ComboFix-quarantined-files.txt
Code:
2005-08-03 05:08 61440 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\WanPacket.dll.vir
2005-08-03 05:08 81920 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\Packet.dll.vir
2005-08-03 05:18 233472 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\wpcap.dll.vir
2007-02-12 15:28 212 --a------ C:\Qoobox\Quarantine\C\DOCUME~1\ohno\APPLIC~1\Macromedia\Flash Player\#SharedObjects\5B2B7EZU\www.inter-focus.cn\IFFLASHAD_PLAYER.sol.vir
2007-02-12 15:28 88 --a------ C:\Qoobox\Quarantine\C\DOCUME~1\ohno\APPLIC~1\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn\settings.sol.vir
2007-05-06 09:49 8 --a------ C:\Qoobox\Quarantine\C\_desktop.ini.vir
2007-05-06 11:48 10752 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\msccrt.dll.vir
2007-05-06 11:48 11264 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\cmdbcs.dll.vir
2007-05-06 11:49 32512 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\npf.sys.vir
2007-05-06 13:05 32696 --a------ C:\Qoobox\Quarantine\C\WINDOWS\RichDll.dll.vir
列出磁碟區 System 的資料夾 PATH
磁碟區序列號碼為 0C51-29A0
C:\QOOBOX
\---Quarantine
\---C
| _desktop.ini.vir
|
+---DOCUME~1
| \---ohno
| \---APPLIC~1
| \---Macromedia
| \---Flash Player
| +---#SharedObjects
| | \---5B2B7EZU
| | \---www.inter-focus.cn
| | IFFLASHAD_PLAYER.sol.vir
| |
| \---macromedia.com
| \---support
| \---flashplayer
| \---sys
| \---#www.inter-focus.cn
| settings.sol.vir
|
\---WINDOWS
| RichDll.dll.vir
|
\---system32
| cmdbcs.dll.vir
| msccrt.dll.vir
| Packet.dll.vir
| WanPacket.dll.vir
| wpcap.dll.vir
|
\---drivers
npf.sys.vir