Wowhead Client Virus Detection

1.  
2. Fri 2012-08-17 14:48:03.0899 Monitoring process C:\Users\Owner\Wowhead Client\Wowhead_Client.exe [E8224B528D2F50AA21652751BEE0FACD]. Type: 4 (6791)
3. Fri 2012-08-17 14:48:03.0899 Monitoring process C:\Users\Owner\Wowhead Client\Wowhead_Client.exe [E8224B528D2F50AA21652751BEE0FACD]. Type: 5 (6791)
4. Fri 2012-08-17 14:48:03.0915 Monitoring process C:\Users\Owner\Wowhead Client\Wowhead_Client.exe [E8224B528D2F50AA21652751BEE0FACD]. Type: 8 (6791)
5. Fri 2012-08-17 15:05:01.0101 Begin passive write scan (2 file(s))
6. Fri 2012-08-17 15:05:01.0548 End passive write scan (2 file(s))
7. Fri 2012-08-17 15:05:34.0107 Begin passive write scan (1 file(s))
8. Fri 2012-08-17 15:05:34.0447 End passive write scan (1 file(s))
9. Fri 2012-08-17 15:05:37.0107 Begin passive write scan (7 file(s))
10. Fri 2012-08-17 15:05:37.0442 End passive write scan (7 file(s))
11. Fri 2012-08-17 15:05:46.0112 Begin passive write scan (1 file(s))
12. Fri 2012-08-17 15:05:46.0350 End passive write scan (1 file(s))
13. Fri 2012-08-17 15:05:52.0112 Begin passive write scan (14 file(s))
14. Fri 2012-08-17 15:05:52.0547 End passive write scan (14 file(s))
15. Fri 2012-08-17 15:06:43.0128 Begin passive write scan (1 file(s))
16. Fri 2012-08-17 15:06:43.0362 End passive write scan (1 file(s))
17. Fri 2012-08-17 15:07:13.0142 Begin passive write scan (21 file(s))
18. Fri 2012-08-17 15:07:13.0492 End passive write scan (21 file(s))
19. Fri 2012-08-17 15:07:16.0142 Begin passive write scan (16 file(s))
20. Fri 2012-08-17 15:07:16.0695 End passive write scan (16 file(s))
21. Fri 2012-08-17 18:12:06.0183 Scan Started: [ID: 70 - Flags: 1575/0]
22. Fri 2012-08-17 18:13:14.0933 Connected to C4
23. Fri 2012-08-17 18:13:23.0404 Infection detected: c:\users\owner\wowhead client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180810] [W32.Trojan.Medfos.Gen]
24. Fri 2012-08-17 18:13:23.0575 Scan Results: Files Scanned: 45074, Duration: 1m 17s, Malicious Files: 1
25. Fri 2012-08-17 18:13:23.0684 Scan Finished: [ID: 70 - Seq: 43625596]
26. Fri 2012-08-17 20:28:26.0697 Begin passive write scan (1 file(s))
27. Fri 2012-08-17 20:28:26.0947 End passive write scan (1 file(s))
28. Fri 2012-08-17 20:28:27.0711 Begin passive write scan (1 file(s))
29. Fri 2012-08-17 20:28:27.0961 End passive write scan (1 file(s))
30. Fri 2012-08-17 20:28:43.0405 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
31. Fri 2012-08-17 20:29:00.0153 Performing cleanup entry: 1
32. Fri 2012-08-17 20:29:00.0917 Scan Started: [ID: 71 - Flags: 1575/128]
33. Fri 2012-08-17 20:30:11.0211 Scan Results: Files Scanned: 45089, Duration: 1m 10s, Malicious Files: 0
34. Fri 2012-08-17 20:30:11.0273 Scan Finished: [ID: 71 - Seq: 43633813]
35. Fri 2012-08-17 21:41:37.0954 Infection detected: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
36. Fri 2012-08-17 21:41:37.0954 File blocked in realtime: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
37. Fri 2012-08-17 21:41:37.0955 File blocked in realtime: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
38. Fri 2012-08-17 21:41:37.0958 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
39. Fri 2012-08-17 21:41:37.0960 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
40. Fri 2012-08-17 21:41:37.0960 Performing cleanup entry: 2
41. Fri 2012-08-17 21:41:38.0640 Infection detected: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
42. Fri 2012-08-17 21:41:38.0640 File blocked in realtime: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
43. Fri 2012-08-17 21:41:38.0641 File blocked in realtime: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
44. Fri 2012-08-17 21:41:38.0674 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
45. Fri 2012-08-17 21:41:38.0683 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
46. Fri 2012-08-17 21:41:38.0899 Performing cleanup entry: 3
47. Fri 2012-08-17 21:41:39.0667 Begin passive write scan (1 file(s))
48. Fri 2012-08-17 21:41:39.0919 End passive write scan (1 file(s))
49. Fri 2012-08-17 21:41:40.0673 Scan Started: [ID: 72 - Flags: 1025/0]
50. Fri 2012-08-17 21:41:42.0671 Begin passive write scan (1 file(s))
51. Fri 2012-08-17 21:41:42.0913 End passive write scan (1 file(s))
52. Fri 2012-08-17 21:41:54.0350 Scan Results: Files Scanned: 1493, Duration: 13s, Malicious Files: 0
53. Fri 2012-08-17 21:41:54.0366 Scan Finished: [ID: 72 - Seq: 43638114]
54. Fri 2012-08-17 21:42:02.0077 Infection detected: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
55. Fri 2012-08-17 21:42:02.0077 File blocked in realtime: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
56. Fri 2012-08-17 21:42:02.0078 File blocked in realtime: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
57. Fri 2012-08-17 21:42:02.0081 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
58. Fri 2012-08-17 21:42:02.0082 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
59. Fri 2012-08-17 21:42:02.0083 Performing cleanup entry: 4
60. Fri 2012-08-17 21:42:02.0463 Infection detected: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
61. Fri 2012-08-17 21:42:02.0463 File blocked in realtime: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
62. Fri 2012-08-17 21:42:02.0463 File blocked in realtime: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
63. Fri 2012-08-17 21:42:02.0467 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
64. Fri 2012-08-17 21:42:02.0471 Determination flags modified: c:\users\owner\appdata\local\temp\temp1_wowhead_client.zip\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
65. Fri 2012-08-17 21:42:02.0712 Performing cleanup entry: 5
66. Fri 2012-08-17 21:42:04.0467 Scan Started: [ID: 73 - Flags: 1025/0]
67. Fri 2012-08-17 21:42:11.0128 Scan Results: Files Scanned: 1463, Duration: 6s, Malicious Files: 0
68. Fri 2012-08-17 21:42:11.0158 Scan Finished: [ID: 73 - Seq: 43638134]
69. Fri 2012-08-17 21:43:06.0695 Begin passive write scan (1 file(s))
70. Fri 2012-08-17 21:43:06.0870 Infection detected: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
71. Fri 2012-08-17 21:43:06.0870 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
72. Fri 2012-08-17 21:43:06.0870 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
73. Fri 2012-08-17 21:43:06.0872 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
74. Fri 2012-08-17 21:43:06.0874 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
75. Fri 2012-08-17 21:43:06.0875 Performing cleanup entry: 6
76. Fri 2012-08-17 21:43:07.0497 Infection detected: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
77. Fri 2012-08-17 21:43:07.0497 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
78. Fri 2012-08-17 21:43:07.0498 Infection detected: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
79. Fri 2012-08-17 21:43:07.0499 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
80. Fri 2012-08-17 21:43:07.0499 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
81. Fri 2012-08-17 21:43:07.0501 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
82. Fri 2012-08-17 21:43:07.0525 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
83. Fri 2012-08-17 21:43:07.0532 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
84. Fri 2012-08-17 21:43:07.0642 End passive write scan (1 file(s))
85. Fri 2012-08-17 21:43:07.0815 Performing cleanup entry: 7
86. Fri 2012-08-17 21:43:09.0500 Scan Started: [ID: 74 - Flags: 1025/0]
87. Fri 2012-08-17 21:43:13.0050 Performing cleanup entry: 8
88. Fri 2012-08-17 21:43:17.0575 Scan Results: Files Scanned: 1467, Duration: 8s, Malicious Files: 0
89. Fri 2012-08-17 21:43:17.0621 Scan Finished: [ID: 74 - Seq: 43638200]
90. Fri 2012-08-17 21:43:45.0001 Infection detected: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
91. Fri 2012-08-17 21:43:45.0001 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
92. Fri 2012-08-17 21:43:45.0002 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
93. Fri 2012-08-17 21:43:45.0006 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
94. Fri 2012-08-17 21:43:45.0007 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
95. Fri 2012-08-17 21:43:45.0008 Performing cleanup entry: 9
96. Fri 2012-08-17 21:43:45.0310 Infection detected: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
97. Fri 2012-08-17 21:43:45.0310 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
98. Fri 2012-08-17 21:43:45.0311 File blocked in realtime: c:\users\owner\downloads\wowhead_client\wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes] [270010416/00000003] [W32.Trojan.Medfos.Gen]
99. Fri 2012-08-17 21:43:45.0318 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
100. Fri 2012-08-17 21:43:45.0319 Determination flags modified: c:\users\owner\downloads\wowhead_client\wowhead_client.exe - MD5: E8224B528D2F50AA21652751BEE0FACD, Size: 454656 bytes, Flags: 00000020
101. Fri 2012-08-17 21:43:45.0546 Performing cleanup entry: 10
102. Fri 2012-08-17 21:43:47.0317 Scan Started: [ID: 75 - Flags: 1025/0]
103. Fri 2012-08-17 21:43:54.0196 Scan Results: Files Scanned: 1462, Duration: 6s, Malicious Files: 0
104. Fri 2012-08-17 21:43:54.0239 Scan Finished: [ID: 75 - Seq: 43638237]
105. Fri 2012-08-17 21:44:30.0026 Scan Started: C:\Users\Owner\Downloads\Wowhead_Client.zip| [ID: 76 - Flags: 256/4]
106. Fri 2012-08-17 21:44:30.0332 Infection detected: c:\users\owner\downloads\wowhead_client.zip/wowhead_client.exe [MD5: E8224B528D2F50AA21652751BEE0FACD] [3/10180830] [W32.Trojan.Medfos.Gen]
107. Fri 2012-08-17 21:44:30.0476 Scan Results: Files Scanned: 1, Duration: 1s, Malicious Files: 1
108. Fri 2012-08-17 21:44:30.0502 Scan Finished: [ID: 76 - Seq: 43638273]
109. Fri 2012-08-17 21:45:22.0422 Saved the product log to C:\Users\Owner\wowhead_client.log