• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 24

    Virus que destruye los ejecutables

    Tengo un virus que me rompe algunos archivos, programas .exe, relativamente importantes para mi. Entre ellos, el Skype, el SXE INjected, el EASUS Partition Data Wizard, Hai hai soft unviersal player, entre otros. Esos programas ...

    1. #1
      Usuario Avatar de oskoa
      Registrado
      sep 2009
      Ubicación
      En mi depto
      Mensajes
      60

      Malware Virus que destruye los ejecutables

      Tengo un virus que me rompe algunos archivos, programas .exe, relativamente importantes para mi. Entre ellos, el Skype, el SXE INjected, el EASUS Partition Data Wizard, Hai hai soft unviersal player, entre otros. Esos programas no andan y dice que esta infectado por un virus cuando lo quiero abrir, tengo que reinstalar el prgorama para que funcione de nuevo. Al cabo de reiniciar la computadora, se vuelve a romper. Y creo qeu tengo varios .exe infectados.

    2. #2
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.467

      Re: Virus que destruye los ejecutables

      Hola Ben

      Tenemos poca información sobre ese infector de ejecutables...
      La infección comenzó luego de descargar algo?

      Para diagnosticarlo, por favor, realiza lo siguiente:

      Descarga y ejecuta >> Ccleaner.
      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Realiza un análisis completo con Eset Online Scanner de la siguiente forma:
      Lo ejecutas.

      Marcas las casillas de Eliminar las amenazas detectadas y Analizar archivos.

      Haces clic en Configuración adicional y ahi marcas las casillas:
      • Analizar en busca de aplicaciones potencialmente indeseables.
      • Analizar en busca de aplicaciones potencialmente peligrosas.
      • Activar la tecnolgía Anti-Stealth.


      Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Presioná Lista de las amenazas encontradas.


      Exportá a un archivo de texto.

      Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log.txt


      Realiza un escaneo con BitDefender QuickScan. Cuando el análisis termine, presiona View Report para copiar su reporte.
      Nos traes los reportes de ESET Online Scanner y BitDefender QuickScan
      Saludos

    3. #3
      Usuario Avatar de oskoa
      Registrado
      sep 2009
      Ubicación
      En mi depto
      Mensajes
      60

      Re: Virus que destruye los ejecutables

      Hola y perdon por la tardanza, pasa que estoy teniendo problemas personales y no tengo tiempo de nada.

      Hice el eset, pero se me traba al 99%, sin embargo hice el escaneo y aquí el resultado. EL problema es que no me saca nada... solo lo marca y dice q estan infectados. No los remueve

      C:\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$RMCVCGZ.exe una variante de Win32/HackKMS.A aplicación
      C:\Fraps\fraps.exe Win32/Sality.NBA virus
      C:\Fraps\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files\Adobe\Adobe Media Encoder CS5\32\Adobe QT32 Server.exe Win32/Sality.NBA virus
      C:\Program Files\Adobe\Adobe Media Encoder CS5\32\ImporterREDServer.exe Win32/Sality.NBA virus
      C:\Program Files\Adobe\Adobe Media Encoder CS5\arh.exe Win32/Sality.NBA virus
      C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Adobe3DAndVideoServer\Adobe3DAndVideoServer.exe Win32/Sality.NBA virus
      C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Required\Droplet Template.exe Win32/Sality.NBA virus
      C:\Program Files\Core Temp\unins000.exe Win32/Sality.NBA virus
      C:\Program Files\CPUID\CPU-Z\unins000.exe Win32/Sality.NBA virus
      C:\Program Files\KLCP64\Tools\CodecTweakTool.exe Win32/Sality.NBA virus
      C:\Program Files\KLCP64\unins000.exe Win32/Sality.NBA virus
      C:\Program Files\MDCHC\mplayerc.exe Win32/Sality.NBA virus
      C:\Program Files\MDCHC64\mplayerc.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\3D Explosions for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\3D Transformations for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Art Blends for Vegas\ActivateArtBlends.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Art Blends for Vegas\Uninstal.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Art Blends for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Art Effects for Vegas\ActivateArtEffects.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Art Effects for Vegas\Uninstal.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Art Effects for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Film Effects for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Light Blends for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Light Effects for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Motion Blends for Vegas\ActivateMotionBlends.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Motion Blends for Vegas\Uninstal.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Motion Blends for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Motion Effects for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Paint Blends for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Paint Effects for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Sampler Pack for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Video Essentials for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Video Essentials II for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Video Essentials III for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\NewBlue\Video Essentials IV for Windows\ManageActivation32.exe Win32/Sality.NBA virus
      C:\Program Files\Outlook Express\msimn.exe Win32/Sality.NBA virus
      C:\Program Files\Outlook Express\oemig50.exe Win32/Sality.NBA virus
      C:\Program Files\Outlook Express\setup50.exe Win32/Sality.NBA virus
      C:\Program Files\Outlook Express\wab.exe Win32/Sality.NBA virus
      C:\Program Files\Outlook Express\wabmig.exe Win32/Sality.NBA virus
      C:\Program Files\Sony\Vegas Pro 10.0\FileIO Plug-Ins\ac3plug\ac3market\ApplicationRegistration.exe Win32/Sality.NBA virus
      C:\Program Files\Sony\Vegas Pro 10.0\x86\CreateMinidumpx86.exe Win32/Sality.NBA virus
      C:\Program Files\Sony\Vegas Pro 10.0\x86\FileIOSurrogate.exe Win32/Sality.NBA virus
      C:\Program Files\Sony\Vegas Pro 10.0\x86\sfvstserver.exe Win32/Sality.NBA virus
      C:\Program Files\Sony\Vegas Pro 10.0\vidcap60.exe Win32/Sality.NBA virus
      C:\Program Files\Sony\Vegas Pro 12.0\vegas.pro.12.-patch.exe una variante de Win32/HackTool.Patcher.AD aplicación
      C:\Program Files\Sony\Vegas Pro 12.0\vidcap60.exe Win32/Sality.NBA virus
      C:\Program Files\Sony\Vegas Pro 9.0\Video Plug-Ins\Activate3dTransformationsVegas.exe Win32/Sality.NBA virus
      C:\Program Files\Sony\Vegas Pro 9.0\Video Plug-Ins\Uninstal.exe Win32/Sality.NBA virus
      C:\Program Files\TeraCopy\EnterKey.exe Win32/Sality.NBA virus
      C:\Program Files\TeraCopy\TeraCopy.exe Win32/Sality.NBA virus
      C:\Program Files\TeraCopy\unins000.exe Win32/Sality.NBA virus
      C:\Program Files\WinPcap\rpcapd.exe Win32/Sality.NBA virus
      C:\Program Files\WinPcap\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Acronis\TrueImageHome\prl_report.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\plug_ins\Scan\AcroScanBroker.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrodist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTextExtractor.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\Acrobat Elements.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\ConvertIFD\ConvertIFD.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\ConvertXF\ConvertXF.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\java.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\javacpl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\javaw.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\javaws.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\jucheck.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\jusched.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\keytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\kinit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\klist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\ktab.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\orbd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\pack200.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\policytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\rmid.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\rmiregistry.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\servertool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\tnameserv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\flexsdk\bin\asdoc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\flexsdk\bin\compc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\flexsdk\bin\copylocale.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\flexsdk\bin\digest.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\flexsdk\bin\fcsh.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\flexsdk\bin\fdb.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\flexsdk\bin\mxmlc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\flexsdk\bin\optimizer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\CN\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\DA\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\DE\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\ES\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\FI\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\FR\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\IT\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\JA\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\KO\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\NB\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\NL\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\PT\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\SV\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\TW\langpack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\redist\dotnetfx.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\PluginLauncher.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\ConvertIFDShell.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\ConvertIP.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\ConvertPDF.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\ConvertWord.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Setup Files\{AC76BA86-1040-7D70-7760-000000000004}\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Mocha\bin\Mocha For After Effects.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(PCI)\Setup\redist\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(PCI)\Setup\redist\WindowsServer2003-KB898715-ia64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(PCI)\Setup\redist\WindowsServer2003-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(PCI)\Setup\redist\WindowsServer2003-KB898715-x86-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(PCI)\Setup\redist\WindowsXP-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(PCI)\Setup\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\aerender.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\AfterFX.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\Shell.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\sniffer_gpu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Adobe3DAndVideoServer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Bridge CS4\bridgeproxy.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Contribute CS4\SupportFiles\FirefoxExtension\FirefoxExtensionSetup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Contribute CS4\Contribute.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Contribute CS4\ContributeIBE.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Contribute CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Device Central CS4\Required\Opera\program\plugins\NPSWF32_FlashUtil.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Device Central CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\JVM\bin\java.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\JVM\bin\javac.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\JVM\bin\javaw.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\JVM\bin\keytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\JVM\bin\policytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\JVM\bin\rmid.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\JVM\bin\rmiregistry.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\JVM\bin\tnameserv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\Setup\redist\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\Setup\redist\WindowsServer2003-KB898715-ia64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\Setup\redist\WindowsServer2003-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\Setup\redist\WindowsServer2003-KB898715-x86-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\Setup\redist\WindowsXP-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\Setup\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\Adobe Encore.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\GPUSniffer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Encore CS4\PhotoshopServer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Extension Manager CS4\Adobe Extension Manager CS4.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Extension Manager CS4\Replace.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Fireworks CS4\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Fireworks CS4\Fireworks.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Fireworks CS4\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Fireworks CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\java.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\javacpl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\javaw.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\javaws.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\jucheck.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\jusched.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\keytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\kinit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\klist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\ktab.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\orbd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\pack200.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\policytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\rmid.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\rmiregistry.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\servertool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\JVM\bin\tnameserv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\Players\Debug\Install Flash Player 10 ActiveX.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\Players\Debug\Install Flash Player 10 Plugin.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\Players\Release\Install Flash Player 10 ActiveX.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\Players\Release\Install Flash Player 10 Plugin.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\Flash.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Flash CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\AIRegTool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe InDesign CS4\InDesign.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe InDesign CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEExporters\redist\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEExporters\redist\WindowsServer2003-KB898715-ia64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEExporters\redist\WindowsServer2003-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEExporters\redist\WindowsServer2003-KB898715-x86-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEExporters\redist\WindowsXP-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEExporters\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEImporters\redist\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEImporters\redist\WindowsServer2003-KB898715-ia64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEImporters\redist\WindowsServer2003-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEImporters\redist\WindowsServer2003-KB898715-x86-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEImporters\redist\WindowsXP-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PCI\AMEImporters\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\Adobe Media Encoder.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\PhotoshopServer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe OnLocation CS4\Adobe OnLocation.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe OnLocation CS4\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe OnLocation CS4\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe OnLocation CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\Required\Droplet Template.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\adobe.photoshop.cs4-nope.exe Win32/HackTool.Patcher.A aplicación
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Setup\redist\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Setup\redist\WindowsServer2003-KB898715-ia64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Setup\redist\WindowsServer2003-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Setup\redist\WindowsServer2003-KB898715-x86-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Setup\redist\WindowsXP-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Setup\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Adobe Premiere Pro.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\GPUSniffer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\ImporterProcessServer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\MPEGHDVExport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\PhotoshopServer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\PProHeadless.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Setup\redist\WindowsInstaller-KB893803-v2-x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Setup\redist\WindowsServer2003-KB898715-ia64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Setup\redist\WindowsServer2003-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Setup\redist\WindowsServer2003-KB898715-x86-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Setup\redist\WindowsXP-KB898715-x64-enu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Setup\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Adobe Soundbooth CS4.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\CrashReporterApp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\GPUSniffer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\LogTransport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Utilities\Pixel Bender Toolkit\pixel_bender_toolkit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Utilities\Pixel Bender Toolkit\sniffer_gpu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\Pixel Bender Toolkit 2\pbutil.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\Pixel Bender Toolkit 2\Pixel Bender Toolkit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\Pixel Bender Toolkit 2\sniffer_gpu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\AxSrvUACHlper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\UACHlper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\ACID.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\alcohol__.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxCmd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxDTA.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlExHlper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxSWdCPL.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Cheerpipe_ldr_auto_install.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\uninst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Asuka-LS Software\AsuNeage\AsuNeage.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Asuka-LS Software\AsuRE\AsuRE.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\installShell.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Full-Existing\DXStress.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Full-Existing\MMLoadDrv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEPrev.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Vista\cccprev.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Boilsoft Video Converter\bsvideoconverter.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Boilsoft Video Converter\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Boilsoft Video Joiner\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Boilsoft Video Splitter\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Capturador de Links\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CCleaner\ccleaner.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CCleaner\uninst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CD Art Display\CAD.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CD Art Display\cadLyrics.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CD Art Display\CADPinHelper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CD Art Display\cadSearch.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CD Art Display\RestartCAD.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CD Art Display\unins000.exe Win32/Sality.NBA virus

    4. #4
      Usuario Avatar de oskoa
      Registrado
      sep 2009
      Ubicación
      En mi depto
      Mensajes
      60

      Re: Virus que destruye los ejecutables

      C:\Program Files (x86)\Common Files\Acronis\CDRecord\cdrecord2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Acronis\CDRecord\growisofs.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Acronis\CDRecord\readcd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Asset Services CS4\AssetServicesCS4.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\ConnectUI\Adobe Drive CS4.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\ADConnect.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VCPrefsHelper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Ctl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\database-template\bin\x86\mysqladmin.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\database-template\bin\x86\mysqld-nt.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\database-template\bin\x86\mysqldump.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\database-template\bin\x86\mysqlimport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\java.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\javacpl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\javaw.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\javaws.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\jucheck.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\jusched.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\keytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\kinit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\klist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\ktab.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\orbd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\pack200.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\policytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\rmid.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\rmiregistry.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\servertool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\jre\bin\tnameserv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.aum_4.0.0\native\win32\VCUpdateCheck.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.nativecomm_4.0.0\native\win32\VCNativeHelper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\java.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\javacpl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\javaw.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\javaws.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\jucheck.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\jusched.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\keytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\kinit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\klist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\ktab.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\orbd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\pack200.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\policytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\rmid.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\rmiregistry.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\servertool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\jre\bin\tnameserv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\dynamiclink\CS5\dynamiclinkmanager.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\dynamiclink\dynamiclinkmanager.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\dynamiclink\processcoordinationserver.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\LogTransport2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\Uninst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Corel\Shared\Writing Tools\13\WT13sptlES.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Corel\Shared\Writing Tools\9.1\wt9_1sptlES.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\djbcp\Elecard\sysnsh.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\djbcp\mmswitch\MMAVILNG.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Hewlett-Packard\Scanjet\bin\hpsjrreg.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\InstallShield\Shared\WebReg\WebReg.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Artgalry\ARTGALRY.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Artgalry\CAG.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\OFFPROV.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\SELFCERT.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\PhotoEd\PHOTOED.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\vs7jit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\admcgi\scripts\FPADMCGI.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\bin\CFGWIZ.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\bin\FPREMADM.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\bin\FPSERVER.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\bin\FPSRVADM.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\bin\HTIMAGE.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\bin\IMAGEMAP.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\bin\TCPTEST.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\isapi\FPCOUNT.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\_vti_bin\_vti_adm\ADMIN.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\_vti_bin\_vti_aut\AUTHOR.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\_vti_bin\FPCOUNT.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\40\_vti_bin\SHTML.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Nero\AdvrCntr4\NeroPatentActivation.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBCore.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBSFtp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\ipclog.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\LSDriveDetect.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\WindowsInstallerKB893803v2x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\PX Storage Engine\drvins64.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\PX Storage Engine\pxhpinst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Common Files\Sonic Shared\PX Drivers\drvins64.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\coolpro2\cep2unin.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\coolpro2\coolpro2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\coolpro2\COOLTIPS.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\FontNav\FontNav.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\BarCode.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\Cap.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\Capture.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\CdrConv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\CorelDRW.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\CorelPP.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\CSBProf.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\DIM.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Programs\PrintWiz.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Setup\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\Registro del producto\Spanish\RegFlash.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Diagnostics\diagnos3.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\EAXSet\Ahqrun.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\EAXSet\EAXSet.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Equalizer\CTEQ.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Program\support\i386\ctzapxx.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Program\Restore.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Program\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\SFBM\sfbm.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Smart Recorder\SmartRec.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Speaker Settings\SpkSet.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\SurMixer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\Shared Files\Software Update\CTSURun.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\Shared Files\CTRegSvr.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\Shared Files\CTSched.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\Shared Files\CTSkinLd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\OLRSubmission\OLRStateCheck.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\OLRSubmission\OLRSubmission.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\CLDMA.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\cltest.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\ddtester.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\dvdrgn.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\Shared files\richvideoinstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\CyberLink\Shared files\richvideouninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DivX\DivX\bgregister.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DivX\DivX\config.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DivX\DivXBundleUninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DivX\DivXCodecUninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DivXCodec\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\AC3Filter\dialog_patch.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\BeSweet\AC3Machine.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\BeSweet\azidts.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\BeSweet\BeSweet.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\BeSweet\BeSweetGUI.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\DivX\DivX\config.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\DivX\DivX\DivX EKG.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\DivX\DivX Converter\Converter.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\DivX\DivX Player\DivX Player.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\FLAC\FLAC frontend.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\FLAC\flac_mac.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\FLAC\flac_ren.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\FLAC\metaflac.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\FLAC\Tag.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\FLAC\win2dos.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\lame\lame.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\lame\RazorLame.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\oggcodecs\OOOggCommentDump.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\oggcodecs\OOOggDump.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\oggcodecs\OOOggStat.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\oggcodecs\OOOggValidate.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\oggdropXPd\oggdropXPd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\VirtualDub\auxsetup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\VirtualDub\vdub.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\VirtualDub\VirtualDub.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\VirtualDubMod\AuxSetup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\VirtualDubMod\VirtualDub.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\VirtualDubMod\VirtualDubMod.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\XviD\AviC.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\XviD\MiniCalc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\XviD\OGMCalc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\XviD\StatsReader.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DJBCP Codec Pack\XviD\vidccleaner.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\asfbin.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\eWorker.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\rtmpdump.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\tsMuxeR.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\videoplay.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\EASEUS\EASEUS Data Recovery Wizard Professional 5.5.1\DRW.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\EASEUS\EASEUS Data Recovery Wizard Professional 5.5.1\DRW0.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\EASEUS\EASEUS Data Recovery Wizard Professional 5.5.1\DRWReport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\EASEUS\EASEUS Data Recovery Wizard Professional 5.5.1\OfficeViewer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\EASEUS\EASEUS Data Recovery Wizard Professional 5.5.1\RdfCheck.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\EASEUS\EASEUS Data Recovery Wizard Professional 5.5.1\sm.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\EASEUS\EASEUS Data Recovery Wizard Professional 5.5.1\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\EASEUS\EASEUS Data Recovery Wizard Professional 5.5.1\ureport.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Easy CD-DA Extractor 10\burn.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Easy CD-DA Extractor 10\burn2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Easy CD-DA Extractor 10\BurnRights.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Easy CD-DA Extractor 10\convert.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Easy CD-DA Extractor 10\ezcddax.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\eMule\LinkCreator.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\eMule\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\eRightSoft\SUPER\mencoder\mencoder.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\eRightSoft\SUPER\mencoder\MPlayer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\eRightSoft\SUPER\spk\1stRun.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\eRightSoft\SUPER\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\eRightSoft\SUPER\x264.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Foxit Software\Foxit Reader\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Gabest\VobSub\submux.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Gabest\VobSub\subresync.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Gabest\VobSub\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\Nandub\AuxSetup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\Nandub\Nandub.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\VirtualDub\AuxSetup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\VirtualDub\VirtualDub.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\azid.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\DVD2AVI.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\lame.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\normalize.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\SmartRipper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\vStrip.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\GordianKnot\vStrip_gui.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Guitar Pro 5\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Haihaisoft Universal Player\DRMLogin.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Haihaisoft Universal Player\hmplayer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Haihaisoft Universal Player\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Hamachi\hamachi.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Hamachi\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpfcCopy.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpospd08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hposvc08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqacdse.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\HpqApKil.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdstcp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqEmlsz.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgt01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgt02.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl02.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqirs08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqlgtidx.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpprop.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\HPQPrntW.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\HpqPSApl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpspb.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpssp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpstp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqptc08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqqpawp.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplFix08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtax08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtax11.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtbx01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\HpqTrMgr.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpsjrreg.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\ppcue.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\bin\svtf.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\devicemanagement\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\devicemanagement\hpzscr01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\DocProc\DocProc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\DocProc\dpe_ocr.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\DocProc\hpDocCvt.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\DocProc\regipe.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\esupport\hpqrrx08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\esupport\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\esupport\hpzscr01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\extcapuninstall\hpqrrx08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\extcapuninstall\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\extcapuninstall\hpzscr01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_load_env.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_load_letter.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_load_original.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_load_small.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_paperjam.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_printcart.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_proofsheet.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_transfer_memcard.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\fscommand\C3100_transfer_scan.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\help\player\FlashPla.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\HelpViewer\hpqhvshm.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\HelpViewer\hpqlpvwr.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\hpssupply\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\hpssupply\hpzscr01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\ocr\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\ocr\hpzscr01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\photosmartessential\hpqrrx08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\photosmartessential\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\photosmartessential\hpzscr01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprblog.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_EditClips.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpzscr01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpzswp01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpqrrx08.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzcdl01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzfwx01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpznop01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzpsl01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzrcn01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzwrp01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\hpzcdl01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\hpzsetup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\hpzstub.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\HP Software Update\HPWUCli.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Temp\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzmsi01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Temp\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzrcv01.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\HP\Temp\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzstub.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\0409\i386\dotnetfx.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\ce\2577\autorun.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\ce\686\autorun.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\ISP\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\MSI3.0\instmsi30.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\MSI3.1\WindowsInstaller-KB893803-x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\instmsiA.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\instmsiW.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\ISChain.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\setupce.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\setupPreReq.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\setupPreReqW.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Redist\Language Independent\i386\setupW.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Samples\Sample Data\Environment Variable\Red.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Samples\Sample Data\Registry Variable\Blue.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Samples\Sample Data\Standard Variable\Green.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Samples\WindowsInstaller\AlarmClock\alarmclock.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Samples\WindowsInstaller\Basic Installation Project\DataFiles\Othello.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Samples\WindowsInstaller\Evaluation Guide Files\RSSReader.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Samples\WindowsInstaller\Tutorial Project\Tutorial.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Script\Resource\CVTRES.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Script\Resource\LINK.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Script\Resource\RC.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\0409\ISRedistDownloader.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\Dialog Sampler\Media\Default\Disk Images\Disk1\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\Dialog Sampler\Media\Skin\Disk Images\Disk1\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\AppVLauncher.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\Cabwiz.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\PrereqEditor.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\RegSpyUI.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\watermark.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield\2010\Support\_IsIcoRes.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}

    5. #5
      Usuario Avatar de oskoa
      Registrado
      sep 2009
      Ubicación
      En mi depto
      Mensajes
      60

      Re: Virus que destruye los ejecutables

      \setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{43430FA5-AF68-4A2D-A7D4-891000008200}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{4BBC7CF4-DCAE-494E-99E5-891553653208}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{AC85CD9E-BC46-4874-90E6-ADB558DE7D9E}\ORSetup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{AC85CD9E-BC46-4874-90E6-ADB558DE7D9E}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\java-rmi.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\javacpl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\javaw.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\javaws.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\jbroker.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\jp2launcher.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\jqs.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\jqsnotify.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\keytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\kinit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\klist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\ktab.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\orbd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\pack200.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\policytool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\rmid.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\rmiregistry.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\servertool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\ssvagent.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\tnameserv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Java\jre6\bin\unpack200.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\jd\captcha\methods\anti-r-c_ST\anti-r-c.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\jd\captcha\methods\anti-r-c_ST\tesseract.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\jd\captcha\methods\antirecaptcha\hq2x.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\jd\captcha\methods\antirecaptcha\php-cgi.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\jd\captcha\methods\antirecaptcha\php-win.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\jd\captcha\methods\antirecaptcha\php.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\jd\captcha\methods\antirecaptcha\tesseract.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\plugins\jdshutdown\windows\shutdown.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\tools\Windows\kikin\kikin_installer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\tools\Windows\unrarw32\unrar.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\JDownloader.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\JDownloaderBETA.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\JDownloaderD3D.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\JDUpdate.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JDownloader\Uninstall_PluginACl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Jed's Half-Life Model Viewer 1.3.6\hlmv.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Jed's Half-Life Model Viewer 1.3.6\uninst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JPEG PC Camera\driver\StiCap.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JPEG PC Camera\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\JPEG PC Camera\VideoCap.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\Tools\graphstudio.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\Tools\SetACL_x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest_start.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\LogicMighty\ConvertToWMV\ffmpeg.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Loquendo\LTTS\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Loquendo\LTTS\unins001.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Megaupload\Mega Manager\AdminTask.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Messenger Plus! Live\Log Viewer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Messenger Plus! Live\MPTools.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft FrontPage\version3.0\bin\FP98SADM.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft FrontPage\version3.0\bin\FP98SWIN.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft FrontPage\version3.0\bin\FPSRVADM.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft FrontPage\version3.0\bin\FPSRVWIN.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\3082\MSOFFICE.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\3082\MSOHELP.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\3082\OLFSETUP.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\3082\OLFSNT40.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\3082\PROJWIZ.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\3082\WFXMSRVR.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\3082\WRKGADM.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\forms\3082\REGCFG.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\Xlators\PPVIEW32.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\BINDER.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\DLGCANCL.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\EXCEL.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\FINDER.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\FRONTPG.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\GRAPH9.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\MAKECERT.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\MSACCESS.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\MSIMPORT.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\MSOHTMED.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\NSREX.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\OSA9.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\OUTLOOK.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\POWERPNT.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\REXPROXY.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\RXCBPRXY.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\SELFCERT.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\VTIDISC.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\VTIFORM.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\VTIPRES.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\WAVTOASF.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\WEBPUB.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Office 2k\Office\WINWORD.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Virtual PC\dw15.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Virtual PC\Virtual PC.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Microsoft Visual Studio\Common\IDE\IDE98\MSE.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Mozilla Firefox.bak\uninstall\helper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Mozilla Firefox.bak\webapp-uninstaller.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\bin\bootpart.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\bin\contig.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\bin\grubinst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\bin\grubmenu.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NeoSmart Technologies\iReboot\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Burning ROM\SecurDisc\discinfo.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Burning ROM\NeDwFileHelper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Burning ROM\NeroAudioRip.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Burning ROM\NeroCmd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Burning ROM\NMDllHost.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero BurnRights\NeroBurnRights.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverDes.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero DiscSpeed\DiscSpeed.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero DriveSpeed\DriveSpeed.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Express\SecurDisc\discinfo.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Express\NeDwFileHelper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Express\NeroAudioRip.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Express\NMDllHost.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero InfoTool\InfoTool.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Live\NMDllHost.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Live\NMTvWizard.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnap.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero RescueAgent\NeroRescueAgent.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero ShowTime\NMDllHost.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero ShowTime\ShowTime.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero SoundTrax\NMDllHost.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero SoundTrax\SoundTrax.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NMDllHost.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Vision\NeroVision.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Vision\NMDllHost.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Vision\NMTvWizard.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero Vision\SlideShw.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero WaveEditor\NMDllHost.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\Nero WaveEditor\WaveEdit.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero 9\NeroDiscCopy9.Gadget\NeroGadgetCMServer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Nero\Nero ControlCenter 4\ncc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\3D Explosions for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\3D Explosions for Windows\Activate3DExplosions.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\3D Explosions for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\3D Explosions for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\3D Transformations for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\3D Transformations for Windows\Activate3DTransformations.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\3D Transformations for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\3D Transformations for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Art Blends for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Art Blends for Windows\ActivateArtBlends.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Art Blends for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Art Blends for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Art Effects for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Art Effects for Windows\ActivateArtEffects.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Art Effects for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Art Effects for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Film Effects for Windows\AEffects64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Film Effects for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Film Effects for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Film Effects for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Film Effects for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Film Effects for Windows\ActivateFilmEffects.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Film Effects for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Film Effects for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Blends for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Blends for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Blends for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Blends for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Blends for Windows\ActivateLightBlends.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Blends for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Blends for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Effects for Windows\AEffects64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Effects for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Effects for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Effects for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Effects for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Effects for Windows\ActivateLightEffects.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Effects for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Light Effects for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Blends for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Blends for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Blends for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Blends for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Blends for Windows\ActivateMotionBlends.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Blends for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Blends for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Effects for Windows\AEffects64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Effects for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Effects for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Effects for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Effects for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Effects for Windows\ActivateMotionEffects.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Effects for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Motion Effects for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Blends for Windows\Premiere\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Blends for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Blends for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Blends for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Blends for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Blends for Windows\ActivatePaintBlends.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Blends for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Blends for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Effects for Windows\AEffects64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Effects for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Effects for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Effects for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Effects for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Effects for Windows\ActivatePaintEffects.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Effects for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Paint Effects for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\AEffects\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\AEffects64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\Premiere\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\ActivateSamplerPack.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Activatevideoessentials.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\AEffects64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\ActivateVideoEssentials2.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\AEffects64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\ActivateVideoEssentials3.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\AEffects\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\AEffects64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\Premiere\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\vegas\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\vegas10\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\vegas1064\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\vegas64\InstallAssist.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\ActivateVideoEssentials4.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\updater_windows.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Pandora Recovery\PandoraRecovery.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Pandora Recovery\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\PowerISO\piso.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\PowerISO\PowerISO.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\PowerISO\PWRISOVM.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\PowerISO\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\QuickTime Alternative\QuickTimePlayer.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\R-Drive Image\cdrecord.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\R-Drive Image\growisofs.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\R-Drive Image\R-DriveImage.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\R-Drive Image\r-driveimagecl.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\R-Drive Image\readcd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\R-Drive Image\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\RSHUT Pro\RshutPro.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\RSHUT Pro\UNINSTALL.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\Uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\SafeSoft\Chaos Shredder\Chaos Shredder.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\SafeSoft\Chaos Shredder\uninst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Snapshot Viewer\SNAPVIEW.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\SolarWinds\Free Tools\Installs\UNWISE.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\SolarWinds\Free Tools\WakeOnLAN.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Sound Forge 9.0\Forge90.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Sound Forge Pro 10.0\FileIO Plug-Ins\ac3plug\ac3market\ApplicationRegistration.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Sound Forge Pro 10.0\ApplicationRegistration.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Sound Forge Pro 10.0\CreateMinidumpx86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Sound Forge Pro 10.0\ErrorReportClient.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Sound Forge Pro 10.0\ErrorReportLauncher.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Sound Forge Pro 10.0\Forge100.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Sound Forge Pro 10.0\sfvstserver.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Vegas Pro 9.0\FileIO Plug-Ins\ac3plug\ac3market\ApplicationRegistration.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Vegas Pro 9.0\x86\CreateMinidumpx86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Vegas Pro 9.0\x86\FileIOSurrogate.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Vegas Pro 9.0\x86\sfvstserver.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony\Vegas Pro 9.0\vidcap60.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\nrpack\50comupd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\nrpack\hhupd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\nrpack\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\nrpack\vcredist_x64.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\nrpack\vcredist_x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\50comupd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\hhupd.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\Setup.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Sony Setup\Sound Forge 9.0\vcredist_x86.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\SpeedFan\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Stardock\ObjectDock\UNWISE.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\Teamspeak2_RC2\TeamSpeak.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\TextAloud\pdftotext.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\TextAloud\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Unlocker\uninst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Unlocker\Unlocker.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\uTorrent\uTorrent.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\uTorrentBar_ES\UNWISE.EXE Win32/Sality.NBA virus
      C:\Program Files (x86)\uTorrentBar_ES\uTorrentBar_ESToolbarHelper.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Video Converter\AutoUpdate.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Video Converter\uninst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Video Converter\WinAVI.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Vista Start Menu\patch.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Winamp\Elevator.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Winamp\UninstWA.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Winamp\winampa.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Winamp Detect\UninstWaDetect.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\WinAVI Video Converter\AutoUpdate.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\WinAVI Video Converter\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Windows Live\Messenger\msvs.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\WinLauncherXP\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\XnView\unins000.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Xvid\AviC.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Xvid\MiniCalc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Xvid\OGMCalc.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Xvid\StatsReader.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Xvid\vidccleaner.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Yahoo!\Common\unyt.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Yahoo!\Common\unyt_wrap.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\inyt.exe Win32/Sality.NBA virus
      C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\ytbb.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\java-rmi.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\java.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\javacpl.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\javaw.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\javaws.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\jbroker.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\jp2launcher.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\jqs.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\jqsnotify.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\jucheck.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\jureg.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\jusched.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\keytool.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\kinit.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\klist.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\ktab.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\orbd.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\pack200.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\policytool.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\rmid.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\rmiregistry.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\servertool.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\ssvagent.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\tnameserv.exe Win32/Sality.NBA virus
      C:\ProgramData\Adobe\CS5\jre\bin\unpack200.exe Win32/Sality.NBA virus
      C:\ProgramData\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe Win32/Sality.NBA virus
      C:\ProgramData\FLEXnet\Connect\11\agent.exe Win32/Sality.NBA virus
      C:\ProgramData\FLEXnet\Connect\11\dwusplay.exe Win32/Sality.NBA virus
      C:\ProgramData\FLEXnet\Connect\11\ISDM.exe Win32/Sality.NBA virus
      C:\ProgramData\FLEXnet\Connect\11\issch.exe Win32/Sality.NBA virus
      C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe Win32/Sality.NBA virus
      C:\Qoobox\Quarantine\C\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.jar.vir una variante de Java/HackAV.B aplicación
      C:\Qoobox\Quarantine\C\Program Files (x86)\ESET\MiNODLogin\MiNODLoginLib.dll.vir Win32/RiskWare.HackAV.GI aplicación
      C:\Qoobox\Quarantine\C\Windows\SysWOW64\rrobsyjlidmr.dll.vir una variante de Win32/Adware.GooochiBiz.AK aplicación
      C:\Qoobox\Quarantine\G\Archivos de programa\sXe Injected\chromechange.exe.vir Win32/Sality.NBA virus
      C:\Qoobox\Quarantine\G\Archivos de programa\sXe Injected\firechange.exe.vir Win32/Sality.NBA virus
      C:\Qoobox\Quarantine\G\Archivos de programa\sXe Injected\sXe Injected.exe.vir Win32/Sality.NBA virus
      C:\Qoobox\Quarantine\G\Archivos de programa\sXe Injected\uninstall.exe.vir Win32/Sality.NBA virus
      C:\Qoobox\Quarantine\G\_autorun_.inf.zip INF/Autorun.gen gusano
      C:\UsbFix\Backup\Registry-16-12-2012\ERDNT.EXE Win32/Sality.NBA virus
      C:\UsbFix\Backup\Registry-17-12-2012\ERDNT.EXE Win32/Sality.NBA virus
      C:\UsbFix\Backup\Registry-22-11-2012\ERDNT.EXE Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\C\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$R13CKLB\VisualBoyAdvance.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\C\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$RP8UNJ3.exe.vir una variante de Win32/Bundled.Toolbar.Ask aplicación
      C:\UsbFix\Quarantine\C\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$RS7I6F0.zip.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\D\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$R9TFAWM.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\D\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$RWPYJGZ.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\F\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$RGCL1PS.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\H\Recycler\S-1-5-21-1844237615-515967899-1801674531-500\Dg5.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\H\Recycler\S-1-5-21-1844237615-515967899-1801674531-500\Dg7.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\H\Recycler\S-1-5-21-1844237615-515967899-1801674531-500\Dg9.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\H\Recycler\S-1-5-21-57989841-448539723-725345543-500\Dg1\Crack REsident evil4\Crack Para dejarlo Multi lenguaje\game.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\H\Recycler\S-1-5-21-57989841-448539723-725345543-500\Dg1\Crack REsident evil4\exe\game.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\J\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$R4SY8R8.EXE.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\J\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$RIQ6021.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\J\$RECYCLE.BIN\S-1-5-21-3908427202-3677227250-994981884-1001\$RS8DMUW.EXE.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\J\Recycler\S-1-5-21-57989841-448539723-725345543-500\Dm1.exe.vir Win32/Sality.NBA virus
      C:\UsbFix\Quarantine\J\Recycler\S-1-5-21-57989841-448539723-725345543-500\Dm2.exe.vir Win32/Sality.NBA virus
      C:\Users\Admin\AppData\Local\Adobe\Updater5\Install\estoolkit2\ExtendScriptToolkit2.0.2_new.exe Win32/Sality.NBA virus
      C:\Users\Admin\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe Win32/Sality.NBA virus
      C:\Users\Admin\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe Win32/Sality.NBA virus
      C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe Win32/Sality.NBA virus
      C:\Users\Admin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe Win32/Sality.NBA virus
      C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe Win32/Sality.NBA virus
      C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk Win32/Adware.ADON aplicación
      C:\Users\Admin\Desktop\9) - Especificos\UsbFix.exe Win32/Sality.NBA virus
      C:\Users\Admin\Desktop\[SS-MFE3.0YC(N)R]\9) - Especificos\ComboFix.exe Win32/Sality.NBA virus
      C:\Users\Admin\Desktop\[SS-MFE3.0YC(N)R]\9) - Especificos\DT-kill.exe Win32/Sality.NBA virus
      C:\Users\Admin\Desktop\[SS-MFE3.0YC(N)R]\9) - Especificos\UsbFix.exe Win32/Sality.NBA virus
      C:\Users\Admin\Desktop\[SS-MFE3.0YC(N)R]\9) - Especificos\yorkyt.exe Win32/Sality.NBA virus
      C:\Users\Admin\Desktop\Activador office 2010.rar una variante de Win32/HackKMS.A aplicación
      C:\Users\Admin\Desktop\eMule0.50a-Installer.exe Win32/Sality.NBA virus
      C:\Users\Admin\Desktop\Firefox Setup 17.0.1.exe Win32/Sality.NBA virus
      C:\Users\Admin\Desktop\Vegas pro 12 Parche subido by BGodlik3.rar una variante de Win32/HackTool.Patcher.AD aplicación
      C:\Users\All Users\Adobe\CS5\jre\bin\java-rmi.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\java.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\javacpl.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\javaw.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\javaws.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\jbroker.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\jp2launcher.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\jqs.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\jqsnotify.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\jucheck.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\jureg.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\jusched.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\keytool.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\kinit.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\klist.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\ktab.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\orbd.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\pack200.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\policytool.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\rmid.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\rmiregistry.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\servertool.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\ssvagent.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\tnameserv.exe Win32/Sality.NBA virus
      C:\Users\All Users\Adobe\CS5\jre\bin\unpack200.exe Win32/Sality.NBA virus
      C:\Users\All Users\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe Win32/Sality.NBA virus
      C:\Users\All Users\FLEXnet\Connect\11\agent.exe Win32/Sality.NBA virus
      C:\Users\All Users\FLEXnet\Connect\11\dwusplay.exe Win32/Sality.NBA virus
      C:\Users\All Users\FLEXnet\Connect\11\ISDM.exe Win32/Sality.NBA virus
      C:\Users\All Users\FLEXnet\Connect\11\issch.exe Win32/Sality.NBA virus
      C:\Users\All Users\FLEXnet\Connect\11\ISUSPM.exe Win32/Sality.NBA virus
      C:\Users\Default\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe Win32/Sality.NBA virus
      C:\Windows\Microsoft.NET\Framework\FMwork\wimtd.exe una variante de Win32/HiddenStart.A aplicación
      C:\Windows\Setup\scrwin\wimtd.exe una variante de Win32/HiddenStart.A aplicación
      C:\Windows\Updreg.EXE Win32/Sality.NBA virus
      C:\EasyBCD 2.0.exe Win32/Sality.NBA virus

    6. #6
      Usuario Avatar de oskoa
      Registrado
      sep 2009
      Ubicación
      En mi depto
      Mensajes
      60

      Re: Virus que destruye los ejecutables

      QuickScan 32-bit v0.9.9.119
      ---------------------------
      Fecha de Análisis: Wed Jan 23 21:17:22 2013
      ID de la Máquina: F836E10F



      ¡Encontrados 4 arhivos infectados!
      ----------------------------------

      C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe --> Win32.Sality.3
      --> HKLM\System\ControlSet001\services\FLEXnet Licensing Service
      --> HKLM\System\ControlSet002\services\FLEXnet Licensing Service

      C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe --> Win32.Sality.3
      --> c:\windows\tasks\facebookupdatetaskusers-1-5-21-3908427202-3677227250-994981884-1001core.job
      --> c:\windows\tasks\facebookupdatetaskusers-1-5-21-3908427202-3677227250-994981884-1001ua.job

      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe --> Win32.Sality.3
      --> HKLM\System\ControlSet001\services\Adobe Version Cue CS4
      --> HKLM\System\ControlSet002\services\Adobe Version Cue CS4

      C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe --> Win32.Sality.3
      --> c:\windows\tasks\googleupdatetaskusers-1-5-21-3908427202-3677227250-994981884-1001core.job
      --> c:\windows\tasks\googleupdatetaskusers-1-5-21-3908427202-3677227250-994981884-1001ua.job



      Procesos
      --------
      Acronis CDP 1944 C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
      Firefox 5528 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      Firefox 3740 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
      Malwarebytes Anti-Malware 2640 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      Malwarebytes Anti-Malware 2372 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      Malwarebytes Anti-Malware 2392 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      Nero BackItUp 2492 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      PsiService System Service 2736 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
      RichVideo Module 2776 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      Skype 3380 C:\Program Files (x86)\Skype\Phone\Skype.exe
      Stardock ObjectDock 3372 C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
      TextAloudMP3.exe 3148 C:\Program Files (x86)\TextAloud\TextAloudMP3.exe
      UpTime 4000 C:\Windows\Time\muptime.exe


      Actividad de red
      ----------------
      Proceso Skype.exe (3380) conectado en el puerto 16288 --> 190.231.218.189
      Proceso Skype.exe (3380) conectado en el puerto 58852 --> 71.254.175.240
      Proceso Skype.exe (3380) conectado en el puerto 40019 --> 111.221.77.151
      Proceso Skype.exe (3380) conectado en el puerto 443 (HTTP over SSL) --> 65.54.48.48
      Proceso Skype.exe (3380) conectado en el puerto 12350 --> 78.141.179.11
      Proceso firefox.exe (5528) conectado en el puerto 80 (HTTP) --> 74.125.134.100
      Proceso firefox.exe (5528) conectado en el puerto 80 (HTTP) --> 74.125.134.100

      Proceso Skype.exe (3380) escuchar en puertos: 80 (HTTP), 443 (HTTP over SSL), 21311


      Autoruns y archivos críticos
      ----------------------------
      Adobe Updater Startup Utility C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
      Classic Shell C:\Program Files\Classic Shell\ClassicStartMenu.exe
      Facebook Update C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe
      Google Update C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
      iReboot C:\Program Files (x86)\NeoSmart Technologies\iReboot\iReboot.exe
      Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
      Sistema operativo Microsoft® Windows® C:\Program Files\Windows Sidebar\sidebar.exe
      Skype C:\Program Files (x86)\Skype\Phone\Skype.exe
      Stardock ObjectDock C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
      UpTime C:\Windows\Time\muptime.exe
      (verificado) Sistema operativo Microsoft® Windows® c:\windows\syswow64\userinit.exe


      Plugins del Navegador
      ---------------------
      Adobe PDF Toolbar for IE c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll
      Ask.com Toolbar c:\program files (x86)\askbardis\bar\bin\askbar.dll
      Bitdefender QuickScan C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ibu78q79.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
      Conduit Toolbar c:\program files (x86)\conduitengine\conduitengine.dll
      Conduit Toolbar c:\program files (x86)\utorrentbar_es\tbutor.dll
      Contribute c:\program files (x86)\adobe\/adobe contribute cs4/contributeieplugin.dll
      CTPID ActiveX Control Module C:\Windows\Downloaded Program Files\CTPIDPDE.ocx
      Facebook Photo Uploader 5 C:\Windows\Downloaded Program Files\PhotoUploader55.ocx
      Facebook Video Calling Plugin C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
      Google Update C:\Users\Admin\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      HP Smart Web Printing c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll
      HP Smart Web Printing c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
      Java Deployment Toolkit 6.0.240.7 C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
      Java(TM) Platform SE 6 U24 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
      Java(TM) Platform SE 6 U24 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
      Mega Manager IE Click Catcher c:\program files (x86)\megaupload\mega manager\megaiemn.dll
      Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
      Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
      Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
      Microsoft Office 2010 c:\program files (x86)\microsoft office\office14\urlredir.dll
      Microsoft® Windows Live ID c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
      Microsoft® Windows Live ID C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
      Microsoft® Windows Live ID C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
      NPSWF32_11_5_502_146.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
      taforie.dll c:\program files (x86)\textaloud\taforie.dll
      Winamp Application Detector C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
      Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll
      Yahoo! Single Instance for Mail c:\program files (x86)\yahoo!\companion\installs\cpn\ytsingleinstance.dll
      Yahoo! Toolbar c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll
      (verificado) AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
      (verificado) Adobe Acrobat C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
      (verificado) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
      (verificado) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
      (verificado) QuickTime Plug-in 7.6.5 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
      (verificado) QuickTime Plug-in 7.6.5 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
      (verificado) QuickTime Plug-in 7.6.5 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
      (verificado) QuickTime Plug-in 7.6.5 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
      (verificado) QuickTime Plug-in 7.6.5 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
      (verificado) Sistema operativo Microsoft® Windows® C:\Windows\system32\mswsock.dll
      (verificado) Sistema operativo Microsoft® Windows® C:\Windows\system32\napinsp.dll
      (verificado) Sistema operativo Microsoft® Windows® C:\Windows\system32\pnrpnsp.dll


      Analizar
      --------
      MD5: e319c7034fdb55d6be48ee676c2b4c58 c:\program files (x86)\adobe\/adobe contribute cs4/contributeieplugin.dll
      MD5: 3faed1c7b0e37e78c532243edc25baec c:\program files (x86)\askbardis\bar\bin\askbar.dll
      MD5: 9a635b24e3ef3632e4197c66207a2de3 C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
      MD5: 5761eaefb6e904444c32c3d6762fec0b C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
      MD5: 5b96c27b3b53f4ea6816db40f6f9b427 C:\Program Files (x86)\Common Files\Acronis\SnapAPI\snapapi.dll
      MD5: f2dcb030fbdd320f858871515c18c5d1 c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll
      MD5: cae5ef700db85d237bfe0a895e783b69 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
      MD5: e40474be1c7a4fc9c5de66ef70fd523f C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      MD5: 82e139a863734c238af57a20359f980c C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\LBFC.dll
      MD5: a2ff2a9a3099c1c2f0392746aa55e933 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NB.dll
      MD5: 6db2004232dd9f21c6bed8ad2afdc48a C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBBurn.dll
      MD5: c7f5c284b6f46fcaf6910ea4e644700b C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      MD5: 8bc19ef0c11de279dd93d809b6404bf8 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll
      MD5: a6a7ad767bf5141665f5c675f671b3e1 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
      MD5: 70e764e0ac98ce3ded9eaab2a93716f5 C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll
      MD5: 4a79cf0929c165593477776e638123d1 C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll
      MD5: 8add058f5bddd785b13a4af1dd3cdb96 C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll
      MD5: 8c7e1bc5e4bc5bd0fcb0f57319c44333 C:\Program Files (x86)\Common Files\Stardock\ODImg.dll
      MD5: d9a0ce26ada5bd15b1b03a752ddf14a6 c:\program files (x86)\conduitengine\conduitengine.dll
      MD5: bd517c7fb119997effbe39d5e4b37b05 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      MD5: 67a7e5daca78544c826b16cd8c816a5c c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll
      MD5: c05a0b625dfe1f6d25e5430746a180d1 c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
      MD5: 88e49c2b7e75b1d9695d6a063f28a8bb c:\program files (x86)\java\jre6\bin\jp2ssv.dll
      MD5: 4ebb5b4dcabec18b29d01f9f607b0114 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
      MD5: 291b740d3719e86fea09a94ca72145c2 C:\Program Files (x86)\Loquendo\LTTS\loq210.dll
      MD5: 5576d3b08492b2ffc850f78b1e272631 C:\Program Files (x86)\Loquendo\LTTS\loqsapi5.dll
      MD5: 21a5d37cfd0e3b1fa245f953e6a661c0 C:\Program Files (x86)\Loquendo\LTTS\LoqSpanish6.2.dll
      MD5: 26fcc88f0983ab7018f9f785eadd6613 C:\Program Files (x86)\Loquendo\LTTS\LOQTTS6.dll
      MD5: 3e3ac334c8791e4a341a202919d06883 C:\Program Files (x86)\Loquendo\LTTS\LoqTTS6_UTIL.dll
      MD5: 8624e0e2418413614ee1fecdb7b76b88 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
      MD5: 4be1dcad76be96d1ec887a41e570c404 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
      MD5: 7853d2ab445c10f97610b2b05fa4cf0a C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      MD5: d4467a285c91752018f67cdba8680bab C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
      MD5: 1acaa67676e9e7bda5e0c41b6e0decaf C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      MD5: 916b8954ac3e06dc9e898affb41f3fb6 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      MD5: 37b6a2d134c725e1f8acbc77f39f0ef4 c:\program files (x86)\megaupload\mega manager\megaiemn.dll
      MD5: 8b57391f4e96ff5dd550532edd85dc84 C:\Program Files (x86)\Microsoft Office\Office14\3082\GrooveIntlResource.dll
      MD5: b326f15feaa40bee1b2c1cb717cb42df C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
      MD5: d7826a7440444f40e0406cf37fd2fa88 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      MD5: 279bf886819e8679be77b2bb81a400c8 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
      MD5: 12bbebad91cf6374e94f737e6db0c507 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
      MD5: 93472af8efb1e63dfbf2f74be0bd4033 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
      MD5: 22ca9bb95ac4153e014584b18f0569a8 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
      MD5: e0ba6578eed3e9035955d690e271ef4b C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
      MD5: 9ad324b5af7f7eedf0e3f28d3b6c5973 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
      MD5: 03e9314004f504a14a61c3d364b62f66 C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
      MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
      MD5: 16e2e44c4ec4b22bfb925508d22dd37b C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
      MD5: 18be75843430c4f05ac060ae4d574a6b C:\Program Files (x86)\Mozilla Firefox\nss3.dll
      MD5: 9afbc017fdd2d1f2120f14be0c38b00c C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
      MD5: 131f7b10411507306d3049d19e86f97b C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
      MD5: 8c41e308b8b6f2c1dffd8293c724900e C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
      MD5: c171d1c50118976efdb66d2eae4bc470 C:\Program Files (x86)\Mozilla Firefox\plc4.dll
      MD5: 92b9e0393145fda7b8a159a3ec32e3e7 C:\Program Files (x86)\Mozilla Firefox\plds4.dll
      MD5: 9a4841a0ce83a768f7a5f4ba97de02b5 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
      MD5: 9d35e12b661581b83dd74eb910ea9e6d C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
      MD5: f9ae1ad5cc7f73827b64a05a44902b07 C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
      MD5: 193fcd8a8ed27a6ff02e073c536c06aa C:\Program Files (x86)\Mozilla Firefox\smime3.dll
      MD5: 66fc543011314b0da6fc240c31a2c58e C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
      MD5: 0176b178b0abe6ab25fe42326c64559a C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
      MD5: d9bcb480f298718f38c45b3ddebf0da7 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
      MD5: dd6eed8f1ea31fa36b8247f97e807968 C:\Program Files (x86)\Mozilla Firefox\xul.dll
      MD5: 9c3758018ded02f4ae53cca1c5f084a2 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      MD5: 56d120b9fe4c14e5b3e984d89559a581 C:\Program Files (x86)\NeoSmart Technologies\iReboot\iReboot.exe
      MD5: 35b1bd5ddca71bfad07db09876cf625f C:\Program Files (x86)\NeoSmart Technologies\iReboot\iRebootd.exe
      MD5: 44109e0e323b02caf7bbef6c3ec6ee89 C:\Program Files (x86)\R-Drive Image\DrvSnSht64.sys
      MD5: 057d4500b9cc974dd2bf2e9d28bd9adc C:\Program Files (x86)\R-Drive Image\R-ImageDisk64.sys
      MD5: 3d0ef13679e82a7b12b0b10d5128135b C:\Program Files (x86)\Skype\Phone\Skype.exe
      MD5: eb2e5161cb51d9693d2293a62360f85c C:\Program Files (x86)\Stardock\ObjectDock\CrashRpt.dll
      MD5: e458d88c71990f545ef941cd16080bad C:\Program Files (x86)\Stardock\ObjectDock\dbghelp.dll
      MD5: 4195b4d91cfa41f3368a2be3e1530160 C:\Program Files (x86)\Stardock\ObjectDock\DockShellHook.dll
      MD5: 670fcad3345904bf3bc477ea0fb2d093 C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
      MD5: 92756208fe9138d360f2beb68d5ca349 C:\Program Files (x86)\Stardock\ObjectDock\ODImg.dll
      MD5: d44597ecc2b2550e022a762321d1686b C:\Program Files (x86)\Stardock\ObjectDock\zlib.dll
      MD5: f6b5f07446fd8be2e1fada563376eb43 C:\Program Files (x86)\TextAloud\keypush.dll
      MD5: 42e05e95deb768de1ef872660840b298 C:\Program Files (x86)\TextAloud\lame_enc.dll
      MD5: 969351f00bb0185f06030aa8ae5f2754 c:\program files (x86)\textaloud\taforie.dll
      MD5: 26281ee83010aa1b5db07a1d665113bd C:\Program Files (x86)\TextAloud\TextAloudMP3.exe
      MD5: d0cb75386d9e89c864d808d64ec9160f C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys
      MD5: d9a0ce26ada5bd15b1b03a752ddf14a6 c:\program files (x86)\utorrentbar_es\tbutor.dll
      MD5: 6a2e0e49a4f2a9df3e6293e37e7486bd c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll
      MD5: f64c4241fe5e519f62c47c361dc671d7 c:\program files (x86)\yahoo!\companion\installs\cpn\ytsingleinstance.dll
      MD5: b97483e1371089c99e96d3de414df6d2 C:\Program Files\Classic Shell\ClassicStartMenu.exe
      MD5: 0a888754c63c3a5d8cd8f7492c62b40d C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
      MD5: af589cf1cff8e49fbe518d3c9b27e51c C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe
      MD5: 0b31b0f8fa99cfd009c8fbea9e20c9de C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
      MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Users\Admin\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      MD5: 7454331d5551dec4180e9e096dceb8b2 C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
      MD5: c9e3864fb9cbfa93d9010bcfe18a5697 C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ibu78q79.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
      MD5: 6a3ad6dabe21b7f0d19c3072c02f9d52 C:\Windows\Downloaded Program Files\CTPIDPDE.ocx
      MD5: c235a51cb740e45ffa0ebfb9bafcda64 C:\Windows\Explorer.exe
      MD5: 898fc91bf6424f629e933273b6e46ffd C:\Windows\speech\Speech.dll
      MD5: f6f213095d33ed25c57721c19289d9cf C:\Windows\system32\aac_parser.ax
      MD5: 82b0b872a489541980f3334a6330399f C:\Windows\system32\ac3DX.ax
      MD5: 46f3efdbf797b2dc4146eab1a4582970 C:\Windows\system32\atiumdag.dll
      MD5: dfc2fb946435fc324814b3320f014cf7 C:\Windows\system32\atiumdva.dll
      MD5: 84957d0ce4ff261b0081679eb9c0c006 C:\Windows\system32\AVCDX.ax
      MD5: 6fbaa0f8e9f6552ccefd6bcf5a2e1060 C:\Windows\system32\CoreAAC.ax
      MD5: da44d12924f948dc7dba644710fa8839 C:\Windows\system32\d2d1.dll
      MD5: 3954a03a729fe37d5b4b35bf06745f85 C:\Windows\system32\d3d10_1.dll
      MD5: af549c7f87ae41c417cc128c1d086385 C:\Windows\system32\d3d10_1core.dll
      MD5: 44739ae2d5fb72b9c5d40f432dee7b54 C:\Windows\system32\D3D10Warp.dll
      MD5: 62c08c8fe06eba769e1e7bc98ae47234 C:\Windows\system32\DiracSplitter.ax
      MD5: 1ae6d8abad591aaed61738a1e0c596ba C:\Windows\system32\DWrite.dll
      MD5: 15bc38a7492befe831966adb477cf76f C:\Windows\system32\Explorer.exe
      MD5: 8898c95862d03d16b2a06db4db6bb6b2 C:\Windows\system32\explorerframe.dll
      MD5: f8bef2a3a77a22880bce13382d9302ce C:\Windows\system32\FLACDX.ax
      MD5: 8453687a045c926f0291301ebaf50370 C:\Windows\system32\flvDX.dll
      MD5: a5408051b49a1bfd3c3ed889a318cc42 C:\Windows\system32\MatroskaDX.ax
      MD5: 4cb18f87c6bcf550ef48632935c80b5f C:\Windows\system32\MPCDx.ax
      MD5: 21d8f42d54598b73c2e1a9571399113b C:\Windows\system32\msfDX.dll
      MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
      MD5: e4b6b932b6e5ce386627ceea2a0a0f4c C:\Windows\system32\nbDX.dll
      MD5: 48b32991b01ffa2535050d4457f4b6d3 C:\Windows\system32\RealMediaDX.ax
      MD5: 624293ccba93b2dd1c062894977e7dcc C:\Windows\system32\RLAPEDec.ax
      MD5: 39396c3c3e4fb46fb3e087d4101a30be C:\Windows\system32\RLMPCDec.ax
      MD5: 00817d79cc4282859e9f5685ba686469 C:\Windows\system32\RLOgg.ax
      MD5: d126cd64568b093e6faddadce6fd0a47 C:\Windows\system32\RLSpeexDec.ax
      MD5: 8bd08b7bef08cb2f576832e88c70de93 C:\Windows\system32\RLTheoraDec.ax
      MD5: e25ed3eca867ee19be516528650e0506 C:\Windows\system32\RLVorbisDec.ax
      MD5: 4e4d2acbb8a2e46ad4aac92c3669a418 C:\Windows\system32\SC.dll
      MD5: fad2a307838f66f2037868460a71dbbd C:\Windows\system32\t2embed.dll
      MD5: 6db323f64f10dd6a8d9159dafa97fa41 C:\Windows\system32\TTADSDecoder.ax
      MD5: 555c91496e3584b6fc00ca0a1ce899eb C:\Windows\system32\TTADSSplitter.ax
      MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\SysWOW64\Dxtmsft.dll
      MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\SysWOW64\Dxtrans.dll
      MD5: 8dd29072e90e9eab909d388d629248aa C:\Windows\SysWOW64\ieframe.dll
      MD5: d3f60bc53ff510b88b9acbc3f64fe922 C:\Windows\syswow64\iertutil.dll
      MD5: 77a00a40a93894dfe90b910040a8d06a C:\Windows\SysWow64\jscript.dll
      MD5: c45df7436e84c1aff4e85e828f69b849 C:\Windows\SysWOW64\jscript9.dll
      MD5: 9ac863fd5976316c29d4cb5e4c9efd9c C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
      MD5: f5777c29e38e4bf12c6f93a0b2f1b2d7 C:\Windows\syswow64\MSASN1.dll
      MD5: 4def8126cabaa6cdc12103cd74c6a919 C:\Windows\SysWOW64\mshtml.dll
      MD5: 5f9785e7535f8f602cb294a54962c9e7 C:\Windows\SysWOW64\speedfan.sys
      MD5: 4635935fc972c582632bf45c26bfcb0e C:\Windows\SysWOW64\srvany.exe
      MD5: aa5f4683a0c3c40d90377aa238a6f1b7 C:\Windows\SysWOW64\urlmon.dll
      MD5: a1236375b74ea63c75657d564890c436 C:\Windows\syswow64\WININET.dll
      MD5: 4d6549ae7950fa822a559f323d84c10e C:\Windows\Time\muptime.exe

      El siguiente archivo(s) debe ser enviado al servidor para su análisis:
      C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe
      C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
      C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe

      Envío iniciado - 4 archivo(s)
      GoogleUpdate.exe (209904)
      FacebookUpdate.exe (215920)
      VersionCueCS4.exe (353648)
      FNPLicensingService.exe (944904)
      Velocidad de envío - 9 KB/s
      Envío finalizado - 4 enviados, 0 fallidos

      Scan finished - communication took 174 sec
      Total traffic - 1.65 MB enviado, 0.69 KB recibido
      Scanned 412 files and modules - 226 seconds

      ==============================================================================

    7. #7
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.467

      Re: Virus que destruye los ejecutables

      Hola,

      No te hagas problema. Espero que todo se solucione

      Lamento decirte que estás infectado con un virus extremadamente dañino como lo es Sality. Este virus infecta a la mayoría de los archivos del sistema, y vuelve al equipo inutilizable. En la mayoría de los casos, la solución recae en el formateo.
      Sin embargo algunas variantes han podido ser curadas.

      Tema de interés:
      Te recomiendo hacer una copia de seguridad de los archivos con las siguientes extensiones, que son las que no se ven afectadas por Sality:
      * .JPG
      * .GIF
      * .BMP
      * .TXT
      * .MP3
      * .DOC
      Nota: No respaldes archivos que tengan otras extensiones que no sean las mencionadas. De lo contrario, tu copia de seguridad también estará infectada.

      Imprimite las siguientes instrucciones, ya que es necesario continuar con todos los programas cerrados.

      Pasemos a la desinfección:

      Descarga a tu escritorio los siguientes archivos:
      Realiza lo siguiente:

      Descomprime y ejecuta SalityKiller (Si usas Windows Vista o 7, haz clic derecho y selecciona Ejecutar como Administrador).
      SalityKiller intentará desinfectar tu equipo. No interrumpas el proceso. Si te pide reiniciar, [/B]no lo hagas[/B].
      Descomprime y ejecuta Sality_RegKeys.zip. Elige la opción (Windows 2000, XP, 2003, Vista/2008, o 7/2008 R2) de acuerdo al Sistema Operativo que tengas.
      Inmediatamente reinicia tu equipo.
      Descarga DrWeb Cureit:
      Ejecuta Drweb según su manual y con estas especificaciones:
      • Cuando inicie el programa ejecutalo en su modo de proteccion mejorada preferentemente. Y siguiendo el manual.
      • Despues de aceptar los terminos de uso ve al boton que tiene forma de llave inglesa, y en Configuración te vas a Log y eliges Mínimo:

      • Eliges la opción Seleccione Objetos a escanear, y marcas todas las opciones; te vas a haga clic para seleccionar y añade todas las carpetas y unidades adicionales que quieras que sean escaneadas por el programa. Para iniciar el escaneo presionas sobre Comenzando escaneo:


      • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
      • Si te detecta el archivo Hosts permite que DrWeb lo restaure.
      • Abres el reporte al finalizar como lo indica la imagen.

      Nos traerias el reporte de DrWeb (de no poder guardarlo como se indica, un reporte se genera sobre %userprofile%\DoctorWeb\CureIt.log) y nos comentarias el estado del sistema.

      Estamos aquí para lo que necesites.
      Saludos y suerte

    8. #8
      Usuario Avatar de oskoa
      Registrado
      sep 2009
      Ubicación
      En mi depto
      Mensajes
      60

      Re: Virus que destruye los ejecutables

      Tengo una pregunta para realizarle :)

      Estoy realizarndo el Sality killer, y está anlaizando todos los archivos de todas las pariticones. y tengo 9 particiones con millones de archivos. va a tardar dias. En la ventana de DOS dice "Cured" osea curado. Esos archivos se pueden volver a usar?

      Gracias!

    9. #9
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.467

      Re: Virus que destruye los ejecutables

      Hola,

      Si la cantidad de archivos que hay en tu equipo es muy alta, los programas van a estar mucho tiempo haciendo su trabajo

      Cita Originalmente publicado por oskoa
      En la ventana de DOS dice "Cured" osea curado. Esos archivos se pueden volver a usar?
      Tanto SalityKiller como Dr.Web CureIt, hacen todo lo posible para curar todos los archivos infectados. Pero en ocasiones resulta imposible, y los archivos deben ser eliminados.
      Los archivos curados pueden reutilizarse, ya que el código del virus fue eliminado.
      Como te mencionaba, no todas las variantes de Sality pueden curarse. Al ser un buggy virus, esto es bastante complicado

      Cualquier duda que tengas, podés consultarnos
      Saludos

    10. #10
      Usuario Avatar de oskoa
      Registrado
      sep 2009
      Ubicación
      En mi depto
      Mensajes
      60

      Re: Virus que destruye los ejecutables

      Espero tener suerte, por qeu por ahora está curando miles y miles de .exe, y abri uno de los infectados por curiosidad y sigue sin abrir. El mayor problema que tengo es que por ejemplo el programa fraps, esta infectado. Cuando lo reinstalaba se arreglaba, pero al cabo re reiniciar el ordenador un par de veces se volvia a infectar. Como que estaba puesto en el inicio. Espero que el Dr CureIT solucione ese parte.

      Muchas gracias. El SalityKiller sigue trabajando

    Página 1 de 3 123 ÚltimoÚltimo