Oh dear me I think this is getting to hard:
1.Ok if I don't want the restore points in my chest how do I get them out and what do I do with them?
2.I moved the files but not into a temp. folder I created a new one........ok stuffed up that one..........could not and did not understand standard shield etc suggestions and could not wait a whole day to get your answer so I just turned off the avast
3.Ran all the files 41 through the virus total and they came up as posted below,(only 1) did not understand what findings you wanted or what the address bar of the VT results page, sorry I just don't understand what these are...................I have been at this for hours, and we are now on the 3rd day?
I then turned on the avast and put the files into the chest so now there are 2 lots in the chest! OK I am blond but I am trying
This is just one of the results I didn't think you would appreciate all 41, thanks for your help
Antivirus Version Last Update Result
a-squared 4.0.0.93 2009.02.22 Worm.Win32.Fujack.cc!IK
AhnLab-V3 2009.2.21.0 2009.02.22 Win-Trojan/Hupigon.287264
AntiVir 7.9.0.87 2009.02.21 Rkit/Agent.gcf
Authentium 5.1.0.4 2009.02.21 W32/SelfStarterInternetTrojan!Maximus
Avast 4.8.1335.0 2009.02.22 Win32:Fujack-AQ
AVG 8.0.0.237 2009.02.21 SHeur2.KPI
BitDefender 7.2 2009.02.22 Dropped:Rootkit.11110
CAT-QuickHeal 10.00 2009.02.22 Backdoor.Hupigon.foae
ClamAV 0.94.1 2009.02.22 Worm.Fujacks
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.22 Win32.HLLP.Whboy.origin
eSafe 7.0.17.0 2009.02.19 Suspicious File
eTrust-Vet 31.6.6368 2009.02.20 Win32/Emerleox.GI
F-Prot 4.4.4.56 2009.02.21 W32/SelfStarterInternetTrojan!Maximus
F-Secure 8.0.14470.0 2009.02.22 Worm.Win32.Fujack.cq
Fortinet 3.117.0.0 2009.02.22 -
GData 19 2009.02.22 Dropped:Rootkit.11110
Ikarus T3.1.1.45.0 2009.02.22 Worm.Win32.Fujack.cc
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.22 Worm.Win32.Fujack.cq
McAfee 5532 2009.02.21 W32/Fujacks.aw
McAfee+Artemis 5532 2009.02.21 W32/Fujacks.aw
Microsoft 1.4306 2009.02.22 Virus:Win32/Viking.JB
NOD32 3877 2009.02.22 a variant of Win32/Fujacks
Norman 6.00.06 2009.02.20 W32/DLoader.MEON
nProtect 2009.1.8.0 2009.02.22 Backdoor/W32.Hupigon.78343
Panda 10.0.0.10 2009.02.21 W32/Autorun.AFR
PCTools 4.4.2.0 2009.02.21 -
Prevx1 V2 2009.02.22 -
Rising 21.17.62.00 2009.02.22 Suspicious.Trojan.Win32.Downldr.a
SecureWeb-Gateway 6.7.6 2009.02.22 Rootkit.Agent.gcf
Sophos 4.39.0 2009.02.22 Sus/Behav-1004
Sunbelt 3.2.1855.2 2009.02.17 Win32.Looked.P (v)
Symantec 10 2009.02.22 Trojan Horse
TheHacker 6.3.2.4.263 2009.02.21 Backdoor/Hupigon.foae
TrendMicro 8.700.0.1004 2009.02.20 PE_FUJACKS.AD
VBA32 3.12.10.0 2009.02.22 Backdoor.Win32.Hupigon.foae
ViRobot 2009.2.20.1617 2009.02.20 -
VirusBuster 4.5.11.0 2009.02.21 -
Additional information
File size: 397861 bytes
MD5...: 86e272b8b07c20e0f28e7a918409509f
SHA1..: b8b816bd3f87c13609a37dd34f4011a6d28eceba
SHA256: 61d0f34d713c20eefa4697c1e6748d31d3b5481dd4da956bbda38139b4a9beee
SHA512: 3d99281dda59e03f6f93ea4b1303122502827b232dce98cdcfce690a071087ba
c9f4fae0aa538efbe3b254d3d583d2083fc384ee6a1c4a963dcb7b7ee814b012
ssdeep: 6144:96izSHaGyEl/YkAfz84u9CNcFW1y5OmrCGH/SPfop/50o:wiWHaw28R0NcV
QGfSXod
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
UPX compressed Win32 Executable (32.5%)
Win32 EXE Yoda's Crypter (28.2%)
Win32 Executable Delphi generic (15.6%)
Win32 Executable Generic (9.0%)
Win32 Dynamic Link Library (generic) (8.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4473e0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x35000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x36000 0x12000 0x11600 7.90 7aa430a8c01bd06218d62146fd37069c
.rsrc 0x48000 0x2000 0x1800 4.33 eb4cf2026cc46cf8c10a7d35c54c0724
( 13 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, ExitProcess
> advapi32.dll: RegCloseKey
> gdi32.dll: SetROP2
> mpr.dll: WNetAddConnection2A
> netapi32.dll: NetRemoteTOD
> NTDLL.DLL: ZwDuplicateObject
> ole32.dll: CoInitialize
> oleaut32.dll: VariantCopy
> shell32.dll: ExtractIconA
> URLMON.DLL: URLDownloadToFileA
> user32.dll: GetDC
> wininet.dll: InternetOpenA
> wsock32.dll: htons
( 0 exports )
packers (Kaspersky): UPX
packers (Avast): UPX
packers (Authentium): UPX
packers (F-Prot): UPX