Scanning Report Friday, February 29, 2008 01:23:36 - 02:56:01 Computer name: USER-8823FF3BFD Scanning type: Scan system for viruses, rootkits, spyware Target: C:\ D:\ Result: 16 malware found Trojan (spyware) * System (Disinfected) Trojan-Downloader.Win32.Small.imu (virus) * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101682.EXE (Renamed) Trojan-Downloader.Win32.VB.ceh (virus) * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101684.EXE * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP155\A0088382.EXE Vundo.gen38 (virus) * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0099523.INI * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101617.INI * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101630.INI * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101653.INI * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101685.INI * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101693.INI * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101713.INI Vundo.gen58 (virus) * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101680.DLL W32/DLoader.EHUZ.dropper (virus) * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0090687.EXE W32/Downloader (virus) * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0095425.EXE Win32.Trojandownloader.Zlob (spyware) * System (Disinfected) Windows (spyware) * System (Disinfected) Statistics Scanned: * Files: 52957 * System: 5253 * Not scanned: 6 Actions: * Disinfected: 3 * Renamed: 1 * Deleted: 0 * None: 12 * Submitted: 0 Files not scanned: * C:\PAGEFILE.SYS * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT * C:\SYSTEM VOLUME INFORMATION\MOUNTPOINTMANAGERREMOTEDATABASE * C:\SYSTEM VOLUME INFORMATION\_RESTORE{ABDBE250-325E-4827-93E1-063A83BE5DBD}\RP156\A0101671.DLL * C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\HSPERFDATA_USER\3072 * D:\SYSTEM VOLUME INFORMATION\MOUNTPOINTMANAGERREMOTEDATABASE Options Scanning engines: * F-Secure Libra: 2.4.2, 2008-02-28 * F-Secure AVP: 7.0.171, 2008-02-28 * F-Secure Orion: 1.2.37, 2008-02-28 * F-Secure Blacklight: 1.0.64 * F-Secure Draco: 1.0.35, 0598-150-72 * F-Secure Pegasus: 1.20.0, 2008-01-26 Scanning options: * Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB BAT LNK ANI AVB CEO CMD LSP MAP MHT MIF PDF PHP POT WMF NWS TAR TGZ WSF ZL? {* ZIP JAR ARJ LZH TAR TGZ GZ CAB RAR BZ2 HQXJPG SWF * Use Advanced heuristics Copyright © 1998-2006 Product support |Send virus sample to F-Secure F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.