OK, here is the results. Kasperky online scan found 3 infected files in the bunch, and mcafee found 5 of them infected. Avast found none
. I tried to email the files to avast but it seems aol (my only email client) scans thier mail with mcafee be4 sending it. It will not let me send an infected file, which is a good thing i guess. I also found a logon.exe file to be infected that avast missed. It seems what i read is 100% correct ! So here is part it:
Several Trojan horse viruses were reported making the rounds Tuesday by antivirus vendors.
Troj/Golon-A is a backdoor Trojan that copies itself to the Windows system folder as logon.exe and sets the following registry entry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\logon.exe = \logon.exe
Troj/Golon-A also creates several registry entries under HKLM\Software\Microsoft\Kernel.
Troj/Ataka-E is a multicomponent IRC backdoor Trojan. The main installer component (sx.exe) is typically downloded from the internet by a downloader. The installer drops the following files: calc32.exe, gamma.exe, ght.dll, hajr.drv, infsyst.reg, kasperlamm.cab, msvcrtd.dll, nocx.ocx, NoeWinnt.exe, oje.txt and syn32.exe into the folder Program Files\NetMeeting\conf\.
Some of these files are clean and are not detected. Gamma.exe is a Trojan dropper and is detected as Troj/Prx-A. (gamma.exe was found infected by mcafee)