Problem - mój komp spamuje

ugresia · 20 Sierpień 2006 12:42

Mam duży problem, otworzyłem plik i się zainfekowałem jakimś wirusem który żaden z anty wirów nie może wykryć (norton pisze że wszystko ok)

mój komp spamuje i muszę wyłączyć w nortonie filtrowanie wiadomości wychodzących bo cały ekran jes pełny od skanów i oto takich błędów:

i log z HijackThis

Logfile of HijackThis v1.99.1

Scan saved at 14:47:17, on 2006-08-20

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\System32\PAStiSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\AVerTV\QuickTV.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Winamp\Winamp.exe

C:\PROGRA~1\MOZILL~3\FIREFOX.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Cactus Spam Filter 2.13\cactusspamfilter.exe

C:\Program Files\ezicatalogue\eziCatalogue.exe

C:\PROGRA~1\NORTON~1\navw32.exe

C:\PROGRA~1\MOZILL~2\THUNDE~1.EXE

C:\WINDOWS\system32\mspaint.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\szwajne\USTAWI~1\Temp\Rar$EX04.515\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\GUI.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [com.codeode.cactusspamfilter] "C:\Program Files\Cactus Spam Filter 2.13\cactusspamfilter.exe" -minimized

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BlueSoleil.lnk = ?

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: QuickTV.lnk = C:\Program Files\AVerTV\QuickTV.exe

O8 - Extra context menu item: Eksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{CCAE0426-3D9F-42FF-BE6F-43618514DEA3}: NameServer = 194.204.152.34 217.98.63.164

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: Usługa Auto-Protect programu Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: Usługa Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe

Myszak · 20 Sierpień 2006 18:04

Start --> Uruchom --> cmd i wklep :

Użyj programu Killbox

–> Uruchamiasz zaznaczasz Delete on reboot, w polu full path of file wklej ścieżkę :

C:\WINDOWS\system32\nvsvcd.exe

C:\WINDOWS\system\smss.exe

Klikasz X i reset kompa. Wpisy skasuj Hijackiem.

Znasz te rzeczy ?

To są odpowiednio :

ten program oraz ten ?

ugresia · 26 Sierpień 2006 21:25

wszystko wiadomo norton nic nie wykrywał

Protection

----------

Total scanned:	25254

Detected:	67

Untreated:	0

Start time:	2006-08-26 14:08:44

Duration:	09:15:45



Detected

--------

Status	Object

------	------

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\WINDOWS\system\smss.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\DOCUME~1\SZWAJNE\USTAWI~1\TEMP\TMP1.TMP

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\WINDOWS\SYSTEM32\NVSVCD.EXE

deleted: Trojan program Trojan-PSW.Win32.Sinowal.v	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP69\A0001669.exe

deleted: Trojan program Rootkit.Win32.Agent.cf	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP75\A0013012.sys

deleted: Trojan program Backdoor.Win32.Reload.k	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP76\A0015371.exe/UPX

deleted: Trojan program Backdoor.Win32.Reload.k	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP79\A0017584.exe/UPX

deleted: Trojan program Trojan-Dropper.Win32.Microjoin.bj	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP79\A0017633.exe

deleted: Trojan program Trojan-PSW.Win32.Sinowal.ae	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP80\A0017688.dll

deleted: Trojan program Trojan-Downloader.Win32.Small.brj	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP81\A0017808.exe/FSG

deleted: Trojan program Trojan-Proxy.Win32.Small.et	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP82\A0017932.exe/FSG

deleted: virus Packed.Win32.Tibs	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020124.exe/CryptFF/FSG

deleted: Trojan program Trojan-PSW.Win32.Sinowal.ae	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020125.dll/CryptFF

deleted: Trojan program Trojan-Downloader.Win32.Small.dmx	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020126.exe/CryptFF

deleted: Trojan program Trojan.Win32.Delf.qn	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020127.exe/CryptFF/UPX

deleted: malware not-virus:Hoax.Win32.Renos.dc	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020128.exe/CryptFF/FSG

deleted: malware not-virus:Hoax.Win32.Renos.dc	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020129.exe/CryptFF/FSG

deleted: malware not-virus:Hoax.Win32.Renos.dc	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020130.exe/CryptFF/FSG

deleted: malware not-virus:Hoax.Win32.Renos.dc	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020131.exe/CryptFF/FSG

deleted: malware not-virus:Hoax.Win32.Renos.dc	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020132.exe/CryptFF/FSG

deleted: Trojan program Trojan-Downloader.Win32.Tiny.ap	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020133.exe/CryptFF/PE_Patch.UPX/UPX

deleted: Trojan program Trojan-Downloader.Win32.Tiny.ap	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020134.exe/CryptFF/PE_Patch.UPX/UPX

deleted: Trojan program Trojan-Downloader.Win32.Tiny.ap	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020135.exe/CryptFF/PE_Patch.UPX/UPX

deleted: Trojan program Trojan-Downloader.Win32.Tiny.ap	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020136.exe/CryptFF/PE_Patch.UPX/UPX

deleted: Trojan program Trojan-Downloader.Win32.Tiny.ap	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020137.exe/CryptFF/PE_Patch.UPX/UPX

deleted: virus Packed.Win32.Tibs	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020138.exe/CryptFF/FSG

deleted: virus Packed.Win32.Tibs	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020139.exe/CryptFF/FSG

deleted: virus Packed.Win32.Tibs	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020140.exe/CryptFF/FSG

deleted: virus Packed.Win32.Tibs	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020141.exe/CryptFF/FSG

deleted: Trojan program Trojan-Downloader.Win32.Tibs.fc	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020142.exe/CryptFF

deleted: Trojan program Trojan-Proxy.Win32.Wopla.z	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020143.exe/CryptFF/PE_Patch.UPX/UPX

deleted: malware not-virus:Hoax.Win32.Renos.cn	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020144.exe/CryptFF

deleted: Trojan program Backdoor.Win32.Reload.k	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020145.exe/CryptFF/UPX

deleted: Trojan program Backdoor.Win32.Reload.k	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020147.exe/CryptFF/UPX

deleted: Trojan program Trojan-PSW.Win32.Sinowal.ae	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020148.dll/CryptFF

deleted: Trojan program Trojan.Win32.Delf.qn	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020149.exe/CryptFF/UPX

deleted: Trojan program Trojan-Downloader.Win32.Small.brj	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020150.exe/CryptFF/FSG

deleted: Trojan program Trojan-PSW.Win32.Sinowal.v	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020151.exe/CryptFF

deleted: Trojan program Trojan-Proxy.Win32.Small.et	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020152.exe/CryptFF/FSG

deleted: Trojan program Backdoor.Win32.Delf.acq	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020153.exe/CryptFF/FSG

deleted: malware SpamTool.Win32.Delf.k	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020154.exe/CryptFF

deleted: Trojan program Trojan-PSW.Win32.Sinowal.ae	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020155.exe/CryptFF/PE_Patch.UPX/UPX

deleted: malware Email-Flooder.Win32.Delf.ad	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020157.exe/CryptFF

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020486.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020490.exe

deleted: Trojan program Trojan-Proxy.Win32.Horst.cb	File: D:\System Volume Information\_restore{642A46E3-58AB-469A-81FE-45357FBE7753}\RP58\A0003197.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.cb	File: D:\System Volume Information\_restore{642A46E3-58AB-469A-81FE-45357FBE7753}\RP62\A0010252.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\19exssd32.3.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\28exmodul32s.4.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\29exssd32.3.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\38exmodul32s.4.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\44exmodul32s.4.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\46exhdd.3.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\56exssd32.3.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\5exhdd.3.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\65exssd32.3.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\68exssd32.3.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\6exmodul32s.4.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\72exmodul32s.4.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\84exmodul32s.4.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\97exmodul32s.4.exe/UPX

deleted: Trojan program Trojan-Proxy.Win32.Horst.av	File: C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\Setup.exe/UPX

deleted: Trojan program Trojan-Dropper.Win32.Delf.yb	File: C:\RECYCLER\S-1-5-21-1390067357-1563985344-725345543-1003\Dc2.rar\WindowFX 3.0 by_THE_PAINMAKER_FOR_WWW_SAUGSTUBE_TO\windowfx_public.exe/UPX

deleted: Trojan program Trojan-Downloader.Win32.Small.crd	File: C:\WINDOWS\system32\systcm.dll

deleted: Trojan program Trojan-Proxy.Win32.Small.bo	File: C:\WINDOWS\system32\TheMatrixHasYou.exe/FSG

deleted: Trojan program Trojan-Downloader.Win32.Small.crd	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020524.dll

deleted: Trojan program Trojan-Proxy.Win32.Small.bo	File: C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020525.exe/FSG



Events

------

Time	Event

----	-----

2006-08-20 17:57:01	A full computer scan has never been performed. Please complete a full scan as soon as possible. The initial scan may be time consuming, but you may pause and resume the scan at any time.

2006-08-20 17:59:41	A full computer scan has never been performed. Please complete a full scan as soon as possible. The initial scan may be time consuming, but you may pause and resume the scan at any time.

2006-08-20 18:00:12	Update error: cannot establish connection.

2006-08-20 18:00:12	The threat signatures are out of date.

2006-08-20 18:00:27	Update error: cannot establish connection.

2006-08-20 18:00:27	The threat signatures are out of date.

2006-08-20 18:04:01	Update error: incorrect signature.

2006-08-20 18:04:01	The threat signatures are out of date.

2006-08-20 18:10:54	Update error: incorrect signature.

2006-08-20 18:13:21	Active Virus Shield is not activated.

2006-08-20 18:14:58	A full computer scan has never been performed. Please complete a full scan as soon as possible. The initial scan may be time consuming, but you may pause and resume the scan at any time.

2006-08-20 18:15:40	File C:\WINDOWS\system\smss.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:15:40	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:15:40	File C:\WINDOWS\system\smss.exe/UPX: is not disinfected, skipped by user

2006-08-20 18:15:56	File C:\WINDOWS\system\smss.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:16:04	File C:\WINDOWS\system\smss.exe/UPX: is not disinfected, cannot be disinfected

2006-08-20 18:16:22	Startup object HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\.nvsvc: deleted

2006-08-20 18:16:22	File C:\WINDOWS\system\smss.exe: deleted

2006-08-20 18:17:02	File C:\DOCUME~1\SZWAJNE\USTAWI~1\TEMP\TMP1.TMP: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:17:02	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:17:07	File C:\DOCUME~1\SZWAJNE\USTAWI~1\TEMP\TMP1.TMP: deleted

2006-08-20 18:17:09	File C:\WINDOWS\SYSTEM32\NVSVCD.EXE: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:17:09	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:17:14	Startup object HKLM\System\ControlSet001\Services\Windows Log\Windows Log: deleted

2006-08-20 18:17:14	Startup object HKLM\System\ControlSet002\Services\Windows Log\Windows Log: deleted

2006-08-20 18:17:14	File C:\WINDOWS\SYSTEM32\NVSVCD.EXE: deleted

2006-08-20 18:17:57	Process (PID 3736) tried to access Active Virus Shield process (PID 1776), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 18:17:57	Process (PID 3736) tried to access Active Virus Shield process (PID 2668), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 18:22:08	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP69\A0001669.exe: detected Trojan program Trojan-PSW.Win32.Sinowal.v

2006-08-20 18:22:08	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:22:08	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP69\A0001669.exe: is not disinfected, postponed

2006-08-20 18:23:27	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP75\A0013012.sys: detected Trojan program Rootkit.Win32.Agent.cf

2006-08-20 18:23:27	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:23:27	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP75\A0013012.sys: is not disinfected, postponed

2006-08-20 18:23:35	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP76\A0015371.exe/UPX: detected Trojan program Backdoor.Win32.Reload.k

2006-08-20 18:23:35	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP76\A0015371.exe/UPX: is not disinfected, postponed

2006-08-20 18:23:55	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP79\A0017584.exe/UPX: detected Trojan program Backdoor.Win32.Reload.k

2006-08-20 18:23:55	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:23:55	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP79\A0017584.exe/UPX: is not disinfected, postponed

2006-08-20 18:24:01	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP79\A0017633.exe: detected Trojan program Trojan-Dropper.Win32.Microjoin.bj

2006-08-20 18:24:01	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP79\A0017633.exe: is not disinfected, postponed

2006-08-20 18:24:06	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP80\A0017688.dll: detected Trojan program Trojan-PSW.Win32.Sinowal.ae

2006-08-20 18:24:06	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP80\A0017688.dll: is not disinfected, postponed

2006-08-20 18:30:15	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP81\A0017808.exe/FSG: detected Trojan program Trojan-Downloader.Win32.Small.brj

2006-08-20 18:30:15	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:30:15	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP81\A0017808.exe/FSG: is not disinfected, postponed

2006-08-20 18:30:19	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP82\A0017932.exe/FSG: detected Trojan program Trojan-Proxy.Win32.Small.et

2006-08-20 18:30:19	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP82\A0017932.exe/FSG: is not disinfected, postponed

2006-08-20 18:31:27	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020124.exe/CryptFF/FSG: detected virus Packed.Win32.Tibs

2006-08-20 18:31:27	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020124.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:27	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020125.dll/CryptFF: detected Trojan program Trojan-PSW.Win32.Sinowal.ae

2006-08-20 18:31:27	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020125.dll/CryptFF: is not disinfected, postponed

2006-08-20 18:31:27	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020126.exe/CryptFF: detected Trojan program Trojan-Downloader.Win32.Small.dmx

2006-08-20 18:31:27	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020126.exe/CryptFF: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020127.exe/CryptFF/UPX: detected Trojan program Trojan.Win32.Delf.qn

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020127.exe/CryptFF/UPX: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020128.exe/CryptFF/FSG: detected malware not-virus:Hoax.Win32.Renos.dc

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020128.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020129.exe/CryptFF/FSG: detected malware not-virus:Hoax.Win32.Renos.dc

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020129.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020130.exe/CryptFF/FSG: detected malware not-virus:Hoax.Win32.Renos.dc

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020130.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020131.exe/CryptFF/FSG: detected malware not-virus:Hoax.Win32.Renos.dc

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020131.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020132.exe/CryptFF/FSG: detected malware not-virus:Hoax.Win32.Renos.dc

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020132.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020133.exe/CryptFF/PE_Patch.UPX/UPX: detected Trojan program Trojan-Downloader.Win32.Tiny.ap

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020133.exe/CryptFF/PE_Patch.UPX/UPX: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020134.exe/CryptFF/PE_Patch.UPX/UPX: detected Trojan program Trojan-Downloader.Win32.Tiny.ap

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020134.exe/CryptFF/PE_Patch.UPX/UPX: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020135.exe/CryptFF/PE_Patch.UPX/UPX: detected Trojan program Trojan-Downloader.Win32.Tiny.ap

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020135.exe/CryptFF/PE_Patch.UPX/UPX: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020136.exe/CryptFF/PE_Patch.UPX/UPX: detected Trojan program Trojan-Downloader.Win32.Tiny.ap

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020136.exe/CryptFF/PE_Patch.UPX/UPX: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020137.exe/CryptFF/PE_Patch.UPX/UPX: detected Trojan program Trojan-Downloader.Win32.Tiny.ap

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020137.exe/CryptFF/PE_Patch.UPX/UPX: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020138.exe/CryptFF/FSG: detected virus Packed.Win32.Tibs

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020138.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020139.exe/CryptFF/FSG: detected virus Packed.Win32.Tibs

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020139.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020140.exe/CryptFF/FSG: detected virus Packed.Win32.Tibs

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020140.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020141.exe/CryptFF/FSG: detected virus Packed.Win32.Tibs

2006-08-20 18:31:28	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020141.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:29	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020142.exe/CryptFF: detected Trojan program Trojan-Downloader.Win32.Tibs.fc

2006-08-20 18:31:29	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020142.exe/CryptFF: is not disinfected, postponed

2006-08-20 18:31:29	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020143.exe/CryptFF/PE_Patch.UPX/UPX: detected Trojan program Trojan-Proxy.Win32.Wopla.z

2006-08-20 18:31:29	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020143.exe/CryptFF/PE_Patch.UPX/UPX: is not disinfected, postponed

2006-08-20 18:31:29	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020144.exe/CryptFF: detected malware not-virus:Hoax.Win32.Renos.cn

2006-08-20 18:31:29	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020144.exe/CryptFF: is not disinfected, postponed

2006-08-20 18:31:29	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020145.exe/CryptFF/UPX: detected Trojan program Backdoor.Win32.Reload.k

2006-08-20 18:31:29	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020145.exe/CryptFF/UPX: is not disinfected, postponed

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020147.exe/CryptFF/UPX: detected Trojan program Backdoor.Win32.Reload.k

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020147.exe/CryptFF/UPX: is not disinfected, postponed

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020148.dll/CryptFF: detected Trojan program Trojan-PSW.Win32.Sinowal.ae

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020148.dll/CryptFF: is not disinfected, postponed

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020149.exe/CryptFF/UPX: detected Trojan program Trojan.Win32.Delf.qn

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020149.exe/CryptFF/UPX: is not disinfected, postponed

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020150.exe/CryptFF/FSG: detected Trojan program Trojan-Downloader.Win32.Small.brj

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020150.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020151.exe/CryptFF: detected Trojan program Trojan-PSW.Win32.Sinowal.v

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020151.exe/CryptFF: is not disinfected, postponed

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020152.exe/CryptFF/FSG: detected Trojan program Trojan-Proxy.Win32.Small.et

2006-08-20 18:31:30	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020152.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:31	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020153.exe/CryptFF/FSG: detected Trojan program Backdoor.Win32.Delf.acq

2006-08-20 18:31:31	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020153.exe/CryptFF/FSG: is not disinfected, postponed

2006-08-20 18:31:31	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020154.exe/CryptFF: detected malware SpamTool.Win32.Delf.k

2006-08-20 18:31:31	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020154.exe/CryptFF: is not disinfected, postponed

2006-08-20 18:31:31	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020155.exe/CryptFF/PE_Patch.UPX/UPX: detected Trojan program Trojan-PSW.Win32.Sinowal.ae

2006-08-20 18:31:31	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020155.exe/CryptFF/PE_Patch.UPX/UPX: is not disinfected, postponed

2006-08-20 18:31:31	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020157.exe/CryptFF: detected malware Email-Flooder.Win32.Delf.ad

2006-08-20 18:31:31	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP83\A0020157.exe/CryptFF: is not disinfected, postponed

2006-08-20 18:31:49	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020486.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:31:49	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020486.exe/UPX: is not disinfected, postponed

2006-08-20 18:31:49	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020490.exe: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:31:49	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020490.exe: is not disinfected, postponed

2006-08-20 18:31:58	File D:\System Volume Information\_restore{642A46E3-58AB-469A-81FE-45357FBE7753}\RP58\A0003197.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.cb

2006-08-20 18:31:58	File D:\System Volume Information\_restore{642A46E3-58AB-469A-81FE-45357FBE7753}\RP58\A0003197.exe/UPX: is not disinfected, postponed

2006-08-20 18:32:00	File D:\System Volume Information\_restore{642A46E3-58AB-469A-81FE-45357FBE7753}\RP62\A0010252.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.cb

2006-08-20 18:32:00	File D:\System Volume Information\_restore{642A46E3-58AB-469A-81FE-45357FBE7753}\RP62\A0010252.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:40	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\19exssd32.3.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:40	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:34:40	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\19exssd32.3.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:41	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\28exmodul32s.4.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:41	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\28exmodul32s.4.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:41	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\29exssd32.3.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:41	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\29exssd32.3.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:41	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\38exmodul32s.4.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:41	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\38exmodul32s.4.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\44exmodul32s.4.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\44exmodul32s.4.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\46exhdd.3.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\46exhdd.3.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\56exssd32.3.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\56exssd32.3.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\5exhdd.3.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\5exhdd.3.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\65exssd32.3.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\65exssd32.3.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\68exssd32.3.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\68exssd32.3.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\6exmodul32s.4.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\6exmodul32s.4.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\72exmodul32s.4.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\72exmodul32s.4.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\84exmodul32s.4.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\84exmodul32s.4.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\97exmodul32s.4.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:42	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\97exmodul32s.4.exe/UPX: is not disinfected, postponed

2006-08-20 18:34:46	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\Setup.exe/UPX: detected Trojan program Trojan-Proxy.Win32.Horst.av

2006-08-20 18:34:46	File C:\Documents and Settings\szwajne\Ustawienia lokalne\Temp\Setup.exe/UPX: is not disinfected, postponed

2006-08-20 18:46:29	File C:\RECYCLER\S-1-5-21-1390067357-1563985344-725345543-1003\Dc2.rar\WindowFX 3.0 by_THE_PAINMAKER_FOR_WWW_SAUGSTUBE_TO\windowfx_public.exe/UPX: detected Trojan program Trojan-Dropper.Win32.Delf.yb

2006-08-20 18:46:29	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 18:46:29	File C:\RECYCLER\S-1-5-21-1390067357-1563985344-725345543-1003\Dc2.rar\WindowFX 3.0 by_THE_PAINMAKER_FOR_WWW_SAUGSTUBE_TO\windowfx_public.exe/UPX: is not disinfected, postponed

2006-08-20 18:51:08	File C:\WINDOWS\system32\systcm.dll: detected Trojan program Trojan-Downloader.Win32.Small.crd

2006-08-20 18:51:08	File C:\WINDOWS\system32\systcm.dll: is not disinfected, postponed

2006-08-20 18:51:09	File C:\WINDOWS\system32\TheMatrixHasYou.exe/FSG: detected Trojan program Trojan-Proxy.Win32.Small.bo

2006-08-20 18:51:09	File C:\WINDOWS\system32\TheMatrixHasYou.exe/FSG: is not disinfected, postponed

2006-08-20 19:43:11	File c:\recycler\s-1-5-21-1390067357-1563985344-725345543-1003\dc2.rar\WindowFX 3.0 by_THE_PAINMAKER_FOR_WWW_SAUGSTUBE_TO\windowfx_public.exe/UPX: detected Trojan program Trojan-Dropper.Win32.Delf.yb

2006-08-20 20:16:52	Update completed successfully.

2006-08-20 20:18:05	File c:\recycler\s-1-5-21-1390067357-1563985344-725345543-1003\dc2.rar\WindowFX 3.0 by_THE_PAINMAKER_FOR_WWW_SAUGSTUBE_TO\windowfx_public.exe: deleted

2006-08-20 20:18:05	File c:\windows\system32\systcm.dll: detected Trojan program Trojan-Downloader.Win32.Small.crd

2006-08-20 20:18:09	File c:\windows\system32\systcm.dll: deleted

2006-08-20 20:18:09	File c:\windows\system32\thematrixhasyou.exe/FSG: detected Trojan program Trojan-Proxy.Win32.Small.bo

2006-08-20 20:18:14	File c:\windows\system32\thematrixhasyou.exe: deleted

2006-08-20 20:35:55	Process (PID 1676) tried to access Active Virus Shield process (PID 1776), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 20:35:55	Process (PID 1676) tried to access Active Virus Shield process (PID 2668), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 20:40:56	Process (PID 2720) tried to access Active Virus Shield process (PID 1776), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 20:40:56	Process (PID 2720) tried to access Active Virus Shield process (PID 2668), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 20:42:46	Process (PID 2632) tried to access Active Virus Shield process (PID 1776), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 20:42:46	Process (PID 2632) tried to access Active Virus Shield process (PID 2668), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 20:46:10	Process (PID 3916) tried to access Active Virus Shield process (PID 1776), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 20:46:10	Process (PID 3916) tried to access Active Virus Shield process (PID 2668), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 21:38:08	Process (PID 904) tried to access Active Virus Shield process (PID 1776), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 21:38:08	Process (PID 904) tried to access Active Virus Shield process (PID 2668), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 21:39:50	Process (PID 400) tried to access Active Virus Shield process (PID 1776), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 21:39:50	Process (PID 400) tried to access Active Virus Shield process (PID 2668), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 21:42:26	Process (PID 2496) tried to access Active Virus Shield process (PID 2420), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 21:42:26	Process (PID 2496) tried to access Active Virus Shield process (PID 1740), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 22:05:04	Process (PID 272) tried to access Active Virus Shield process (PID 340), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 22:11:26	Process (PID 1744) tried to access Active Virus Shield process (PID 340), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 22:12:13	Process (PID 876) tried to access Active Virus Shield process (PID 340), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-20 22:26:42	Update error: cannot establish connection.

2006-08-20 22:28:41	Active Virus Shield is not activated.

2006-08-20 22:44:40	Update completed successfully.

2006-08-20 23:21:19	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020524.dll: detected Trojan program Trojan-Downloader.Win32.Small.crd

2006-08-20 23:21:19	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-20 23:24:55	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020524.dll: deleted

2006-08-21 06:29:22	Update error: cannot establish connection.

2006-08-21 06:34:26	Update completed successfully.

2006-08-21 19:23:24	Update error: cannot establish connection.

2006-08-21 19:28:14	Update completed successfully.

2006-08-21 19:40:51	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020525.exe/FSG: detected Trojan program Trojan-Proxy.Win32.Small.bo

2006-08-21 19:40:51	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-21 20:38:25	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020525.exe/FSG: is not disinfected, skipped by user

2006-08-22 16:03:15	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-22 16:03:26	Update completed successfully.

2006-08-22 20:07:52	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-22 20:08:27	Update completed successfully.

2006-08-22 20:25:13	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-23 19:15:57	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-23 19:16:18	Update error: cannot establish connection.

2006-08-23 19:21:29	Update completed successfully.

2006-08-23 20:19:23	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020525.exe/FSG: detected Trojan program Trojan-Proxy.Win32.Small.bo

2006-08-23 21:26:16	Update completed successfully.

2006-08-23 21:56:23	File C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020525.exe/FSG: is not disinfected, skipped by user

2006-08-24 17:58:41	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-24 17:58:42	Update error: cannot establish connection.

2006-08-24 18:03:36	Update completed successfully.

2006-08-25 22:02:25	Security threats have been detected. You are advised to neutralize them immediately.

2006-08-25 22:02:55	Update error: cannot establish connection.

2006-08-25 22:08:18	Update completed successfully.

2006-08-25 22:27:01	Process (PID 860) tried to access Active Virus Shield process (PID 260), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-25 22:27:01	Process (PID 860) tried to access Active Virus Shield process (PID 284), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-26 10:21:53	Update error: cannot establish connection.

2006-08-26 10:27:15	Update completed successfully.

2006-08-26 10:55:44	Process (PID 1564) tried to access Active Virus Shield process (PID 2044), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-26 10:55:44	Process (PID 1564) tried to access Active Virus Shield process (PID 700), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-26 12:32:15	Update completed successfully.

2006-08-26 14:35:29	Update completed successfully.

2006-08-26 16:00:17	Process (PID 1404) tried to access Active Virus Shield process (PID 260), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-26 16:00:17	Process (PID 1404) tried to access Active Virus Shield process (PID 620), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-26 16:27:12	Process (PID 1480) tried to access Active Virus Shield process (PID 260), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-26 16:27:12	Process (PID 1480) tried to access Active Virus Shield process (PID 620), but it has been blocked. This is Self-Defense monitoring, and you do not need to do anything.

2006-08-26 16:39:34	Update completed successfully.

2006-08-26 18:45:46	Update completed successfully.

2006-08-26 20:49:55	Update completed successfully.

2006-08-26 22:54:52	Update completed successfully.



Reports

-------

Task	Status	Start	Finish	Size

----	------	-----	------	----

File Anti-Virus	running	2006-08-26 14:08:44 3.5 MB

Mail Anti-Virus	running	2006-08-26 14:08:44 0 bytes

Scan Startup Objects	completed	2006-08-26 14:11:09	2006-08-26 14:11:41	802.4 KB

Update	completed	2006-08-26 14:33:54	2006-08-26 14:35:29	11.0 KB

Update	completed	2006-08-26 16:38:55	2006-08-26 16:39:34	10.6 KB

Update	completed	2006-08-26 18:44:09	2006-08-26 18:45:46	10.4 KB

Update	completed	2006-08-26 20:49:09	2006-08-26 20:49:55	10.5 KB

Update	completed	2006-08-26 22:54:09	2006-08-26 22:54:52	10.6 KB

Update	completed	2006-08-26 23:23:13	2006-08-26 23:23:47	9.1 KB



Quarantine

----------

Status	Object	Size	Added

------	------	----	-----



Backup

------

Status	Object	Size

------	------	----

Infected: Trojan program Trojan-Downloader.Win32.Small.brj	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020150.exe	4.5 KB

Infected: malware not-virus:Hoax.Win32.Renos.cn	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020144.exe	91.6 KB

Infected: Trojan program Trojan-PSW.Win32.Sinowal.ae	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020125.dll	75.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp84\a0020486.exe	43.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\5exhdd.3.exe	26.5 KB

Infected: Trojan program Trojan-Downloader.Win32.Small.crd	C:\System Volume Information\_restore{F3E30007-7149-46E8-8047-2D205893EBCB}\RP84\A0020524.dll	4 KB

Infected: malware not-virus:Hoax.Win32.Renos.dc	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020128.exe	6.0 KB

Infected: Trojan program Trojan.Win32.Delf.qn	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020149.exe	226.6 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\84exmodul32s.4.exe	47.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\46exhdd.3.exe	26.5 KB

Infected: Trojan program Trojan-Downloader.Win32.Tiny.ap	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020136.exe	6.4 KB

Infected: Trojan program Trojan-Proxy.Win32.Small.bo	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp84\a0020525.exe	1.2 KB

Infected: virus Packed.Win32.Tibs	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020140.exe	4.6 KB

Infected: Trojan program Trojan-Downloader.Win32.Tiny.ap	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020133.exe	6.4 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\setup.exe	47.5 KB

Infected: Trojan program Trojan.Win32.Delf.qn	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020127.exe	225 KB

Infected: malware not-virus:Hoax.Win32.Renos.dc	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020129.exe	6.0 KB

Infected: virus Packed.Win32.Tibs	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020124.exe	4.6 KB

Infected: Trojan program Trojan-PSW.Win32.Sinowal.ae	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020148.dll	62.9 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.cb	d:\system volume information\_restore{642a46e3-58ab-469a-81fe-45357fbe7753}\rp62\a0010252.exe	21.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\38exmodul32s.4.exe	47.5 KB

Infected: virus Packed.Win32.Tibs	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020141.exe	4.6 KB

Infected: Trojan program Trojan-Downloader.Win32.Tiny.ap	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020137.exe	6.4 KB

Infected: Trojan program Trojan-PSW.Win32.Sinowal.v	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020151.exe	4.9 KB

Infected: Trojan program Trojan-Proxy.Win32.Small.et	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020152.exe	13.0 KB

Infected: Trojan program Trojan-Downloader.Win32.Tibs.fc	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020142.exe	8.5 KB

Infected: Trojan program Trojan-Downloader.Win32.Small.brj	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp81\a0017808.exe	1.6 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\44exmodul32s.4.exe	47.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.cb	d:\system volume information\_restore{642a46e3-58ab-469a-81fe-45357fbe7753}\rp58\a0003197.exe	21.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\19exssd32.3.exe	25.5 KB

Infected: malware not-virus:Hoax.Win32.Renos.dc	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020130.exe	6.0 KB

Infected: Trojan program Trojan-Downloader.Win32.Tiny.ap	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020135.exe	6.4 KB

Infected: malware SpamTool.Win32.Delf.k	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020154.exe	601.5 KB

Infected: Trojan program Trojan-Downloader.Win32.Tiny.ap	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020134.exe	6.4 KB

Infected: virus Packed.Win32.Tibs	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020138.exe	4.6 KB

Infected: Trojan program Backdoor.Win32.Reload.k	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020145.exe	319.0 KB

Infected: Trojan program Backdoor.Win32.Delf.acq	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020153.exe	828.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\29exssd32.3.exe	25.5 KB

Infected: Trojan program Trojan-Dropper.Win32.Delf.yb	c:\recycler\s-1-5-21-1390067357-1563985344-725345543-1003\dc2.rar	3.9 MB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp84\a0020490.exe	48 KB

Infected: Trojan program Trojan-Proxy.Win32.Wopla.z	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020143.exe	16.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\68exssd32.3.exe	25.5 KB

Infected: virus Packed.Win32.Tibs	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020139.exe	4.6 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\28exmodul32s.4.exe	47.5 KB

Infected: malware Email-Flooder.Win32.Delf.ad	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020157.exe	572.8 KB

Infected: Trojan program Trojan-Downloader.Win32.Small.crd	c:\windows\system32\systcm.dll	4 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\97exmodul32s.4.exe	47.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Small.bo	c:\windows\system32\thematrixhasyou.exe	1.2 KB

Infected: Trojan program Trojan-PSW.Win32.Sinowal.ae	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020155.exe	74.3 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\56exssd32.3.exe	25.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\72exmodul32s.4.exe	47.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Small.et	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp82\a0017932.exe	10.1 KB

Infected: Trojan program Backdoor.Win32.Reload.k	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020147.exe	175.5 KB

Infected: malware not-virus:Hoax.Win32.Renos.dc	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020132.exe	6.0 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\6exmodul32s.4.exe	47.5 KB

Infected: Trojan program Trojan-Downloader.Win32.Small.dmx	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020126.exe	11.5 KB

Infected: Trojan program Trojan-Proxy.Win32.Horst.av	c:\documents and settings\szwajne\ustawienia lokalne\temp\65exssd32.3.exe	25.5 KB

Infected: malware not-virus:Hoax.Win32.Renos.dc	c:\system volume information\_restore{f3e30007-7149-46e8-8047-2d205893ebcb}\rp83\a0020131.exe	6.0 KB