Hi,
*
worm.win32.welchia.b
windows\syste32\tftp3624 infected with backdoor.sdbot.jg
windows\syste32\tftp3624 infected with backdoor.sdbot.jt
*
"tftp3624": is this a folder or did you leave out the EXE-extension of the file ?
The 3 above enter your system via unpatched Security holes or WEAK PASSWORDS!!
win32.parite.b virus: strange -> either infected files on other partitions, harddisks/installation media, or Network worm got inself infected..
Did you APPLY all patches OFFLINE before the first ONLINE-connection
did you test the files with other AV-Scanners (for false alarm, though this seems unlikely)
Looks like either:
- you didn't have all the patches in place before going online
- your Firewall is not configured properly.
- you use WEAK PASSWORDS..
- someone knows your passwords.. (possible if you had a trojan/backdoor/keylogger on your PC previously: WHY did you reformat ?)
- El niƱo
81.152.86.3.
Any feedback would be much appreciated!
Neil