WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93121 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

[Closed] Koobface/v2Captcha and comp shut down

Started by mhasan420 , Oct 28 2009 10:41 PM

This topic is locked

44 replies to this topic

#16 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 30 October 2009 - 03:20 PM

OK, thanks for letting me know :thumbup:

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

Advertisements

Register to Remove

#17 mhasan420

Authentic Member

Authentic Member
23 posts

Posted 06 November 2009 - 01:41 AM

Hello CatByte, I am back. I only got to use my laptop one or two times and now am confronted with a much more serious problem. Whenever I start, it does the usual before coming to the Windows is loading screen and then all of a sudden a black screen appears and all I can see is my mouse pointer. I have no idea what to do. Please help!

#18 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 06 November 2009 - 03:57 AM

Are you able to boot into safe mode? When the computer boots up...tap F8 repeatedly till an option menu appears....use the arrow key to arrow up to "last Known Good Configuration" - choose that...see if you can log in...this may be hard drive failure.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

#19 mhasan420

Authentic Member

Authentic Member
23 posts

Posted 06 November 2009 - 04:24 AM

When I boot into safe mode all I see is safe mode written on the four edges of the screen and rest is blank... and the last known configuration also did not work. Is this the end of my hard drive? Is there any way possible to at least retrieve some of the files?

#20 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 06 November 2009 - 10:00 AM

Hi,

please try the following:

ComboFix will have installed the recovery console when it ran. We can use that to restore the Erunt backups that were made.

Please do the following:

1. Restart your computer
2. Before Windows loads, you will be prompted to choose which Operating System to start
3. Use the up and down arrow key to select Microsoft Windows Recovery Console (you will need to be very fast as you only have a couple of seconds to do this)
4. You must enter which Windows installation to log onto. Type 1 and press enter.
5. At the C:\Windows prompt, type the following bolded text, and press Enter:

cd erdnt\subs

6. At the next prompt, type the following bolded text, and press Enter:

batch erdnt.con

7. The erunt backups will begin copying.
8. At the next prompt, type the following bolded text, and press Enter:

exit

Windows will now begin loading.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

#21 mhasan420

Authentic Member

Authentic Member
23 posts

Posted 06 November 2009 - 11:24 AM

When I type cd erdnt\subs and press enter, it says 'The system cannot find the file or directory specified.'

#22 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 06 November 2009 - 12:26 PM

Hi

try typing this:

cd erdnt\hiv-backup

(you should be at C:\windows> )

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

#23 mhasan420

Authentic Member

Authentic Member
23 posts

Posted 06 November 2009 - 12:33 PM

Hi, I am relieved to tell you that this worked and windows has started properly. I have not done anything else lest I ruin it. Will wait for your next set of instructions.

#24 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 06 November 2009 - 12:41 PM

Good news.

OK,

Lets see if we can get a scan with DDS to see where we stand.

I'll give you the full instructions and download links incase you dont have them:

Please download DDS from one of the following links and save it to your desktop.

- DDS.scr
- DDS.pif
Disable any script blocking protection (How to Disable your Security Programs)
Double click DDS icon to run the tool (may take up to 3 minutes to run)
When done, DDS.txt will open.
After a few moments, attach.txt will open in a second window.
Save both reports to your desktop.

Post the contents of the DDS.txt report in your next reply
Attach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and then click UPLOAD.

I would also take this opportunity to back up all your important documents and music etc. just incase your hard drive is on the brink of failure and we lose it again.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

#25 mhasan420

Authentic Member

Authentic Member
23 posts

Posted 06 November 2009 - 11:54 PM

DDS (Ver_09-10-26.01) - NTFSx86 Run by Saamia Hasan at 10:50:15.51 on 07/11/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.502.140 [GMT 5:00] AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\DAP\DAP.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bonjour\mDNSResponder.exe svchost.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\Documents and Settings\Saamia Hasan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Saamia Hasan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Saamia Hasan\Desktop\dds (1).scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com.pk/ BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [Google Update] "c:\documents and settings\saamia hasan\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [PcSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [vptray] c:\progra~1\symant~1\VPTray.exe mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUP mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -onlytray mRun: [DataLayer] c:\program files\common files\pcsuite\datalayer\DataLayer.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\dap\dapextie.htm IE: Download &all with DAP - c:\program files\dap\dapextie2.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {9D614E8E-03AA-11D3-90FC-0040C7157029} - hxxp://www.pakdata.com/download/PDMSInstaller.cab DPF: {CAAE28D1-ADCC-11D1-BD4D-004845401881} - hxxp://www.pakdata.com/download/urduplugin.cab DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14_02-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxp://mail01.piac.aero/dwa7W.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxsrvc.dll Notify: NavLogon - c:\windows\system32\NavLogon.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll ============= SERVICES / DRIVERS =============== S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2004-8-7 169192] S3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2009-8-19 138112] =============== Created Last 30 ================ 2009-10-30 05:48:34 67584 ----a-w- c:\windows\un_UrduPlugin.exe 2009-10-30 04:15:36 0 d-----w- c:\program files\ESET 2009-10-30 04:06:02 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2009-10-30 04:05:37 0 d-----w- c:\program files\Panda Security 2009-10-29 19:53:20 0 d-----w- c:\docume~1\saamia~1\applic~1\Malwarebytes 2009-10-29 19:53:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-29 19:53:09 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-29 19:53:09 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-29 19:53:09 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-10-29 19:39:12 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys 2009-10-29 19:39:12 96512 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-10-29 18:52:23 0 d-sha-r- C:\cmdcons 2009-10-29 18:35:31 77312 ----a-w- c:\windows\MBR.exe 2009-10-29 18:35:31 236544 ----a-w- c:\windows\PEV.exe 2009-10-29 18:35:31 161792 ----a-w- c:\windows\SWREG.exe 2009-10-29 18:35:30 98816 ----a-w- c:\windows\sed.exe 2009-10-13 17:01:54 61440 ----a-w- c:\windows\PDMSInstaller.exe 2009-10-13 17:01:54 0 d-----w- c:\program files\Pakistan Data Management Services ==================== Find3M ==================== 2009-10-13 17:01:32 8180 ----a-w- c:\windows\fonts\PDMS2_MansehraQP.ttf 2009-10-13 17:01:32 18316 ----a-w- c:\windows\fonts\PDMS1_MansehraQP.ttf 2009-10-13 17:01:32 14344 ----a-w- c:\windows\fonts\PDMSSindhi_MansehraQP.ttf 2009-10-13 17:01:31 53592 ----a-w- c:\windows\fonts\PDMS_MansehraQP.ttf 2009-10-13 17:01:31 32676 ----a-w- c:\windows\fonts\PDMS1_Mansehra.ttf 2009-10-13 17:01:31 16696 ----a-w- c:\windows\fonts\PDMS2_Mansehra.ttf 2009-10-13 17:01:30 26884 ----a-w- c:\windows\fonts\PDMS1_NafeesRaqam.ttf 2009-10-13 17:01:30 11600 ----a-w- c:\windows\fonts\PDMS2_NafeesRaqam.ttf 2009-10-13 17:01:28 15704 ----a-w- c:\windows\fonts\PDMSSindhi_Mansehra.ttf 2009-10-13 17:01:27 64076 ----a-w- c:\windows\fonts\PDMS_Mansehra.ttf 2009-10-13 17:01:22 64404 ----a-w- c:\windows\fonts\PDMS_NafeesRaqam.ttf 2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 08:08:21 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-17 18:33:52 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-07-20 10:14:52 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009072020090721\index.dat ============= FINISH: 10:50:59.01 ===============

Attached Files

Attach1.txt 11.31KB 404 downloads

Advertisements

Register to Remove

#26 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 07 November 2009 - 04:52 AM

Hi,

Please do the following:

Visit ADOBEand download the latest version of Acrobat Reader (version 9.2)
Having the latest updates ensures there are no security vulnerabilities in your system.

NEXT

Posted Image

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.

Download the latest version of Java Runtime Environment (JRE) 6 and save it to your desktop.
Scroll down to where it says "Java SE Runtime Environment (JRE) 6 Update 17. The Java SE Runtime Environment (JRE) allows end-users to run Java applications."
Click the "Download" button to the right.
Select the Windows platform from the dropdown menu.
Read the License Agreement and then check the box that says: " I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh.
Click on the link to download Windows Offline Installation and save the file to your desktop.
Close any programs you may have running - especially your web browser.

Now go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java™ 6) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u17-windows-i586-p.exe to install the newest version.

After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
- On the General tab, under Temporary Internet Files, click the Settings button.
- Next, click on the Delete Files button
- There are two options in the window to clear the cache - Leave BOTH CheckedApplications and AppletsTrace and Log Files
Click OK on Delete Temporary Files Window

Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
Click OK to leave the Temporary Files Window
Click OK to leave the Java Control Panel.

Can you please describe how your computer is running? Is it still shutting down on you?

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

#27 mhasan420

Authentic Member

Authentic Member
23 posts

Posted 07 November 2009 - 05:54 AM

Have done all of the above. The computer is not shutting down on me but it is rather slow. Also, it becomes hot under heavy processes, but I guess thats the dust.

#28 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 07 November 2009 - 05:55 AM

Hi,

Please try and run the following scan

Go here to run an online scanner from ESET.

Note: You will need to use Internet explorer for this scan
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activeX control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic and also let me know how things are now.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

#29 mhasan420

Authentic Member

Authentic Member
23 posts

Posted 07 November 2009 - 09:10 AM

Hi, I ran the scan twice. First time around the computer shut down in the middle. Then I used icepacks to keep the laptop cool and managed to finish the scan. Here are the contents of the log file: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=53251 # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=dd20d12ccb88cd41adeb3fbb548b36c2 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2009-11-07 03:04:12 # local_time=2009-11-07 08:04:12 (+0500, West Asia Standard Time) # country="United Kingdom" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=73136 # found=801 # cleaned=0 # scan_time=5262 C:\Qoobox\Quarantine\[4]-Submit_2009-10-30_00.39.14.zip multiple threats 00000000000000000000000000000000 I C:\Qoobox\Quarantine\C\WINDOWS\freddy71.exe.vir Win32/Koobface.NCK worm 00000000000000000000000000000000 I C:\Qoobox\Quarantine\C\WINDOWS\freddy72.exe.vir a variant of Win32/Kryptik.ATS trojan 00000000000000000000000000000000 I C:\Qoobox\Quarantine\C\WINDOWS\ld15.exe.vir a variant of Win32/Kryptik.ATO trojan 00000000000000000000000000000000 I C:\WINDOWS\ufsb.bak Win32/Daonol.N trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC735.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC737.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC740.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC766.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC771.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC778.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC78A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC79A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC7A1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC7A3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC7CB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC7DD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC7DE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC7E9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC7F3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC7F7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC820.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC827.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC83C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC85E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC860.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC884.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC88A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC88F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC8D2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC8DD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC8E8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC91C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC930.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC94F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC960.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC964.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC965.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC96A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC96F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC989.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC990.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC9B4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC9C8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC9CC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC9D2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC9E9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC9F6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHC9FC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA11.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA1E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA23.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA25.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA3F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA5F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA60.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA69.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA80.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA83.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCA93.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCAC2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCACB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCACD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCAD3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCAE0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCAE5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCAEB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCAF0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB06.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB10.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB1D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB46.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB7D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB7E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB80.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB87.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCB92.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCBAB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCBDB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCBF5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCBFA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC00.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC09.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC17.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC2D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC3D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC53.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC83.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC87.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCC91.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCCAB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCCB5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCCC5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCCCB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCCE3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD0A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD0E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD13.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD15.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD1F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD2C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD3B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD61.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD70.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD8C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCD95.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCDAD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCDC3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCDDE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCDFE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCE05.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCE11.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCE31.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCE3C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCE61.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCE85.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCE8F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCE96.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCEAA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCECA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCED7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCED8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCEED.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF12.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF13.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF43.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF65.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF6C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF6E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF73.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF7A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF89.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCF93.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCFA2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCFD3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCFEE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHCFF2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD012.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD025.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD030.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD03B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD049.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD05E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD078.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD09A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0A2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0A8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0BA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0CB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0CC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0D1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0DC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0E4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD0F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD110.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD12A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD13.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD136.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD16E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD17D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD19.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD190.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD195.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD1C1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD1DC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD1E9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD1EF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD1FA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD224.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD232.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD23E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD24E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD26E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD274.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD277.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD279.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD28E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD2A7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD2B0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD2DA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD2F2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD2F4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD2F6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD33C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD34D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD371.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD372.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD37C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD388.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD396.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD3B0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD3BA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD3C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD3EB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD3F9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD408.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD40D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD419.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD423.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD42D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD44B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD461.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD462.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD464.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD475.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD499.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD4C3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD4C9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD4E3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD50D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD512.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD518.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD53F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD55E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD584.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD588.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD589.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD593.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD5AD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD5B9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD5D7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD601.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD61.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD616.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD618.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD61A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD623.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD63.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD63B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD63F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD642.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD67.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD6B3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD6C7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD6E4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD6E8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD72A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD745.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD74F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD750.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD754.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD763.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD785.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD786.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD798.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD7A7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD7B0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD7C7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD7CD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD7D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD7E0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD7F5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD82E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD834.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD839.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD848.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD86A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD86D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD86E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD87.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD875.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD882.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD89B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD8A3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD8AD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD8AE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD8C0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD8E0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD939.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD943.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD946.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD95.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD957.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD964.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD972.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD985.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD986.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD99B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD9AF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD9B7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD9C9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD9D4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD9E3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHD9E9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA06.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA18.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA19.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA51.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA62.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA6C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA75.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA7A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA7F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDA95.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDAAC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDAB8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDABF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDADD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDAFC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDAFD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDB03.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDB17.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDB28.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDB65.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDB7A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDB7F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDB82.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDB9F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDBB7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDBC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDBC9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDBD1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC0C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC37.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC3C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC45.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC5F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC62.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC6A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC75.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDC77.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDCA4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDCD4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDCE2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDCED.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDCF0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD06.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD39.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD4F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD64.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD6A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD76.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD7E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD84.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD94.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDD98.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDDA1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDDA3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDDB3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDDB9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDDCC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDDD8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDE08.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDE19.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDE5D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDE78.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDE91.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDEC7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDEE4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF04.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF0F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF40.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF43.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF59.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF6D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF72.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF73.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDF87.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDFA5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDFB0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDFC5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDFDE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDFE9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHDFFA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE004.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE00E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE01A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE01E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE048.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE049.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE04E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE05.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE06.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE062.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE069.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE082.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE090.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE099.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE09B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE0CA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE0D4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE0DA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE0DF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE103.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE127.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE13.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE131.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE13F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE143.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE146.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE14F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE151.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE152.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE154.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE156.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE17.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE184.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE185.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE1A0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE1BB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE1E3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE1F3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE1FF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE20D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE217.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE21F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE221.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE290.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE291.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE29E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE2AB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE2AF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE2CB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE2DC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE2ED.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE321.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE33.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE333.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE336.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE35A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE35C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE360.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE36E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE37F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE385.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE38C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE3AF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE3B9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE3CD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE3F1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE401.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE406.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE415.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE42A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE464.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE473.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE488.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE48F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE491.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE4A3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE4B2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE4CB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE4CC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE4F6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE51.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE51F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE52.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE52B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE52F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE543.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE544.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE55B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE569.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE588.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE58B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE5CB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE5DF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE5F5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE63D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE651.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE677.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE67D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE682.tmp a variant of Win32/Koobface.NCI worm 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE69E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE6AB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE6B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE6B0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE6B5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE6F3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE6F4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE702.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE713.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE724.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE747.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE75B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE76.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE762.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE771.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE791.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE795.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE7A5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE7A7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE7AB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE7CD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE7DE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE7DF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE80D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE80E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE841.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE846.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE868.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE86B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE87C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE88D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE8A8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE8A9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE8C9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE8D9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE8E2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE90C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE90E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE913.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE936.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE93C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE94C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE956.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE957.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE9A4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE9B6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE9B8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE9C3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHE9DC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA01.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA02.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA15.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA16.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA40.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA4F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA5B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA5D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA5F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA83.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEA8E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEAA7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEAB8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEABD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEACB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEAF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEAFC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB10.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB1A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB35.tmp a variant of Win32/Koobface.NCI worm 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB42.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB45.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB4E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB51.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB7D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB80.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEB97.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEBA6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEBAD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEBC7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEBD0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC00.tmp Win32/AutoRun.Agent.FB worm 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC09.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC14.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC29.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC48.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC72.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC80.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC82.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEC92.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHECC0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHECD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHECE0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHECF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHED23.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHED38.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHED76.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHED7C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEDA9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEDB0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEDC0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEDE9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEDEA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEDF0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEDFD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE27.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE34.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE35.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE47.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE58.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE69.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE83.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE8C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE96.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEE9A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEEA4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEEA5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEEB5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEECF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF12.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF28.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF32.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF44.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF4C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF5A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF6E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF8C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF95.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEF9F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEFC3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEFC4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEFDD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHEFED.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF002.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF020.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF024.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF03B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF07B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF099.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF0A3.tmp a variant of Win32/Koobface.NCI worm 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF0C0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF0C6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF0D8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF0DC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF0DF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF0E2.tmp a variant of Win32/Koobface.NCI worm 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF106.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF13A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF140.tmp a variant of Win32/AutoRun.JO worm 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF165.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF168.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF16D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF1B8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF1C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF1C1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF1E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF1F5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF21E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF23E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF25E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF268.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF27B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF293.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF298.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF2FA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF30E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF313.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF32E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF338.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF345.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF34A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF3A0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF3B5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF3C6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF3E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF3E4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF3EA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF405.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF41.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF410.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF413.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF414.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF418.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF42.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF429.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF442.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF462.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF474.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF478.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF499.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF4AF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF4B0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF4BF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF4C9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF4E2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF4EE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF4FE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF513.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF563.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF56A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF56C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF57A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF590.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF5B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF5B9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF5E8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF5F5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF601.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF623.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF63.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF635.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF63A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF641.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF65.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF670.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF67B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF6B3.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF6B4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF6C7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF6D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF6E1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF711.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF718.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF72A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF746.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF760.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF766.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF76E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF7B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF7B2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF7BD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF7DA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF7DB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF7EB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF81A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF82B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF859.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF866.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF88A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF88D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF8C8.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF8D6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF8DF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF8FA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF905.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF93E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF953.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF96B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF96D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF973.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF992.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF9B7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF9C9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF9CF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF9DF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHF9E0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA0F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA2A.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA2E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA4C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA50.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA52.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA76.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA7C.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFA9E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFABA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFADF.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFAEA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFAF1.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFAF7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFB26.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFB28.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFB67.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFB7B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFB85.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFBAB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFBB5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFBDA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFBDD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFBFA.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFC32.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFC3B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFC5F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFC60.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFC6B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFC76.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFC81.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFC8F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFCB4.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFCBD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFCC7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFCD2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFCDD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFD41.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFD4B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFD54.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFD57.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFD66.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFD88.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFD98.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFDE7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFDE9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFE00.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFE1B.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFE33.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFE6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFE7F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFE83.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFE8D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFE9F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFEB5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFEBC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFEC2.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFED7.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFEE.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFEE9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF19.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF20.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF38.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF3F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF5E.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF5F.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF91.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF93.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFF9D.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFFBB.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFFBC.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFFC5.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFFCD.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFFD9.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFFE6.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I C:\WINDOWS\temp\DWHFFF0.tmp a variant of Win32/Daonol.C trojan 00000000000000000000000000000000 I F:\My Documents\munsi\AutoRun.inf INF/Autorun.gen trojan 00000000000000000000000000000000 I F:\My Documents\munsi\Mcafee Antivirus\AutoRun.inf INF/Autorun.gen trojan 00000000000000000000000000000000 I

#30 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 07 November 2009 - 09:26 AM

Hi,

Please do the following:

Go Start > Run and copy/paste the following single-line command into the Run box and click OK:

cmd /c del /f/a/q "C:\WINDOWS\ufsb.bak" "F:\My Documents\munsi\AutoRun.inf" "F:\My Documents\munsi\Mcafee Antivirus\AutoRun.inf"

NEXT:

Download TFC to your desktop

Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean

It's normal after running TFC cleaner that the PC will be slower to boot the first time.

NEXT

Please download DaonolFix from the link below and save it to your Desktop
Download Mirror #1

Double-click DaonolFix.exe to run it.
Select 1. Find Daonol (no fix) by typing 1 and pressing Enter.
You will see a lot of files being listed - don't worry, they are just being scanned.
A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called DaonolFix.txt).

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

Body Background

skin color theme