Today I came across a system infected by Sality.
I tried to clean it with CCE, started CCE in agressive mode, but by that time itself (just after extraction from zip) it was itself infected by Sality, therefore all it's detections were fake.
I ran Kaspersky "Salitykiller" and came to know that CCE.exe, Killswitch.exe and Autoruns.exe were all already infected by CCE.
After two or three attempts (re extracting), I could finally get them to work. But,
CCE found some infections, after clicking clean it took forever to clean them...(just 36 files, it was just a smart scan)(salitykiller is not running by this time fyi)
I copied the samples and tried to clean them with CIS (CIS on my system just for verification) it was the same issue, even CAV takes forever to clean them, even asks for a reboot, after reboot says that it failed to clean.
One more piece of surprise is that Killswitch showed absolutely no unknown/infected processes (I was in aggressive mode), but the "psfli.pif" file was being repeatedly created on my pendrive even after deleting them manually many times (I could not delete autorun.inf at all, they were actually spreading sality infection, I doubt that there is still something running in the background saving and hiding the infection)
I would like to see a better cleaning routine like that of kaspersky "TDSSKiller" and "Salitykiller" implemented in CCE at least if not is CAV.
In the end, of course I ended up with a mess and had to go with a full fresh re installation.