Virus Isolator

Description:	Rogue Security Program
Risk Level:	High
Date of First Occurence:	Wednesday, May 14, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

Detected Files: %PROGRAMFILES%\VirusIsolator\VirusIsolator.exe MD5: C23902BE9C7FE7EEFABBE6BC9623197B Size:1577472 MD5: 955F39C1BCFFC648C72B632951BC2329 MD5: BE3AA16C934747524DF806D081A89864 Size:1367552 MD5: F0007762D1685534932BA49EE2809A52 Size:1577472
Detected Files with variable Filenames: MD5: 4D60C419FB5BB06D30B6F6AD5607E480 Size: 196608 %PROGRAMFILES%\VIRUSISOLATOR\zlib.dll %PROGRAMFILES%\VIRUSISOLATOR\zlib.dll.ren MD5: 955F39C1BCFFC648C72B632951BC2329 Size: 976384 %PROGRAMFILES%\VirusIsolator\VirusIsolator.exe %PROGRAMFILES%\VIRUSISOLATOR\virusisolator.exe.ren MD5: 4E33C6F0F75314B50B9E8058CA88400F Size: 1581056 %PROGRAMFILES%\VirusIsolator\VirusIsolator.exe %DESKTOP%\VirusIsolator %SystemDiskRoot%\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP963\A0071431.exe %SystemDiskRoot%\System Volume Information\_restore{BDBAED25-1B0D-4A07-A527-8D12EC724616}\RP258\A0035727.EXE %SystemDiskRoot%\RECYCLER\S-1-5-21-1697412346-1372538278-1190612905-1001\Dc505.exe %USERPROFILE%\Local Settings\Temporary Internet Files\Content.IE5\V3QLXX34\VirusIsolator[1].exe %USERPROFILE%\Configuracin local\Archivos temporales de Internet\Content.IE5\H3P64CRV\VirusIsolator[1].exe

Files by Name %APPDATA%\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\VIRUSISOLATOR.LNK %DESKTOP%\VIRUSISOLATOR.LNK %PROGRAMFILES%\VIRUSISOLATOR\VIRUSISOLATOR.EXE
Files by MD5 MD5: 4E33C6F0F75314B50B9E8058CA88400F Size: 1581056
Files by Directories %START_PROGRAMS%\VIRUSISOLATOR %PROGRAMFILES%\VIRUSISOLATOR
Registry Values HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ValueName=VIRUSISOLATOR.EXE