Status: Deleted (events: 163) 1/24/2012 3:29:53 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Mary Kay\Application Data\Sun\Java\Deployment\cache\6.0\1\3e060fc1-25602dcc High 1/24/2012 3:29:54 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Mary Kay\Application Data\Sun\Java\Deployment\cache\6.0\40\3b46a028-2d3eac31 High 1/24/2012 3:29:54 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Mary Kay\Application Data\Sun\Java\Deployment\cache\6.0\40\3b46a028-58cd54fa High 1/24/2012 3:37:27 PM Deleted virus HEUR:Trojan.Win32.Generic C:\Documents and Settings\Mary Kay\Application Data\Sun\Java\Deployment\cache\6.0\48\3d58c9b0-6f98f95b High 1/24/2012 3:43:52 PM Deleted Trojan program Trojan-Dropper.Win32.FrauDrop.xyrw C:\Documents and Settings\Mary Kay\Local Settings\Temp\33F1.tmp High 1/24/2012 3:43:52 PM Deleted Trojan program Trojan-Dropper.Win32.FrauDrop.xyrw C:\Documents and Settings\Mary Kay\Local Settings\Temp\33F1.tmp//PE_Patch High 1/24/2012 4:43:24 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\44\1e8e536c-113b2012 High 1/24/2012 4:43:25 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\44\1e8e536c-13fb9e49 High 1/24/2012 4:43:24 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\44\1e8e536c-2fd6b7cf High 1/24/2012 4:43:42 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\44\1e8e536c-39925e05 High 1/24/2012 4:43:42 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\44\1e8e536c-581d0d03 High 1/24/2012 4:43:41 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\44\1e8e536c-7c77499d High 1/24/2012 5:23:37 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe Medium 1/24/2012 5:23:35 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.b C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//Setup.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.b C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//Setup.exe Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe Medium 1/24/2012 5:23:53 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.b C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//Setup.exe Medium 1/24/2012 5:23:35 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//adm4.dll Medium 1/24/2012 5:23:35 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//adm25.dll Medium 1/24/2012 5:23:35 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//adm.exe Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.x C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//admdata.dll Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.BrilliantDigital.3039 C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//admdloader.dll Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.j C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//admfdi.dll Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//admprog.dll Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.g C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//dmfiles.cab Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.g C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//dmfiles.cab//AltnetUninstall.exe Medium 1/24/2012 5:23:53 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//adm4.dll Medium 1/24/2012 5:23:53 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//adm25.dll Medium 1/24/2012 5:23:53 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//adm.exe Medium 1/24/2012 5:23:53 PM Deleted adware not-a-virus:AdWare.Win32.BrilliantDigital.3039 C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//admdloader.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//adm4.dll Medium 1/24/2012 5:23:53 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.j C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//admfdi.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//adm25.dll Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//admprog.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//adm.exe Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.g C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//dmfiles.cab Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.g C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//dmfiles.cab//AltnetUninstall.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.x C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//admdata.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.BrilliantDigital.3039 C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//admdloader.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.j C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//admfdi.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.a C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//admprog.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.g C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//dmfiles.cab Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.g C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//dmfiles.cab//AltnetUninstall.exe Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//pmexe.cab Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//pmexe.cab//Points Manager.exe Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//pmexe.cab//Points Manager.exe//Pex Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.BrilliantDigital.1007 C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//pmfiles.cab Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.BrilliantDigital.1007 C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//pmfiles.cab//sysdetect.dll Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.404Search.l C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//InstaFinderK_inst.exe Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.404Search.l C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//InstaFinderK_inst.exe//data0003 Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//TopSearch.dll Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//kazaa.exe Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//kazaa.exe//Execryptor Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//kazaa.exe//Execryptor//data0034.res Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//kazaa.exe//Execryptor//data0034.res//TopSearch.dll Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//kazaa.exe//Execryptor Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//kazaa.exe Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//pmexe.cab Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//pmexe.cab//Points Manager.exe Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//pmexe.cab//Points Manager.exe//Pex Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.BrilliantDigital.1007 C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//pmfiles.cab Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.BrilliantDigital.1007 C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//pmfiles.cab//sysdetect.dll Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.404Search.h C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//InstaFinderK_inst.exe Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.404Search.h C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//InstaFinderK_inst.exe//# Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//TopSearch.dll Medium 1/24/2012 5:23:37 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//RXToolbar.exe Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//RXToolbar.exe//RXToolBar.dll Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//RXToolbar.exe//sfcont.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//pmexe.cab Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//pmexe.cab//Points Manager.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.h C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//pmexe.cab//Points Manager.exe//Pex Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//RXToolbar.exe//Semantic Insight/SemanticInsight.exe Medium 1/24/2012 5:23:36 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//RXToolbar.exe//Semantic Insight/SemanticInsight.exe//UPX Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.404Search.l C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//InstaFinderK_inst.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.404Search.l C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//InstaFinderK_inst.exe//data0003 Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//TopSearch.dll Medium 1/24/2012 5:23:37 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//TBONInst.exe Medium 1/24/2012 5:23:37 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//TBONInst.exe//PE_Patch.PFD Medium 1/24/2012 5:23:37 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//TBONInst.exe//PE_Patch.PFD//PE-Crypt.PFD Medium 1/24/2012 5:23:37 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Shared Folder\kazaa323_en.exe//TBONInst.exe//PE_Patch.PFD//PE-Crypt.PFD//UPX Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.d C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//RXToolbar.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//kazaa.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//kazaa.exe//Execryptor Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.d C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//RXToolbar.exe//RXToolBar.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//kazaa.exe//Execryptor//data0034.res Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//kazaa.exe//Execryptor//data0034.res//TopSearch.dll Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.e C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//RXToolbar.exe//sfcont.dll Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//TBONInst.exe Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//TBONInst.exe//PE_Patch.PFD Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//TBONInst.exe//PE_Patch.PFD//PE-Crypt.PFD Medium 1/24/2012 5:23:54 PM Deleted adware not-a-virus:AdWare.Win32.BetterInternet.ba C:\Program Files\Kazaa\My Unshared Folder\kazaa300_en.exe//TBONInst.exe//PE_Patch.PFD//PE-Crypt.PFD//UPX Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//kazaa.exe//Execryptor Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.Altnet.d C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//kazaa.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//RXToolbar.exe Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//RXToolbar.exe//RXToolBar.dll Medium 1/24/2012 5:24:29 PM Deleted adware not-a-virus:AdWare.Win32.RXBar.f C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe//RXToolbar.exe//sfcont.dll Medium 1/24/2012 5:42:50 PM Deleted Trojan program Backdoor.Win32.ZAccess.avy C:\Qoobox\Quarantine\C\WINDOWS\assembly\GAC_MSIL\desktop.ini.vir High 1/24/2012 5:42:51 PM Deleted Trojan program Backdoor.Win32.ZAccess.aqn C:\Qoobox\Quarantine\C\WINDOWS\system32\c_42144.nl_.vir High 1/24/2012 5:51:02 PM Deleted virus Virus.Win32.ZAccess.e C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\serial.sys.vir High 1/24/2012 5:51:00 PM Deleted virus Virus.Win32.ZAccess.e C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\imapi.sys.vir High 1/24/2012 5:51:01 PM Deleted virus Virus.Win32.ZAccess.e C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\serial.sys.vir_ High 1/24/2012 5:52:00 PM Deleted Trojan program Backdoor.Win32.Papras.ahc C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0186792.dll High 1/24/2012 5:53:27 PM Deleted Trojan program Trojan.Win32.FakeAV.donv C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0190083.exe High 1/24/2012 6:48:00 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0195141.sys High 1/24/2012 6:48:00 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0196141.sys High 1/24/2012 6:47:33 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0195142.ini High 1/24/2012 6:48:01 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0196142.ini High 1/24/2012 6:48:37 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0197141.sys High 1/24/2012 6:48:20 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0197142.ini High 1/24/2012 6:48:26 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0198141.sys High 1/24/2012 6:48:23 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0198142.ini High 1/24/2012 6:49:41 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0198148.sys High 1/24/2012 6:48:47 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0198149.ini High 1/24/2012 6:49:42 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0198154.sys High 1/24/2012 6:49:42 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0198155.ini High 1/24/2012 6:50:43 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199155.ini High 1/24/2012 6:51:23 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199154.sys High 1/24/2012 6:51:23 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199158.sys High 1/24/2012 6:51:23 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199159.ini High 1/24/2012 6:53:16 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199164.sys High 1/24/2012 6:53:16 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199165.ini High 1/24/2012 6:53:15 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199173.sys High 1/24/2012 6:53:21 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199174.ini High 1/24/2012 6:53:28 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199200.ini High 1/24/2012 6:53:45 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0199199.sys High 1/24/2012 6:53:34 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0200199.sys High 1/24/2012 6:53:32 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0200200.ini High 1/24/2012 6:53:54 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201199.sys High 1/24/2012 6:53:45 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201200.ini High 1/24/2012 6:54:02 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201209.sys High 1/24/2012 6:53:55 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201210.ini High 1/24/2012 6:54:11 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201220.sys High 1/24/2012 6:54:03 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201221.ini High 1/24/2012 6:54:11 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201233.ini High 1/24/2012 6:54:55 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201232.sys High 1/24/2012 6:54:56 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201243.sys High 1/24/2012 6:54:56 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201244.ini High 1/24/2012 6:55:15 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201264.sys High 1/24/2012 6:55:08 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201265.ini High 1/24/2012 6:55:17 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201277.sys High 1/24/2012 6:55:16 PM Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201278.ini High 1/24/2012 6:55:42 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201287.sys High 1/24/2012 6:58:38 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201380.sys High 1/24/2012 6:58:37 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0202380.sys High 1/24/2012 6:58:35 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1603\A0202403.sys High 1/24/2012 7:00:44 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202411.sys High 1/24/2012 7:00:44 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202420.sys High 1/24/2012 7:00:44 PM Deleted Trojan program Backdoor.Win32.ZAccess.avy C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202421.ini High 1/24/2012 7:10:19 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202460.sys High 1/24/2012 7:09:36 PM Deleted Trojan program Backdoor.Win32.ZAccess.avy C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202461.ini High 1/24/2012 7:15:33 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202588.sys High 1/24/2012 7:15:33 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202664.sys High 1/24/2012 7:15:33 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202698.sys High 1/24/2012 7:19:23 PM Deleted Trojan program Backdoor.Win32.ZAccess.avy C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202699.ini High 1/24/2012 7:19:22 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1605\A0203698.sys High 1/24/2012 7:19:23 PM Deleted Trojan program Backdoor.Win32.ZAccess.avy C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1605\A0203699.ini High 1/24/2012 7:21:33 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1605\A0203742.sys High 1/24/2012 7:24:28 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1606\A0203822.sys High 1/24/2012 7:21:33 PM Deleted virus Virus.Win32.ZAccess.e C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1606\A0203999.sys High 1/24/2012 7:47:10 PM Deleted Trojan program Trojan.Win32.Diple.aljd C:\_OTL\MovedFiles\01202012_112305\C_Documents and Settings\All Users\Application Data\defender High 1/24/2012 7:47:13 PM Deleted Trojan program Trojan.Win32.Diple.aljd C:\_OTL\MovedFiles\01202012_112305\C_Documents and Settings\All Users\Application Data\defender.exe High 1/24/2012 7:47:10 PM Deleted Trojan program Backdoor.Win32.ZAccess.ob C:\_OTL\MovedFiles\01202012_112305\C_WINDOWS\3949259467:873831188.exe High Status: Disinfected (events: 43) 1/24/2012 3:36:59 PM Disinfected Trojan program Trojan-Downloader.Java.Agent.f C:\Documents and Settings\Mary Kay\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmsecman.jar-69ee0dc2-2cfe40d9.zip High 1/24/2012 3:36:59 PM Disinfected Trojan program Trojan-Downloader.Java.Agent.f C:\Documents and Settings\Mary Kay\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmsecman.jar-69ee0dc2-2cfe40d9.zip/vlocal.class High 1/24/2012 4:08:05 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\Program Files\Internet Explorer\iexplore.exe High 1/24/2012 3:56:27 PM Disinfected Trojan program Trojan.Win32.Patched.mf c:\Program Files\Internet Explorer\iexplore.exe High 1/24/2012 4:28:44 PM Disinfected Trojan program Exploit.Java.Agent.bu C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\10\653a8b4a-213e47ff High 1/24/2012 4:28:44 PM Disinfected Trojan program Exploit.Java.Agent.bu C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\10\653a8b4a-213e47ff/vmain.class High 1/24/2012 4:28:44 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.cs C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\12\3c8e0c-39247ecf High 1/24/2012 4:28:44 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.cs C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\12\3c8e0c-39247ecf/yandex/xmlparser.class High 1/24/2012 4:28:49 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.cp C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\15\11eb9a0f-6204c90d High 1/24/2012 4:28:49 PM Disinfected Trojan program Trojan.Java.Agent.al C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\15\11eb9a0f-6204c90d/bpac/remark.class High 1/24/2012 4:28:49 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.cp C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\15\11eb9a0f-6204c90d/yandex/xmlparser.class High 1/24/2012 4:40:50 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.cs C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\20\3a4595d4-132191e3 High 1/24/2012 4:40:50 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.cs C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\20\3a4595d4-132191e3/yandex/xmlparser.class High 1/24/2012 4:40:58 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.eg C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\22\1bb557d6-5a1f08a4 High 1/24/2012 4:40:58 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.ei C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\22\1bb557d6-5a1f08a4/google/mongo.class High 1/24/2012 4:40:50 PM Disinfected Trojan program Trojan-Downloader.Java.Agent.js C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\22\33889816-25b5d7f1 High 1/24/2012 4:40:50 PM Disinfected Trojan program Trojan-Downloader.Java.Agent.js C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\22\33889816-25b5d7f1/mordor/saruman.class High 1/24/2012 4:40:58 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.eg C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\22\1bb557d6-5a1f08a4/google/stomp.class High 1/24/2012 4:41:10 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.dd C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\26\25335b9a-16e9dd20 High 1/24/2012 4:41:10 PM Disinfected Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\26\25335b9a-16e9dd20/chrome/Unicode.class High 1/24/2012 4:41:10 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.dd C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\26\25335b9a-16e9dd20/direct/bear.class High 1/24/2012 4:42:36 PM Disinfected Trojan program Exploit.Java.Agent.bu C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\35\41e8aee3-64650e80 High 1/24/2012 4:42:36 PM Disinfected Trojan program Exploit.Java.Agent.bu C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\35\41e8aee3-64650e80/vmain.class High 1/24/2012 4:42:44 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.dd C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\36\35c67e64-68cc2e12 High 1/24/2012 4:42:44 PM Disinfected Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\36\35c67e64-68cc2e12/chrome/Unicode.class High 1/24/2012 4:42:44 PM Disinfected Trojan program Trojan-Downloader.Java.OpenConnection.dd C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\36\35c67e64-68cc2e12/direct/bear.class High 1/24/2012 4:47:13 PM Disinfected Trojan program Exploit.Java.Agent.bu C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\48\4084a7b0-58a82450 High 1/24/2012 4:47:13 PM Disinfected Trojan program Exploit.Java.Agent.bu C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\48\4084a7b0-58a82450/________vload.class High 1/24/2012 4:47:13 PM Disinfected Trojan program Exploit.Java.Agent.bu C:\Documents and Settings\Ricky\Application Data\Sun\Java\Deployment\cache\6.0\48\4084a7b0-58a82450/vmain.class High 1/24/2012 5:35:30 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe High 1/24/2012 5:41:51 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\Program Files\Application Updater\ApplicationUpdater.exe.vir High 1/24/2012 5:41:51 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe.vir High 1/24/2012 5:41:49 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\Program Files\Java\jre6\bin\jqs.exe.vir High 1/24/2012 5:42:01 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\Program Files\Viewpoint\Common\ViewpointService.exe.vir High 1/24/2012 5:42:08 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\WINDOWS\system32\msiexec.exe.vir High 1/24/2012 5:42:53 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\WINDOWS\system32\wuauclt.exe.vir High 1/24/2012 6:56:29 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201369.exe High 1/24/2012 6:56:22 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201370.exe High 1/24/2012 6:56:35 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201371.exe High 1/24/2012 6:56:37 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201372.exe High 1/24/2012 6:56:36 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1602\A0201373.exe High 1/24/2012 7:04:37 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202463.exe High 1/24/2012 7:09:36 PM Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1604\A0202582.exe High Status: Quarantined (events: 3) 1/24/2012 3:37:29 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\Mary Kay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ka9birrs.default\Cache\15CCB01Ad01 High 1/24/2012 3:37:29 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\Mary Kay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ka9birrs.default\Cache\15CCB01Ad01//data0000 High 1/24/2012 3:37:28 PM Quarantined virus HEUR:Trojan.Win32.Generic C:\Documents and Settings\Mary Kay\Local Settings\Temp\0.016089250759739326.exe High Status: Detected (events: 2) 1/24/2012 3:37:42 PM Detected Trojan program Packed.Win32.TDSS.aa C:\Documents and Settings\Mary Kay\Local Settings\Temp\n.exn High 1/24/2012 3:40:30 PM Detected Trojan program Packed.Win32.TDSS.aa C:\Documents and Settings\Mary Kay\Local Settings\Temporary Internet Files\Content.IE5\J3PO94LM\load[1].php High