Categories: Trojan,Adware,Toolbar,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.
Trojans-downloaders downloads and installs new malware or adware on the computer.
[Kaspersky]Trojan-Downloader.Win32.IstBar.gn,TrojanDownloader.Win32.Small.uf,Trojan-Downloader.Win32.Agent.anz,Troajn-Downloader.Win32.VB.afu,Trojan-Downlaoder.Win32.Agent.anu,Trojan-Downlaoder.Win32.Agent.ass,Trojan-Dwonloader.win32.Agent.anu,Trojan-Downloader.Win32.Small.ddy,Trojan-Downloader.Win32.VB.aif,Trojan-Downloader.Win32.Small.dix,Trojan-Downloader.win32.Small.buq,Trojan-Downloader.Win32.Small.bsq,Trojan-Downloader.Win32.Delf.abt,Trojan-Downlaoder.Win32.Delf.atu,Trojan-Downloader.Win32.Small.cyh,Trojan-Downloader.Win32Obfuscated.n,Trojan-Downlaoder.Win32.Small.dlb,Trojan-Downloader.Win32.Obfuscated.n,Trojan-Dropper.Win32.Small.asi,Trojan-Downloader.Win32.Small.auy,Trojan-Downloader.Win32.Small.dgz,Trojan-Downloader.Win32.Mudrop.bq,Trojan-Downloader.Win32.VB.aam,Trojan-Downloader.Win32.Small.cjh,Trojan-Dropper.win32.Delf.wo,Trojan-Clicker.Win32.Small.ja,Trojan-Downloader.Win32.Agent.avm,Trojan-Downloader.Win32.Small.cmu,Trojan-Dropper.Win32.Agent.ata,Trojan-CLicker.Win32.Small.kj,Trojan-Downloader.Win32.Small.btj,Trojan-Downloader.Win32.Small.dbi,Trojan-Downloader.Win32.VB.ji,Trojan-Downloader.Win32.Agent.rq,Trojan-Downloader.Win32.Small.bfb,Trojan-Downloader.Win32.VB.ags,Trojan-Downloader.Win32.Agent.apn,Worm.Win32.Delf.ah,Trojan-Downloader.Win32.Small.dxg,Trojan-Downloader.Win32.Small.us,Trojan-Downloader.Win32.Delf.aku,Trojan-Downloader.Win32.Delf.df,Trojan.Win32.Delf.dq,Trojan-Downloader.win32.VB.auq,Trojan-Downloader.Win32.Small.aom,Trojan-PSW.Win32.OnLineGames.vv,Trojan-Dropper.Win32.Delf.ev;
[Eset]Win32/TrojanDownloader.Agent.AE trojan,Win32/TrojanDownloader.Alchemic.A trojan;
[McAfee]Downloader-AXM,Downloader-AXU,Downloader-AFY,Generic.Downloader.c,Downloader-AXF,Generic Downloader. k,Downloader-VC,Generic Downloader.k,Generic.dl,Downlaoder-ASK,Generic.dk,Generic.dp,Downloader-JU,Downloader-NV,Downloader-BCJ,Generic Downloader.j;
[F-Prot]W32/Downloader.SS,W32/Delf.DB;
[Panda]Trj/Downloader.GK,Trj/Downloader.NG,Trj/Donn.A,Trj/Agent.AO,Trj/Downloader.DC,Adware/IPInsight,Adware/Twain-Tech,Trj/Downloader.HE,Spyware/TVMedia,Trj/Downloader.SV,Trj/Delnetdall.A,Spyware/Overpro;
[Computer Associates]Win32.SillyDL.DL,Win32.SillyDL.DM,Win32.SillyDl.DW,Win32.SillyDl.DX,Win32/SillyDL.37888!Trojan,Win32/SillyDL.DW!Trojan,Win32/SillyDL.DX!Trojan,Win32.SillyDl.BX,Win32.SillyDl.AK,Win32/Gloogle.55174!Trojan,Win32.SillyDl.O,Win32.SillyDl.DV,Win32/SillyDL.DV!Trojan,Win32.SillyDl.DG,Win32/SillyDl.69632!Trojan,Win32.SillyDl,Win32/Ecip.143360!Downlaoder!Tro,Win32.SillyDl.H,Win32/Gloogle!Downloader.52626!T,Win32.SillyDl.EN,Win32.SillyDl.EW,Win32/EliteBar!BHO!Dropper,Win32/EliteBar!BHO!Trojan,Win32.SillyDl.CS,Win32/SillyDl.CS!Trojan,Win32.SillyDl.CM,Win32/Sillydl.EL!Trojan,Win32.Dent.A;
[Other]Downloader,Win32/SillyDl.ATS,Win32/SillyDl.ATM,Win32/SillyDl,Win32/SillyDl.ATV,Downloader.Trojan,Win32/SillyDl.AUS,Win32/SillyDl.AUO,Win32/SillyDl.AVE,Win32/SillyDl.AUW,Win32/SillyDl.AVM,Win32/SillyDl.AVH,Win32/SillyDl.AMZ,Win32/SillyDl.AVN,Win32/SillyDl.AUH,Win32/SillyDl.AZA,Trojan-Downlaoder.Win32.Small.dsv,Win32/sillyDl.AZC,Win32/SillyDl.AOY,Trojan-Downlaoder.Win32.Small.czs,Win32/DillDL.4mga!,Win32/SillyDl.PW,Win32/SillyDl.ATF,Dialer.DialPlatform,MediaMotor,Adware.Medload,Trojan.Adclicker,Trojan.Dropper,enbrowser,Win32/SillyDl.AZV,Generic Downloader.ab,Downloader-ACV,visfx,Win32/SillyDl.AWZ,Win32/SillyDl.AUK,Win32/SillyDl.ATP,Win32/SillyDl.AUA,Win32/SillyDl.ATU,coolwebsearch (cws),Win32/SillyDl.BBO,W32/Smalldrp.GOJ,Win32/SillyDl.XF,W32/Smalldrp.FBZ,Downlaoder,Trojan.KillAV,Trojan.StartPage,Win32/SillyDl.W,Win32/SillyDl.CLI,Win32/SillyDl.EE,Adware.JustFindIt,Trojan.Delf,Troj/Delf-DV,Win32/SillyDl.EC,xpehbam dialer,Win32/SillyDl.SZ,Backdoor.Trojan,Win32/SillyDl.ZN,Trojan Horse,Trojan:Win32/Meredrop,W32/Smalldrp.FIE,TROJ_Generic.Z,Troj/Delf-JZVisible Symptoms:
Files in system folders:
[%INTERNET_CACHE%]\Content.IE5\4LM3S9IZ\L2[1].exe
[%INTERNET_CACHE%]\content.ie5\K3TRUY71\tool3[1].txt
[%INTERNET_CACHE%]\content.ie5\VYSFJHOX\ms1[1].txt
[%PROFILE_TEMP%]\1245934_4056_580_3468_79.41.tst
[%PROFILE_TEMP%]\1311928_2992_580_2720_79.41.tst
[%PROFILE_TEMP%]\131658_2360_200_2420_79.41.tst
[%PROFILE_TEMP%]\131658_2360_200_2448_79.41.tst
[%PROFILE_TEMP%]\131736_1332_348_1076_79.41.tst
[%PROFILE_TEMP%]\131802_3512_1848_3668_79.41.tst
[%PROFILE_TEMP%]\1376672_4056_580_3668_79.41.tst
[%PROFILE_TEMP%]\1835924_4056_580_1172_79.41.tst
[%PROFILE_TEMP%]\1901206_236_224_3244_79.41.tst
[%PROFILE_TEMP%]\1966774_4056_580_2888_79.41.tst
[%PROFILE_TEMP%]\2097914_1300_580_4064_79.41.tst
[%PROFILE_TEMP%]\262708_236_224_1640_79.41.tst
[%PROFILE_TEMP%]\328360_3512_1848_3552_79.41.tst
[%PROFILE_TEMP%]\590892_1968_580_1572_79.41.tst
[%PROFILE_TEMP%]\6226776_2992_580_2932_79.41.tst
[%PROFILE_TEMP%]\656248_616_2024_3032_79.41.tst
[%PROFILE_TEMP%]\656268_3512_1848_2256_79.41.tst
[%PROFILE_TEMP%]\656432_1968_580_3636_79.41.tst
[%PROFILE_TEMP%]\66306_1016_224_2100_79.41.tst
[%PROFILE_TEMP%]\66326_1332_348_612_79.41.tst
[%PROFILE_TEMP%]\66362_2568_212_3020_79.41.tst
[%PROFILE_TEMP%]\66534_2360_200_3400_79.41.tst
[%PROFILE_TEMP%]\6YQoWs.exe
[%PROFILE_TEMP%]\7340640_616_2024_2116_79.41.tst
[%PROFILE_TEMP%]\787048_2568_212_3896_79.41.tst
[%PROFILE_TEMP%]\983876_2992_580_3020_79.41.tst
[%PROFILE_TEMP%]\984042_2992_580_3184_79.41.tst
[%PROFILE_TEMP%]\btgrab.inf
[%PROFILE_TEMP%]\ceQau6.exe
[%PROFILE_TEMP%]\E2f8oD.exe
[%PROFILE_TEMP%]\GLF35GLF35.EXE
[%PROFILE_TEMP%]\ICD2.tmp\m67m.inf
[%PROFILE_TEMP%]\ICD6.tmp\elite.inf
[%PROFILE_TEMP%]\ICD6.tmp\elite.ocx
[%PROFILE_TEMP%]\istsv_.exe
[%PROFILE_TEMP%]\kmGc9H.exe
[%PROFILE_TEMP%]\localNrd.inf
[%PROFILE_TEMP%]\ma11x1dd12111v.game
[%PROFILE_TEMP%]\mmxsnet.exe
[%PROFILE_TEMP%]\polmx.exe
[%PROFILE_TEMP%]\polmx2.inf
[%PROFILE_TEMP%]\polmx3.exe
[%PROFILE_TEMP%]\poltt.cab
[%PROFILE_TEMP%]\poltt.exe
[%PROFILE_TEMP%]\poltt.inf
[%PROFILE_TEMP%]\pre.exe
[%PROFILE_TEMP%]\temp.fr????\istsvc.exe
[%PROFILE_TEMP%]\THI1E47.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI2855.tmp\btgrab.inf
[%PROFILE_TEMP%]\THI30CA.tmp\polall1m.exe
[%PROFILE_TEMP%]\THI3263.tmp\polall1m.exe
[%PROFILE_TEMP%]\THI3B2A.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI3E66.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI411B.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI4313.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI4EFD.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI50FB.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI598C.tmp\btgrab.inf
[%PROFILE_TEMP%]\THI5A06.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI62BF.tmp\polall1t.exe
[%PROFILE_TEMP%]\THI62BF.tmp\twaintec.cab
[%PROFILE_TEMP%]\ts_8_new.exe
[%PROFILE_TEMP%]\xI8bHF.exe
[%PROFILE_TEMP%]\Y7TDSp.exe
[%PROGRAM_FILES%]\epicenter\snuninst.exe
[%SYSTEM%]\0.exe
[%SYSTEM%]\aaa00000.dll
[%SYSTEM%]\aaa00000.sys
[%SYSTEM%]\big5_gb2312.exe
[%SYSTEM%]\bpara.dll
[%SYSTEM%]\Cache\us4.0-2.exe
[%SYSTEM%]\cpoepnkf.exe
[%SYSTEM%]\dllhost32.exe
[%SYSTEM%]\elitedoolsav.dat
[%SYSTEM%]\laesbpfl.exe_
[%SYSTEM%]\m1ax1d1213216143v.exe
[%SYSTEM%]\my_update.exe
[%SYSTEM%]\oiimvtre.exe
[%SYSTEM%]\polall1m.exe
[%SYSTEM%]\start32.exe
[%SYSTEM%]\systf.dll
[%SYSTEM%]\TheMatri1HasYou.exe
[%SYSTEM%]\ujscvhfh.exe
[%SYSTEM%]\vbefsspc.exe
[%SYSTEM%]\winsrv32.exe
[%SYSTEM%]\xplugin.dll
[%SYSTEM%]\xvlqqfbx.exe
[%WINDOWS%]\1.exe
[%WINDOWS%]\109uninst.exe
[%WINDOWS%]\alchem.exe
[%WINDOWS%]\BTGrab.dll
[%WINDOWS%]\Downloaded Program Files\m67m.inf
[%WINDOWS%]\etb\etl
[%WINDOWS%]\etb\nt_hide79.dll
[%WINDOWS%]\etb\pokapoka79.exe
[%WINDOWS%]\etb\xml\adult.tbr
[%WINDOWS%]\etb\xml\images\50kwincash2.bmp
[%WINDOWS%]\etb\xml\images\casino.bmp
[%WINDOWS%]\etb\xml\images\dating.bmp
[%WINDOWS%]\etb\xml\images\findemails.bmp
[%WINDOWS%]\etb\xml\images\ringtones.bmp
[%WINDOWS%]\etb\xml\images\searchpeople.bmp
[%WINDOWS%]\etb\xml\images\virus.bmp
[%WINDOWS%]\inf\btgrab.inf
[%WINDOWS%]\inf\localNrd.inf
[%WINDOWS%]\localNRD.dll
[%WINDOWS%]\mousepad12.exe
[%WINDOWS%]\ms044779575-1262006.exe
[%WINDOWS%]\polmx.exe
[%WINDOWS%]\preinsln.exe
[%WINDOWS%]\TEMP\b.com
[%WINDOWS%]\temp\backups\backup-20060602-131510-617.inf
[%WINDOWS%]\TEMP\bl4ck.com
[%WINDOWS%]\TEMP\ma11x1dd12111v.game
[%WINDOWS%]\thin.exe
[%WINDOWS%]\videoc.ocx
[%WINDOWS%]\win32105-1264779572006.exe
[%PROFILE_TEMP%]\conscorr.exe
[%PROFILE_TEMP%]\msshed32.exe
[%PROFILE_TEMP%]\suicidetb.exe
[%PROFILE_TEMP%]\temporary directory 1 for jcrea250[1].zip\setup.exe
[%PROFILE_TEMP%]\thi14a5.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi15e8.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi174f.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi1832.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi1f8d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi2357.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi23f0.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi261a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi261a.tmp\twaintec.dll
[%PROFILE_TEMP%]\thi261a.tmp\twaintec.inf
[%PROFILE_TEMP%]\thi2e2b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi334f.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi36e.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi390d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi3a0.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi3c79.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi400a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4020.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi406.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4941.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4a64.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4e3b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4e88.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi5249.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi5291.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi542b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi565d.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi5755.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi58e1.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi5c06.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6513.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi659c.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi67dd.tmp\btgrab.dll
[%PROFILE_TEMP%]\thi67dd.tmp\btgrab.inf
[%PROFILE_TEMP%]\thi686d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi69c9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6b86.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6ea2.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi734b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi76c9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7caf.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7fc9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7fd.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi98a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thia59.tmp\polall1m.exe
[%PROFILE_TEMP%]\thib58.tmp\polall1m.exe
[%PROFILE_TEMP%]\thib6f.tmp\polall1m.exe
[%SYSTEM%]\12345.exe
[%SYSTEM%]\akazafex.exe
[%SYSTEM%]\avtapi.exe
[%SYSTEM%]\deinst_qfe002.exe
[%SYSTEM%]\elitefmj32.exe
[%SYSTEM%]\elitekck32.exe
[%SYSTEM%]\elitexdx32.exe
[%SYSTEM%]\hrbogl.exe
[%SYSTEM%]\ixsso.exe
[%SYSTEM%]\mirindaspk.exe
[%SYSTEM%]\mssaru.exe
[%SYSTEM%]\msshed32.exe
[%SYSTEM%]\PID.EXE
[%SYSTEM%]\systp.exe
[%SYSTEM%]\w3b384d1.dll
[%SYSTEM%]\w3b69adb.dll
[%SYSTEM%]\wfusqayn.exe
[%SYSTEM%]\wiascr.exe
[%SYSTEM%]\wmicsmgr.dll
[%SYSTEM%]\zrupga.exe
[%SYSTEM%]\zshf5459.dll
[%WINDOWS%]\btgrab.dll
[%WINDOWS%]\conscorr.exe
[%WINDOWS%]\dmvkx.exe
[%WINDOWS%]\down.exe
[%WINDOWS%]\file1.exe
[%WINDOWS%]\file2.exe
[%WINDOWS%]\INF\CDLMAIL.EXE
[%WINDOWS%]\INF\system_oper.exe
[%WINDOWS%]\INF\SYS_REQ.EXE
[%WINDOWS%]\java\classes\cmmon.scr
[%WINDOWS%]\java\classes\explorer.scr
[%WINDOWS%]\java\classes\smsss.scr
[%WINDOWS%]\localnrd.dll
[%WINDOWS%]\mstray.exe
[%WINDOWS%]\odbint.dll
[%WINDOWS%]\polmx3.exe
[%WINDOWS%]\Sloopy7.exe
[%WINDOWS%]\syskey.ini
[%WINDOWS%]\system32\win.ini.t00
[%WINDOWS%]\system\coreak.dll
[%WINDOWS%]\system\evjpfd.exe
[%WINDOWS%]\system\fabmax.exe
[%WINDOWS%]\system\ihpxtg.exe
[%WINDOWS%]\system\odrosh.exe
[%WINDOWS%]\system\oocdngv.exe
[%WINDOWS%]\system\qmdkkp.exe
[%WINDOWS%]\system\xewobv.exe
[%WINDOWS%]\system\xwxnwhcw.exe
[%WINDOWS%]\system\ypojlw.exe
[%WINDOWS%]\temp\alchem.exe
[%WINDOWS%]\temp\polmx.exe
[%WINDOWS%]\temp\polmx3.exe
[%WINDOWS%]\temp\thi677c.tmp\polall1t.exe
[%WINDOWS%]\terra.exe
[%INTERNET_CACHE%]\Content.IE5\4LM3S9IZ\L2[1].exe
[%INTERNET_CACHE%]\content.ie5\K3TRUY71\tool3[1].txt
[%INTERNET_CACHE%]\content.ie5\VYSFJHOX\ms1[1].txt
[%PROFILE_TEMP%]\1245934_4056_580_3468_79.41.tst
[%PROFILE_TEMP%]\1311928_2992_580_2720_79.41.tst
[%PROFILE_TEMP%]\131658_2360_200_2420_79.41.tst
[%PROFILE_TEMP%]\131658_2360_200_2448_79.41.tst
[%PROFILE_TEMP%]\131736_1332_348_1076_79.41.tst
[%PROFILE_TEMP%]\131802_3512_1848_3668_79.41.tst
[%PROFILE_TEMP%]\1376672_4056_580_3668_79.41.tst
[%PROFILE_TEMP%]\1835924_4056_580_1172_79.41.tst
[%PROFILE_TEMP%]\1901206_236_224_3244_79.41.tst
[%PROFILE_TEMP%]\1966774_4056_580_2888_79.41.tst
[%PROFILE_TEMP%]\2097914_1300_580_4064_79.41.tst
[%PROFILE_TEMP%]\262708_236_224_1640_79.41.tst
[%PROFILE_TEMP%]\328360_3512_1848_3552_79.41.tst
[%PROFILE_TEMP%]\590892_1968_580_1572_79.41.tst
[%PROFILE_TEMP%]\6226776_2992_580_2932_79.41.tst
[%PROFILE_TEMP%]\656248_616_2024_3032_79.41.tst
[%PROFILE_TEMP%]\656268_3512_1848_2256_79.41.tst
[%PROFILE_TEMP%]\656432_1968_580_3636_79.41.tst
[%PROFILE_TEMP%]\66306_1016_224_2100_79.41.tst
[%PROFILE_TEMP%]\66326_1332_348_612_79.41.tst
[%PROFILE_TEMP%]\66362_2568_212_3020_79.41.tst
[%PROFILE_TEMP%]\66534_2360_200_3400_79.41.tst
[%PROFILE_TEMP%]\6YQoWs.exe
[%PROFILE_TEMP%]\7340640_616_2024_2116_79.41.tst
[%PROFILE_TEMP%]\787048_2568_212_3896_79.41.tst
[%PROFILE_TEMP%]\983876_2992_580_3020_79.41.tst
[%PROFILE_TEMP%]\984042_2992_580_3184_79.41.tst
[%PROFILE_TEMP%]\btgrab.inf
[%PROFILE_TEMP%]\ceQau6.exe
[%PROFILE_TEMP%]\E2f8oD.exe
[%PROFILE_TEMP%]\GLF35GLF35.EXE
[%PROFILE_TEMP%]\ICD2.tmp\m67m.inf
[%PROFILE_TEMP%]\ICD6.tmp\elite.inf
[%PROFILE_TEMP%]\ICD6.tmp\elite.ocx
[%PROFILE_TEMP%]\istsv_.exe
[%PROFILE_TEMP%]\kmGc9H.exe
[%PROFILE_TEMP%]\localNrd.inf
[%PROFILE_TEMP%]\ma11x1dd12111v.game
[%PROFILE_TEMP%]\mmxsnet.exe
[%PROFILE_TEMP%]\polmx.exe
[%PROFILE_TEMP%]\polmx2.inf
[%PROFILE_TEMP%]\polmx3.exe
[%PROFILE_TEMP%]\poltt.cab
[%PROFILE_TEMP%]\poltt.exe
[%PROFILE_TEMP%]\poltt.inf
[%PROFILE_TEMP%]\pre.exe
[%PROFILE_TEMP%]\temp.fr????\istsvc.exe
[%PROFILE_TEMP%]\THI1E47.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI2855.tmp\btgrab.inf
[%PROFILE_TEMP%]\THI30CA.tmp\polall1m.exe
[%PROFILE_TEMP%]\THI3263.tmp\polall1m.exe
[%PROFILE_TEMP%]\THI3B2A.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI3E66.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI411B.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI4313.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI4EFD.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI50FB.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI598C.tmp\btgrab.inf
[%PROFILE_TEMP%]\THI5A06.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI62BF.tmp\polall1t.exe
[%PROFILE_TEMP%]\THI62BF.tmp\twaintec.cab
[%PROFILE_TEMP%]\ts_8_new.exe
[%PROFILE_TEMP%]\xI8bHF.exe
[%PROFILE_TEMP%]\Y7TDSp.exe
[%PROGRAM_FILES%]\epicenter\snuninst.exe
[%SYSTEM%]\0.exe
[%SYSTEM%]\aaa00000.dll
[%SYSTEM%]\aaa00000.sys
[%SYSTEM%]\big5_gb2312.exe
[%SYSTEM%]\bpara.dll
[%SYSTEM%]\Cache\us4.0-2.exe
[%SYSTEM%]\cpoepnkf.exe
[%SYSTEM%]\dllhost32.exe
[%SYSTEM%]\elitedoolsav.dat
[%SYSTEM%]\laesbpfl.exe_
[%SYSTEM%]\m1ax1d1213216143v.exe
[%SYSTEM%]\my_update.exe
[%SYSTEM%]\oiimvtre.exe
[%SYSTEM%]\polall1m.exe
[%SYSTEM%]\start32.exe
[%SYSTEM%]\systf.dll
[%SYSTEM%]\TheMatri1HasYou.exe
[%SYSTEM%]\ujscvhfh.exe
[%SYSTEM%]\vbefsspc.exe
[%SYSTEM%]\winsrv32.exe
[%SYSTEM%]\xplugin.dll
[%SYSTEM%]\xvlqqfbx.exe
[%WINDOWS%]\1.exe
[%WINDOWS%]\109uninst.exe
[%WINDOWS%]\alchem.exe
[%WINDOWS%]\BTGrab.dll
[%WINDOWS%]\Downloaded Program Files\m67m.inf
[%WINDOWS%]\etb\etl
[%WINDOWS%]\etb\nt_hide79.dll
[%WINDOWS%]\etb\pokapoka79.exe
[%WINDOWS%]\etb\xml\adult.tbr
[%WINDOWS%]\etb\xml\images\50kwincash2.bmp
[%WINDOWS%]\etb\xml\images\casino.bmp
[%WINDOWS%]\etb\xml\images\dating.bmp
[%WINDOWS%]\etb\xml\images\findemails.bmp
[%WINDOWS%]\etb\xml\images\ringtones.bmp
[%WINDOWS%]\etb\xml\images\searchpeople.bmp
[%WINDOWS%]\etb\xml\images\virus.bmp
[%WINDOWS%]\inf\btgrab.inf
[%WINDOWS%]\inf\localNrd.inf
[%WINDOWS%]\localNRD.dll
[%WINDOWS%]\mousepad12.exe
[%WINDOWS%]\ms044779575-1262006.exe
[%WINDOWS%]\polmx.exe
[%WINDOWS%]\preinsln.exe
[%WINDOWS%]\TEMP\b.com
[%WINDOWS%]\temp\backups\backup-20060602-131510-617.inf
[%WINDOWS%]\TEMP\bl4ck.com
[%WINDOWS%]\TEMP\ma11x1dd12111v.game
[%WINDOWS%]\thin.exe
[%WINDOWS%]\videoc.ocx
[%WINDOWS%]\win32105-1264779572006.exe
[%PROFILE_TEMP%]\conscorr.exe
[%PROFILE_TEMP%]\msshed32.exe
[%PROFILE_TEMP%]\suicidetb.exe
[%PROFILE_TEMP%]\temporary directory 1 for jcrea250[1].zip\setup.exe
[%PROFILE_TEMP%]\thi14a5.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi15e8.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi174f.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi1832.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi1f8d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi2357.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi23f0.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi261a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi261a.tmp\twaintec.dll
[%PROFILE_TEMP%]\thi261a.tmp\twaintec.inf
[%PROFILE_TEMP%]\thi2e2b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi334f.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi36e.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi390d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi3a0.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi3c79.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi400a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4020.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi406.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4941.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4a64.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4e3b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4e88.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi5249.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi5291.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi542b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi565d.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi5755.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi58e1.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi5c06.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6513.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi659c.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi67dd.tmp\btgrab.dll
[%PROFILE_TEMP%]\thi67dd.tmp\btgrab.inf
[%PROFILE_TEMP%]\thi686d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi69c9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6b86.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6ea2.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi734b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi76c9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7caf.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7fc9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7fd.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi98a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thia59.tmp\polall1m.exe
[%PROFILE_TEMP%]\thib58.tmp\polall1m.exe
[%PROFILE_TEMP%]\thib6f.tmp\polall1m.exe
[%SYSTEM%]\12345.exe
[%SYSTEM%]\akazafex.exe
[%SYSTEM%]\avtapi.exe
[%SYSTEM%]\deinst_qfe002.exe
[%SYSTEM%]\elitefmj32.exe
[%SYSTEM%]\elitekck32.exe
[%SYSTEM%]\elitexdx32.exe
[%SYSTEM%]\hrbogl.exe
[%SYSTEM%]\ixsso.exe
[%SYSTEM%]\mirindaspk.exe
[%SYSTEM%]\mssaru.exe
[%SYSTEM%]\msshed32.exe
[%SYSTEM%]\PID.EXE
[%SYSTEM%]\systp.exe
[%SYSTEM%]\w3b384d1.dll
[%SYSTEM%]\w3b69adb.dll
[%SYSTEM%]\wfusqayn.exe
[%SYSTEM%]\wiascr.exe
[%SYSTEM%]\wmicsmgr.dll
[%SYSTEM%]\zrupga.exe
[%SYSTEM%]\zshf5459.dll
[%WINDOWS%]\btgrab.dll
[%WINDOWS%]\conscorr.exe
[%WINDOWS%]\dmvkx.exe
[%WINDOWS%]\down.exe
[%WINDOWS%]\file1.exe
[%WINDOWS%]\file2.exe
[%WINDOWS%]\INF\CDLMAIL.EXE
[%WINDOWS%]\INF\system_oper.exe
[%WINDOWS%]\INF\SYS_REQ.EXE
[%WINDOWS%]\java\classes\cmmon.scr
[%WINDOWS%]\java\classes\explorer.scr
[%WINDOWS%]\java\classes\smsss.scr
[%WINDOWS%]\localnrd.dll
[%WINDOWS%]\mstray.exe
[%WINDOWS%]\odbint.dll
[%WINDOWS%]\polmx3.exe
[%WINDOWS%]\Sloopy7.exe
[%WINDOWS%]\syskey.ini
[%WINDOWS%]\system32\win.ini.t00
[%WINDOWS%]\system\coreak.dll
[%WINDOWS%]\system\evjpfd.exe
[%WINDOWS%]\system\fabmax.exe
[%WINDOWS%]\system\ihpxtg.exe
[%WINDOWS%]\system\odrosh.exe
[%WINDOWS%]\system\oocdngv.exe
[%WINDOWS%]\system\qmdkkp.exe
[%WINDOWS%]\system\xewobv.exe
[%WINDOWS%]\system\xwxnwhcw.exe
[%WINDOWS%]\system\ypojlw.exe
[%WINDOWS%]\temp\alchem.exe
[%WINDOWS%]\temp\polmx.exe
[%WINDOWS%]\temp\polmx3.exe
[%WINDOWS%]\temp\thi677c.tmp\polall1t.exe
[%WINDOWS%]\terra.exe How to detect SillyDl:
Files:
[%INTERNET_CACHE%]\Content.IE5\4LM3S9IZ\L2[1].exe
[%INTERNET_CACHE%]\content.ie5\K3TRUY71\tool3[1].txt
[%INTERNET_CACHE%]\content.ie5\VYSFJHOX\ms1[1].txt
[%PROFILE_TEMP%]\1245934_4056_580_3468_79.41.tst
[%PROFILE_TEMP%]\1311928_2992_580_2720_79.41.tst
[%PROFILE_TEMP%]\131658_2360_200_2420_79.41.tst
[%PROFILE_TEMP%]\131658_2360_200_2448_79.41.tst
[%PROFILE_TEMP%]\131736_1332_348_1076_79.41.tst
[%PROFILE_TEMP%]\131802_3512_1848_3668_79.41.tst
[%PROFILE_TEMP%]\1376672_4056_580_3668_79.41.tst
[%PROFILE_TEMP%]\1835924_4056_580_1172_79.41.tst
[%PROFILE_TEMP%]\1901206_236_224_3244_79.41.tst
[%PROFILE_TEMP%]\1966774_4056_580_2888_79.41.tst
[%PROFILE_TEMP%]\2097914_1300_580_4064_79.41.tst
[%PROFILE_TEMP%]\262708_236_224_1640_79.41.tst
[%PROFILE_TEMP%]\328360_3512_1848_3552_79.41.tst
[%PROFILE_TEMP%]\590892_1968_580_1572_79.41.tst
[%PROFILE_TEMP%]\6226776_2992_580_2932_79.41.tst
[%PROFILE_TEMP%]\656248_616_2024_3032_79.41.tst
[%PROFILE_TEMP%]\656268_3512_1848_2256_79.41.tst
[%PROFILE_TEMP%]\656432_1968_580_3636_79.41.tst
[%PROFILE_TEMP%]\66306_1016_224_2100_79.41.tst
[%PROFILE_TEMP%]\66326_1332_348_612_79.41.tst
[%PROFILE_TEMP%]\66362_2568_212_3020_79.41.tst
[%PROFILE_TEMP%]\66534_2360_200_3400_79.41.tst
[%PROFILE_TEMP%]\6YQoWs.exe
[%PROFILE_TEMP%]\7340640_616_2024_2116_79.41.tst
[%PROFILE_TEMP%]\787048_2568_212_3896_79.41.tst
[%PROFILE_TEMP%]\983876_2992_580_3020_79.41.tst
[%PROFILE_TEMP%]\984042_2992_580_3184_79.41.tst
[%PROFILE_TEMP%]\btgrab.inf
[%PROFILE_TEMP%]\ceQau6.exe
[%PROFILE_TEMP%]\E2f8oD.exe
[%PROFILE_TEMP%]\GLF35GLF35.EXE
[%PROFILE_TEMP%]\ICD2.tmp\m67m.inf
[%PROFILE_TEMP%]\ICD6.tmp\elite.inf
[%PROFILE_TEMP%]\ICD6.tmp\elite.ocx
[%PROFILE_TEMP%]\istsv_.exe
[%PROFILE_TEMP%]\kmGc9H.exe
[%PROFILE_TEMP%]\localNrd.inf
[%PROFILE_TEMP%]\ma11x1dd12111v.game
[%PROFILE_TEMP%]\mmxsnet.exe
[%PROFILE_TEMP%]\polmx.exe
[%PROFILE_TEMP%]\polmx2.inf
[%PROFILE_TEMP%]\polmx3.exe
[%PROFILE_TEMP%]\poltt.cab
[%PROFILE_TEMP%]\poltt.exe
[%PROFILE_TEMP%]\poltt.inf
[%PROFILE_TEMP%]\pre.exe
[%PROFILE_TEMP%]\temp.fr????\istsvc.exe
[%PROFILE_TEMP%]\THI1E47.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI2855.tmp\btgrab.inf
[%PROFILE_TEMP%]\THI30CA.tmp\polall1m.exe
[%PROFILE_TEMP%]\THI3263.tmp\polall1m.exe
[%PROFILE_TEMP%]\THI3B2A.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI3E66.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI411B.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI4313.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI4EFD.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI50FB.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI598C.tmp\btgrab.inf
[%PROFILE_TEMP%]\THI5A06.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI62BF.tmp\polall1t.exe
[%PROFILE_TEMP%]\THI62BF.tmp\twaintec.cab
[%PROFILE_TEMP%]\ts_8_new.exe
[%PROFILE_TEMP%]\xI8bHF.exe
[%PROFILE_TEMP%]\Y7TDSp.exe
[%PROGRAM_FILES%]\epicenter\snuninst.exe
[%SYSTEM%]\0.exe
[%SYSTEM%]\aaa00000.dll
[%SYSTEM%]\aaa00000.sys
[%SYSTEM%]\big5_gb2312.exe
[%SYSTEM%]\bpara.dll
[%SYSTEM%]\Cache\us4.0-2.exe
[%SYSTEM%]\cpoepnkf.exe
[%SYSTEM%]\dllhost32.exe
[%SYSTEM%]\elitedoolsav.dat
[%SYSTEM%]\laesbpfl.exe_
[%SYSTEM%]\m1ax1d1213216143v.exe
[%SYSTEM%]\my_update.exe
[%SYSTEM%]\oiimvtre.exe
[%SYSTEM%]\polall1m.exe
[%SYSTEM%]\start32.exe
[%SYSTEM%]\systf.dll
[%SYSTEM%]\TheMatri1HasYou.exe
[%SYSTEM%]\ujscvhfh.exe
[%SYSTEM%]\vbefsspc.exe
[%SYSTEM%]\winsrv32.exe
[%SYSTEM%]\xplugin.dll
[%SYSTEM%]\xvlqqfbx.exe
[%WINDOWS%]\1.exe
[%WINDOWS%]\109uninst.exe
[%WINDOWS%]\alchem.exe
[%WINDOWS%]\BTGrab.dll
[%WINDOWS%]\Downloaded Program Files\m67m.inf
[%WINDOWS%]\etb\etl
[%WINDOWS%]\etb\nt_hide79.dll
[%WINDOWS%]\etb\pokapoka79.exe
[%WINDOWS%]\etb\xml\adult.tbr
[%WINDOWS%]\etb\xml\images\50kwincash2.bmp
[%WINDOWS%]\etb\xml\images\casino.bmp
[%WINDOWS%]\etb\xml\images\dating.bmp
[%WINDOWS%]\etb\xml\images\findemails.bmp
[%WINDOWS%]\etb\xml\images\ringtones.bmp
[%WINDOWS%]\etb\xml\images\searchpeople.bmp
[%WINDOWS%]\etb\xml\images\virus.bmp
[%WINDOWS%]\inf\btgrab.inf
[%WINDOWS%]\inf\localNrd.inf
[%WINDOWS%]\localNRD.dll
[%WINDOWS%]\mousepad12.exe
[%WINDOWS%]\ms044779575-1262006.exe
[%WINDOWS%]\polmx.exe
[%WINDOWS%]\preinsln.exe
[%WINDOWS%]\TEMP\b.com
[%WINDOWS%]\temp\backups\backup-20060602-131510-617.inf
[%WINDOWS%]\TEMP\bl4ck.com
[%WINDOWS%]\TEMP\ma11x1dd12111v.game
[%WINDOWS%]\thin.exe
[%WINDOWS%]\videoc.ocx
[%WINDOWS%]\win32105-1264779572006.exe
[%PROFILE_TEMP%]\conscorr.exe
[%PROFILE_TEMP%]\msshed32.exe
[%PROFILE_TEMP%]\suicidetb.exe
[%PROFILE_TEMP%]\temporary directory 1 for jcrea250[1].zip\setup.exe
[%PROFILE_TEMP%]\thi14a5.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi15e8.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi174f.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi1832.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi1f8d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi2357.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi23f0.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi261a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi261a.tmp\twaintec.dll
[%PROFILE_TEMP%]\thi261a.tmp\twaintec.inf
[%PROFILE_TEMP%]\thi2e2b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi334f.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi36e.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi390d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi3a0.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi3c79.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi400a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4020.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi406.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4941.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4a64.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4e3b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4e88.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi5249.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi5291.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi542b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi565d.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi5755.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi58e1.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi5c06.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6513.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi659c.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi67dd.tmp\btgrab.dll
[%PROFILE_TEMP%]\thi67dd.tmp\btgrab.inf
[%PROFILE_TEMP%]\thi686d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi69c9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6b86.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6ea2.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi734b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi76c9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7caf.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7fc9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7fd.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi98a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thia59.tmp\polall1m.exe
[%PROFILE_TEMP%]\thib58.tmp\polall1m.exe
[%PROFILE_TEMP%]\thib6f.tmp\polall1m.exe
[%SYSTEM%]\12345.exe
[%SYSTEM%]\akazafex.exe
[%SYSTEM%]\avtapi.exe
[%SYSTEM%]\deinst_qfe002.exe
[%SYSTEM%]\elitefmj32.exe
[%SYSTEM%]\elitekck32.exe
[%SYSTEM%]\elitexdx32.exe
[%SYSTEM%]\hrbogl.exe
[%SYSTEM%]\ixsso.exe
[%SYSTEM%]\mirindaspk.exe
[%SYSTEM%]\mssaru.exe
[%SYSTEM%]\msshed32.exe
[%SYSTEM%]\PID.EXE
[%SYSTEM%]\systp.exe
[%SYSTEM%]\w3b384d1.dll
[%SYSTEM%]\w3b69adb.dll
[%SYSTEM%]\wfusqayn.exe
[%SYSTEM%]\wiascr.exe
[%SYSTEM%]\wmicsmgr.dll
[%SYSTEM%]\zrupga.exe
[%SYSTEM%]\zshf5459.dll
[%WINDOWS%]\btgrab.dll
[%WINDOWS%]\conscorr.exe
[%WINDOWS%]\dmvkx.exe
[%WINDOWS%]\down.exe
[%WINDOWS%]\file1.exe
[%WINDOWS%]\file2.exe
[%WINDOWS%]\INF\CDLMAIL.EXE
[%WINDOWS%]\INF\system_oper.exe
[%WINDOWS%]\INF\SYS_REQ.EXE
[%WINDOWS%]\java\classes\cmmon.scr
[%WINDOWS%]\java\classes\explorer.scr
[%WINDOWS%]\java\classes\smsss.scr
[%WINDOWS%]\localnrd.dll
[%WINDOWS%]\mstray.exe
[%WINDOWS%]\odbint.dll
[%WINDOWS%]\polmx3.exe
[%WINDOWS%]\Sloopy7.exe
[%WINDOWS%]\syskey.ini
[%WINDOWS%]\system32\win.ini.t00
[%WINDOWS%]\system\coreak.dll
[%WINDOWS%]\system\evjpfd.exe
[%WINDOWS%]\system\fabmax.exe
[%WINDOWS%]\system\ihpxtg.exe
[%WINDOWS%]\system\odrosh.exe
[%WINDOWS%]\system\oocdngv.exe
[%WINDOWS%]\system\qmdkkp.exe
[%WINDOWS%]\system\xewobv.exe
[%WINDOWS%]\system\xwxnwhcw.exe
[%WINDOWS%]\system\ypojlw.exe
[%WINDOWS%]\temp\alchem.exe
[%WINDOWS%]\temp\polmx.exe
[%WINDOWS%]\temp\polmx3.exe
[%WINDOWS%]\temp\thi677c.tmp\polall1t.exe
[%WINDOWS%]\terra.exe
[%INTERNET_CACHE%]\Content.IE5\4LM3S9IZ\L2[1].exe
[%INTERNET_CACHE%]\content.ie5\K3TRUY71\tool3[1].txt
[%INTERNET_CACHE%]\content.ie5\VYSFJHOX\ms1[1].txt
[%PROFILE_TEMP%]\1245934_4056_580_3468_79.41.tst
[%PROFILE_TEMP%]\1311928_2992_580_2720_79.41.tst
[%PROFILE_TEMP%]\131658_2360_200_2420_79.41.tst
[%PROFILE_TEMP%]\131658_2360_200_2448_79.41.tst
[%PROFILE_TEMP%]\131736_1332_348_1076_79.41.tst
[%PROFILE_TEMP%]\131802_3512_1848_3668_79.41.tst
[%PROFILE_TEMP%]\1376672_4056_580_3668_79.41.tst
[%PROFILE_TEMP%]\1835924_4056_580_1172_79.41.tst
[%PROFILE_TEMP%]\1901206_236_224_3244_79.41.tst
[%PROFILE_TEMP%]\1966774_4056_580_2888_79.41.tst
[%PROFILE_TEMP%]\2097914_1300_580_4064_79.41.tst
[%PROFILE_TEMP%]\262708_236_224_1640_79.41.tst
[%PROFILE_TEMP%]\328360_3512_1848_3552_79.41.tst
[%PROFILE_TEMP%]\590892_1968_580_1572_79.41.tst
[%PROFILE_TEMP%]\6226776_2992_580_2932_79.41.tst
[%PROFILE_TEMP%]\656248_616_2024_3032_79.41.tst
[%PROFILE_TEMP%]\656268_3512_1848_2256_79.41.tst
[%PROFILE_TEMP%]\656432_1968_580_3636_79.41.tst
[%PROFILE_TEMP%]\66306_1016_224_2100_79.41.tst
[%PROFILE_TEMP%]\66326_1332_348_612_79.41.tst
[%PROFILE_TEMP%]\66362_2568_212_3020_79.41.tst
[%PROFILE_TEMP%]\66534_2360_200_3400_79.41.tst
[%PROFILE_TEMP%]\6YQoWs.exe
[%PROFILE_TEMP%]\7340640_616_2024_2116_79.41.tst
[%PROFILE_TEMP%]\787048_2568_212_3896_79.41.tst
[%PROFILE_TEMP%]\983876_2992_580_3020_79.41.tst
[%PROFILE_TEMP%]\984042_2992_580_3184_79.41.tst
[%PROFILE_TEMP%]\btgrab.inf
[%PROFILE_TEMP%]\ceQau6.exe
[%PROFILE_TEMP%]\E2f8oD.exe
[%PROFILE_TEMP%]\GLF35GLF35.EXE
[%PROFILE_TEMP%]\ICD2.tmp\m67m.inf
[%PROFILE_TEMP%]\ICD6.tmp\elite.inf
[%PROFILE_TEMP%]\ICD6.tmp\elite.ocx
[%PROFILE_TEMP%]\istsv_.exe
[%PROFILE_TEMP%]\kmGc9H.exe
[%PROFILE_TEMP%]\localNrd.inf
[%PROFILE_TEMP%]\ma11x1dd12111v.game
[%PROFILE_TEMP%]\mmxsnet.exe
[%PROFILE_TEMP%]\polmx.exe
[%PROFILE_TEMP%]\polmx2.inf
[%PROFILE_TEMP%]\polmx3.exe
[%PROFILE_TEMP%]\poltt.cab
[%PROFILE_TEMP%]\poltt.exe
[%PROFILE_TEMP%]\poltt.inf
[%PROFILE_TEMP%]\pre.exe
[%PROFILE_TEMP%]\temp.fr????\istsvc.exe
[%PROFILE_TEMP%]\THI1E47.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI2855.tmp\btgrab.inf
[%PROFILE_TEMP%]\THI30CA.tmp\polall1m.exe
[%PROFILE_TEMP%]\THI3263.tmp\polall1m.exe
[%PROFILE_TEMP%]\THI3B2A.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI3E66.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI411B.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI4313.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI4EFD.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI50FB.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI598C.tmp\btgrab.inf
[%PROFILE_TEMP%]\THI5A06.tmp\localNrd.inf
[%PROFILE_TEMP%]\THI62BF.tmp\polall1t.exe
[%PROFILE_TEMP%]\THI62BF.tmp\twaintec.cab
[%PROFILE_TEMP%]\ts_8_new.exe
[%PROFILE_TEMP%]\xI8bHF.exe
[%PROFILE_TEMP%]\Y7TDSp.exe
[%PROGRAM_FILES%]\epicenter\snuninst.exe
[%SYSTEM%]\0.exe
[%SYSTEM%]\aaa00000.dll
[%SYSTEM%]\aaa00000.sys
[%SYSTEM%]\big5_gb2312.exe
[%SYSTEM%]\bpara.dll
[%SYSTEM%]\Cache\us4.0-2.exe
[%SYSTEM%]\cpoepnkf.exe
[%SYSTEM%]\dllhost32.exe
[%SYSTEM%]\elitedoolsav.dat
[%SYSTEM%]\laesbpfl.exe_
[%SYSTEM%]\m1ax1d1213216143v.exe
[%SYSTEM%]\my_update.exe
[%SYSTEM%]\oiimvtre.exe
[%SYSTEM%]\polall1m.exe
[%SYSTEM%]\start32.exe
[%SYSTEM%]\systf.dll
[%SYSTEM%]\TheMatri1HasYou.exe
[%SYSTEM%]\ujscvhfh.exe
[%SYSTEM%]\vbefsspc.exe
[%SYSTEM%]\winsrv32.exe
[%SYSTEM%]\xplugin.dll
[%SYSTEM%]\xvlqqfbx.exe
[%WINDOWS%]\1.exe
[%WINDOWS%]\109uninst.exe
[%WINDOWS%]\alchem.exe
[%WINDOWS%]\BTGrab.dll
[%WINDOWS%]\Downloaded Program Files\m67m.inf
[%WINDOWS%]\etb\etl
[%WINDOWS%]\etb\nt_hide79.dll
[%WINDOWS%]\etb\pokapoka79.exe
[%WINDOWS%]\etb\xml\adult.tbr
[%WINDOWS%]\etb\xml\images\50kwincash2.bmp
[%WINDOWS%]\etb\xml\images\casino.bmp
[%WINDOWS%]\etb\xml\images\dating.bmp
[%WINDOWS%]\etb\xml\images\findemails.bmp
[%WINDOWS%]\etb\xml\images\ringtones.bmp
[%WINDOWS%]\etb\xml\images\searchpeople.bmp
[%WINDOWS%]\etb\xml\images\virus.bmp
[%WINDOWS%]\inf\btgrab.inf
[%WINDOWS%]\inf\localNrd.inf
[%WINDOWS%]\localNRD.dll
[%WINDOWS%]\mousepad12.exe
[%WINDOWS%]\ms044779575-1262006.exe
[%WINDOWS%]\polmx.exe
[%WINDOWS%]\preinsln.exe
[%WINDOWS%]\TEMP\b.com
[%WINDOWS%]\temp\backups\backup-20060602-131510-617.inf
[%WINDOWS%]\TEMP\bl4ck.com
[%WINDOWS%]\TEMP\ma11x1dd12111v.game
[%WINDOWS%]\thin.exe
[%WINDOWS%]\videoc.ocx
[%WINDOWS%]\win32105-1264779572006.exe
[%PROFILE_TEMP%]\conscorr.exe
[%PROFILE_TEMP%]\msshed32.exe
[%PROFILE_TEMP%]\suicidetb.exe
[%PROFILE_TEMP%]\temporary directory 1 for jcrea250[1].zip\setup.exe
[%PROFILE_TEMP%]\thi14a5.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi15e8.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi174f.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi1832.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi1f8d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi2357.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi23f0.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi261a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi261a.tmp\twaintec.dll
[%PROFILE_TEMP%]\thi261a.tmp\twaintec.inf
[%PROFILE_TEMP%]\thi2e2b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi334f.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi36e.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi390d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi3a0.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi3c79.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi400a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4020.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi406.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4941.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4a64.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4e3b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi4e88.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi5249.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi5291.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi542b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi565d.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi5755.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi58e1.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi5c06.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6513.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi659c.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi67dd.tmp\btgrab.dll
[%PROFILE_TEMP%]\thi67dd.tmp\btgrab.inf
[%PROFILE_TEMP%]\thi686d.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi69c9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6b86.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi6ea2.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi734b.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi76c9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7caf.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7fc9.tmp\polall1m.exe
[%PROFILE_TEMP%]\thi7fd.tmp\polall1t.exe
[%PROFILE_TEMP%]\thi98a.tmp\polall1m.exe
[%PROFILE_TEMP%]\thia59.tmp\polall1m.exe
[%PROFILE_TEMP%]\thib58.tmp\polall1m.exe
[%PROFILE_TEMP%]\thib6f.tmp\polall1m.exe
[%SYSTEM%]\12345.exe
[%SYSTEM%]\akazafex.exe
[%SYSTEM%]\avtapi.exe
[%SYSTEM%]\deinst_qfe002.exe
[%SYSTEM%]\elitefmj32.exe
[%SYSTEM%]\elitekck32.exe
[%SYSTEM%]\elitexdx32.exe
[%SYSTEM%]\hrbogl.exe
[%SYSTEM%]\ixsso.exe
[%SYSTEM%]\mirindaspk.exe
[%SYSTEM%]\mssaru.exe
[%SYSTEM%]\msshed32.exe
[%SYSTEM%]\PID.EXE
[%SYSTEM%]\systp.exe
[%SYSTEM%]\w3b384d1.dll
[%SYSTEM%]\w3b69adb.dll
[%SYSTEM%]\wfusqayn.exe
[%SYSTEM%]\wiascr.exe
[%SYSTEM%]\wmicsmgr.dll
[%SYSTEM%]\zrupga.exe
[%SYSTEM%]\zshf5459.dll
[%WINDOWS%]\btgrab.dll
[%WINDOWS%]\conscorr.exe
[%WINDOWS%]\dmvkx.exe
[%WINDOWS%]\down.exe
[%WINDOWS%]\file1.exe
[%WINDOWS%]\file2.exe
[%WINDOWS%]\INF\CDLMAIL.EXE
[%WINDOWS%]\INF\system_oper.exe
[%WINDOWS%]\INF\SYS_REQ.EXE
[%WINDOWS%]\java\classes\cmmon.scr
[%WINDOWS%]\java\classes\explorer.scr
[%WINDOWS%]\java\classes\smsss.scr
[%WINDOWS%]\localnrd.dll
[%WINDOWS%]\mstray.exe
[%WINDOWS%]\odbint.dll
[%WINDOWS%]\polmx3.exe
[%WINDOWS%]\Sloopy7.exe
[%WINDOWS%]\syskey.ini
[%WINDOWS%]\system32\win.ini.t00
[%WINDOWS%]\system\coreak.dll
[%WINDOWS%]\system\evjpfd.exe
[%WINDOWS%]\system\fabmax.exe
[%WINDOWS%]\system\ihpxtg.exe
[%WINDOWS%]\system\odrosh.exe
[%WINDOWS%]\system\oocdngv.exe
[%WINDOWS%]\system\qmdkkp.exe
[%WINDOWS%]\system\xewobv.exe
[%WINDOWS%]\system\xwxnwhcw.exe
[%WINDOWS%]\system\ypojlw.exe
[%WINDOWS%]\temp\alchem.exe
[%WINDOWS%]\temp\polmx.exe
[%WINDOWS%]\temp\polmx3.exe
[%WINDOWS%]\temp\thi677c.tmp\polall1t.exe
[%WINDOWS%]\terra.exe
Folders:
[%WINDOWS%]\elitetoolbar
[%WINDOWS%]\etb
Registry Keys:
HKEY_CLASSES_ROOT\btgrabdll.btgrabdllobj
HKEY_CLASSES_ROOT\btgrabdll.btgrabdllobj.1
HKEY_CLASSES_ROOT\CLSID\{00000000-F09C-02B4-6EC2-AD0300000000}
HKEY_CLASSES_ROOT\clsid\{0a1d22c3-37be-470c-9c29-e3074ee0574b}
HKEY_CLASSES_ROOT\clsid\{28caeff3-0f18-4036-b504-51d73bd81abc}
HKEY_CLASSES_ROOT\clsid\{825cf5bd-8862-4430-b771-0c15c5ca8def}
HKEY_CLASSES_ROOT\clsid\{be8d0059-d24d-4919-b76f-99f4a2203647}
HKEY_CLASSES_ROOT\clsid\{ed103d9f-3070-4580-ab1e-e5c179c1ae41}
HKEY_CLASSES_ROOT\interface\{59ebb576-ceb0-42fa-9917-da6254a275ad}
HKEY_CLASSES_ROOT\interface\{665abe65-2c16-4341-b4b8-01ff799e8f4c}
HKEY_CLASSES_ROOT\typelib\{8e0d8965-b97b-468d-8306-a05929e439c1}
HKEY_CURRENT_USER\software\btgrab
HKEY_LOCAL_MACHINE\software\elitum
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-F09C-02B4-6EC2-AD0300000000}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\elitebar internet explorer toolbar
HKEY_LOCAL_MACHINE\software\ohbbackup
HKEY_CLASSES_ROOT\clsid\{00000000-f09c-02b4-6ec2-ad0300000000}
HKEY_CLASSES_ROOT\clsid\{333872c4-92d6-4396-8542-64ab96518950}
HKEY_CLASSES_ROOT\clsid\{45a26e38-f931-4c6f-8106-fbb8534fb0af}
HKEY_CLASSES_ROOT\clsid\{855875b5-93f3-429d-ff34-660b206d897c}
HKEY_CLASSES_ROOT\clsid\{fcaddc14-bd46-408a-9842-cdb57890086b}
HKEY_CLASSES_ROOT\microsoft.wmicsmgr
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-f09c-02b4-6ec2-ad0300000000}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{28caeff3-0f18-4036-b504-51d73bd81abc}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{855875b5-93f3-429d-ff34-660b206d897c}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ed103d9f-3070-4580-ab1e-e5c179c1ae41}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{fcaddc14-bd46-408a-9842-cdb57890086b}
Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer
HKEY_CURRENT_USER\software\microsoft\internet explorer
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
HKEY_LOCAL_MACHINE\software\microsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\internet explorer
HKEY_CURRENT_USER\software\microsoft\internet explorer
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run, zshf5459=rundll32.exe w3b384d1.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
Removing SillyDl:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Doom Trojan Removal
Darksma Trojan Removal instruction
Messenger.Detect Spyware Symptoms
revsci.net Tracking Cookie Information
Removing MySpaceBar.IE Hijacker
No comments:
Post a Comment