Re: Internet Speed Monitor.... help me kill this virus
I am done with the DRWeb scan. I had to run it in Normal Mode. In Safe Mode, Windows simply restarted.
I don't know how to put all of the following in Palatable form, so here is an outline of what follows. I don't know if anything is important, but I guess for educational/ information sake, it could be of interest.
1- From DRWeb
2- History of Viral Scan/ Healing on 5/25
3- History of Viral Scan/ Healing on 5/28
4- Virus Vault of my Security System
Mind that some of the things in the Virus Vault are still posing a threat. I will compile a list if asked for it.
---------1--------1-------1------1-----1-----1
From DRWeb:
tmp13.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp1D.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp2.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp28.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp33.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp44.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp4C.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp62.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp6E.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmp6F.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
tmpA.tmp.exe;C:\Documents and Settings\new\Application Data;Trojan.Virtumod;Deleted.;
counter[1].htm\JavaScript.0;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\counter[1].htm;VBS.PackFor;;
counter[1].htm;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB;Archive contains infected objects;Moved.;
counter[2].htm\JavaScript.0;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\counter[2].htm;VBS.PackFor;;
counter[2].htm;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB;Archive contains infected objects;Moved.;
ffa_dn[1];C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB;Trojan.Virtumod;Deleted .;
count[1].htm\javascript.0;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\count[1].htm;VBS.Psyme.377;;
count[1].htm;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7;Archive contains infected objects;Moved.;
usa01[1].htm\JavaScript.0;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\usa01[1].htm;VBS.PackFor;;
usa01[1].htm;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7;Archive contains infected objects;Moved.;
counter[2].htm\JavaScript.0;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV\counter[2].htm;VBS.PackFor;;
counter[2].htm;C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV;Archive contains infected objects;Moved.;
ffa_dn[1];C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV;Trojan.Virtumod;Deleted .;
ffa_dn[2];C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV;Trojan.Virtumod;Deleted .;
popinstall.exe;C:\Program Files\InetGet2;Trojan.Winpop;Deleted.;
BndDrive.dll;C:\Program Files\ISM;Adware.SearchAid.37;;
A0049682.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29;Trojan.Fakealert.305 - read error;Deleted.;
A0050690.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29;Trojan.Fakealert.305 - read error;Deleted.;
A0050691.ini;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29;Trojan.Fakealert.305 - read error;Deleted.;
A0050692.dll;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29;Trojan.Fakealert.305 - read error;Deleted.;
A0050698.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29;Trojan.Fakealert.305 - read error;Deleted.;
A0050748.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29;Trojan.LowZones.267;Deleted.;
A0052749.dll;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30;Trojan.Virtumod;Deleted.;
A0052750.dll;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30;Trojan.Virtumod;Deleted.;
A0052751.dll;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30;Trojan.Virtumod;Deleted.;
A0053749.dll;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30;Trojan.Virtumod;Deleted.;
A0053800.dll;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32;Trojan.Virtumod;Deleted.;
A0054800.dll;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32;Trojan.Virtumod;Deleted.;
A0056993.dll;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33;Trojan.Virtumod;Deleted.;
A0067023.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067024.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067025.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067026.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067027.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067028.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067029.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067030.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067031.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067032.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067033.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Virtumod;Deleted.;
A0067034.exe;C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP37;Trojan.Winpop;Deleted.;
awwvts.dll;C:\WINDOWS;Trojan.Virtumod;Deleted.;
gebbxv.dll;C:\WINDOWS;Trojan.Virtumod;Deleted.;
nnklif.dll;C:\WINDOWS;Trojan.Virtumod;Deleted.;
tusqop.dll;C:\WINDOWS;Trojan.Virtumod;Deleted.;
hadjajr.ini;C:\WINDOWS\system32;Trojan.Fakealert.3 05 - read error;Deleted.;
msbind32.exe;C:\WINDOWS\system32;Trojan.Fakealert. 319;Deleted.;
vtr.dll;C:\WINDOWS\system32;Trojan.Fakealert.305 - read error;Deleted.;
winavxx.exe;C:\WINDOWS\system32;Trojan.Fakealert.3 05 - read error;Deleted.;
-------2-------2------2------2--------2------2
Virus Scan/ Healing/ Moving from 5/25
"Scanned","70971"
"Threats Found","51"
"Cleaned","0"
"Moved to vault","0"
"Deleted","50"
"Errors","0"
"C:\DOCUME~1\new\LOCALS~1\Temp\HalSrv64\svchost.ex e","","Deleted"
"C:\DOCUME~1\new\LOCALS~1\Temp\Persist32\svchost.e xe","","Deleted"
"C:\DOCUME~1\new\LOCALS~1\Temp\Redist32A\svchost.e xe","","Deleted"
"C:\DOCUME~1\new\LOCALS~1\Temp\bq0\svchost.exe","" ,"Deleted"
"C:\DOCUME~1\new\LOCALS~1\Temp\svchots.exe","","De leted"
"C:\Documents and Settings\new\svchost.exe","","Deleted"
"C:\WINDOWS\system32\KB_963491.exe","","Delete d"
"C:\WINDOWS\system32\clcl14.exe","","Deleted"
"C:\WINDOWS\system32\drivers\svchost.exe","","Dele ted"
"C:\WINDOWS\system32\svehost.exe","","Deleted"
"C:\WINDOWS\system32\sysalgg.exe","","Deleted"
"C:\1228666","","Deleted"
"C:\78.tmp","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp16.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp2C.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp63.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp70.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp72.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmpB.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmpF.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\2137213136.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\2364648736.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\322011568.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\487011808.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\799870240.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\bb.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\dekm.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\ffdn.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\par84D.tmp","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\rsysinit.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\temp.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\~5536.tmp","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\bq0\svchost.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\HalSrv64\svchost.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\Persist32\svchost.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\Redist32A\svchost.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\1808[1]","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\packed_installer_cna[1]","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\papamisha[1]","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\rd[1].htm","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\e199[1]","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\eagle[1]","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\rd[1].htm","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\O9IJ0TIR\dedamisha[1]","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV\papamisha[1]","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV\sysalgg[1].exe","","Deleted"
"C:\Program Files\Common Files\Yazzle1552OinAdmin.exe","","Deleted"
"C:\WINDOWS\b122.exe","","Deleted"
"C:\WINDOWS\retadpu72.exe","","Deleted"
"C:\WINDOWS\system32\drivers\ip6fw.sys","","Delete d"
3-----3------3--------3---------3
Virus Scan 5/28
"Object summary",""
"Scanned","72473"
"Threats Found","14"
"Cleaned","0"
"Moved to vault","1"
"Deleted","12"
"Errors","0"
"C:\WINDOWS\system32\kernel32.dll","Change","Chang ed"
"C:\WINDOWS\system32\user32.dll","Change","Changed "
"C:\WINDOWS\system32\shell32.dll","Change","Change d"
"C:\WINDOWS\system32\ntoskrnl.exe","Change","Chang ed"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\goo[1].htm","Virus found JS/Downloader.Agent","Infected"
"C:\Documents and Settings\new\Application Data\tmp19.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp2A.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp3.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp47.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmp71.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Application Data\tmpE.tmp.exe","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temp\~9832.tmp","","Deleted"
"C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\prxgx[1].tiff","","Moved to Vault"
"C:\WINDOWS\system32\tmp19.tmp.dll","","Delete d"
"C:\WINDOWS\system32\tmp2A.tmp.dll","","Delete d"
"C:\WINDOWS\system32\tmp47.tmp.dll","","Delete d"
"C:\WINDOWS\system32\tmp71.tmp.dll","","Delete d"
"C:\WINDOWS\system32\tmpE.tmp.dll","","Deleted "
---4-------4--------4---------4-------
Virus Vault
"","","Virus identified Obfustat.ESQ","C:\WINDOWS\system32\fcyvwwv.dll","8/25/2007 3:49:17 AM","fcyvwwv.dll","13 KB"
"","","Trojan horse Downloader.Agent.PLZ","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\rd[2].htm","8/25/2007 10:14:19 AM","rd[2].htm","14.56 KB"
"","","Trojan horse Downloader.Generic5.WGB","C:\DOCUME~1\new\LOCALS~1 \Temp\svchots.exe","8/25/2007 12:40:12 PM","svchots.exe","9.77 KB"
"","","Virus found Win32/PolyCrypt","C:\Documents and Settings\new\svchost.exe","8/25/2007 12:41:24 PM","svchost.exe","15.28 KB"
"","","Virus identified Obfustat.ITY","C:\WINDOWS\system32\hhclui.dll","8/25/2007 12:41:31 PM","hhclui.dll","92.49 KB"
"","","Trojan horse Downloader.Generic5.VVL","C:\WINDOWS\system32\htr4 ikg.dll","8/25/2007 12:41:38 PM","htr4ikg.dll","9.77 KB"
"","","Trojan horse Agent.GCP","C:\WINDOWS\system32\mashe.dll","8/25/2007 12:41:48 PM","mashe.dll","166 KB"
"","","Trojan horse Clicker.HRV","C:\DOCUME~1\new\LOCALS~1\Temp\wnset. exe","8/25/2007 10:19:20 AM","wnset.exe","14.56 KB"
"","","Virus identified Obfustat.AAK","C:\Documents and Settings\new\Application Data\tmp2.tmp.exe","8/25/2007 5:24:14 AM","tmp2.tmp.exe","57.42 KB"
"","","Trojan horse SHeur.FQO","C:\Program Files\Internet Explorer\idx1.exe","8/25/2007 3:57:49 AM","idx1.exe","51 KB"
"","","Trojan horse Generic6.SLO","C:\WINDOWS\system32\AClient.dll","8/25/2007 12:47:31 PM","AClient.dll","409.5 KB"
"","","Trojan horse Generic6.ADM","C:\WINDOWS\system32\clcl14.exe","8/25/2007 12:50:47 PM","clcl14.exe","389 KB"
"","","Trojan horse Proxy.EUN","C:\WINDOWS\system32\fbufv.dll","8/25/2007 12:56:23 PM","fbufv.dll","24.5 KB"
"","","Virus found Downloader.Obfuskated","C:\WINDOWS\system32\gopa.e xe","8/25/2007 12:57:36 PM","gopa.exe","8.5 KB"
"","","Trojan horse Proxy.LFD","C:\WINDOWS\system32\KB05895697.exe","8/25/2007 12:58:28 PM","KB05895697.exe","38 KB"
"","","Trojan horse Downloader.Tibs.7.O","C:\WINDOWS\system32\KB364743 88.exe","8/25/2007 12:58:54 PM","KB36474388.exe","7.64 KB"
"","","Trojan horse Downloader.Agent.KUR","C:\WINDOWS\system32\KB48559 630.exe","8/25/2007 12:58:59 PM","KB48559630.exe","16 KB"
"","","Trojan horse BackDoor.Generic8.DYA","C:\WINDOWS\system32\KB5169 5342.exe","8/25/2007 12:59:07 PM","KB51695342.exe","116 KB"
"","","Trojan horse Generic6.UUG","C:\WINDOWS\system32\KB73687313.exe" ,"8/25/2007 12:59:13 PM","KB73687313.exe","208 KB"
"","","Trojan horse Downloader.Generic5.MHM","C:\WINDOWS\system32\KB73 765802.exe","8/25/2007 12:59:18 PM","KB73765802.exe","7.5 KB"
"","","Trojan horse Agent.FXS","C:\WINDOWS\system32\KB83367426.exe","8/25/2007 12:59:23 PM","KB83367426.exe","19 KB"
"","","Trojan horse Generic6.USM","C:\WINDOWS\system32\KB87313428.exe" ,"8/25/2007 12:59:28 PM","KB87313428.exe","429 KB"
"","","Trojan horse Downloader.Generic5.DJQ","C:\WINDOWS\system32\KB_9 63491.exe","8/25/2007 1:00:51 PM","KB_963491.exe","13.38 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Application Data\tmp29.tmp.exe","8/25/2007 4:13:00 AM","tmp29.tmp.exe","54 KB"
"","","Virus identified Obfustat.AAK","C:\Documents and Settings\new\Application Data\tmp2B.tmp.exe","8/25/2007 4:14:05 AM","tmp2B.tmp.exe","57.42 KB"
"","","Trojan horse Clicker.HRV","C:\DOCUME~1\new\LOCALS~1\Temp\363098 8288.exe","8/25/2007 4:15:02 AM","3630988288.exe","14.56 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Application Data\tmp45.tmp.exe","8/25/2007 4:22:43 AM","tmp45.tmp.exe","54 KB"
"","","Virus identified Obfustat.ESQ","C:\WINDOWS\system32\fcyvwwv.dll","8/25/2007 3:07:48 AM","fcyvwwv.dll","13 KB"
"","","Virus identified Obfustat.AAK","C:\Documents and Settings\new\Application Data\tmp46.tmp.exe","8/25/2007 4:24:10 AM","tmp46.tmp.exe","57.42 KB"
"","","Trojan horse Clicker.HRV","C:\DOCUME~1\new\LOCALS~1\Temp\183302 0064.exe","8/25/2007 4:25:56 AM","1833020064.exe","14.56 KB"
"","","Trojan horse SHeur.HRE","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV\bbros[1].exe","8/25/2007 1:17:15 PM","bbros[1].exe","27.5 KB"
"","","Trojan horse SHeur.FQO","C:\Program Files\Internet Explorer\idx0.exe","8/25/2007 1:19:19 PM","idx0.exe","49 KB"
"","","Trojan horse SHeur.HRE","C:\DOCUME~1\new\LOCALS~1\Temp\bb.exe", "8/25/2007 1:20:19 PM","bb.exe","27.5 KB"
"","","Trojan horse SHeur.FQO","C:\Program Files\Internet Explorer\index1.exe","8/25/2007 1:20:25 PM","index1.exe","51 KB"
"","","Virus found Win32/PolyCrypt","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\lds[1].exe","8/25/2007 1:20:51 PM","lds[1].exe","15.28 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\WINDOWS\system32\spoolsvv. sys","8/25/2007 1:20:57 PM","spoolsvv.sys","7.44 KB"
"","","Virus identified Obfustat.UB","C:\WINDOWS\system32\qwerty12.exe","8/25/2007 1:21:06 PM","qwerty12.exe","53.94 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Application Data\tmp4D.tmp.exe","8/25/2007 4:32:02 AM","tmp4D.tmp.exe","54 KB"
"","","Trojan horse Downloader.Generic4.IQN","C:\WINDOWS\system32\svch 6.dll","8/25/2007 1:22:54 PM","svch6.dll","4 KB"
"","","Trojan horse Downloader.Generic3.FNV","C:\WINDOWS\system32\svch p4.exe","8/25/2007 1:23:09 PM","svchp4.exe","16.5 KB"
"","","Virus identified Obfustat.CVF","C:\WINDOWS\system32\svehost.exe","8/25/2007 1:23:31 PM","svehost.exe","31 KB"
"","","Trojan horse BackDoor.Agent.LXR","C:\WINDOWS\system32\sysalgg.e xe","8/25/2007 1:23:38 PM","sysalgg.exe","17.74 KB"
"","","Trojan horse Clicker.HRV","C:\DOCUME~1\new\LOCALS~1\Temp\352616 3248.exe","8/25/2007 4:35:19 AM","3526163248.exe","14.56 KB"
"","","Trojan horse BHO.ASI","C:\Documents and Settings\new\Application Data\tmp19.tmp.exe","8/28/2007 2:44:17 PM","tmp19.tmp.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\Documents and Settings\new\Application Data\tmp2A.tmp.exe","8/28/2007 2:44:18 PM","tmp2A.tmp.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\Documents and Settings\new\Application Data\tmp3.tmp.exe","8/28/2007 2:44:18 PM","tmp3.tmp.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\Documents and Settings\new\Application Data\tmp47.tmp.exe","8/28/2007 2:44:19 PM","tmp47.tmp.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\Documents and Settings\new\Application Data\tmp71.tmp.exe","8/28/2007 2:44:19 PM","tmp71.tmp.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\Documents and Settings\new\Application Data\tmpE.tmp.exe","8/28/2007 2:44:19 PM","tmpE.tmp.exe","77.61 KB"
"","","Trojan horse BackDoor.Agent.LXR","C:\Documents and Settings\new\Local Settings\Temp\~9832.tmp","8/28/2007 2:44:19 PM","~9832.tmp","17.74 KB"
"","","May be infected by unknown virus Exploit.WMF","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\prxgx[1].tiff","8/28/2007 2:44:31 PM","prxgx[1].tiff","13.65 KB"
"","","Trojan horse BHO.ASE","C:\WINDOWS\system32\tmp19.tmp.dll","8/28/2007 2:44:31 PM","tmp19.tmp.dll","63 KB"
"","","Trojan horse BHO.ASE","C:\WINDOWS\system32\tmp2A.tmp.dll","8/28/2007 2:44:32 PM","tmp2A.tmp.dll","63 KB"
"","","Trojan horse BHO.ASE","C:\WINDOWS\system32\tmp47.tmp.dll","8/28/2007 2:44:33 PM","tmp47.tmp.dll","63 KB"
"","","Trojan horse BHO.ASE","C:\WINDOWS\system32\tmp71.tmp.dll","8/28/2007 2:44:33 PM","tmp71.tmp.dll","63 KB"
"","","Trojan horse BHO.ASE","C:\WINDOWS\system32\tmpE.tmp.dll","8/28/2007 2:44:34 PM","tmpE.tmp.dll","63 KB"
"","","Virus found Win32/PolyCrypt","C:\WINDOWS\system32\drivers\svchost.ex e","8/25/2007 1:57:23 PM","svchost.exe","15.28 KB"
"","","Virus found Win32/PolyCrypt","C:\Documents and Settings\new\svchost.exe","8/25/2007 1:58:36 PM","svchost.exe","15.28 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29\A0050687.exe","8/29/2007 12:48:31 PM","A0050687.exe","53.5 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29\A0050704.exe","8/29/2007 12:49:18 PM","A0050704.exe","51 KB"
"","","Trojan horse Generic5.QGA","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29\A0050749.exe","8/29/2007 12:49:23 PM","A0050749.exe","12.5 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29\A0050751.exe","8/29/2007 12:49:25 PM","A0050751.exe","51 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30\A0052739.sys","8/29/2007 12:49:40 PM","A0052739.sys","7.44 KB"
"","","Virus identified Obfustat.UB","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30\A0052746.exe","8/29/2007 12:49:43 PM","A0052746.exe","53.94 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30\A0052757.sys","8/29/2007 12:49:49 PM","A0052757.sys","7.44 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30\A0052761.exe","8/29/2007 12:49:52 PM","A0052761.exe","51 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30\A0053755.sys","8/29/2007 12:49:56 PM","A0053755.sys","7.44 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30\A0053759.exe","8/29/2007 12:49:59 PM","A0053759.exe","51 KB"
"","","Virus identified Obfustat.UB","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP30\A0053763.exe","8/29/2007 12:50:01 PM","A0053763.exe","53.94 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP31\A0053767.exe","8/29/2007 12:50:04 PM","A0053767.exe","51 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32\A0053811.sys","8/29/2007 12:50:24 PM","A0053811.sys","7.44 KB"
"","","Virus identified Obfustat.ESQ","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32\A0053827.dll","8/29/2007 12:50:30 PM","A0053827.dll","13 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32\A0053829.exe","8/29/2007 12:50:32 PM","A0053829.exe","51 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32\A0053832.exe","8/29/2007 12:50:34 PM","A0053832.exe","54 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32\A0054804.sys","8/29/2007 12:50:37 PM","A0054804.sys","7.44 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32\A0055803.sys","8/29/2007 12:50:40 PM","A0055803.sys","7.44 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP32\A0056803.sys","8/29/2007 12:50:42 PM","A0056803.sys","7.44 KB"
"","","Virus found Win32/PolyCrypt","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057041.exe","8/29/2007 12:53:13 PM","A0057041.exe","15.28 KB"
"","","Trojan horse Downloader.Generic5.VVL","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057043.dll","8/29/2007 12:53:21 PM","A0057043.dll","9.77 KB"
"","","Trojan horse Agent.GCP","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057044.dll","8/29/2007 12:53:28 PM","A0057044.dll","166 KB"
"","","Trojan horse Generic6.SLO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057045.dll","8/29/2007 12:53:32 PM","A0057045.dll","409.5 KB"
"","","Trojan horse Generic6.ADM","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057046.exe","8/29/2007 12:53:40 PM","A0057046.exe","389 KB"
"","","Trojan horse Proxy.EUN","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057047.dll","8/29/2007 12:53:43 PM","A0057047.dll","24.5 KB"
"","","Virus found Downloader.Obfuskated","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057048.exe","8/29/2007 12:53:50 PM","A0057048.exe","8.5 KB"
"","","Trojan horse Proxy.LFD","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057049.exe","8/29/2007 12:53:54 PM","A0057049.exe","38 KB"
"","","Trojan horse Downloader.Tibs.7.O","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057050.exe","8/29/2007 12:53:57 PM","A0057050.exe","7.64 KB"
"","","Trojan horse Downloader.Agent.KUR","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057051.exe","8/29/2007 12:53:59 PM","A0057051.exe","16 KB"
"","","Trojan horse BackDoor.Generic8.DYA","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057052.exe","8/29/2007 12:54:03 PM","A0057052.exe","116 KB"
"","","Trojan horse Generic6.UUG","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057053.exe","8/29/2007 12:54:05 PM","A0057053.exe","208 KB"
"","","Trojan horse Downloader.Generic5.MHM","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057054.exe","8/29/2007 12:54:08 PM","A0057054.exe","7.5 KB"
"","","Trojan horse Agent.FXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057055.exe","8/29/2007 12:54:11 PM","A0057055.exe","19 KB"
"","","Trojan horse Generic6.USM","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057056.exe","8/29/2007 12:54:14 PM","A0057056.exe","429 KB"
"","","Trojan horse Downloader.Generic5.DJQ","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057057.exe","8/29/2007 12:54:19 PM","A0057057.exe","13.38 KB"
"","","Trojan horse BackDoor.Agent.LXR","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057058.exe","8/29/2007 12:54:23 PM","A0057058.exe","17.74 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057059.exe","8/29/2007 12:54:32 PM","A0057059.exe","49 KB"
"","","Trojan horse SHeur.FQO","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057060.exe","8/29/2007 12:54:35 PM","A0057060.exe","51 KB"
"","","Trojan horse BackDoor.Agent.LXS","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057061.sys","8/29/2007 12:54:37 PM","A0057061.sys","7.44 KB"
"","","Virus identified Obfustat.UB","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057062.exe","8/29/2007 12:54:41 PM","A0057062.exe","53.94 KB"
"","","Trojan horse Downloader.Generic4.IQN","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057063.dll","8/29/2007 12:54:43 PM","A0057063.dll","4 KB"
"","","Trojan horse Downloader.Generic3.FNV","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057064.exe","8/29/2007 12:54:46 PM","A0057064.exe","16.5 KB"
"","","Virus identified Obfustat.CVF","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057065.exe","8/29/2007 12:54:48 PM","A0057065.exe","31 KB"
"","","Virus found Win32/PolyCrypt","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057066.exe","8/29/2007 12:54:53 PM","A0057066.exe","15.28 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057067.exe","8/29/2007 12:54:56 PM","A0057067.exe","54 KB"
"","","Virus identified Obfustat.AAK","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057068.exe","8/29/2007 12:54:59 PM","A0057068.exe","57.42 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057069.exe","8/29/2007 12:55:00 PM","A0057069.exe","54 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057070.exe","8/29/2007 12:55:02 PM","A0057070.exe","54 KB"
"","","Virus identified Obfustat.AAK","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057071.exe","8/29/2007 12:55:04 PM","A0057071.exe","57.42 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057072.exe","8/29/2007 12:55:06 PM","A0057072.exe","54 KB"
"","","Virus identified Obfustat.AAK","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057073.exe","8/29/2007 12:55:09 PM","A0057073.exe","57.42 KB"
"","","Trojan horse Downloader.Generic5.BIU","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057074.exe","8/29/2007 12:55:11 PM","A0057074.exe","143.5 KB"
"","","Trojan horse Generic5.TZW","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057075.exe","8/29/2007 12:55:14 PM","A0057075.exe","55 KB"
"","","Trojan horse Downloader.Agent.NLE","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057076.exe","8/29/2007 12:55:17 PM","A0057076.exe","38.5 KB"
"","","Trojan horse BackDoor.Generic6.AIA","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP33\A0057077.sys","8/29/2007 12:55:20 PM","A0057077.sys","7.25 KB"
"","","Trojan horse BHO.ASE","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP34\A0059006.dll","8/29/2007 12:55:23 PM","A0059006.dll","63 KB"
"","","Trojan horse BHO.ASI","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063013.exe","8/29/2007 12:55:44 PM","A0063013.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063014.exe","8/29/2007 12:55:46 PM","A0063014.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063015.exe","8/29/2007 12:55:48 PM","A0063015.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063016.exe","8/29/2007 12:55:50 PM","A0063016.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063017.exe","8/29/2007 12:55:52 PM","A0063017.exe","77.61 KB"
"","","Trojan horse BHO.ASI","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063018.exe","8/29/2007 12:55:54 PM","A0063018.exe","77.61 KB"
"","","Trojan horse BHO.ASE","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063019.dll","8/29/2007 12:55:56 PM","A0063019.dll","63 KB"
"","","Trojan horse BHO.ASE","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063020.dll","8/29/2007 12:55:57 PM","A0063020.dll","63 KB"
"","","Trojan horse BHO.ASE","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063021.dll","8/29/2007 12:55:59 PM","A0063021.dll","63 KB"
"","","Trojan horse BHO.ASE","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063022.dll","8/29/2007 12:56:01 PM","A0063022.dll","63 KB"
"","","Trojan horse BHO.ASE","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP35\A0063023.dll","8/29/2007 12:56:02 PM","A0063023.dll","63 KB"
"","","Trojan horse BackDoor.Generic7.USL","C:\System Volume Information\_restore{77F3FC63-6211-47BA-B918-817616FF6D37}\RP29\A0047673.sys","8/25/2007 2:30:35 PM","A0047673.sys","28.38 KB"
"","","Trojan horse SHeur.FQO","C:\DOCUME~1\new\LOCALS~1\Temp\HalSrv64 \svchost.exe","8/25/2007 3:19:16 PM","svchost.exe","49 KB"
"","","Trojan horse SHeur.FQO","C:\DOCUME~1\new\LOCALS~1\Temp\Persist3 2\svchost.exe","8/25/2007 3:19:17 PM","svchost.exe","53.5 KB"
"","","Trojan horse SHeur.FQO","C:\DOCUME~1\new\LOCALS~1\Temp\Redist32 A\svchost.exe","8/25/2007 3:19:17 PM","svchost.exe","51 KB"
"","","Trojan horse SHeur.FQO","C:\DOCUME~1\new\LOCALS~1\Temp\bq0\svch ost.exe","8/25/2007 3:19:17 PM","svchost.exe","49 KB"
"","","Virus identified Obfustat.IWV","C:\1228666","8/25/2007 3:19:18 PM","1228666","117.91 KB"
"","","Trojan horse Downloader.Generic5.DYH","C:\78.tmp","8/25/2007 3:19:18 PM","78.tmp","9.57 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Application Data\tmp16.tmp.exe","8/25/2007 3:19:18 PM","tmp16.tmp.exe","54 KB"
"","","Virus identified Obfustat.AAK","C:\Documents and Settings\new\Application Data\tmp2C.tmp.exe","8/25/2007 3:19:18 PM","tmp2C.tmp.exe","57.42 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Application Data\tmp63.tmp.exe","8/25/2007 3:19:19 PM","tmp63.tmp.exe","54 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Application Data\tmp70.tmp.exe","8/25/2007 3:19:19 PM","tmp70.tmp.exe","54 KB"
"","","Virus identified Obfustat.AAK","C:\Documents and Settings\new\Application Data\tmp72.tmp.exe","8/25/2007 3:19:19 PM","tmp72.tmp.exe","57.42 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Application Data\tmpB.tmp.exe","8/25/2007 3:19:19 PM","tmpB.tmp.exe","54 KB"
"","","Virus identified Obfustat.AAK","C:\Documents and Settings\new\Application Data\tmpF.tmp.exe","8/25/2007 3:19:19 PM","tmpF.tmp.exe","57.42 KB"
"","","Trojan horse Downloader.Agent.PLZ","C:\Documents and Settings\new\Local Settings\Temp\2137213136.exe","8/25/2007 3:19:20 PM","2137213136.exe","14.56 KB"
"","","Trojan horse Downloader.Agent.PLZ","C:\Documents and Settings\new\Local Settings\Temp\2364648736.exe","8/25/2007 3:19:20 PM","2364648736.exe","14.56 KB"
"","","Trojan horse Downloader.Agent.PLZ","C:\Documents and Settings\new\Local Settings\Temp\322011568.exe","8/25/2007 3:19:20 PM","322011568.exe","14.56 KB"
"","","Trojan horse Downloader.Agent.PLZ","C:\Documents and Settings\new\Local Settings\Temp\487011808.exe","8/25/2007 3:19:20 PM","487011808.exe","14.56 KB"
"","","Trojan horse Downloader.Agent.PLZ","C:\Documents and Settings\new\Local Settings\Temp\799870240.exe","8/25/2007 3:19:20 PM","799870240.exe","14.56 KB"
"","","Virus identified Obfustat.CVF","C:\Documents and Settings\new\Local Settings\Temp\dekm.exe","8/25/2007 3:19:21 PM","dekm.exe","31 KB"
"","","Virus identified Obfustat.CVF","C:\Documents and Settings\new\Local Settings\Temp\ffdn.exe","8/25/2007 3:19:21 PM","ffdn.exe","31 KB"
"","","Trojan horse Proxy.SXP","C:\Documents and Settings\new\Local Settings\Temp\par84D.tmp","8/25/2007 3:19:21 PM","par84D.tmp","14 KB"
"","","Trojan horse Small.BM","C:\Documents and Settings\new\Local Settings\Temp\rsysinit.exe","8/25/2007 3:19:21 PM","rsysinit.exe","1.24 KB"
"","","Virus identified Obfustat.EXZ","C:\Documents and Settings\new\Local Settings\Temp\temp.exe","8/25/2007 3:19:21 PM","temp.exe","20.65 KB"
"","","Virus found Win32/PolyCrypt","C:\Documents and Settings\new\Local Settings\Temp\~5536.tmp","8/25/2007 3:19:21 PM","~5536.tmp","15.28 KB"
"","","Trojan horse Agent.FXS","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\1808[1]","8/25/2007 3:19:35 PM","1808[1]","19 KB"
"","","Trojan horse Proxy.LFD","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\packed_installer_cna[1]","8/25/2007 3:19:35 PM","packed_installer_cna[1]","38 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\papamisha[1]","8/25/2007 3:19:36 PM","papamisha[1]","54 KB"
"","","Trojan horse Downloader.Agent.PLZ","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\41UJSXYB\rd[1].htm","8/25/2007 3:19:36 PM","rd[1].htm","14.56 KB"
"","","Trojan horse BackDoor.Generic8.DYA","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\e199[1]","8/25/2007 3:19:36 PM","e199[1]","116 KB"
"","","Trojan horse Downloader.Generic5.MHM","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\eagle[1]","8/25/2007 3:19:36 PM","eagle[1]","7.5 KB"
"","","Trojan horse Clicker.HRV","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\GPMZKLQ7\rd[1].htm","8/25/2007 3:19:37 PM","rd[1].htm","14.56 KB"
"","","Virus identified Obfustat.AAK","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\O9IJ0TIR\dedamisha[1]","8/25/2007 3:19:37 PM","dedamisha[1]","57.42 KB"
"","","Trojan horse BackDoor.Generic8.BIY","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV\papamisha[1]","8/25/2007 3:19:37 PM","papamisha[1]","54 KB"
"","","Trojan horse BackDoor.Agent.LXR","C:\Documents and Settings\new\Local Settings\Temporary Internet Files\Content.IE5\W5E3G1AV\sysalgg[1].exe","8/25/2007 3:19:38 PM","sysalgg[1].exe","17.74 KB"
"","","Trojan horse Downloader.Generic5.BIU","C:\Program Files\Common Files\Yazzle1552OinAdmin.exe","8/25/2007 3:19:38 PM","Yazzle1552OinAdmin.exe","143.5 KB"
"","","Trojan horse Generic5.TZW","C:\WINDOWS\b122.exe","8/25/2007 3:19:39 PM","b122.exe","55 KB"
"","","Trojan horse Downloader.Agent.NLE","C:\WINDOWS\retadpu72.exe"," 8/25/2007 3:19:40 PM","retadpu72.exe","38.5 KB"
"","","Trojan horse BackDoor.Generic6.AIA","C:\WINDOWS\system32\driver s\ip6fw.sys","8/25/2007 3:19:41 PM","ip6fw.sys","7.25 KB"
|