality.bh ...08:25:23:515 16000 cured
08:25:50:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182864.exe infected Virus.Win32.Sality.bh ...08:25:50:984 16000 cured
08:25:54:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182865.exe infected Virus.Win32.Sality.bh ...08:25:54:609 16000 cured
08:25:58:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182866.exe infected Virus.Win32.Sality.bh ...08:25:58:281 16000 cured
08:26:25:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182867.exe infected Virus.Win32.Sality.bh ...08:26:25:671 16000 cured
08:26:29:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182868.exe infected Virus.Win32.Sality.bh ...08:26:29:234 16000 cured
08:26:32:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182869.exe infected Virus.Win32.Sality.bh ...08:26:32:812 16000 cured
08:27:00:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182870.EXE infected Virus.Win32.Sality.bh ...08:27:00:328 16000 cured
08:27:03:953 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182871.exe infected Virus.Win32.Sality.bh ...08:27:03:953 16000 cured
08:27:07:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182872.exe infected Virus.Win32.Sality.bh ...08:27:07:812 16000 cured
08:27:11:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182874.exe infected Virus.Win32.Sality.bh ...08:27:11:593 16000 cured
08:27:15:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182875.exe infected Virus.Win32.Sality.bh ...08:27:15:343 16000 cured
08:27:19:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182876.exe infected Virus.Win32.Sality.bh ...08:27:19:125 16000 cured
08:27:22:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182877.exe infected Virus.Win32.Sality.bh ...08:27:22:968 16000 cured
08:27:26:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182878.exe infected Virus.Win32.Sality.bh ...08:27:26:625 16000 cured
08:27:30:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182879.exe infected Virus.Win32.Sality.bh ...08:27:30:359 16000 cured
08:27:34:093 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182880.exe infected Virus.Win32.Sality.bh ...08:27:34:093 16000 cured
08:27:37:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182881.exe infected Virus.Win32.Sality.bh ...08:27:37:687 16000 cured
08:27:41:312 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182882.exe infected Virus.Win32.Sality.bh ...08:27:41:312 16000 cured
08:27:44:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182883.exe infected Virus.Win32.Sality.bh ...08:27:44:984 16000 cured
08:27:48:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182884.exe infected Virus.Win32.Sality.bh ...08:27:48:609 16000 cured
08:27:52:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182885.exe infected Virus.Win32.Sality.bh ...08:27:52:281 16000 cured
08:27:56:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182886.exe infected Virus.Win32.Sality.bh ...08:27:56:000 16000 cured
08:27:59:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182887.exe infected Virus.Win32.Sality.bh ...08:27:59:578 16000 cured
08:28:03:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182888.exe infected Virus.Win32.Sality.bh ...08:28:03:281 16000 cured
08:28:07:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182889.exe infected Virus.Win32.Sality.bh ...08:28:07:015 16000 cured
08:28:10:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182890.exe infected Virus.Win32.Sality.bh ...08:28:10:750 16000 cured
08:28:14:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182891.exe infected Virus.Win32.Sality.bh ...08:28:14:421 16000 cured
08:28:18:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182892.exe infected Virus.Win32.Sality.bh ...08:28:18:140 16000 cured
08:28:21:796 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182893.exe infected Virus.Win32.Sality.bh ...08:28:21:796 16000 cured
08:28:25:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182894.exe infected Virus.Win32.Sality.bh ...08:28:25:500 16000 cured
08:28:29:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182895.exe infected Virus.Win32.Sality.bh ...08:28:29:140 16000 cured
08:28:32:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182896.exe infected Virus.Win32.Sality.bh ...08:28:32:828 16000 cured
08:28:36:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182897.exe infected Virus.Win32.Sality.bh ...08:28:36:390 16000 cured
08:28:39:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182898.exe infected Virus.Win32.Sality.bh ...08:28:39:968 16000 cured
08:28:43:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182899.exe infected Virus.Win32.Sality.bh ...08:28:43:484 16000 cured
08:28:47:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182900.exe infected Virus.Win32.Sality.bh ...08:28:47:234 16000 cured
08:28:50:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182906.exe infected Virus.Win32.Sality.bh ...08:28:50:984 16000 cured
08:28:54:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182907.exe infected Virus.Win32.Sality.bh ...08:28:54:625 16000 cured
08:28:58:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182914.exe infected Virus.Win32.Sality.bh ...08:28:58:468 16000 cured
08:29:02:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182917.exe infected Virus.Win32.Sality.bh ...08:29:02:218 16000 cured
08:29:05:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182918.exe infected Virus.Win32.Sality.bh ...08:29:05:859 16000 cured
08:29:09:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182919.exe infected Virus.Win32.Sality.bh ...08:29:09:593 16000 cured
08:29:13:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182920.exe infected Virus.Win32.Sality.bh ...08:29:13:468 16000 cured
08:29:17:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182921.exe infected Virus.Win32.Sality.bh ...08:29:17:203 16000 cured
08:29:20:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182924.exe infected Virus.Win32.Sality.bh ...08:29:20:875 16000 cured
08:29:24:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182925.exe infected Virus.Win32.Sality.bh ...08:29:24:609 16000 cured
08:29:28:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182926.exe infected Virus.Win32.Sality.bh ...08:29:28:375 16000 cured
08:29:32:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182927.exe infected Virus.Win32.Sality.bh ...08:29:32:046 16000 cured
08:29:35:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182928.exe infected Virus.Win32.Sality.bh ...08:29:35:656 16000 cured
08:29:39:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182929.exe infected Virus.Win32.Sality.bh ...08:29:39:171 16000 cured
08:29:42:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182930.exe infected Virus.Win32.Sality.bh ...08:29:42:843 16000 cured
08:29:46:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182931.exe infected Virus.Win32.Sality.bh ...08:29:46:578 16000 cured
08:29:50:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182934.exe infected Virus.Win32.Sality.bh ...08:29:50:359 16000 cured
08:29:54:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182937.exe infected Virus.Win32.Sality.bh ...08:29:54:125 16000 cured
08:29:57:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182938.exe infected Virus.Win32.Sality.bh ...08:29:57:890 16000 cured
08:30:01:453 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182939.exe infected Virus.Win32.Sality.bh ...08:30:01:453 16000 cured
08:30:05:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182940.exe infected Virus.Win32.Sality.bh ...08:30:05:156 16000 cured
08:30:08:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182941.exe infected Virus.Win32.Sality.bh ...08:30:08:875 16000 cured
08:30:12:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182942.exe infected Virus.Win32.Sality.bh ...08:30:12:625 16000 cured
08:30:16:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182943.exe infected Virus.Win32.Sality.bh ...08:30:16:281 16000 cured
08:30:19:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182944.exe infected Virus.Win32.Sality.bh ...08:30:19:984 16000 cured
08:30:23:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182945.exe infected Virus.Win32.Sality.bh ...08:30:23:609 16000 cured
08:30:27:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182947.exe infected Virus.Win32.Sality.bh ...08:30:27:265 16000 cured
08:30:30:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182948.exe infected Virus.Win32.Sality.bh ...08:30:30:750 16000 cured
08:30:34:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182949.exe infected Virus.Win32.Sality.bh ...08:30:34:515 16000 cured
08:30:38:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182950.exe infected Virus.Win32.Sality.bh ...08:30:38:359 16000 cured
08:30:42:093 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182951.exe infected Virus.Win32.Sality.bh ...08:30:42:093 16000 cured
08:30:45:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182952.exe infected Virus.Win32.Sality.bh ...08:30:45:828 16000 cured
08:30:49:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182953.exe infected Virus.Win32.Sality.bh ...08:30:49:406 16000 cured
08:30:53:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182954.exe infected Virus.Win32.Sality.bh ...08:30:53:031 16000 cured
08:30:56:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182955.exe infected Virus.Win32.Sality.bh ...08:30:56:765 16000 cured
08:31:00:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182956.exe infected Virus.Win32.Sality.bh ...08:31:00:437 16000 cured
08:31:04:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182957.exe infected Virus.Win32.Sality.bh ...08:31:04:125 16000 cured
08:31:07:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182958.exe infected Virus.Win32.Sality.bh ...08:31:07:937 16000 cured
08:31:11:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182959.exe infected Virus.Win32.Sality.bh ...08:31:11:687 16000 cured
08:31:15:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182960.exe infected Virus.Win32.Sality.bh ...08:31:15:281 16000 cured
08:31:19:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182961.exe infected Virus.Win32.Sality.bh ...08:31:19:281 16000 cured
08:31:23:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182967.exe infected Virus.Win32.Sality.bh ...08:31:23:250 16000 cured
08:31:26:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182969.exe infected Virus.Win32.Sality.bh ...08:31:26:828 16000 cured
08:31:30:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182971.exe infected Virus.Win32.Sality.bh ...08:31:30:718 16000 cured
08:31:34:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182974.exe infected Virus.Win32.Sality.bh ...08:31:34:375 16000 cured
08:31:38:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182975.exe infected Virus.Win32.Sality.bh ...08:31:38:078 16000 cured
08:31:41:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182976.exe infected Virus.Win32.Sality.bh ...08:31:41:859 16000 cured
08:31:45:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182977.exe infected Virus.Win32.Sality.bh ...08:31:45:593 16000 cured
08:31:49:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182978.exe infected Virus.Win32.Sality.bh ...08:31:49:328 16000 cured
08:31:53:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182979.exe infected Virus.Win32.Sality.bh ...08:31:53:015 16000 cured
08:31:56:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182980.exe infected Virus.Win32.Sality.bh ...08:31:56:750 16000 cured
08:32:00:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182981.exe infected Virus.Win32.Sality.bh ...08:32:00:468 16000 cured
08:32:04:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182984.exe infected Virus.Win32.Sality.bh ...08:32:04:140 16000 cured
08:32:08:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182985.exe infected Virus.Win32.Sality.bh ...08:32:08:015 16000 cured
08:32:11:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182986.exe infected Virus.Win32.Sality.bh ...08:32:11:687 16000 cured
08:32:15:453 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182987.exe infected Virus.Win32.Sality.bh ...08:32:15:453 16000 cured
08:32:19:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182988.exe infected Virus.Win32.Sality.bh ...08:32:19:140 16000 cured
08:32:22:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182989.exe infected Virus.Win32.Sality.bh ...08:32:22:828 16000 cured
08:32:26:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182990.exe infected Virus.Win32.Sality.bh ...08:32:26:640 16000 cured
08:32:30:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182995.exe infected Virus.Win32.Sality.bh ...08:32:30:359 16000 cured
08:32:33:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182996.exe infected Virus.Win32.Sality.bh ...08:32:33:984 16000 cured
08:32:37:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182998.exe infected Virus.Win32.Sality.bh ...08:32:37:781 16000 cured
08:32:41:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0182999.exe infected Virus.Win32.Sality.bh ...08:32:41:437 16000 cured
08:32:45:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183000.exe infected Virus.Win32.Sality.bh ...08:32:45:031 16000 cured
08:32:48:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183001.exe infected Virus.Win32.Sality.bh ...08:32:48:625 16000 cured
08:33:00:796 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183002.exe infected Virus.Win32.Sality.ag ...08:33:00:796 16000 cured
08:33:04:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183003.exe infected Virus.Win32.Sality.bh ...08:33:04:734 16000 cured
08:33:08:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183004.exe infected Virus.Win32.Sality.bh ...08:33:08:500 16000 cured
08:33:12:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183005.exe infected Virus.Win32.Sality.bh ...08:33:12:171 16000 cured
08:33:15:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183006.exe infected Virus.Win32.Sality.bh ...08:33:15:812 16000 cured
08:33:19:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183008.exe infected Virus.Win32.Sality.bh ...08:33:19:640 16000 cured
08:33:23:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183069.exe infected Virus.Win32.Sality.bh ...08:33:23:234 16000 cured
08:33:26:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183072.exe infected Virus.Win32.Sality.bh ...08:33:26:937 16000 cured
08:33:30:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183073.exe infected Virus.Win32.Sality.bh ...08:33:30:718 16000 cured
08:33:42:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183074.exe infected Virus.Win32.Sality.ag ...08:33:42:875 16000 cured
08:33:46:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183075.exe infected Virus.Win32.Sality.bh ...08:33:46:734 16000 cured
08:33:50:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183076.exe infected Virus.Win32.Sality.bh ...08:33:50:343 16000 cured
08:33:54:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183077.exe infected Virus.Win32.Sality.bh ...08:33:54:187 16000 cured
08:33:57:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183078.exe infected Virus.Win32.Sality.bh ...08:33:57:875 16000 cured
08:34:01:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183079.exe infected Virus.Win32.Sality.bh ...08:34:01:546 16000 cured
08:34:05:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183080.exe infected Virus.Win32.Sality.bh ...08:34:05:140 16000 cured
08:34:08:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183081.exe infected Virus.Win32.Sality.bh ...08:34:08:781 16000 cured
08:34:12:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183082.exe infected Virus.Win32.Sality.bh ...08:34:12:500 16000 cured
08:34:16:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183083.exe infected Virus.Win32.Sality.bh ...08:34:16:296 16000 cured
08:34:20:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183084.exe infected Virus.Win32.Sality.bh ...08:34:20:031 16000 cured
08:34:23:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183085.exe infected Virus.Win32.Sality.bh ...08:34:23:734 16000 cured
08:34:27:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183087.exe infected Virus.Win32.Sality.bh ...08:34:27:390 16000 cured
08:34:31:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183088.exe infected Virus.Win32.Sality.bh ...08:34:31:109 16000 cured
08:34:34:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183089.exe infected Virus.Win32.Sality.bh ...08:34:34:828 16000 cured
08:34:38:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183090.exe infected Virus.Win32.Sality.bh ...08:34:38:593 16000 cured
08:34:42:093 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183091.exe infected Virus.Win32.Sality.bh ...08:34:42:093 16000 cured
08:34:45:796 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183092.exe infected Virus.Win32.Sality.bh ...08:34:45:796 16000 cured
08:34:49:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183093.exe infected Virus.Win32.Sality.bh ...08:34:49:609 16000 cured
08:34:53:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183094.exe infected Virus.Win32.Sality.bh ...08:34:53:375 16000 cured
08:34:57:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183095.exe infected Virus.Win32.Sality.bh ...08:34:57:078 16000 cured
08:35:00:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183096.exe infected Virus.Win32.Sality.bh ...08:35:00:859 16000 cured
08:35:04:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183097.exe infected Virus.Win32.Sality.bh ...08:35:04:671 16000 cured
08:35:08:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183098.exe infected Virus.Win32.Sality.bh ...08:35:08:562 16000 cured
08:35:12:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183099.exe infected Virus.Win32.Sality.bh ...08:35:12:062 16000 cured
08:35:15:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183100.exe infected Virus.Win32.Sality.bh ...08:35:15:750 16000 cured
08:35:19:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183101.exe infected Virus.Win32.Sality.bh ...08:35:19:515 16000 cured
08:35:23:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183102.exe infected Virus.Win32.Sality.bh ...08:35:23:203 16000 cured
08:35:27:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183103.exe infected Virus.Win32.Sality.bh ...08:35:27:000 16000 cured
08:35:30:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183104.exe infected Virus.Win32.Sality.bh ...08:35:30:656 16000 cured
08:35:34:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183105.exe infected Virus.Win32.Sality.bh ...08:35:34:437 16000 cured
08:35:38:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183106.exe infected Virus.Win32.Sality.bh ...08:35:38:125 16000 cured
08:35:41:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183107.exe infected Virus.Win32.Sality.bh ...08:35:41:828 16000 cured
08:35:45:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183108.exe infected Virus.Win32.Sality.bh ...08:35:45:421 16000 cured
08:35:48:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183109.exe infected Virus.Win32.Sality.bh ...08:35:48:984 16000 cured
08:35:52:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183110.exe infected Virus.Win32.Sality.bh ...08:35:52:656 16000 cured
08:35:56:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183111.exe infected Virus.Win32.Sality.bh ...08:35:56:281 16000 cured
08:35:59:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183112.exe infected Virus.Win32.Sality.bh ...08:35:59:781 16000 cured
08:36:03:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183113.exe infected Virus.Win32.Sality.bh ...08:36:03:625 16000 cured
08:36:07:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183114.exe infected Virus.Win32.Sality.bh ...08:36:07:296 16000 cured
08:36:11:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183116.exe infected Virus.Win32.Sality.bh ...08:36:11:062 16000 cured
08:36:14:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183117.exe infected Virus.Win32.Sality.bh ...08:36:14:703 16000 cured
08:36:18:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183118.exe infected Virus.Win32.Sality.bh ...08:36:18:406 16000 cured
08:36:21:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183133.exe infected Virus.Win32.Sality.bh ...08:36:21:968 16000 cured
08:36:25:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183134.exe infected Virus.Win32.Sality.bh ...08:36:25:718 16000 cured
08:36:29:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183138.exe infected Virus.Win32.Sality.bh ...08:36:29:468 16000 cured
08:36:33:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183147.exe infected Virus.Win32.Sality.bh ...08:36:33:187 16000 cured
08:36:36:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183150.exe infected Virus.Win32.Sality.bh ...08:36:36:734 16000 cured
08:36:40:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183151.exe infected Virus.Win32.Sality.bh ...08:36:40:437 16000 cured
08:36:44:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183152.exe infected Virus.Win32.Sality.bh ...08:36:44:250 16000 cured
08:36:48:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183156.exe infected Virus.Win32.Sality.bh ...08:36:48:015 16000 cured
08:36:51:531 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183157.exe infected Virus.Win32.Sality.bh ...08:36:51:531 16000 cured
08:36:55:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183158.exe infected Virus.Win32.Sality.bh ...08:36:55:281 16000 cured
08:36:58:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183161.exe infected Virus.Win32.Sality.bh ...08:36:58:921 16000 cured
08:37:02:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183162.exe infected Virus.Win32.Sality.bh ...08:37:02:578 16000 cured
08:37:06:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183170.exe infected Virus.Win32.Sality.bh ...08:37:06:171 16000 cured
08:37:09:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183171.exe infected Virus.Win32.Sality.bh ...08:37:09:828 16000 cured
08:37:13:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183172.exe infected Virus.Win32.Sality.bh ...08:37:13:296 16000 cured
08:37:17:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183173.exe infected Virus.Win32.Sality.bh ...08:37:17:109 16000 cured
08:37:20:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183174.exe infected Virus.Win32.Sality.bh ...08:37:20:687 16000 cured
08:37:48:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183175.exe infected Virus.Win32.Sality.bh ...08:37:48:218 16000 cured
08:37:51:796 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183176.exe infected Virus.Win32.Sality.bh ...08:37:51:796 16000 cured
08:37:55:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183177.exe infected Virus.Win32.Sality.bh ...08:37:55:484 16000 cured
08:38:22:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183178.exe infected Virus.Win32.Sality.bh ...08:38:22:859 16000 cured
08:38:26:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183179.exe infected Virus.Win32.Sality.bh ...08:38:26:484 16000 cured
08:38:30:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183180.exe infected Virus.Win32.Sality.bh ...08:38:30:046 16000 cured
08:38:57:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183181.EXE infected Virus.Win32.Sality.bh ...08:38:57:546 16000 cured
08:39:01:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183182.exe infected Virus.Win32.Sality.bh ...08:39:01:125 16000 cured
08:39:04:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183183.exe infected Virus.Win32.Sality.bh ...08:39:04:984 16000 cured
08:39:08:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183185.exe infected Virus.Win32.Sality.bh ...08:39:08:687 16000 cured
08:39:12:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183186.exe infected Virus.Win32.Sality.bh ...08:39:12:406 16000 cured
08:39:16:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183187.exe infected Virus.Win32.Sality.bh ...08:39:16:203 16000 cured
08:39:20:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183188.exe infected Virus.Win32.Sality.bh ...08:39:20:031 16000 cured
08:39:23:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183189.exe infected Virus.Win32.Sality.bh ...08:39:23:703 16000 cured
08:39:27:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183190.exe infected Virus.Win32.Sality.bh ...08:39:27:421 16000 cured
08:39:31:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183191.exe infected Virus.Win32.Sality.bh ...08:39:31:156 16000 cured
08:39:34:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183192.exe infected Virus.Win32.Sality.bh ...08:39:34:750 16000 cured
08:39:38:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183193.exe infected Virus.Win32.Sality.bh ...08:39:38:375 16000 cured
08:39:42:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183194.exe infected Virus.Win32.Sality.bh ...08:39:42:031 16000 cured
08:39:45:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183195.exe infected Virus.Win32.Sality.bh ...08:39:45:687 16000 cured
08:39:49:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183196.exe infected Virus.Win32.Sality.bh ...08:39:49:343 16000 cured
08:39:53:093 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183197.exe infected Virus.Win32.Sality.bh ...08:39:53:093 16000 cured
08:39:56:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183198.exe infected Virus.Win32.Sality.bh ...08:39:56:687 16000 cured
08:40:00:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183199.exe infected Virus.Win32.Sality.bh ...08:40:00:421 16000 cured
08:40:04:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183200.exe infected Virus.Win32.Sality.bh ...08:40:04:156 16000 cured
08:40:07:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183201.exe infected Virus.Win32.Sality.bh ...08:40:07:890 16000 cured
08:40:11:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183202.exe infected Virus.Win32.Sality.bh ...08:40:11:546 16000 cured
08:40:15:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183203.exe infected Virus.Win32.Sality.bh ...08:40:15:250 16000 cured
08:40:18:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183204.exe infected Virus.Win32.Sality.bh ...08:40:18:921 16000 cured
08:40:22:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183205.exe infected Virus.Win32.Sality.bh ...08:40:22:593 16000 cured
08:40:26:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183206.exe infected Virus.Win32.Sality.bh ...08:40:26:250 16000 cured
08:40:29:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183207.exe infected Virus.Win32.Sality.bh ...08:40:29:937 16000 cured
08:40:33:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183208.exe infected Virus.Win32.Sality.bh ...08:40:33:515 16000 cured
08:40:37:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183209.exe infected Virus.Win32.Sality.bh ...08:40:37:109 16000 cured
08:40:40:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183210.exe infected Virus.Win32.Sality.bh ...08:40:40:656 16000 cured
08:40:44:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183211.exe infected Virus.Win32.Sality.bh ...08:40:44:390 16000 cured
08:40:48:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183217.exe infected Virus.Win32.Sality.bh ...08:40:48:156 16000 cured
08:40:51:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183221.exe infected Virus.Win32.Sality.bh ...08:40:51:781 16000 cured
08:40:55:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183225.exe infected Virus.Win32.Sality.bh ...08:40:55:625 16000 cured
08:40:59:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183228.exe infected Virus.Win32.Sality.bh ...08:40:59:390 16000 cured
08:41:03:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183229.exe infected Virus.Win32.Sality.bh ...08:41:03:031 16000 cured
08:41:06:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183230.exe infected Virus.Win32.Sality.bh ...08:41:06:734 16000 cured
08:41:10:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183231.exe infected Virus.Win32.Sality.bh ...08:41:10:578 16000 cured
08:41:14:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183234.exe infected Virus.Win32.Sality.bh ...08:41:14:250 16000 cured
08:41:17:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183237.exe infected Virus.Win32.Sality.bh ...08:41:17:921 16000 cured
08:41:21:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183238.exe infected Virus.Win32.Sality.bh ...08:41:21:671 16000 cured
08:41:25:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183239.exe infected Virus.Win32.Sality.bh ...08:41:25:437 16000 cured
08:41:29:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183240.exe infected Virus.Win32.Sality.bh ...08:41:29:109 16000 cured
08:41:32:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183241.exe infected Virus.Win32.Sality.bh ...08:41:32:718 16000 cured
08:41:36:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183242.exe infected Virus.Win32.Sality.bh ...08:41:36:250 16000 cured
08:41:39:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183243.exe infected Virus.Win32.Sality.bh ...08:41:39:890 16000 cured
08:41:43:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183244.exe infected Virus.Win32.Sality.bh ...08:41:43:671 16000 cured
08:41:47:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183245.exe infected Virus.Win32.Sality.bh ...08:41:47:421 16000 cured
08:41:51:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183246.exe infected Virus.Win32.Sality.bh ...08:41:51:234 16000 cured
08:41:54:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183247.exe infected Virus.Win32.Sality.bh ...08:41:54:984 16000 cured
08:41:58:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183248.exe infected Virus.Win32.Sality.bh ...08:41:58:546 16000 cured
08:42:02:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183249.exe infected Virus.Win32.Sality.bh ...08:42:02:250 16000 cured
08:42:05:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183250.exe infected Virus.Win32.Sality.bh ...08:42:05:968 16000 cured
08:42:09:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183251.exe infected Virus.Win32.Sality.bh ...08:42:09:718 16000 cured
08:42:13:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183252.exe infected Virus.Win32.Sality.bh ...08:42:13:390 16000 cured
08:42:17:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183253.exe infected Virus.Win32.Sality.bh ...08:42:17:125 16000 cured
08:42:20:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183254.exe infected Virus.Win32.Sality.bh ...08:42:20:750 16000 cured
08:42:24:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183255.exe infected Virus.Win32.Sality.bh ...08:42:24:390 16000 cured
08:42:27:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183256.exe infected Virus.Win32.Sality.bh ...08:42:27:890 16000 cured
08:42:31:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183257.exe infected Virus.Win32.Sality.bh ...08:42:31:640 16000 cured
08:42:35:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183258.exe infected Virus.Win32.Sality.bh ...08:42:35:500 16000 cured
08:42:39:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183259.exe infected Virus.Win32.Sality.bh ...08:42:39:265 16000 cured
08:42:43:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183260.exe infected Virus.Win32.Sality.bh ...08:42:43:000 16000 cured
08:42:46:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183261.exe infected Virus.Win32.Sality.bh ...08:42:46:593 16000 cured
08:42:50:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183262.exe infected Virus.Win32.Sality.bh ...08:42:50:234 16000 cured
08:42:53:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183263.exe infected Virus.Win32.Sality.bh ...08:42:53:968 16000 cured
08:42:57:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183264.exe infected Virus.Win32.Sality.bh ...08:42:57:640 16000 cured
08:43:01:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183265.exe infected Virus.Win32.Sality.bh ...08:43:01:328 16000 cured
08:43:05:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183266.exe infected Virus.Win32.Sality.bh ...08:43:05:140 16000 cured
08:43:08:906 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183267.exe infected Virus.Win32.Sality.bh ...08:43:08:906 16000 cured
08:43:12:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183268.exe infected Virus.Win32.Sality.bh ...08:43:12:468 16000 cured
08:43:16:453 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183269.exe infected Virus.Win32.Sality.bh ...08:43:16:453 16000 cured
08:43:20:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183272.exe infected Virus.Win32.Sality.bh ...08:43:20:359 16000 cured
08:43:24:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183274.exe infected Virus.Win32.Sality.bh ...08:43:24:000 16000 cured
08:43:27:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183276.exe infected Virus.Win32.Sality.bh ...08:43:27:921 16000 cured
08:43:31:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183279.exe infected Virus.Win32.Sality.bh ...08:43:31:625 16000 cured
08:43:35:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183280.exe infected Virus.Win32.Sality.bh ...08:43:35:343 16000 cured
08:43:39:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183281.exe infected Virus.Win32.Sality.bh ...08:43:39:078 16000 cured
08:43:42:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183284.exe infected Virus.Win32.Sality.bh ...08:43:42:843 16000 cured
08:43:46:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183285.exe infected Virus.Win32.Sality.bh ...08:43:46:578 16000 cured
08:43:50:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183286.exe infected Virus.Win32.Sality.bh ...08:43:50:265 16000 cured
08:43:54:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183287.exe infected Virus.Win32.Sality.bh ...08:43:54:031 16000 cured
08:43:57:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183288.exe infected Virus.Win32.Sality.bh ...08:43:57:765 16000 cured
08:44:01:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183289.exe infected Virus.Win32.Sality.bh ...08:44:01:421 16000 cured
08:44:05:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183290.exe infected Virus.Win32.Sality.bh ...08:44:05:281 16000 cured
08:44:08:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183291.exe infected Virus.Win32.Sality.bh ...08:44:08:937 16000 cured
08:44:12:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183292.exe infected Virus.Win32.Sality.bh ...08:44:12:718 16000 cured
08:44:16:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183293.exe infected Virus.Win32.Sality.bh ...08:44:16:468 16000 cured
08:44:20:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183294.exe infected Virus.Win32.Sality.bh ...08:44:20:156 16000 cured
08:44:24:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183295.exe infected Virus.Win32.Sality.bh ...08:44:24:187 16000 cured
08:44:27:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183300.exe infected Virus.Win32.Sality.bh ...08:44:27:937 16000 cured
08:44:31:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183301.exe infected Virus.Win32.Sality.bh ...08:44:31:562 16000 cured
08:44:35:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183303.exe infected Virus.Win32.Sality.bh ...08:44:35:375 16000 cured
08:44:39:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183304.exe infected Virus.Win32.Sality.bh ...08:44:39:015 16000 cured
08:44:42:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183305.exe infected Virus.Win32.Sality.bh ...08:44:42:625 16000 cured
08:44:46:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183306.exe infected Virus.Win32.Sality.bh ...08:44:46:203 16000 cured
08:44:58:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183307.exe infected Virus.Win32.Sality.ag ...08:44:58:359 16000 cured
08:45:02:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183308.exe infected Virus.Win32.Sality.bh ...08:45:02:250 16000 cured
08:45:06:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183309.exe infected Virus.Win32.Sality.bh ...08:45:06:000 16000 cured
08:45:09:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183310.exe infected Virus.Win32.Sality.bh ...08:45:09:671 16000 cured
08:45:13:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183311.exe infected Virus.Win32.Sality.bh ...08:45:13:296 16000 cured
08:45:17:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183315.exe infected Virus.Win32.Sality.bh ...08:45:17:171 16000 cured
08:45:20:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183375.exe infected Virus.Win32.Sality.bh ...08:45:20:703 16000 cured
08:45:24:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183377.exe infected Virus.Win32.Sality.bh ...08:45:24:500 16000 cured
08:45:28:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183379.exe infected Virus.Win32.Sality.bh ...08:45:28:171 16000 cured
08:45:31:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183380.exe infected Virus.Win32.Sality.bh ...08:45:31:937 16000 cured
08:45:44:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183381.exe infected Virus.Win32.Sality.ag ...08:45:44:125 16000 cured
08:45:47:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183382.exe infected Virus.Win32.Sality.bh ...08:45:47:968 16000 cured
08:45:51:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183383.exe infected Virus.Win32.Sality.bh ...08:45:51:593 16000 cured
08:45:55:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183384.exe infected Virus.Win32.Sality.bh ...08:45:55:421 16000 cured
08:45:59:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183385.exe infected Virus.Win32.Sality.bh ...08:45:59:140 16000 cured
08:46:02:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183386.exe infected Virus.Win32.Sality.bh ...08:46:02:812 16000 cured
08:46:06:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183387.exe infected Virus.Win32.Sality.bh ...08:46:06:406 16000 cured
08:46:10:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183388.exe infected Virus.Win32.Sality.bh ...08:46:10:031 16000 cured
08:46:13:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183389.exe infected Virus.Win32.Sality.bh ...08:46:13:750 16000 cured
08:46:17:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183390.exe infected Virus.Win32.Sality.bh ...08:46:17:546 16000 cured
08:46:21:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183391.exe infected Virus.Win32.Sality.bh ...08:46:21:234 16000 cured
08:46:24:953 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183392.exe infected Virus.Win32.Sality.bh ...08:46:24:953 16000 cured
08:46:28:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183394.exe infected Virus.Win32.Sality.bh ...08:46:28:609 16000 cured
08:46:32:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183395.exe infected Virus.Win32.Sality.bh ...08:46:32:343 16000 cured
08:46:36:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183396.exe infected Virus.Win32.Sality.bh ...08:46:36:078 16000 cured
08:46:39:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183397.exe infected Virus.Win32.Sality.bh ...08:46:39:843 16000 cured
08:46:43:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183398.exe infected Virus.Win32.Sality.bh ...08:46:43:343 16000 cured
08:46:47:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183399.exe infected Virus.Win32.Sality.bh ...08:46:47:015 16000 cured
08:46:50:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183400.exe infected Virus.Win32.Sality.bh ...08:46:50:843 16000 cured
08:46:54:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183401.exe infected Virus.Win32.Sality.bh ...08:46:54:593 16000 cured
08:46:58:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183402.exe infected Virus.Win32.Sality.bh ...08:46:58:265 16000 cured
08:47:02:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183403.exe infected Virus.Win32.Sality.bh ...08:47:02:015 16000 cured
08:47:05:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183404.exe infected Virus.Win32.Sality.bh ...08:47:05:812 16000 cured
08:47:09:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183405.exe infected Virus.Win32.Sality.bh ...08:47:09:687 16000 cured
08:47:13:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183406.exe infected Virus.Win32.Sality.bh ...08:47:13:156 16000 cured
08:47:16:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183407.exe infected Virus.Win32.Sality.bh ...08:47:16:843 16000 cured
08:47:20:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183408.exe infected Virus.Win32.Sality.bh ...08:47:20:671 16000 cured
08:47:24:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183409.exe infected Virus.Win32.Sality.bh ...08:47:24:359 16000 cured
08:47:28:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183410.exe infected Virus.Win32.Sality.bh ...08:47:28:171 16000 cured
08:47:31:796 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183411.exe infected Virus.Win32.Sality.bh ...08:47:31:796 16000 cured
08:47:35:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183412.exe infected Virus.Win32.Sality.bh ...08:47:35:515 16000 cured
08:47:39:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183413.exe infected Virus.Win32.Sality.bh ...08:47:39:218 16000 cured
08:47:42:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183414.exe infected Virus.Win32.Sality.bh ...08:47:42:921 16000 cured
08:47:46:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183415.exe infected Virus.Win32.Sality.bh ...08:47:46:546 16000 cured
08:47:50:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183416.exe infected Virus.Win32.Sality.bh ...08:47:50:140 16000 cured
08:47:53:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183417.exe infected Virus.Win32.Sality.bh ...08:47:53:812 16000 cured
08:47:57:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183418.exe infected Virus.Win32.Sality.bh ...08:47:57:468 16000 cured
08:48:00:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183419.exe infected Virus.Win32.Sality.bh ...08:48:00:984 16000 cured
08:48:04:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183420.exe infected Virus.Win32.Sality.bh ...08:48:04:828 16000 cured
08:48:08:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183421.exe infected Virus.Win32.Sality.bh ...08:48:08:500 16000 cured
08:48:12:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183423.exe infected Virus.Win32.Sality.bh ...08:48:12:296 16000 cured
08:48:15:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183424.exe infected Virus.Win32.Sality.bh ...08:48:15:937 16000 cured
08:48:19:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183425.exe infected Virus.Win32.Sality.bh ...08:48:19:640 16000 cured
08:48:23:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183439.exe infected Virus.Win32.Sality.bh ...08:48:23:187 16000 cured
08:48:26:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183440.exe infected Virus.Win32.Sality.bh ...08:48:26:921 16000 cured
08:48:30:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183441.exe infected Virus.Win32.Sality.bh ...08:48:30:625 16000 cured
08:48:34:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183446.exe infected Virus.Win32.Sality.bh ...08:48:34:359 16000 cured
08:48:37:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183450.exe infected Virus.Win32.Sality.bh ...08:48:37:921 16000 cured
08:48:41:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183451.exe infected Virus.Win32.Sality.bh ...08:48:41:671 16000 cured
08:48:45:531 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183452.exe infected Virus.Win32.Sality.bh ...08:48:45:531 16000 cured
08:48:49:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183456.exe infected Virus.Win32.Sality.bh ...08:48:49:250 16000 cured
08:48:52:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183457.exe infected Virus.Win32.Sality.bh ...08:48:52:781 16000 cured
08:48:56:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183458.exe infected Virus.Win32.Sality.bh ...08:48:56:500 16000 cured
08:49:00:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183460.exe infected Virus.Win32.Sality.bh ...08:49:00:109 16000 cured
08:49:03:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183461.exe infected Virus.Win32.Sality.bh ...08:49:03:734 16000 cured
08:49:07:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183478.exe infected Virus.Win32.Sality.bh ...08:49:07:281 16000 cured
08:49:10:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183479.exe infected Virus.Win32.Sality.bh ...08:49:10:937 16000 cured
08:49:14:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183480.exe infected Virus.Win32.Sality.bh ...08:49:14:421 16000 cured
08:49:18:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183481.exe infected Virus.Win32.Sality.bh ...08:49:18:234 16000 cured
08:49:21:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183482.exe infected Virus.Win32.Sality.bh ...08:49:21:812 16000 cured
08:49:49:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183483.exe infected Virus.Win32.Sality.bh ...08:49:49:328 16000 cured
08:49:52:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183484.exe infected Virus.Win32.Sality.bh ...08:49:52:921 16000 cured
08:49:56:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183485.exe infected Virus.Win32.Sality.bh ...08:49:56:593 16000 cured
08:50:24:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183486.exe infected Virus.Win32.Sality.bh ...08:50:24:031 16000 cured
08:50:27:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183487.exe infected Virus.Win32.Sality.bh ...08:50:27:656 16000 cured
08:50:31:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183488.exe infected Virus.Win32.Sality.bh ...08:50:31:265 16000 cured
08:50:58:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183489.EXE infected Virus.Win32.Sality.bh ...08:50:58:828 16000 cured
08:51:02:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183490.exe infected Virus.Win32.Sality.bh ...08:51:02:421 16000 cured
08:51:06:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183491.exe infected Virus.Win32.Sality.bh ...08:51:06:281 16000 cured
08:51:10:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183493.exe infected Virus.Win32.Sality.bh ...08:51:10:000 16000 cured
08:51:13:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183494.exe infected Virus.Win32.Sality.bh ...08:51:13:734 16000 cured
08:51:17:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183495.exe infected Virus.Win32.Sality.bh ...08:51:17:515 16000 cured
08:51:21:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183496.exe infected Virus.Win32.Sality.bh ...08:51:21:328 16000 cured
08:51:25:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183497.exe infected Virus.Win32.Sality.bh ...08:51:25:031 16000 cured
08:51:28:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183498.exe infected Virus.Win32.Sality.bh ...08:51:28:750 16000 cured
08:51:32:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183499.exe infected Virus.Win32.Sality.bh ...08:51:32:468 16000 cured
08:51:36:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183500.exe infected Virus.Win32.Sality.bh ...08:51:36:046 16000 cured
08:51:39:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183501.exe infected Virus.Win32.Sality.bh ...08:51:39:656 16000 cured
08:51:43:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183502.exe infected Virus.Win32.Sality.bh ...08:51:43:328 16000 cured
08:51:47:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183503.exe infected Virus.Win32.Sality.bh ...08:51:47:015 16000 cured
08:51:50:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183504.exe infected Virus.Win32.Sality.bh ...08:51:50:703 16000 cured
08:51:54:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183505.exe infected Virus.Win32.Sality.bh ...08:51:54:437 16000 cured
08:51:58:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183506.exe infected Virus.Win32.Sality.bh ...08:51:58:031 16000 cured
08:52:01:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183507.exe infected Virus.Win32.Sality.bh ...08:52:01:734 16000 cured
08:52:05:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183508.exe infected Virus.Win32.Sality.bh ...08:52:05:484 16000 cured
08:52:09:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183509.exe infected Virus.Win32.Sality.bh ...08:52:09:234 16000 cured
08:52:12:906 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183510.exe infected Virus.Win32.Sality.bh ...08:52:12:906 16000 cured
08:52:16:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183511.exe infected Virus.Win32.Sality.bh ...08:52:16:625 16000 cured
08:52:20:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183512.exe infected Virus.Win32.Sality.bh ...08:52:20:296 16000 cured
08:52:23:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183513.exe infected Virus.Win32.Sality.bh ...08:52:23:984 16000 cured
08:52:27:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183514.exe infected Virus.Win32.Sality.bh ...08:52:27:640 16000 cured
08:52:31:312 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183515.exe infected Virus.Win32.Sality.bh ...08:52:31:312 16000 cured
08:52:34:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183516.exe infected Virus.Win32.Sality.bh ...08:52:34:890 16000 cured
08:52:38:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183517.exe infected Virus.Win32.Sality.bh ...08:52:38:468 16000 cured
08:52:42:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183518.exe infected Virus.Win32.Sality.bh ...08:52:42:031 16000 cured
08:52:45:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183519.exe infected Virus.Win32.Sality.bh ...08:52:45:812 16000 cured
08:52:49:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183525.exe infected Virus.Win32.Sality.bh ...08:52:49:625 16000 cured
08:52:53:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183526.exe infected Virus.Win32.Sality.bh ...08:52:53:265 16000 cured
08:52:57:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183533.exe infected Virus.Win32.Sality.bh ...08:52:57:078 16000 cured
08:53:00:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183536.exe infected Virus.Win32.Sality.bh ...08:53:00:843 16000 cured
08:53:04:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183537.exe infected Virus.Win32.Sality.bh ...08:53:04:468 16000 cured
08:53:08:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183538.exe infected Virus.Win32.Sality.bh ...08:53:08:203 16000 cured
08:53:12:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183539.exe infected Virus.Win32.Sality.bh ...08:53:12:078 16000 cured
08:53:15:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183540.exe infected Virus.Win32.Sality.bh ...08:53:15:781 16000 cured
08:53:19:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183543.exe infected Virus.Win32.Sality.bh ...08:53:19:437 16000 cured
08:53:23:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183544.exe infected Virus.Win32.Sality.bh ...08:53:23:171 16000 cured
08:53:26:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183545.exe infected Virus.Win32.Sality.bh ...08:53:26:937 16000 cured
08:53:30:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183546.exe infected Virus.Win32.Sality.bh ...08:53:30:593 16000 cured
08:53:34:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183547.exe infected Virus.Win32.Sality.bh ...08:53:34:171 16000 cured
08:53:37:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183548.exe infected Virus.Win32.Sality.bh ...08:53:37:703 16000 cured
08:53:41:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183549.exe infected Virus.Win32.Sality.bh ...08:53:41:359 16000 cured
08:53:45:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183550.exe infected Virus.Win32.Sality.bh ...08:53:45:109 16000 cured
08:53:48:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183553.exe infected Virus.Win32.Sality.bh ...08:53:48:875 16000 cured
08:53:52:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183554.exe infected Virus.Win32.Sality.bh ...08:53:52:671 16000 cured
08:53:56:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183555.exe infected Virus.Win32.Sality.bh ...08:53:56:421 16000 cured
08:53:59:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183556.exe infected Virus.Win32.Sality.bh ...08:53:59:968 16000 cured
08:54:03:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183557.exe infected Virus.Win32.Sality.bh ...08:54:03:687 16000 cured
08:54:07:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183558.exe infected Virus.Win32.Sality.bh ...08:54:07:390 16000 cured
08:54:11:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183559.exe infected Virus.Win32.Sality.bh ...08:54:11:171 16000 cured
08:54:14:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183560.exe infected Virus.Win32.Sality.bh ...08:54:14:843 16000 cured
08:54:18:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183561.exe infected Virus.Win32.Sality.bh ...08:54:18:562 16000 cured
08:54:22:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183562.exe infected Virus.Win32.Sality.bh ...08:54:22:187 16000 cured
08:54:25:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183563.exe infected Virus.Win32.Sality.bh ...08:54:25:828 16000 cured
08:54:29:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183564.exe infected Virus.Win32.Sality.bh ...08:54:29:296 16000 cured
08:54:33:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183565.exe infected Virus.Win32.Sality.bh ...08:54:33:062 16000 cured
08:54:36:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183566.exe infected Virus.Win32.Sality.bh ...08:54:36:890 16000 cured
08:54:40:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183567.exe infected Virus.Win32.Sality.bh ...08:54:40:640 16000 cured
08:54:44:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183568.exe infected Virus.Win32.Sality.bh ...08:54:44:343 16000 cured
08:54:47:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183569.exe infected Virus.Win32.Sality.bh ...08:54:47:937 16000 cured
08:54:51:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183570.exe infected Virus.Win32.Sality.bh ...08:54:51:609 16000 cured
08:54:55:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183571.exe infected Virus.Win32.Sality.bh ...08:54:55:343 16000 cured
08:54:58:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183572.exe infected Virus.Win32.Sality.bh ...08:54:58:984 16000 cured
08:55:02:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183573.exe infected Virus.Win32.Sality.bh ...08:55:02:656 16000 cured
08:55:06:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183574.exe infected Virus.Win32.Sality.bh ...08:55:06:437 16000 cured
08:55:10:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183575.exe infected Virus.Win32.Sality.bh ...08:55:10:171 16000 cured
08:55:13:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183576.exe infected Virus.Win32.Sality.bh ...08:55:13:765 16000 cured
08:55:17:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183577.exe infected Virus.Win32.Sality.bh ...08:55:17:703 16000 cured
08:55:21:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183580.exe infected Virus.Win32.Sality.bh ...08:55:21:593 16000 cured
08:55:25:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183582.exe infected Virus.Win32.Sality.bh ...08:55:25:187 16000 cured
08:55:29:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183584.exe infected Virus.Win32.Sality.bh ...08:55:29:062 16000 cured
08:55:32:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183587.exe infected Virus.Win32.Sality.bh ...08:55:32:718 16000 cured
08:55:36:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183588.exe infected Virus.Win32.Sality.bh ...08:55:36:421 16000 cured
08:55:40:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183589.exe infected Virus.Win32.Sality.bh ...08:55:40:203 16000 cured
08:55:43:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183590.exe infected Virus.Win32.Sality.bh ...08:55:43:937 16000 cured
08:55:47:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183591.exe infected Virus.Win32.Sality.bh ...08:55:47:671 16000 cured
08:55:51:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183592.exe infected Virus.Win32.Sality.bh ...08:55:51:343 16000 cured
08:55:55:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183593.exe infected Virus.Win32.Sality.bh ...08:55:55:109 16000 cured
08:55:58:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183594.exe infected Virus.Win32.Sality.bh ...08:55:58:843 16000 cured
08:56:02:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183595.exe infected Virus.Win32.Sality.bh ...08:56:02:515 16000 cured
08:56:06:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183598.exe infected Virus.Win32.Sality.bh ...08:56:06:375 16000 cured
08:56:10:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183599.exe infected Virus.Win32.Sality.bh ...08:56:10:000 16000 cured
08:56:13:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183600.exe infected Virus.Win32.Sality.bh ...08:56:13:781 16000 cured
08:56:17:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183601.exe infected Virus.Win32.Sality.bh ...08:56:17:484 16000 cured
08:56:21:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183602.exe infected Virus.Win32.Sality.bh ...08:56:21:171 16000 cured
08:56:25:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183603.exe infected Virus.Win32.Sality.bh ...08:56:25:000 16000 cured
08:56:28:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183608.exe infected Virus.Win32.Sality.bh ...08:56:28:734 16000 cured
08:56:32:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183609.exe infected Virus.Win32.Sality.bh ...08:56:32:343 16000 cured
08:56:36:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183611.exe infected Virus.Win32.Sality.bh ...08:56:36:156 16000 cured
08:56:39:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183612.exe infected Virus.Win32.Sality.bh ...08:56:39:828 16000 cured
08:56:43:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183613.exe infected Virus.Win32.Sality.bh ...08:56:43:484 16000 cured
08:56:47:093 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183614.exe infected Virus.Win32.Sality.bh ...08:56:47:093 16000 cured
08:56:59:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183615.exe infected Virus.Win32.Sality.ag ...08:56:59:265 16000 cured
08:57:03:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183616.exe infected Virus.Win32.Sality.bh ...08:57:03:171 16000 cured
08:57:06:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183617.exe infected Virus.Win32.Sality.bh ...08:57:06:921 16000 cured
08:57:10:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183618.exe infected Virus.Win32.Sality.bh ...08:57:10:578 16000 cured
08:57:14:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183619.exe infected Virus.Win32.Sality.bh ...08:57:14:234 16000 cured
08:57:18:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183621.exe infected Virus.Win32.Sality.bh ...08:57:18:046 16000 cured
08:57:21:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183682.exe infected Virus.Win32.Sality.bh ...08:57:21:656 16000 cured
08:57:25:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183684.exe infected Virus.Win32.Sality.bh ...08:57:25:437 16000 cured
08:57:29:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183686.exe infected Virus.Win32.Sality.bh ...08:57:29:125 16000 cured
08:57:32:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183687.exe infected Virus.Win32.Sality.bh ...08:57:32:890 16000 cured
08:57:45:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183688.exe infected Virus.Win32.Sality.ag ...08:57:45:046 16000 cured
08:57:48:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183689.exe infected Virus.Win32.Sality.bh ...08:57:48:921 16000 cured
08:57:52:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183690.exe infected Virus.Win32.Sality.bh ...08:57:52:609 16000 cured
08:57:56:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183691.exe infected Virus.Win32.Sality.bh ...08:57:56:359 16000 cured
08:58:00:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183692.exe infected Virus.Win32.Sality.bh ...08:58:00:015 16000 cured
08:58:03:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183693.exe infected Virus.Win32.Sality.bh ...08:58:03:687 16000 cured
08:58:07:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183694.exe infected Virus.Win32.Sality.bh ...08:58:07:265 16000 cured
08:58:10:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183695.exe infected Virus.Win32.Sality.bh ...08:58:10:875 16000 cured
08:58:14:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183696.exe infected Virus.Win32.Sality.bh ...08:58:14:562 16000 cured
08:58:18:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183697.exe infected Virus.Win32.Sality.bh ...08:58:18:343 16000 cured
08:58:22:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183698.exe infected Virus.Win32.Sality.bh ...08:58:22:031 16000 cured
08:58:25:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183699.exe infected Virus.Win32.Sality.bh ...08:58:25:734 16000 cured
08:58:29:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183701.exe infected Virus.Win32.Sality.bh ...08:58:29:437 16000 cured
08:58:33:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183702.exe infected Virus.Win32.Sality.bh ...08:58:33:156 16000 cured
08:58:36:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183703.exe infected Virus.Win32.Sality.bh ...08:58:36:890 16000 cured
08:58:40:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183704.exe infected Virus.Win32.Sality.bh ...08:58:40:671 16000 cured
08:58:44:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183705.exe infected Virus.Win32.Sality.bh ...08:58:44:171 16000 cured
08:58:47:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183706.exe infected Virus.Win32.Sality.bh ...08:58:47:859 16000 cured
08:58:51:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183707.exe infected Virus.Win32.Sality.bh ...08:58:51:703 16000 cured
08:58:55:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183708.exe infected Virus.Win32.Sality.bh ...08:58:55:468 16000 cured
08:58:59:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183709.exe infected Virus.Win32.Sality.bh ...08:58:59:125 16000 cured
08:59:02:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183710.exe infected Virus.Win32.Sality.bh ...08:59:02:859 16000 cured
08:59:06:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183711.exe infected Virus.Win32.Sality.bh ...08:59:06:703 16000 cured
08:59:10:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183712.exe infected Virus.Win32.Sality.bh ...08:59:10:546 16000 cured
08:59:14:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183713.exe infected Virus.Win32.Sality.bh ...08:59:14:031 16000 cured
08:59:17:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183714.exe infected Virus.Win32.Sality.bh ...08:59:17:687 16000 cured
08:59:21:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183715.exe infected Virus.Win32.Sality.bh ...08:59:21:484 16000 cured
08:59:25:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183716.exe infected Virus.Win32.Sality.bh ...08:59:25:187 16000 cured
08:59:28:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183717.exe infected Virus.Win32.Sality.bh ...08:59:28:984 16000 cured
08:59:32:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183718.exe infected Virus.Win32.Sality.bh ...08:59:32:609 16000 cured
08:59:36:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183719.exe infected Virus.Win32.Sality.bh ...08:59:36:343 16000 cured
08:59:40:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183720.exe infected Virus.Win32.Sality.bh ...08:59:40:046 16000 cured
08:59:43:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183721.exe infected Virus.Win32.Sality.bh ...08:59:43:734 16000 cured
08:59:47:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183722.exe infected Virus.Win32.Sality.bh ...08:59:47:328 16000 cured
08:59:50:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183723.exe infected Virus.Win32.Sality.bh ...08:59:50:921 16000 cured
08:59:54:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183724.exe infected Virus.Win32.Sality.bh ...08:59:54:593 16000 cured
08:59:58:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183725.exe infected Virus.Win32.Sality.bh ...08:59:58:203 16000 cured
09:00:01:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183726.exe infected Virus.Win32.Sality.bh ...09:00:01:656 16000 cured
09:00:05:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183727.exe infected Virus.Win32.Sality.bh ...09:00:05:515 16000 cured
09:00:09:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183728.exe infected Virus.Win32.Sality.bh ...09:00:09:171 16000 cured
09:00:12:953 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183730.exe infected Virus.Win32.Sality.bh ...09:00:12:953 16000 cured
09:00:16:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183731.exe infected Virus.Win32.Sality.bh ...09:00:16:578 16000 cured
09:00:20:250 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183732.exe infected Virus.Win32.Sality.bh ...09:00:20:250 16000 cured
09:00:24:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183840.exe infected Virus.Win32.Sality.bh ...09:00:24:015 16000 cured
09:00:27:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183841.exe infected Virus.Win32.Sality.bh ...09:00:27:671 16000 cured
09:00:31:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183842.exe infected Virus.Win32.Sality.bh ...09:00:31:359 16000 cured
09:00:35:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183843.exe infected Virus.Win32.Sality.bh ...09:00:35:109 16000 cured
09:00:38:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183844.exe infected Virus.Win32.Sality.bh ...09:00:38:921 16000 cured
09:00:42:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183845.exe infected Virus.Win32.Sality.bh ...09:00:42:609 16000 cured
09:00:46:312 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183846.exe infected Virus.Win32.Sality.bh ...09:00:46:312 16000 cured
09:00:49:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183847.exe infected Virus.Win32.Sality.bh ...09:00:49:968 16000 cured
09:00:53:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183848.exe infected Virus.Win32.Sality.bh ...09:00:53:734 16000 cured
09:00:57:453 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183849.exe infected Virus.Win32.Sality.bh ...09:00:57:453 16000 cured
09:01:01:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183850.exe infected Virus.Win32.Sality.bh ...09:01:01:109 16000 cured
09:01:04:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183851.exe infected Virus.Win32.Sality.bh ...09:01:04:734 16000 cured
09:01:08:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183852.exe infected Virus.Win32.Sality.bh ...09:01:08:578 16000 cured
09:01:12:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183854.exe infected Virus.Win32.Sality.bh ...09:01:12:343 16000 cured
09:01:15:953 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183855.exe infected Virus.Win32.Sality.bh ...09:01:15:953 16000 cured
09:01:19:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183856.exe infected Virus.Win32.Sality.bh ...09:01:19:609 16000 cured
09:01:23:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183857.exe infected Virus.Win32.Sality.bh ...09:01:23:140 16000 cured
09:01:26:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183858.exe infected Virus.Win32.Sality.bh ...09:01:26:765 16000 cured
09:01:30:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183859.exe infected Virus.Win32.Sality.bh ...09:01:30:390 16000 cured
09:01:34:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183860.exe infected Virus.Win32.Sality.bh ...09:01:34:015 16000 cured
09:01:37:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183861.exe infected Virus.Win32.Sality.bh ...09:01:37:640 16000 cured
09:01:41:312 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183862.exe infected Virus.Win32.Sality.bh ...09:01:41:312 16000 cured
09:01:44:953 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183863.exe infected Virus.Win32.Sality.bh ...09:01:44:953 16000 cured
09:01:48:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183864.exe infected Virus.Win32.Sality.bh ...09:01:48:515 16000 cured
09:01:52:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183865.exe infected Virus.Win32.Sality.bh ...09:01:52:203 16000 cured
09:01:56:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183866.exe infected Virus.Win32.Sality.bh ...09:01:56:031 16000 cured
09:01:59:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183867.exe infected Virus.Win32.Sality.bh ...09:01:59:718 16000 cured
09:02:03:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183868.exe infected Virus.Win32.Sality.bh ...09:02:03:421 16000 cured
09:02:07:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183869.exe infected Virus.Win32.Sality.bh ...09:02:07:187 16000 cured
09:02:10:796 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183870.exe infected Virus.Win32.Sality.bh ...09:02:10:796 16000 cured
09:02:14:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183871.exe infected Virus.Win32.Sality.bh ...09:02:14:468 16000 cured
09:02:18:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183872.exe infected Virus.Win32.Sality.bh ...09:02:18:140 16000 cured
09:02:21:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183873.EXE infected Virus.Win32.Sality.bh ...09:02:21:921 16000 cured
09:02:25:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183874.exe infected Virus.Win32.Sality.bh ...09:02:25:812 16000 cured
09:02:29:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183875.exe infected Virus.Win32.Sality.bh ...09:02:29:437 16000 cured
09:02:33:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183876.exe infected Virus.Win32.Sality.bh ...09:02:33:046 16000 cured
09:02:36:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183877.exe infected Virus.Win32.Sality.bh ...09:02:36:750 16000 cured
09:02:40:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183878.exe infected Virus.Win32.Sality.bh ...09:02:40:406 16000 cured
09:02:44:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183879.exe infected Virus.Win32.Sality.bh ...09:02:44:062 16000 cured
09:02:47:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183880.exe infected Virus.Win32.Sality.bh ...09:02:47:843 16000 cured
09:02:51:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183881.exe infected Virus.Win32.Sality.bh ...09:02:51:703 16000 cured
09:02:55:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183882.exe infected Virus.Win32.Sality.bh ...09:02:55:359 16000 cured
09:02:59:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183883.exe infected Virus.Win32.Sality.bh ...09:02:59:109 16000 cured
09:03:02:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183884.exe infected Virus.Win32.Sality.bh ...09:03:02:875 16000 cured
09:03:06:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183885.exe infected Virus.Win32.Sality.bh ...09:03:06:640 16000 cured
09:03:10:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183886.exe infected Virus.Win32.Sality.bh ...09:03:10:359 16000 cured
09:03:14:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183887.exe infected Virus.Win32.Sality.bh ...09:03:14:078 16000 cured
09:03:18:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP136\A0183888.exe infected Virus.Win32.Sality.bh ...09:03:18:015 16000 cured
09:03:22:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184012.exe infected Virus.Win32.Sality.bh ...09:03:22:015 16000 cured
09:03:25:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184040.exe infected Virus.Win32.Sality.bh ...09:03:25:781 16000 cured
09:03:29:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184089.exe infected Virus.Win32.Sality.bh ...09:03:29:562 16000 cured
09:03:33:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184090.exe infected Virus.Win32.Sality.bh ...09:03:33:281 16000 cured
09:03:37:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184095.exe infected Virus.Win32.Sality.bh ...09:03:37:015 16000 cured
09:03:40:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184096.exe infected Virus.Win32.Sality.bh ...09:03:40:546 16000 cured
09:03:44:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184097.exe infected Virus.Win32.Sality.bh ...09:03:44:218 16000 cured
09:03:48:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184098.exe infected Virus.Win32.Sality.bh ...09:03:48:062 16000 cured
09:03:51:609 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184106.exe infected Virus.Win32.Sality.bh ...09:03:51:609 16000 cured
09:03:55:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184107.exe infected Virus.Win32.Sality.bh ...09:03:55:234 16000 cured
09:03:58:703 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184108.exe infected Virus.Win32.Sality.bh ...09:03:58:703 16000 cured
09:04:02:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184109.exe infected Virus.Win32.Sality.bh ...09:04:02:515 16000 cured
09:04:06:093 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184110.exe infected Virus.Win32.Sality.bh ...09:04:06:093 16000 cured
09:04:33:531 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184111.exe infected Virus.Win32.Sality.bh ...09:04:33:531 16000 cured
09:04:37:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184112.exe infected Virus.Win32.Sality.bh ...09:04:37:109 16000 cured
09:04:40:796 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184113.exe infected Virus.Win32.Sality.bh ...09:04:40:796 16000 cured
09:05:08:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184114.exe infected Virus.Win32.Sality.bh ...09:05:08:156 16000 cured
09:05:11:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184115.exe infected Virus.Win32.Sality.bh ...09:05:11:718 16000 cured
09:05:15:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184116.exe infected Virus.Win32.Sality.bh ...09:05:15:296 16000 cured
09:05:18:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184121.exe infected Virus.Win32.Sality.bh ...09:05:18:937 16000 cured
09:05:22:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184122.exe infected Virus.Win32.Sality.bh ...09:05:22:656 16000 cured
09:05:26:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184123.exe infected Virus.Win32.Sality.bh ...09:05:26:343 16000 cured
09:05:30:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184126.exe infected Virus.Win32.Sality.bh ...09:05:30:015 16000 cured
09:05:33:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184127.exe infected Virus.Win32.Sality.bh ...09:05:33:718 16000 cured
09:05:37:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184130.exe infected Virus.Win32.Sality.bh ...09:05:37:421 16000 cured
09:05:41:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184136.exe infected Virus.Win32.Sality.bh ...09:05:41:187 16000 cured
09:05:44:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184139.exe infected Virus.Win32.Sality.bh ...09:05:44:765 16000 cured
09:05:48:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184140.exe infected Virus.Win32.Sality.bh ...09:05:48:437 16000 cured
09:05:52:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184144.exe infected Virus.Win32.Sality.bh ...09:05:52:265 16000 cured
09:05:55:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184155.exe infected Virus.Win32.Sality.bh ...09:05:55:843 16000 cured
09:05:59:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184156.exe infected Virus.Win32.Sality.bh ...09:05:59:468 16000 cured
09:06:02:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184157.exe infected Virus.Win32.Sality.bh ...09:06:02:937 16000 cured
09:06:06:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184158.exe infected Virus.Win32.Sality.bh ...09:06:06:734 16000 cured
09:06:10:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184159.exe infected Virus.Win32.Sality.bh ...09:06:10:296 16000 cured
09:06:37:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184160.exe infected Virus.Win32.Sality.bh ...09:06:37:765 16000 cured
09:06:41:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184161.exe infected Virus.Win32.Sality.bh ...09:06:41:328 16000 cured
09:06:45:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184162.exe infected Virus.Win32.Sality.bh ...09:06:45:015 16000 cured
09:07:12:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184163.exe infected Virus.Win32.Sality.bh ...09:07:12:359 16000 cured
09:07:15:921 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184164.exe infected Virus.Win32.Sality.bh ...09:07:15:921 16000 cured
09:07:19:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184165.exe infected Virus.Win32.Sality.bh ...09:07:19:484 16000 cured
09:07:46:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184166.EXE infected Virus.Win32.Sality.bh ...09:07:46:968 16000 cured
09:07:50:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184167.exe infected Virus.Win32.Sality.bh ...09:07:50:531 16000 cured
09:07:54:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184168.exe infected Virus.Win32.Sality.bh ...09:07:54:343 16000 cured
09:07:58:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184170.exe infected Virus.Win32.Sality.bh ...09:07:58:062 16000 cured
09:08:01:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184171.exe infected Virus.Win32.Sality.bh ...09:08:01:750 16000 cured
09:08:05:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184172.exe infected Virus.Win32.Sality.bh ...09:08:05:515 16000 cured
09:08:09:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184173.exe infected Virus.Win32.Sality.bh ...09:08:09:296 16000 cured
09:08:12:937 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184175.exe infected Virus.Win32.Sality.bh ...09:08:12:937 16000 cured
09:08:16:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184178.exe infected Virus.Win32.Sality.bh ...09:08:16:656 16000 cured
09:08:20:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184179.exe infected Virus.Win32.Sality.bh ...09:08:20:375 16000 cured
09:08:23:953 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184180.exe infected Virus.Win32.Sality.bh ...09:08:23:953 16000 cured
09:08:27:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184181.exe infected Virus.Win32.Sality.bh ...09:08:27:546 16000 cured
09:08:31:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184182.exe infected Virus.Win32.Sality.bh ...09:08:31:187 16000 cured
09:08:34:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184183.exe infected Virus.Win32.Sality.bh ...09:08:34:843 16000 cured
09:08:38:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184184.exe infected Virus.Win32.Sality.bh ...09:08:38:468 16000 cured
09:08:42:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184185.exe infected Virus.Win32.Sality.bh ...09:08:42:203 16000 cured
09:08:45:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184186.exe infected Virus.Win32.Sality.bh ...09:08:45:828 16000 cured
09:08:49:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184187.exe infected Virus.Win32.Sality.bh ...09:08:49:546 16000 cured
09:08:53:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184188.exe infected Virus.Win32.Sality.bh ...09:08:53:281 16000 cured
09:08:57:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184189.exe infected Virus.Win32.Sality.bh ...09:08:57:000 16000 cured
09:09:00:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184190.exe infected Virus.Win32.Sality.bh ...09:09:00:671 16000 cured
09:09:04:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184191.exe infected Virus.Win32.Sality.bh ...09:09:04:390 16000 cured
09:09:08:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184192.exe infected Virus.Win32.Sality.bh ...09:09:08:046 16000 cured
09:09:11:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184193.exe infected Virus.Win32.Sality.bh ...09:09:11:718 16000 cured
09:09:15:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184194.exe infected Virus.Win32.Sality.bh ...09:09:15:343 16000 cured
09:09:19:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184195.exe infected Virus.Win32.Sality.bh ...09:09:19:015 16000 cured
09:09:22:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184196.exe infected Virus.Win32.Sality.bh ...09:09:22:562 16000 cured
09:09:26:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184197.exe infected Virus.Win32.Sality.bh ...09:09:26:140 16000 cured
09:09:29:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184198.exe infected Virus.Win32.Sality.bh ...09:09:29:640 16000 cured
09:09:33:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184199.exe infected Virus.Win32.Sality.bh ...09:09:33:375 16000 cured
09:09:37:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184205.exe infected Virus.Win32.Sality.bh ...09:09:37:125 16000 cured
09:09:40:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184206.exe infected Virus.Win32.Sality.bh ...09:09:40:734 16000 cured
09:09:44:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184213.exe infected Virus.Win32.Sality.bh ...09:09:44:546 16000 cured
09:09:48:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184216.exe infected Virus.Win32.Sality.bh ...09:09:48:281 16000 cured
09:09:51:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184217.exe infected Virus.Win32.Sality.bh ...09:09:51:890 16000 cured
09:09:55:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184218.exe infected Virus.Win32.Sality.bh ...09:09:55:593 16000 cured
09:09:59:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184219.exe infected Virus.Win32.Sality.bh ...09:09:59:421 16000 cured
09:10:03:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184220.exe infected Virus.Win32.Sality.bh ...09:10:03:125 16000 cured
09:10:06:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184223.exe infected Virus.Win32.Sality.bh ...09:10:06:781 16000 cured
09:10:10:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184224.exe infected Virus.Win32.Sality.bh ...09:10:10:484 16000 cured
09:10:14:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184225.exe infected Virus.Win32.Sality.bh ...09:10:14:234 16000 cured
09:10:17:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184226.exe infected Virus.Win32.Sality.bh ...09:10:17:875 16000 cured
09:10:21:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184227.exe infected Virus.Win32.Sality.bh ...09:10:21:484 16000 cured
09:10:25:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184228.exe infected Virus.Win32.Sality.bh ...09:10:25:031 16000 cured
09:10:28:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184229.exe infected Virus.Win32.Sality.bh ...09:10:28:640 16000 cured
09:10:32:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184230.exe infected Virus.Win32.Sality.bh ...09:10:32:390 16000 cured
09:10:36:093 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184234.exe infected Virus.Win32.Sality.bh ...09:10:36:093 16000 cured
09:10:39:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184235.exe infected Virus.Win32.Sality.bh ...09:10:39:843 16000 cured
09:10:43:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184236.exe infected Virus.Win32.Sality.bh ...09:10:43:625 16000 cured
09:10:47:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184237.exe infected Virus.Win32.Sality.bh ...09:10:47:171 16000 cured
09:10:50:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184238.exe infected Virus.Win32.Sality.bh ...09:10:50:859 16000 cured
09:10:54:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184239.exe infected Virus.Win32.Sality.bh ...09:10:54:578 16000 cured
09:10:58:312 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184240.exe infected Virus.Win32.Sality.bh ...09:10:58:312 16000 cured
09:11:01:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184241.exe infected Virus.Win32.Sality.bh ...09:11:01:984 16000 cured
09:11:05:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184242.exe infected Virus.Win32.Sality.bh ...09:11:05:671 16000 cured
09:11:09:265 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184243.exe infected Virus.Win32.Sality.bh ...09:11:09:265 16000 cured
09:11:12:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184244.exe infected Virus.Win32.Sality.bh ...09:11:12:890 16000 cured
09:11:16:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184245.exe infected Virus.Win32.Sality.bh ...09:11:16:328 16000 cured
09:11:20:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184246.exe infected Virus.Win32.Sality.bh ...09:11:20:062 16000 cured
09:11:23:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184247.exe infected Virus.Win32.Sality.bh ...09:11:23:875 16000 cured
09:11:27:593 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184248.exe infected Virus.Win32.Sality.bh ...09:11:27:593 16000 cured
09:11:31:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184249.exe infected Virus.Win32.Sality.bh ...09:11:31:328 16000 cured
09:11:34:906 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184250.exe infected Virus.Win32.Sality.bh ...09:11:34:906 16000 cured
09:11:38:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184251.exe infected Virus.Win32.Sality.bh ...09:11:38:500 16000 cured
09:11:42:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184252.exe infected Virus.Win32.Sality.bh ...09:11:42:218 16000 cured
09:11:45:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184253.exe infected Virus.Win32.Sality.bh ...09:11:45:859 16000 cured
09:11:49:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184254.exe infected Virus.Win32.Sality.bh ...09:11:49:500 16000 cured
09:11:53:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184255.exe infected Virus.Win32.Sality.bh ...09:11:53:296 16000 cured
09:11:57:046 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184256.exe infected Virus.Win32.Sality.bh ...09:11:57:046 16000 cured
09:12:00:640 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184257.exe infected Virus.Win32.Sality.bh ...09:12:00:640 16000 cured
09:12:04:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184258.exe infected Virus.Win32.Sality.bh ...09:12:04:562 16000 cured
09:12:08:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184261.exe infected Virus.Win32.Sality.bh ...09:12:08:421 16000 cured
09:12:11:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184263.exe infected Virus.Win32.Sality.bh ...09:12:11:984 16000 cured
09:12:15:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184265.exe infected Virus.Win32.Sality.bh ...09:12:15:843 16000 cured
09:12:19:484 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184268.exe infected Virus.Win32.Sality.bh ...09:12:19:484 16000 cured
09:12:23:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184269.exe infected Virus.Win32.Sality.bh ...09:12:23:203 16000 cured
09:12:27:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184270.exe infected Virus.Win32.Sality.bh ...09:12:27:015 16000 cured
09:12:30:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184271.exe infected Virus.Win32.Sality.bh ...09:12:30:765 16000 cured
09:12:34:500 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184272.exe infected Virus.Win32.Sality.bh ...09:12:34:500 16000 cured
09:12:38:187 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184273.exe infected Virus.Win32.Sality.bh ...09:12:38:187 16000 cured
09:12:41:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184274.exe infected Virus.Win32.Sality.bh ...09:12:41:968 16000 cured
09:12:45:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184275.exe infected Virus.Win32.Sality.bh ...09:12:45:671 16000 cured
09:12:49:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184276.exe infected Virus.Win32.Sality.bh ...09:12:49:296 16000 cured
09:12:53:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184279.exe infected Virus.Win32.Sality.bh ...09:12:53:156 16000 cured
09:12:56:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184280.exe infected Virus.Win32.Sality.bh ...09:12:56:765 16000 cured
09:13:00:531 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184281.exe infected Virus.Win32.Sality.bh ...09:13:00:531 16000 cured
09:13:04:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184282.exe infected Virus.Win32.Sality.bh ...09:13:04:203 16000 cured
09:13:07:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184283.exe infected Virus.Win32.Sality.bh ...09:13:07:890 16000 cured
09:13:11:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184284.exe infected Virus.Win32.Sality.bh ...09:13:11:734 16000 cured
09:13:15:453 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184289.exe infected Virus.Win32.Sality.bh ...09:13:15:453 16000 cured
09:13:19:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184290.exe infected Virus.Win32.Sality.bh ...09:13:19:062 16000 cured
09:13:22:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184292.exe infected Virus.Win32.Sality.bh ...09:13:22:843 16000 cured
09:13:26:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184293.exe infected Virus.Win32.Sality.bh ...09:13:26:515 16000 cured
09:13:30:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184294.exe infected Virus.Win32.Sality.bh ...09:13:30:109 16000 cured
09:13:33:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184295.exe infected Virus.Win32.Sality.bh ...09:13:33:656 16000 cured
09:13:45:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184296.exe infected Virus.Win32.Sality.ag ...09:13:45:828 16000 cured
09:13:49:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184297.exe infected Virus.Win32.Sality.bh ...09:13:49:718 16000 cured
09:13:53:453 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184298.exe infected Virus.Win32.Sality.bh ...09:13:53:453 16000 cured
09:13:57:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184299.exe infected Virus.Win32.Sality.bh ...09:13:57:078 16000 cured
09:14:00:718 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184300.exe infected Virus.Win32.Sality.bh ...09:14:00:718 16000 cured
09:14:04:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184302.exe infected Virus.Win32.Sality.bh ...09:14:04:515 16000 cured
09:14:08:078 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184319.exe infected Virus.Win32.Sality.bh ...09:14:08:078 16000 cured
09:14:11:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184368.exe infected Virus.Win32.Sality.bh ...09:14:11:765 16000 cured
09:14:15:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184371.exe infected Virus.Win32.Sality.bh ...09:14:15:296 16000 cured
09:14:18:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184374.exe infected Virus.Win32.Sality.bh ...09:14:18:984 16000 cured
09:14:22:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184375.exe infected Virus.Win32.Sality.bh ...09:14:22:734 16000 cured
09:14:34:906 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184376.exe infected Virus.Win32.Sality.ag ...09:14:34:906 16000 cured
09:14:38:734 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184377.exe infected Virus.Win32.Sality.bh ...09:14:38:734 16000 cured
09:14:42:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184378.exe infected Virus.Win32.Sality.bh ...09:14:42:375 16000 cured
09:14:46:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184379.exe infected Virus.Win32.Sality.bh ...09:14:46:156 16000 cured
09:14:49:796 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184381.exe infected Virus.Win32.Sality.bh ...09:14:49:796 16000 cured
09:14:53:390 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184382.exe infected Virus.Win32.Sality.bh ...09:14:53:390 16000 cured
09:14:56:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184383.exe infected Virus.Win32.Sality.bh ...09:14:56:984 16000 cured
09:15:00:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184384.exe infected Virus.Win32.Sality.bh ...09:15:00:671 16000 cured
09:15:04:453 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184385.exe infected Virus.Win32.Sality.bh ...09:15:04:453 16000 cured
09:15:08:140 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184386.exe infected Virus.Win32.Sality.bh ...09:15:08:140 16000 cured
09:15:11:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184387.exe infected Virus.Win32.Sality.bh ...09:15:11:781 16000 cured
09:15:15:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184389.exe infected Virus.Win32.Sality.bh ...09:15:15:421 16000 cured
09:15:19:125 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184390.exe infected Virus.Win32.Sality.bh ...09:15:19:125 16000 cured
09:15:22:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184391.exe infected Virus.Win32.Sality.bh ...09:15:22:625 16000 cured
09:15:26:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184392.exe infected Virus.Win32.Sality.bh ...09:15:26:296 16000 cured
09:15:30:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184393.exe infected Virus.Win32.Sality.bh ...09:15:30:015 16000 cured
09:15:33:750 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184394.exe infected Virus.Win32.Sality.bh ...09:15:33:750 16000 cured
09:15:37:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184395.exe infected Virus.Win32.Sality.bh ...09:15:37:437 16000 cured
09:15:41:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184396.exe infected Virus.Win32.Sality.bh ...09:15:41:234 16000 cured
09:15:45:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184397.exe infected Virus.Win32.Sality.bh ...09:15:45:015 16000 cured
09:15:48:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184398.exe infected Virus.Win32.Sality.bh ...09:15:48:671 16000 cured
09:15:52:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184399.exe infected Virus.Win32.Sality.bh ...09:15:52:437 16000 cured
09:15:56:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184400.exe infected Virus.Win32.Sality.bh ...09:15:56:296 16000 cured
09:15:59:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184401.exe infected Virus.Win32.Sality.bh ...09:15:59:781 16000 cured
09:16:03:437 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184402.exe infected Virus.Win32.Sality.bh ...09:16:03:437 16000 cured
09:16:07:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184403.exe infected Virus.Win32.Sality.bh ...09:16:07:218 16000 cured
09:16:10:906 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184404.exe infected Virus.Win32.Sality.bh ...09:16:10:906 16000 cured
09:16:14:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184405.exe infected Virus.Win32.Sality.bh ...09:16:14:687 16000 cured
09:16:18:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184406.exe infected Virus.Win32.Sality.bh ...09:16:18:296 16000 cured
09:16:21:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184407.exe infected Virus.Win32.Sality.bh ...09:16:21:984 16000 cured
09:16:25:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184408.exe infected Virus.Win32.Sality.bh ...09:16:25:656 16000 cured
09:16:29:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184409.exe infected Virus.Win32.Sality.bh ...09:16:29:343 16000 cured
09:16:32:906 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184410.exe infected Virus.Win32.Sality.bh ...09:16:32:906 16000 cured
09:16:36:531 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184411.exe infected Virus.Win32.Sality.bh ...09:16:36:531 16000 cured
09:16:40:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184412.exe infected Virus.Win32.Sality.bh ...09:16:40:203 16000 cured
09:16:43:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184413.exe infected Virus.Win32.Sality.bh ...09:16:43:812 16000 cured
09:16:47:281 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184414.exe infected Virus.Win32.Sality.bh ...09:16:47:281 16000 cured
09:16:51:093 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184415.exe infected Virus.Win32.Sality.bh ...09:16:51:093 16000 cured
09:16:54:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184416.exe infected Virus.Win32.Sality.bh ...09:16:54:781 16000 cured
09:16:58:546 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184418.exe infected Virus.Win32.Sality.bh ...09:16:58:546 16000 cured
09:17:02:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184419.exe infected Virus.Win32.Sality.bh ...09:17:02:156 16000 cured
09:17:05:828 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184420.exe infected Virus.Win32.Sality.bh ...09:17:05:828 16000 cured
09:17:09:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184513.exe infected Virus.Win32.Sality.bh ...09:17:09:578 16000 cured
09:17:13:343 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184550.exe infected Virus.Win32.Sality.bh ...09:17:13:343 16000 cured
09:17:17:000 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184551.exe infected Virus.Win32.Sality.bh ...09:17:17:000 16000 cured
09:17:20:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184552.exe infected Virus.Win32.Sality.bh ...09:17:20:656 16000 cured
09:17:24:421 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184553.exe infected Virus.Win32.Sality.bh ...09:17:24:421 16000 cured
09:17:28:203 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184554.exe infected Virus.Win32.Sality.bh ...09:17:28:203 16000 cured
09:17:31:843 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184555.exe infected Virus.Win32.Sality.bh ...09:17:31:843 16000 cured
09:17:35:515 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184559.exe infected Virus.Win32.Sality.bh ...09:17:35:515 16000 cured
09:17:39:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184560.exe infected Virus.Win32.Sality.bh ...09:17:39:171 16000 cured
09:17:42:906 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184561.exe infected Virus.Win32.Sality.bh ...09:17:42:906 16000 cured
09:17:46:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184562.exe infected Virus.Win32.Sality.bh ...09:17:46:625 16000 cured
09:17:50:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184563.exe infected Virus.Win32.Sality.bh ...09:17:50:234 16000 cured
09:17:53:875 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184564.exe infected Virus.Win32.Sality.bh ...09:17:53:875 16000 cured
09:17:57:687 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184565.exe infected Virus.Win32.Sality.bh ...09:17:57:687 16000 cured
09:18:01:406 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184567.exe infected Virus.Win32.Sality.bh ...09:18:01:406 16000 cured
09:18:05:015 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184569.exe infected Virus.Win32.Sality.bh ...09:18:05:015 16000 cured
09:18:08:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184572.exe infected Virus.Win32.Sality.bh ...09:18:08:656 16000 cured
09:18:12:171 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184573.exe infected Virus.Win32.Sality.bh ...09:18:12:171 16000 cured
09:18:15:765 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184574.exe infected Virus.Win32.Sality.bh ...09:18:15:765 16000 cured
09:18:19:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184575.exe infected Virus.Win32.Sality.bh ...09:18:19:375 16000 cured
09:18:22:984 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184576.exe infected Virus.Win32.Sality.bh ...09:18:22:984 16000 cured
09:18:26:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184577.exe infected Virus.Win32.Sality.bh ...09:18:26:578 16000 cured
09:18:30:234 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184578.exe infected Virus.Win32.Sality.bh ...09:18:30:234 16000 cured
09:18:33:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184579.exe infected Virus.Win32.Sality.bh ...09:18:33:859 16000 cured
09:18:37:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184580.exe infected Virus.Win32.Sality.bh ...09:18:37:468 16000 cured
09:18:41:156 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184581.exe infected Virus.Win32.Sality.bh ...09:18:41:156 16000 cured
09:18:44:968 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184582.exe infected Virus.Win32.Sality.bh ...09:18:44:968 16000 cured
09:18:48:656 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184583.exe infected Virus.Win32.Sality.bh ...09:18:48:656 16000 cured
09:18:52:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184584.exe infected Virus.Win32.Sality.bh ...09:18:52:359 16000 cured
09:18:56:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184585.exe infected Virus.Win32.Sality.bh ...09:18:56:109 16000 cured
09:18:59:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184586.exe infected Virus.Win32.Sality.bh ...09:18:59:671 16000 cured
09:19:03:328 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184587.exe infected Virus.Win32.Sality.bh ...09:19:03:328 16000 cured
09:19:07:031 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184588.exe infected Virus.Win32.Sality.bh ...09:19:07:031 16000 cured
09:19:10:781 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184589.EXE infected Virus.Win32.Sality.bh ...09:19:10:781 16000 cured
09:19:14:671 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184590.exe infected Virus.Win32.Sality.bh ...09:19:14:671 16000 cured
09:19:18:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184591.exe infected Virus.Win32.Sality.bh ...09:19:18:296 16000 cured
09:19:21:890 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184592.exe infected Virus.Win32.Sality.bh ...09:19:21:890 16000 cured
09:19:25:578 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184593.exe infected Virus.Win32.Sality.bh ...09:19:25:578 16000 cured
09:19:29:218 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184594.exe infected Virus.Win32.Sality.bh ...09:19:29:218 16000 cured
09:19:32:859 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184595.exe infected Virus.Win32.Sality.bh ...09:19:32:859 16000 cured
09:19:36:625 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184596.exe infected Virus.Win32.Sality.bh ...09:19:36:625 16000 cured
09:19:40:468 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184597.exe infected Virus.Win32.Sality.bh ...09:19:40:468 16000 cured
09:19:44:109 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184598.exe infected Virus.Win32.Sality.bh ...09:19:44:109 16000 cured
09:19:47:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184599.exe infected Virus.Win32.Sality.bh ...09:19:47:812 16000 cured
09:19:51:562 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184600.exe infected Virus.Win32.Sality.bh ...09:19:51:562 16000 cured
09:19:55:375 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184601.exe infected Virus.Win32.Sality.bh ...09:19:55:375 16000 cured
09:19:59:062 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184602.exe infected Virus.Win32.Sality.bh ...09:19:59:062 16000 cured
09:20:02:812 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184603.exe infected Virus.Win32.Sality.bh ...09:20:02:812 16000 cured
09:20:06:359 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184604.exe infected Virus.Win32.Sality.bh ...09:20:06:359 16000 cured
09:20:10:296 16000 D:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0184605.exe infected Virus.Win32.Sality.bh ...09:20:10:296 16000 cured
09:20:14:156 16000 D:\TeamViewer_Setup.exe infected Virus.Win32.Sality.bh ...09:20:14:156 16000 cured
09:20:19:328 16000 D:\Wii Emulator\Dolphin.exe infected Virus.Win32.Sality.bh ...09:20:19:328 16000 cured
09:20:23:046 16000 D:\Wii Emulator\DSPTool.exe infected Virus.Win32.Sality.bh ...09:20:23:046 16000 cured
09:20:30:593 16000 D:\yhmiru.exe infected Virus.Win32.Sality.bh ...09:20:30:593 16000 cured
09:20:34:515 16000 D:\YTDSetup.exe infected Virus.Win32.Sality.bh ...09:20:34:515 16000 cured
09:20:34:812 16000
09:20:44:828 14676
Monitoring thread stopped
09:20:44:828 16000
completed
09:20:44:828 16000 Infected files: 2835
09:20:44:828 16000 Infected processes: 0
09:20:44:828 16000 Infected threads: 0
09:20:44:828 16000 Cured files: 2835
09:20:44:828 16000 Will be cured on reboot: 0
09:20:44:828 16000 Executed registry scripts: 1
  • 0

#9
frichieny
Posted 19 June 2013 - 09:54 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
OTL logfile created on: 6/20/2013 11:51:16 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 53.12% Memory free
3.85 Gb Paging File | 2.98 Gb Available in Paging File | 77.36% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 61.15 Gb Total Space | 2.75 Gb Free Space | 4.50% Space Free | Partition Type: NTFS
Drive D: | 87.89 Gb Total Space | 9.65 Gb Free Space | 10.98% Space Free | Partition Type: NTFS

Computer Name: DELACRUZ | User Name: Dela Cruz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/20 08:16:56 | 009,873,200 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe
PRC - [2013/06/20 08:16:26 | 000,078,848 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\GarenaTalkOverlay.exe
PRC - [2013/06/20 06:23:43 | 003,540,416 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2013/06/20 05:45:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs\OTL.exe
PRC - [2013/06/20 05:30:27 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2008/04/14 05:42:20 | 001,551,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/20 08:16:56 | 009,873,200 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe
MOD - [2013/06/20 08:16:26 | 000,078,848 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\GarenaTalkOverlay.exe
MOD - [2013/06/19 11:39:15 | 000,236,336 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\PluginNews.dll
MOD - [2013/06/19 11:39:14 | 000,856,880 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\ggplugin.dll
MOD - [2013/06/19 11:39:14 | 000,098,608 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\PlatformPlugin.dll
MOD - [2013/06/19 11:39:12 | 000,287,024 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\DailyTaskPlugin.dll
MOD - [2013/06/19 11:39:12 | 000,133,936 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\ClanBoxPlugin.dll
MOD - [2013/06/19 11:39:10 | 000,027,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\VersionModule.dll
MOD - [2013/06/19 11:39:03 | 001,903,920 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggspawn.dll
MOD - [2013/05/29 20:21:27 | 000,957,232 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\XLL.dll
MOD - [2013/05/29 20:21:06 | 000,799,536 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\gagmhook.dll
MOD - [2013/05/29 19:40:09 | 001,961,264 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\Overlay.dll
MOD - [2013/05/29 13:27:38 | 000,393,168 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll
MOD - [2013/05/29 13:27:35 | 004,051,408 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 13:26:40 | 000,599,504 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\libglesv2.dll
MOD - [2013/05/29 13:26:39 | 000,124,368 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\libegl.dll
MOD - [2013/05/29 13:26:36 | 001,597,392 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/05/03 15:34:54 | 000,184,832 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\ggspawn.dll
MOD - [2013/04/25 19:31:02 | 001,543,984 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\FileSender.dll
MOD - [2013/04/25 19:30:54 | 000,436,528 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\GarenaTalkPlugin.dll
MOD - [2013/04/10 17:23:12 | 000,170,800 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\fs\YYFileSystem.dll
MOD - [2013/04/10 17:22:55 | 000,155,440 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\libmpg123.dll
MOD - [2013/03/13 18:05:59 | 000,374,064 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\Http.dll
MOD - [2013/03/07 10:10:42 | 000,106,288 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\UILayout.dll
MOD - [2013/03/07 10:10:39 | 000,224,560 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\StatsPlugin.dll
MOD - [2013/03/07 10:10:22 | 000,487,216 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\CxImage.dll
MOD - [2013/02/07 17:11:25 | 000,025,392 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginModule.dll
MOD - [2013/02/07 17:11:24 | 000,087,344 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginKernel.dll
MOD - [2013/02/07 17:11:22 | 000,192,816 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ImageModule.dll
MOD - [2013/02/07 17:11:17 | 000,051,504 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\FileLoader.dll
MOD - [2013/02/07 17:11:15 | 000,033,584 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\DibModule.dll
MOD - [2013/02/01 13:42:29 | 000,153,088 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\libzmq.dll
MOD - [2013/01/30 16:26:41 | 002,941,232 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggdownloader.dll
MOD - [2013/01/30 16:26:38 | 000,104,752 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\CommonLib.dll
MOD - [2013/01/14 19:57:52 | 001,092,912 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\GaFileTransfer.dll
MOD - [2013/01/14 19:57:46 | 000,219,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\TaskManagerLib.dll
MOD - [2012/09/13 14:19:19 | 000,048,640 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\XmlUIModule.dll
MOD - [2012/08/31 03:10:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2012/07/27 14:59:42 | 000,010,240 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\ClientTcp.dll
MOD - [2012/07/27 14:59:28 | 000,061,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\UdtLib.dll
MOD - [2012/04/24 09:19:16 | 000,238,592 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\MediaEngine.dll
MOD - [2012/04/13 11:12:18 | 000,059,392 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\AudioMixerLib.dll
MOD - [2012/04/13 11:12:18 | 000,019,968 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ServerMemAlloc.dll
MOD - [2012/03/08 16:56:40 | 000,510,464 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\RSALib.dll
MOD - [2012/02/22 16:52:18 | 000,162,304 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lame_enc.dll
MOD - [2012/02/22 16:52:16 | 000,573,100 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\sqlite3.dll
MOD - [2012/02/22 16:52:16 | 000,178,176 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\MP3Module.dll
MOD - [2012/02/22 16:52:16 | 000,122,136 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggcode.dll
MOD - [2011/10/18 09:54:25 | 000,056,832 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\PluginKernel.dll
MOD - [2011/10/18 09:54:24 | 000,097,792 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\CommonLib.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/07/20 21:11:32 | 000,247,808 | ---- | M] () -- C:\WINDOWS\system32\FFSJ\FFSJSHL.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/01/31 11:33:24 | 000,032,768 | ---- | M] () -- C:\Program Files\Vtune\TBPanelExt.dll


========== Services (SafeList) ==========

SRV - [2013/06/20 06:43:32 | 000,745,368 | ---- | M] (Tunngle.net GmbH) [Disabled | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013/06/20 06:42:32 | 000,246,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Smart Bro\UpdateDog\ouc.exe -- (Smart Bro. RunOuc)
SRV - [2013/06/20 06:41:19 | 000,162,440 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/20 06:36:21 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/06/20 06:31:49 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/20 06:29:05 | 030,969,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/06/20 06:27:30 | 000,240,264 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.233.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/06/20 06:27:14 | 000,193,672 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.233.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/06/20 06:25:11 | 000,161,768 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/20 06:22:50 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2013/06/20 06:22:35 | 000,542,552 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2013/06/20 06:22:27 | 000,329,544 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2013/06/20 06:22:23 | 000,077,520 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2013/06/20 05:32:18 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/06/20 05:30:53 | 000,271,712 | ---- | M] () [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2013/05/15 18:59:10 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/10/19 12:13:38 | 000,144,712 | ---- | M] (H+H Software GmbH) [Disabled | Stopped] -- C:\Program Files\Virtual CD v10\System\VC10SecS.exe -- (VC10SecS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\vtany.sys -- (vtany)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\DELACR~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kjlsmn.sys -- (amsint32)
DRV - [2013/04/21 15:04:16 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\apf003.sys -- (apf003)
DRV - [2013/04/10 03:14:50 | 000,013,816 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\WINDOWS\system32\unikey.sys -- (phunter)
DRV - [2013/04/03 21:40:51 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2013/04/03 21:40:51 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013/04/03 21:40:51 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013/04/03 21:40:51 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013/02/22 15:17:04 | 000,181,784 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/02/22 15:17:04 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/02/05 17:52:46 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012/12/06 01:13:58 | 000,022,112 | -HS- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Room\safedrv.sys -- (GGSAFERDriver)
DRV - [2012/11/22 08:43:14 | 000,112,480 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2012/08/24 15:57:00 | 000,113,104 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012/04/11 23:40:28 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2012/04/07 02:15:10 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2012/02/22 18:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/01/11 14:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2011/10/19 02:53:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011/04/19 08:52:48 | 000,186,392 | ---- | M] (H+H Software GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vdrv1000.sys -- (vdrv1000)
DRV - [2011/03/31 19:36:10 | 000,204,384 | ---- | M] (SHADOWDEFENDER.COM) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\diskpt.sys -- (diskpt)
DRV - [2010/04/09 08:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2010/03/23 00:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2010/03/10 17:34:34 | 000,013,952 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HH10Help.sys -- (HH10Help.sys)
DRV - [2010/03/05 00:02:10 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010/03/05 00:02:08 | 000,070,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009/11/18 14:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 14:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/09/16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=UP62
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2718116
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.msn.com/?...=OIE8HP&PC=UP62
IE - HKCU\..\URLSearchHook: {e3600b2b-4c86-4697-96bc-74d4d209f6bc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.com/RCplugin: C:\Documents and Settings\Dela Cruz\Application Data\raidcall\plugins\webplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Dela Cruz\Application Data\IDM\idmmzcc5 [2013/01/17 22:23:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\Dela Cruz\Application Data\IDM\idmmzcc5 [2013/01/17 22:23:43 | 000,000,000 | ---D | M]

[2012/06/05 14:03:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Extensions
[2013/06/03 00:29:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions
[2012/09/25 20:35:42 | 000,621,521 | ---- | M] () (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions\[email protected]
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/06/14 10:54:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/14 10:54:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/14 10:54:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\distribution\extensions
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Documents and Settings\Dela Cruz\Application Data\raidcall\plugins\webplugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Garena Talk Plugin (Enabled) = D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
CHR - Extension: Fabulous = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ambjmeohlajelahhhniggkkceagdlcgj\28.4_0\
CHR - Extension: FB Refresh = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdlfdaajmclngiomogmleihllaejcnni\2.0.1_0\
CHR - Extension: Adblock Plus = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google One Piece = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gacclaplhgkomiijkahnnkjiofngfkhd\1.0_0\
CHR - Extension: AirMech = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\17760_0\
CHR - Extension: IDM Integration = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.12.2_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: My Chrome Theme = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\

O1 HOSTS File: ([2013/06/07 21:28:06 | 000,000,788 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {e3600b2b-4c86-4697-96bc-74d4d209f6bc} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E3600B2B-4C86-4697-96BC-74D4D209F6BC} - No CLSID value found.
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [GarenaPlus] D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun: NoDriveTypeAutoRun = 177
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D926CD09-FB59-497F-9FE5-0436F3AC5EF7}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2012/06/05 13:00:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/04/15 18:57:52 | 000,000,274 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/11/07 19:49:08 | 000,001,331 | ---- | M] () - D:\AutoHotkey.ahk -- [ NTFS ]
O32 - AutoRun File - [2013/06/20 08:05:56 | 000,899,584 | ---- | M] () - D:\AutoHotkey.exe -- [ NTFS ]
O32 - AutoRun File - [2007/04/15 18:57:52 | 000,000,247 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{388cb639-058b-11e2-a8d9-0024215b0d23}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\AutOplaY\cOmmAND - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\AutoRun\command - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\EXplorE\CommAnD - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\opeN\cOMmaNd - "" = E:\mibsbd.pif
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell\AutoRun\command - "" = F:\steambackup2.EXE
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{f1ed421a-af09-11e1-b8cb-806d6172696f}\Shell\AUtoplaY\coMMANd - "" = C:\lnts.pif -- [2013/06/20 05:48:18 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421a-af09-11e1-b8cb-806d6172696f}\Shell\AutoRun\command - "" = C:\lnts.pif -- [2013/06/20 05:48:18 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421a-af09-11e1-b8cb-806d6172696f}\Shell\exPlore\commanD - "" = C:\lnts.pif -- [2013/06/20 05:48:18 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421a-af09-11e1-b8cb-806d6172696f}\Shell\Open\commanD - "" = C:\lnts.pif -- [2013/06/20 05:48:18 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421b-af09-11e1-b8cb-806d6172696f}\Shell\Autoplay\commaNd - "" = D:\yhmiru.exe -- [2013/06/20 09:20:30 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421b-af09-11e1-b8cb-806d6172696f}\Shell\AutoRun\command - "" = D:\yhmiru.exe -- [2013/06/20 09:20:30 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421b-af09-11e1-b8cb-806d6172696f}\Shell\ExpLoRe\CommAnd - "" = D:\yhmiru.exe -- [2013/06/20 09:20:30 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421b-af09-11e1-b8cb-806d6172696f}\Shell\open\COmMaND - "" = D:\yhmiru.exe -- [2013/06/20 09:20:30 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/20 05:29:54 | 000,171,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\SalityKiller.exe
[2013/06/20 05:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Desktop\salitykiller
[2013/06/19 23:01:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dela Cruz\Recent
[2013/06/19 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Carpe Fulgur
[2013/06/19 15:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Carpe Fulgur
[2013/06/16 08:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/06/15 03:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion Limited
[2013/06/15 03:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2013/06/14 13:28:30 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2013/06/14 13:28:30 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2013/06/14 13:28:27 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2013/06/14 10:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/10 05:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\YourFileDownloader
[2013/06/10 02:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Desktop\PokeMMO.eu
[2013/06/06 23:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\[email protected]
[2013/06/06 23:12:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\CasperWiMACHunter
[2013/06/06 23:10:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\syntaxerror00100
[2013/06/06 09:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2013/06/04 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\My Documents\Imba summoners
[2013/06/02 10:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Aeria Games
[2013/06/02 10:27:58 | 000,000,000 | ---D | C] -- C:\ProgramData
[2013/06/02 10:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Start Menu\Programs\AeriaGames
[2013/06/02 10:14:40 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2013/06/02 10:14:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AeriaGames
[2013/06/02 10:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Aeria Games
[2013/06/02 04:09:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Akamai
[2013/06/02 04:09:49 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2013/05/28 01:48:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\Carbon
[2013/05/26 21:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Monaco What's Yours Is Mine
[2013/05/23 06:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\My Documents\Klei
[2013/05/23 04:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Steam
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/20 11:31:41 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
[2013/06/20 11:31:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/20 11:15:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003UA.job
[2013/06/20 10:59:43 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/20 10:56:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/20 09:20:04 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003UA.job
[2013/06/20 07:59:40 | 002,817,640 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2013/06/20 05:48:18 | 000,033,792 | RHS- | M] () -- C:\lnts.pif
[2013/06/20 03:15:00 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003Core.job
[2013/06/19 21:12:31 | 000,267,555 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\dannce.jpg
[2013/06/19 21:11:35 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013/06/19 21:10:35 | 000,504,286 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/19 21:10:35 | 000,088,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/19 20:37:33 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/19 15:17:52 | 000,001,916 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Recettear - An Item Shops Tale.lnk
[2013/06/19 14:50:15 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2013/06/19 14:48:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\5469
[2013/06/19 14:48:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/16 12:20:01 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003Core.job
[2013/06/16 08:43:31 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iFunbox.lnk
[2013/06/14 22:17:03 | 001,094,820 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/06/14 22:17:03 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/06/14 22:16:56 | 001,094,820 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/06/14 13:28:52 | 000,000,197 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI
[2013/06/10 08:40:17 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 20:46:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4bed
[2013/06/09 09:53:10 | 000,003,574 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\recently-used.xbel
[2013/06/09 07:15:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4d64
[2013/06/08 12:08:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4e7d
[2013/06/08 09:44:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\5014
[2013/06/07 21:28:06 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/07 21:28:06 | 000,000,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.umbrella
[2013/06/07 20:31:19 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Wifi Connected.url
[2013/06/06 19:20:51 | 000,002,334 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/06 19:20:50 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Google Chrome.lnk
[2013/06/05 20:20:54 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Internet Explorer.lnk
[2013/06/04 22:21:05 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2013/06/03 15:25:40 | 000,006,370 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\Backup .001
[2013/06/03 13:56:13 | 000,169,813 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\FAIL.jpg
[2013/06/02 21:55:53 | 000,003,076 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\Hey.reg
[2013/06/02 10:27:20 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Soldier Front 2.lnk
[2013/06/02 10:14:34 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aeria Ignite.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/20 10:59:43 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/19 21:12:31 | 000,267,555 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\dannce.jpg
[2013/06/19 15:17:52 | 000,001,916 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Recettear - An Item Shops Tale.lnk
[2013/06/19 14:48:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\5469
[2013/06/14 13:28:17 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013/06/14 13:25:55 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2013/06/14 13:25:55 | 000,012,210 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013/06/10 05:12:14 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
[2013/06/09 20:46:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4bed
[2013/06/09 09:53:10 | 000,003,574 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\recently-used.xbel
[2013/06/09 07:15:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4d64
[2013/06/08 12:08:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4e7d
[2013/06/08 09:44:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\5014
[2013/06/07 20:31:10 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Wifi Connected.url
[2013/06/06 23:13:22 | 000,000,274 | RHS- | C] () -- C:\autorun.inf
[2013/06/06 23:13:15 | 000,033,792 | RHS- | C] () -- C:\lnts.pif
[2013/06/05 20:20:54 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Internet Explorer.lnk
[2013/06/03 15:25:38 | 000,006,370 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\Backup .001
[2013/06/03 13:56:13 | 000,169,813 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\FAIL.jpg
[2013/06/02 21:55:51 | 000,003,076 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\Hey.reg
[2013/06/02 10:27:20 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Soldier Front 2.lnk
[2013/06/02 10:14:34 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aeria Ignite.lnk
[2013/04/23 13:01:46 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\.gtk-bookmarks
[2013/04/21 15:04:16 | 000,016,304 | ---- | C] () -- C:\WINDOWS\System32\apl003.sys
[2013/04/21 15:04:16 | 000,013,232 | ---- | C] () -- C:\WINDOWS\System32\apf003.sys
[2013/04/16 13:33:17 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\Dela Cruz\ntuser.pol
[2013/04/16 13:21:31 | 000,201,802 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\poclbm130302GeForce 9500 GTv1w256l4.bin
[2013/04/10 03:12:40 | 000,013,816 | ---- | C] () -- C:\WINDOWS\System32\unikey.sys
[2013/04/04 03:09:36 | 000,002,759 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\.TransferManager.db
[2013/02/05 17:52:54 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013/02/05 17:52:50 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013/02/05 17:52:50 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013/02/05 17:52:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013/02/05 17:52:50 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013/01/15 19:58:31 | 000,000,320 | ---- | C] () -- C:\WINDOWS\con_34195430.ini
[2013/01/03 17:38:34 | 000,803,956 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-1659004503-725345543-1003-0.dat
[2013/01/03 17:38:31 | 000,287,434 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/12/29 19:19:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2012/12/05 15:45:33 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/08/01 00:46:38 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\fusioncache.dat
[2012/07/13 16:41:14 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/01 14:46:41 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2012/07/01 01:40:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2012/06/05 20:51:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/05 17:18:44 | 000,163,584 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/06/05 17:01:53 | 001,094,820 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/05 17:01:53 | 001,094,820 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/05 17:01:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/06/05 16:55:34 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/06/05 14:22:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\diskpt.dat
[2012/06/05 14:09:08 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/05 13:33:25 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2012/06/05 13:30:08 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/06/05 13:28:11 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012/06/05 13:02:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/06/05 12:58:12 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2012/06/05 13:31:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 003,682,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/11/25 23:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Caphyon
[2012/11/14 00:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2013/04/10 03:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService
[2012/09/13 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2013/01/22 01:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Garena
[2013/06/20 11:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger
[2012/06/11 23:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hotspot Shield
[2013/06/16 08:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/03/29 14:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2012/12/20 15:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2012/12/05 15:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2013/04/04 02:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013/04/03 21:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smart Bro
[2013/05/23 04:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steam
[2012/06/11 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2012/12/31 22:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2012/12/01 22:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft
[2013/02/09 19:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013/03/20 13:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\.minecraft
[2012/12/01 22:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\AnvSoft
[2012/12/02 00:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Audacity
[2012/06/11 15:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Camfrog
[2013/05/28 01:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Carbon
[2013/05/05 18:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\com.shirogames.evoland
[2012/11/14 07:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\DAEMON Tools Lite
[2013/06/19 23:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\DMCache
[2013/03/01 18:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Enterbrain
[2013/03/01 18:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\FFSJ
[2013/04/26 11:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\fltk.org
[2012/10/09 10:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\FreeBurner
[2013/01/22 01:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Garena
[2013/06/20 11:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\GarenaPlus
[2012/12/01 22:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\HandBrake
[2013/06/19 23:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\IDM
[2013/03/22 10:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\iFunbox_UserCache
[2012/07/01 01:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\LolClient
[2012/06/05 17:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\LolClient2
[2012/12/30 20:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\ManyCam
[2013/04/18 00:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Nettalk
[2012/09/30 03:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\PowerISO
[2012/07/13 16:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\raidcall
[2013/05/04 16:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Rainmeter
[2013/02/10 13:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\redsn0w
[2013/04/04 01:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Samsung
[2012/06/05 14:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Shadow Defender
[2012/12/31 18:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\SystemRequirementsLab
[2013/01/05 00:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\TeamViewer
[2013/03/10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Tunngle
[2002/01/01 00:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\TypingMaster7
[2013/03/10 20:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Unity
[2013/06/03 15:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\uTorrent
[2013/01/03 17:01:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Virtual CD v10
[2012/12/01 22:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Xilisoft
[2012/12/02 00:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\xim
[2012/12/16 21:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\YaTQA
[2013/06/10 05:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\YourFileDownloader

========== Purity Check ==========



< End of report >
  • 0

#10
frichieny
Posted 19 June 2013 - 10:03 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
before I reboot there are alot of Programs that are not responding properly like rundll32 and some other coded names and when i force restart i thought my pc wont reboot hehehe but now its ok :)
  • 0

Advertisements

#11
Phel
Posted 22 June 2013 - 03:05 AM

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Please, follow these steps:

Step 1. OTL fix.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kjlsmn.sys -- (amsint32)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2718116
O3 - HKLM\..\Toolbar: (no name) - {e3600b2b-4c86-4697-96bc-74d4d209f6bc} - No CLSID value found.
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\AutOplaY\cOmmAND - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\AutoRun\command - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\EXplorE\CommAnD - "" = E:\mibsbd.pif
O33 - MountPoints2\{751f64db-aee4-11e1-a8a6-0024215b0d23}\Shell\opeN\cOMmaNd - "" = E:\mibsbd.pif
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{f1ed421a-af09-11e1-b8cb-806d6172696f}\Shell\AUtoplaY\coMMANd - "" = C:\lnts.pif -- [2013/06/20 05:48:18 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421a-af09-11e1-b8cb-806d6172696f}\Shell\AutoRun\command - "" = C:\lnts.pif -- [2013/06/20 05:48:18 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421a-af09-11e1-b8cb-806d6172696f}\Shell\exPlore\commanD - "" = C:\lnts.pif -- [2013/06/20 05:48:18 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421a-af09-11e1-b8cb-806d6172696f}\Shell\Open\commanD - "" = C:\lnts.pif -- [2013/06/20 05:48:18 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421b-af09-11e1-b8cb-806d6172696f}\Shell\Autoplay\commaNd - "" = D:\yhmiru.exe -- [2013/06/20 09:20:30 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421b-af09-11e1-b8cb-806d6172696f}\Shell\AutoRun\command - "" = D:\yhmiru.exe -- [2013/06/20 09:20:30 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421b-af09-11e1-b8cb-806d6172696f}\Shell\ExpLoRe\CommAnd - "" = D:\yhmiru.exe -- [2013/06/20 09:20:30 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{f1ed421b-af09-11e1-b8cb-806d6172696f}\Shell\open\COmMaND - "" = D:\yhmiru.exe -- [2013/06/20 09:20:30 | 000,033,792 | RHS- | M] ()
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffe8462c-ceba-11e2-84a6-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
[2013/06/16 08:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/06/20 05:48:18 | 000,033,792 | RHS- | M] () -- C:\lnts.pif
[2013/06/06 23:13:22 | 000,000,274 | RHS- | C] () -- C:\autorun.inf
[2013/04/10 03:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService

:Commands 
[REBOOT]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 2. SalityKiller scan.

  • Press Win+R key sequence.
  • In the new window copy and paste the following:
  • C:\SalityKiller.exe -l C:\sklog1.txt
  • Click OK button.
  • A reboot might be required after disinfection.
  • Post contents of C:\sklog1.txt file in your next message.

So, please, don't forget to post in your next message:

  • C:\sklog1.txt
  • OTL log

  • 0

#12
frichieny
Posted 22 June 2013 - 10:37 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Good day phel :)
  • 0

#13
frichieny
Posted 22 June 2013 - 10:47 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
OTL.Txt

OTL logfile created on: 6/23/2013 12:45:21 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 61.95% Memory free
3.85 Gb Paging File | 3.16 Gb Available in Paging File | 82.01% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 61.15 Gb Total Space | 2.25 Gb Free Space | 3.68% Space Free | Partition Type: NTFS
Drive D: | 87.89 Gb Total Space | 9.54 Gb Free Space | 10.85% Space Free | Partition Type: NTFS

Computer Name: DELACRUZ | User Name: Dela Cruz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/20 08:16:56 | 009,873,200 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe
PRC - [2013/06/20 06:23:43 | 003,540,416 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2013/06/20 05:45:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs\OTL.exe
PRC - [2013/06/15 09:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2008/04/14 05:42:20 | 001,551,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/20 08:16:56 | 009,873,200 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe
MOD - [2013/06/19 11:39:14 | 000,856,880 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\ggplugin.dll
MOD - [2013/06/19 11:39:10 | 000,027,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\VersionModule.dll
MOD - [2013/06/19 11:39:03 | 001,903,920 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggspawn.dll
MOD - [2013/06/15 09:28:42 | 000,393,168 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013/06/15 09:28:40 | 004,051,408 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013/06/15 09:27:48 | 001,597,392 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013/05/29 20:21:27 | 000,957,232 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\XLL.dll
MOD - [2013/04/25 19:31:02 | 001,543,984 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\FileSender.dll
MOD - [2013/04/10 17:23:12 | 000,170,800 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\fs\YYFileSystem.dll
MOD - [2013/04/10 17:22:55 | 000,155,440 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\libmpg123.dll
MOD - [2013/03/13 18:05:59 | 000,374,064 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\Http.dll
MOD - [2013/03/07 10:10:42 | 000,106,288 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\UILayout.dll
MOD - [2013/03/07 10:10:39 | 000,224,560 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\StatsPlugin.dll
MOD - [2013/03/07 10:10:22 | 000,487,216 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\CxImage.dll
MOD - [2013/02/07 17:11:25 | 000,025,392 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginModule.dll
MOD - [2013/02/07 17:11:24 | 000,087,344 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginKernel.dll
MOD - [2013/02/07 17:11:22 | 000,192,816 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ImageModule.dll
MOD - [2013/02/07 17:11:17 | 000,051,504 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\FileLoader.dll
MOD - [2013/02/07 17:11:15 | 000,033,584 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\DibModule.dll
MOD - [2013/02/01 13:42:29 | 000,153,088 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\libzmq.dll
MOD - [2013/01/30 16:26:41 | 002,941,232 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggdownloader.dll
MOD - [2013/01/30 16:26:38 | 000,104,752 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\CommonLib.dll
MOD - [2013/01/14 19:57:52 | 001,092,912 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\GaFileTransfer.dll
MOD - [2013/01/14 19:57:46 | 000,219,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\TaskManagerLib.dll
MOD - [2012/09/13 14:19:19 | 000,048,640 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\XmlUIModule.dll
MOD - [2012/08/31 03:10:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2012/07/27 14:59:42 | 000,010,240 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\ClientTcp.dll
MOD - [2012/07/27 14:59:28 | 000,061,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\UdtLib.dll
MOD - [2012/04/24 09:19:16 | 000,238,592 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\MediaEngine.dll
MOD - [2012/04/13 11:12:18 | 000,059,392 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\AudioMixerLib.dll
MOD - [2012/04/13 11:12:18 | 000,019,968 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ServerMemAlloc.dll
MOD - [2012/03/08 16:56:40 | 000,510,464 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\RSALib.dll
MOD - [2012/02/22 16:52:18 | 000,162,304 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lame_enc.dll
MOD - [2012/02/22 16:52:16 | 000,573,100 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\sqlite3.dll
MOD - [2012/02/22 16:52:16 | 000,178,176 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\MP3Module.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/01/31 11:33:24 | 000,032,768 | ---- | M] () -- C:\Program Files\Vtune\TBPanelExt.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2013/06/20 06:43:32 | 000,745,368 | ---- | M] (Tunngle.net GmbH) [Disabled | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013/06/20 06:42:32 | 000,246,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Smart Bro\UpdateDog\ouc.exe -- (Smart Bro. RunOuc)
SRV - [2013/06/20 06:41:19 | 000,162,440 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/20 06:36:21 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/06/20 06:31:49 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/20 06:29:05 | 030,969,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/06/20 06:27:30 | 000,240,264 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.233.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/06/20 06:27:14 | 000,193,672 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.233.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/06/20 06:25:11 | 000,161,768 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/20 06:22:50 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2013/06/20 06:22:35 | 000,542,552 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2013/06/20 06:22:27 | 000,329,544 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2013/06/20 06:22:23 | 000,077,520 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2013/06/20 05:32:18 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/15 18:59:10 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/10/19 12:13:38 | 000,144,712 | ---- | M] (H+H Software GmbH) [Disabled | Stopped] -- C:\Program Files\Virtual CD v10\System\VC10SecS.exe -- (VC10SecS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\vtany.sys -- (vtany)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\DELACR~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/04/21 15:04:16 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\apf003.sys -- (apf003)
DRV - [2013/04/10 03:14:50 | 000,013,816 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\WINDOWS\system32\unikey.sys -- (phunter)
DRV - [2013/04/03 21:40:51 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2013/04/03 21:40:51 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013/04/03 21:40:51 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013/04/03 21:40:51 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013/02/22 15:17:04 | 000,181,784 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/02/22 15:17:04 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/02/05 17:52:46 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012/12/06 01:13:58 | 000,022,112 | -HS- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Room\safedrv.sys -- (GGSAFERDriver)
DRV - [2012/11/22 08:43:14 | 000,112,480 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2012/08/24 15:57:00 | 000,113,104 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012/04/11 23:40:28 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2012/04/07 02:15:10 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2012/02/22 18:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/01/11 14:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2011/10/19 02:53:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011/04/19 08:52:48 | 000,186,392 | ---- | M] (H+H Software GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vdrv1000.sys -- (vdrv1000)
DRV - [2011/03/31 19:36:10 | 000,204,384 | ---- | M] (SHADOWDEFENDER.COM) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\diskpt.sys -- (diskpt)
DRV - [2010/04/09 08:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2010/03/23 00:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2010/03/10 17:34:34 | 000,013,952 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HH10Help.sys -- (HH10Help.sys)
DRV - [2010/03/05 00:02:10 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010/03/05 00:02:08 | 000,070,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009/11/18 14:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 14:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/09/16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=UP62
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.msn.com/?...=OIE8HP&PC=UP62
IE - HKCU\..\URLSearchHook: {e3600b2b-4c86-4697-96bc-74d4d209f6bc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.com/RCplugin: C:\Documents and Settings\Dela Cruz\Application Data\raidcall\plugins\webplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Dela Cruz\Application Data\IDM\idmmzcc5 [2013/01/17 22:23:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\Dela Cruz\Application Data\IDM\idmmzcc5 [2013/01/17 22:23:43 | 000,000,000 | ---D | M]

[2012/06/05 14:03:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Extensions
[2013/06/03 00:29:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions
[2012/09/25 20:35:42 | 000,621,521 | ---- | M] () (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions\[email protected]
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/06/14 10:54:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/14 10:54:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/14 10:54:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\distribution\extensions
[2013/06/14 10:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Documents and Settings\Dela Cruz\Application Data\raidcall\plugins\webplugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Garena Talk Plugin (Enabled) = D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
CHR - Extension: Fabulous = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ambjmeohlajelahhhniggkkceagdlcgj\28.4_0\
CHR - Extension: FB Refresh = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdlfdaajmclngiomogmleihllaejcnni\2.0.1_0\
CHR - Extension: Adblock Plus = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google One Piece = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gacclaplhgkomiijkahnnkjiofngfkhd\1.0_0\
CHR - Extension: AirMech = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\17760_0\
CHR - Extension: IDM Integration = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.12.2_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: My Chrome Theme = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\

O1 HOSTS File: ([2013/06/07 21:28:06 | 000,000,788 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E3600B2B-4C86-4697-96BC-74D4D209F6BC} - No CLSID value found.
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [GarenaPlus] D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun: NoDriveTypeAutoRun = 177
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D926CD09-FB59-497F-9FE5-0436F3AC5EF7}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2012/06/05 13:00:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/11/07 19:49:08 | 000,001,331 | ---- | M] () - D:\AutoHotkey.ahk -- [ NTFS ]
O32 - AutoRun File - [2013/06/20 08:05:56 | 000,899,584 | ---- | M] () - D:\AutoHotkey.exe -- [ NTFS ]
O32 - AutoRun File - [2007/04/15 18:57:52 | 000,000,247 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{388cb639-058b-11e2-a8d9-0024215b0d23}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell\AutoRun\command - "" = F:\steambackup2.EXE
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/20 05:29:54 | 000,171,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\SalityKiller.exe
[2013/06/20 05:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Desktop\salitykiller
[2013/06/19 23:01:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dela Cruz\Recent
[2013/06/19 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Carpe Fulgur
[2013/06/19 15:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Carpe Fulgur
[2013/06/15 03:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion Limited
[2013/06/15 03:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2013/06/14 13:28:30 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2013/06/14 13:28:30 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2013/06/14 13:28:27 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2013/06/14 10:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/10 05:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\YourFileDownloader
[2013/06/10 02:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Desktop\PokeMMO.eu
[2013/06/06 23:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\[email protected]
[2013/06/06 23:12:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\CasperWiMACHunter
[2013/06/06 23:10:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\syntaxerror00100
[2013/06/06 09:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2013/06/04 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\My Documents\Imba summoners
[2013/06/02 10:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Aeria Games
[2013/06/02 10:27:58 | 000,000,000 | ---D | C] -- C:\ProgramData
[2013/06/02 10:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Start Menu\Programs\AeriaGames
[2013/06/02 10:14:40 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2013/06/02 10:14:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AeriaGames
[2013/06/02 10:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Aeria Games
[2013/06/02 04:09:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Akamai
[2013/06/02 04:09:49 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2013/05/28 01:48:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\Carbon
[2013/05/26 21:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Monaco What's Yours Is Mine
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/23 12:41:58 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
[2013/06/23 12:41:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/23 12:20:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003UA.job
[2013/06/23 12:20:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003Core.job
[2013/06/23 12:15:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003UA.job
[2013/06/23 11:56:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/22 22:21:17 | 000,002,334 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/22 22:21:17 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Google Chrome.lnk
[2013/06/22 17:13:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/20 10:59:43 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/20 07:59:40 | 002,817,640 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2013/06/20 03:15:00 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003Core.job
[2013/06/19 21:12:31 | 000,267,555 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\dannce.jpg
[2013/06/19 21:11:35 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013/06/19 21:10:35 | 000,504,286 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/19 21:10:35 | 000,088,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/19 20:37:33 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/19 15:17:52 | 000,001,916 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Recettear - An Item Shops Tale.lnk
[2013/06/19 14:50:15 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2013/06/19 14:48:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\5469
[2013/06/16 08:43:31 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iFunbox.lnk
[2013/06/14 22:17:03 | 001,094,820 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/06/14 22:17:03 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/06/14 22:16:56 | 001,094,820 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/06/14 13:28:52 | 000,000,197 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI
[2013/06/10 08:40:17 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 20:46:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4bed
[2013/06/09 09:53:10 | 000,003,574 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\recently-used.xbel
[2013/06/09 07:15:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4d64
[2013/06/08 12:08:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\4e7d
[2013/06/08 09:44:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\5014
[2013/06/07 21:28:06 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/07 21:28:06 | 000,000,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.umbrella
[2013/06/07 20:31:19 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Wifi Connected.url
[2013/06/05 20:20:54 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Internet Explorer.lnk
[2013/06/04 22:21:05 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2013/06/03 15:25:40 | 000,006,370 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\Backup .001
[2013/06/03 13:56:13 | 000,169,813 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\FAIL.jpg
[2013/06/02 21:55:53 | 000,003,076 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\Hey.reg
[2013/06/02 10:27:20 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Soldier Front 2.lnk
[2013/06/02 10:14:34 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aeria Ignite.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/20 10:59:43 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/19 21:12:31 | 000,267,555 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\dannce.jpg
[2013/06/19 15:17:52 | 000,001,916 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Recettear - An Item Shops Tale.lnk
[2013/06/19 14:48:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\5469
[2013/06/14 13:28:17 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013/06/14 13:25:55 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2013/06/14 13:25:55 | 000,012,210 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013/06/10 05:12:14 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
[2013/06/09 20:46:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4bed
[2013/06/09 09:53:10 | 000,003,574 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\recently-used.xbel
[2013/06/09 07:15:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4d64
[2013/06/08 12:08:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\4e7d
[2013/06/08 09:44:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\5014
[2013/06/07 20:31:10 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Wifi Connected.url
[2013/06/05 20:20:54 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Internet Explorer.lnk
[2013/06/03 15:25:38 | 000,006,370 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\Backup .001
[2013/06/03 13:56:13 | 000,169,813 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\FAIL.jpg
[2013/06/02 21:55:51 | 000,003,076 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\Hey.reg
[2013/06/02 10:27:20 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Soldier Front 2.lnk
[2013/06/02 10:14:34 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aeria Ignite.lnk
[2013/04/23 13:01:46 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\.gtk-bookmarks
[2013/04/21 15:04:16 | 000,016,304 | ---- | C] () -- C:\WINDOWS\System32\apl003.sys
[2013/04/21 15:04:16 | 000,013,232 | ---- | C] () -- C:\WINDOWS\System32\apf003.sys
[2013/04/16 13:33:17 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\Dela Cruz\ntuser.pol
[2013/04/16 13:21:31 | 000,201,802 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\poclbm130302GeForce 9500 GTv1w256l4.bin
[2013/04/10 03:12:40 | 000,013,816 | ---- | C] () -- C:\WINDOWS\System32\unikey.sys
[2013/04/04 03:09:36 | 000,002,759 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\.TransferManager.db
[2013/02/05 17:52:54 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013/02/05 17:52:50 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013/02/05 17:52:50 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013/02/05 17:52:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013/02/05 17:52:50 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013/01/15 19:58:31 | 000,000,320 | ---- | C] () -- C:\WINDOWS\con_34195430.ini
[2013/01/03 17:38:34 | 000,803,956 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-1659004503-725345543-1003-0.dat
[2013/01/03 17:38:31 | 000,287,434 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/12/29 19:19:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2012/12/05 15:45:33 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/08/01 00:46:38 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\fusioncache.dat
[2012/07/13 16:41:14 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/01 14:46:41 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2012/07/01 01:40:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2012/06/05 20:51:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/05 17:18:44 | 000,163,584 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/06/05 17:01:53 | 001,094,820 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/05 17:01:53 | 001,094,820 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/05 17:01:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/06/05 16:55:34 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/06/05 14:22:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\diskpt.dat
[2012/06/05 14:09:08 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/05 13:33:25 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2012/06/05 13:30:08 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/06/05 13:28:11 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012/06/05 13:02:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/06/05 12:58:12 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2012/06/05 13:31:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 003,682,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/11/25 23:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Caphyon
[2012/11/14 00:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/09/13 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2013/01/22 01:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Garena
[2013/06/23 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger
[2012/06/11 23:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hotspot Shield
[2013/03/29 14:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2012/12/20 15:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2012/12/05 15:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2013/04/04 02:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013/04/03 21:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smart Bro
[2013/05/23 04:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steam
[2012/06/11 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2012/12/31 22:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2012/12/01 22:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft
[2013/02/09 19:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013/03/20 13:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\.minecraft
[2012/12/01 22:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\AnvSoft
[2012/12/02 00:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Audacity
[2012/06/11 15:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Camfrog
[2013/05/28 01:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Carbon
[2013/05/05 18:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\com.shirogames.evoland
[2012/11/14 07:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\DAEMON Tools Lite
[2013/06/19 23:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\DMCache
[2013/03/01 18:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Enterbrain
[2013/03/01 18:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\FFSJ
[2013/04/26 11:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\fltk.org
[2012/10/09 10:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\FreeBurner
[2013/01/22 01:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Garena
[2013/06/23 12:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\GarenaPlus
[2012/12/01 22:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\HandBrake
[2013/06/19 23:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\IDM
[2013/03/22 10:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\iFunbox_UserCache
[2012/07/01 01:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\LolClient
[2012/06/05 17:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\LolClient2
[2012/12/30 20:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\ManyCam
[2013/04/18 00:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Nettalk
[2012/09/30 03:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\PowerISO
[2012/07/13 16:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\raidcall
[2013/05/04 16:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Rainmeter
[2013/02/10 13:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\redsn0w
[2013/04/04 01:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Samsung
[2012/06/05 14:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Shadow Defender
[2012/12/31 18:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\SystemRequirementsLab
[2013/01/05 00:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\TeamViewer
[2013/03/10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Tunngle
[2002/01/01 00:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\TypingMaster7
[2013/03/10 20:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Unity
[2013/06/03 15:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\uTorrent
[2013/01/03 17:01:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Virtual CD v10
[2012/12/01 22:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Xilisoft
[2012/12/02 00:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\xim
[2012/12/16 21:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\YaTQA
[2013/06/10 05:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\YourFileDownloader

========== Purity Check ==========



< End of report >
  • 0

#14
frichieny
Posted 22 June 2013 - 11:27 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
sklog1.txt

12:50:52:921 1116 scanning threads ...
12:51:05:171 1116
12:51:05:171 1116 scanning processes ...
12:51:05:390 1116
12:51:05:390 1116 fixing registry ...
12:51:05:390 0552
Monitoring thread started
12:51:05:390 1116 SalityRegCure: Restoring general registry keys
12:51:05:390 1116 SalityRegCure: Fixing system.ini
12:51:05:390 1116
12:51:05:390 1116 scanning drives ...
12:51:05:390 1116 scanning C:\ ...
13:10:06:812 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185325.EXE infected Virus.Win32.Sality.bh ...13:10:06:812 1116 cured
13:10:10:640 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185326.EXE infected Virus.Win32.Sality.bh ...13:10:10:640 1116 cured
13:10:14:453 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185327.EXE infected Virus.Win32.Sality.bh ...13:10:14:453 1116 cured
13:10:18:140 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185328.exe infected Virus.Win32.Sality.bh ...13:10:18:140 1116 cured
13:10:21:875 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185329.EXE infected Virus.Win32.Sality.bh ...13:10:21:875 1116 cured
13:10:25:578 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185330.EXE infected Virus.Win32.Sality.bh ...13:10:25:578 1116 cured
13:10:29:250 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185331.exe infected Virus.Win32.Sality.bh ...13:10:29:250 1116 cured
13:10:33:031 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185332.exe infected Virus.Win32.Sality.bh ...13:10:33:031 1116 cured
13:10:36:687 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185333.exe infected Virus.Win32.Sality.bh ...13:10:36:687 1116 cured
13:10:40:343 1116 C:\System Volume Information\_restore{E9D078C6-EE17-4E6C-B442-F4D5F5F78C51}\RP137\A0185334.exe infected Virus.Win32.Sality.bh ...13:10:40:343 1116 cured
13:16:14:562 1116 scanning D:\ ...
13:24:09:281 1116
13:24:09:281 0552
Monitoring thread stopped
13:24:09:281 1116
completed
13:24:09:281 1116 Infected files: 10
13:24:09:281 1116 Infected processes: 0
13:24:09:281 1116 Infected threads: 0
13:24:09:281 1116 Cured files: 10
13:24:09:281 1116 Will be cured on reboot: 0
13:24:09:281 1116 Executed registry scripts: 1
  • 0

#15
frichieny
Posted 22 June 2013 - 11:31 PM

frichieny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
:))
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP