ThreatExpert's Statistics for Win32.Sality.AM.Gen [PC Tools]:

Win32.Sality.AM.Gen [PC Tools] is also known as:

Threat Alias	Number of Incidents
W32/Sality-AM [Sophos]	1,230
Virus:Win32/Sality.AM [Microsoft]	1,217
W32.Sality.AE [Symantec]	1,040
Virus.Win32.Sality.z [Kaspersky Lab]	1,004
PE_SALITY.EK [Trend Micro]	895
W32/Sality.gen [McAfee]	664
Win32/Kashu.B [AhnLab]	513
Virus.Win32.Sality [Ikarus]	491
W32/Sality.ag [McAfee]	459
W32.SillyFDC [Symantec]	58
Trojan.Win32.Autoit.ci [Kaspersky Lab]	55
PE_SALITY.M [Trend Micro]	54
Virus.Win32.Sality.y [Kaspersky Lab]	54
W32.Sality [Ikarus]	45
W32/Sality.af [McAfee]	38
Trojan.Win32.Autoit [Ikarus]	35
Virus.Win32.Sality.aa [Kaspersky Lab]	34
Trojan.Dropper [Symantec]	25
Virus.Win32.Sality.y [Ikarus]	18
W32/Sality.gen.b [McAfee]	18
W32.Imaut.AS [Symantec]	17
IM-Worm.Win32.VB [Ikarus]	16
W32.Imaut [Symantec]	14
W32/MoonLight.worm [McAfee]	14
Infostealer [Symantec]	13
Backdoor.Win32.Bifrose [Ikarus]	11
PWS-Gamania.gen.a [McAfee]	11
Win-Trojan/Xema.variant [AhnLab]	11
Trojan.Autoit [Ikarus]	10
Backdoor.Win32.Jaan.w [Kaspersky Lab]	9
Email-Worm.Win32.Brontok.ab [Ikarus]	9
Trojan.Autorun.UA [Ikarus]	9
Virus.Win32.Bifrose [Ikarus]	9
PWS-Gamania.gen.c [McAfee]	8
Trojan.Win32.VB [Ikarus]	8
Worm.Win32.AutoIt [Ikarus]	8
Worm:Win32/Autorun.EW [Microsoft]	8
Mal/Sality-A [Sophos]	7
Trojan-Dropper.Win32.Flystud.B [Ikarus]	7
Virus.Win32.Sality.z [Ikarus]	7
Virus.Win32.VB.bb [Ikarus]	7
Win32/Olala.worm.57344 [AhnLab]	7
Trojan.Autoit.CI.14 [Ikarus]	6
W32.Imaut.AA [Symantec]	6
W32.Imaut.CN [Symantec]	6
Worm.Win32.AutoIt.v [Kaspersky Lab]	6
Worm:AutoIt/Sohanad.AQ [Microsoft]	6
Backdoor.Win32.mIRC-based.k [Ikarus]	5
Gen.Win32 [Ikarus]	5
Trojan Horse [Symantec]	5
VirTool.Win32.Injector.b [Ikarus]	5
Virus.W32.Sality [Ikarus]	5
Win32/Autorun.worm.205167 [AhnLab]	5
IM-Worm.Win32.Sohanad [Ikarus]	4
Mal/Behav-043, Mal/Sality-A [Sophos]	4
Trojan.Win32.KillAV.ayh [Kaspersky Lab]	4
Trojan.Win32.Midgare.nfv [Kaspersky Lab]	4
Trojan-Downloader.Win32.VB.iyl [Kaspersky Lab]	4
Trojan-Spy.Win32.Banker.RM [Ikarus]	4
Virus.Win32.Crypt.CIK [Ikarus]	4
W32.Gammima.AG [Symantec]	4
W32.SillyDC [Symantec]	4
Win-Trojan/Autorun.225280.B [AhnLab]	4
Worm.Win32.VB [Ikarus]	4
Backdoor.Trojan [Symantec]	3
BackDoor-CEP.gen.au [McAfee]	3
BackDoor-EEF [McAfee]	3
Constructor/Bifrose.1466368 [AhnLab]	3
Downloader [Symantec]	3
Hacktool.Keylogger [Symantec]	3
Mal_Banker [Trend Micro]	3
Trojan.Win32.Vaklik [Ikarus]	3
Trojan-Downloader.Win32.VB.itl [Kaspersky Lab]	3
Virus.Win32.KillFiles.058 [Ikarus]	3
Virus.Win32.VB.dg [Ikarus]	3
Virus.Win32.VB.dg [Kaspersky Lab]	3
Virus.Win32.VB.KZ [Ikarus]	3
W32.Blastclan [Symantec]	3
W32.Imaut.N [Symantec]	3
W32.Linkfars [Symantec]	3
W32/Autorun.worm.cu [McAfee]	3
W32/Autorun.worm.ev [McAfee]	3
Win-Trojan/Agent.11776.KS [AhnLab]	3
Worm.Win32.VB.mz [Ikarus]	3
Worm.Win32.VB.pk [Kaspersky Lab]	3
Worm:Win32/Sohanad.I [Microsoft]	3
WORM_SOHANAD.EJ [Trend Micro]	3
Backdoor.Win32.Bifrose.avah [Kaspersky Lab]	2
Backdoor.Win32.Poison.pg [Kaspersky Lab]	2
Email-Worm.Win32.VB.cb [Ikarus]	2
FakeAlert-AG.gen.c [McAfee]	2
Generic PWS.ak [McAfee]	2
Generic VB.c [McAfee]	2
P2P-Worm.Win32.Malas.f [Kaspersky Lab]	2
P2P-Worm.Win32.Malas.g [Ikarus]	2
PE_PAGIPEF.BY [Trend Micro]	2
PWS-Yahmali [McAfee]	2
Spam-Mailbot [McAfee]	2
Spyware.ActMon [Symantec]	2
Trojan.Win32.Agent.cjgo [Kaspersky Lab]	2

Win32.Sality.AM.Gen [PC Tools] has the following possible countries of origin:

Origin		Number of Incidents
	United Kingdom	121
	Taiwan	63
	Germany	49
	China	42
	Sweden	31
	Russian Federation	30
	Israel	22
	Brazil	14
	Japan	11
	Republic of Korea	10
	Iran	6
	Portugal	6
	Italy	5
	Saudi Arabia	5
	Indonesia	4
	France	3
	Turkey	3
	Australia	2
	Canada	2
	Netherlands	2
	Poland	2
	Spain	2
	Belgium	1
	Czech Republic	1
	Finland	1
	Mexico	1
	New Zealand	1
	Norway	1
	Slovenia	1

Win32.Sality.AM.Gen [PC Tools] is known to be created as:

%AppData%\csrss.exe

%AppData%\explorer.exe

%AppData%\inetinfo.exe

%AppData%\lsass.exe

%AppData%\microsoft\cd burning\coolworld.exe

%AppData%\microsoft\hscg.exe

%AppData%\services.exe

%AppData%\smss.exe

%AppData%\usrinit.exe

%AppData%\winlogon.exe

%CommonAppData%\dllcache32.exe

%CommonAppData%\fearghus\lsass.exe

%CommonAppData%\microsoft\usb2.0\usb-hi.exe

%CommonDesktopDir%\desktop.exe

%CommonDesktopDir%\documents.exe

%CommonDesktopDir%\files.exe

%CommonDesktopDir%\notepad.exe

%CommonDocuments%\documents.exe

%CommonFavorites%\favorites.exe

%CommonPrograms%\accessories\accessibility\accessibility.exe

%CommonPrograms%\accessories\accessories.exe

%CommonPrograms%\accessories\communications\communications.exe

%CommonPrograms%\accessories\entertainment\entertainment.exe

%CommonPrograms%\programs.exe

%CommonPrograms%\startup\folderwiz.com

%CommonPrograms%\startup\kbdrv16.com

%CommonPrograms%\startup\msconfig.exe

%CommonPrograms%\startup\setup.exe

%CommonPrograms%\startup\startup.exe

%CommonPrograms%\startup\systemil2.exe

%DesktopDir%\desktop.exe

%Favorites%\favorites.exe

%Favorites%\links.exe

%Favorites%\links\links.exe

%FontsDir%\fonts.exe

%FontsDir%\tskmgr.exe

%LocalSettings%\explorer.exe

%LocalSettings%\services.exe

%LocalSettings%\smss.exe

%LocalSettings%\startup.exe

%LocalSettings%\svchost.exe

%LocalSettings%\winlogon.exe

%MyDocuments%\my pictures\mskernel.exe

%ProgramFiles%\antimalwareguard\amg.exe

%ProgramFiles%\bifrost\prosex.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\common files\adobeupdate.exe

%ProgramFiles%\common files\designer\designer.exe

%ProgramFiles%\common files\mssoap\binaries\binaries.exe

%ProgramFiles%\common files\mssoap\mssoap.exe

%ProgramFiles%\common files\odbc\odbc.exe

%ProgramFiles%\common files\services\services.exe

%ProgramFiles%\common files\speechengines\microsoft\tts\tts.exe

%ProgramFiles%\common files\speechengines\speechengines.exe

%ProgramFiles%\common files\system\ado\ado.exe

%ProgramFiles%\common files\system\msadc\msadc.exe

%ProgramFiles%\common files\system\system.exe

%ProgramFiles%\microsoft office\winword.exe

%ProgramFiles%\mirc\irc bot\services.exe

%ProgramFiles%\utorrent\utorrent.exe

%ProgramFiles%\vmware.exe

%ProgramFiles%\wowrd\wowrrdd.exe

%ProgramFiles%\xpcode\sexgame.exe

%ProgramFiles%\xpcode\sexscreensaver.scr

%Programs%\accessories\accessibility\accessibility.exe

%Programs%\accessories\accessories.exe

%Programs%\accessories\entertainment\entertainment.exe

%Programs%\programs.exe

%Programs%\startup\ctfmon.exe

%Programs%\startup\msoffice.exe

%Programs%\startup\startup.exe

%System%\1126\ctfmon.exe

%System%\3361\svchost.exe

%System%\551621078306l.exe

%System%\55162178306l.exe

%System%\amvo.exe

%System%\blastclnnn.exe

%System%\bttnserv.exe

%System%\chrome.exe

%System%\ckvo.exe

%System%\cmd.com

%System%\dd33d3\00c3ac.exe

%System%\dllcache\default.exe

%System%\dllcache\global.exe

%System%\dllcache\svchost.exe

%System%\dllcache\zipexr.dll

%System%\drivers\drivers.cab.exe

%System%\dxdiag.com

%System%\dxgdialog.exe

%System%\elniadu.exe

%System%\explorer\explorer.exe

%System%\f41\svchost.exe

%System%\fds\server.exe

%System%\flash.10.exe

%System%\fuvirus.exe

%System%\gphone.exe

%System%\gqexnc.exe

%System%\ico.exe

%System%\jambanmu.com

%System%\jim8r7e.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
%CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
%CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
%Favorites% is a variable that refers to the file system directory that serves as a common repository for the user's favorite items. A typical path is C:\Documents and Settings\[UserName]\Favorites.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).