
[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[PopIE Varietal]
C:\WINDOWS\SYSTEM32\ASYCFLLT.CPL

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Soso Address Search]
C:\WINDOWS\DOWNLOADED PROGRAM FILES\BONREM.DLL
C:\WINDOWS\DOWNLOADED PROGRAM FILES\ZORW.DLL
C:\WINDOWS\SYSTEM32\DRIVERS\ADPROT.SYS
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{669751ED-D558-49AE-B01A-3B374CC7910E}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{669751ED-D558-49AE-B01A-3B374CC7910E}
HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\ENUM\ROOT\LEGACY_ADPROT
HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\ADPROT
HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\ENUM\ROOT\LEGACY_ADPROT
HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\ADPROT
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADPROT
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ADPROT

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Yahoo Toolbar]
D:\FAVORITES\美宜佳便利店 - - POWERED BY 雅虎搜索.URL

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[QQ Toolbar]
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\QQTOOLBAR
HKEY_LOCAL_MACHINE\SOFTWARE\TENCENT\QQTOOLBAR

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Trojan.psw.avx]
C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PLUGINS\BHO_ADV1.DLL
C:\WINDOWS\INF\PLUGSLIST.DAT
HKEY_CLASSES_ROOT\CLSID\{1D098345-9012-8750-8910-9128098134D1}
HKEY_CLASSES_ROOT\CLSID\{2D908534-AD45-920F-AC89-4024FA9D26D2}
HKEY_CLASSES_ROOT\CLSID\{61C1B9CE-1A6F-4994-B4A4-0E7C99AD4C28}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{1D098345-9012-8750-8910-9128098134D1}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{2D908534-AD45-920F-AC89-4024FA9D26D2}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{61C1B9CE-1A6F-4994-B4A4-0E7C99AD4C28}

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Eyiruanjian Canliu]
C:\WINDOWS\FONTS\GEJIBND.FON
C:\WINDOWS\FONTS\GJCUBXW.FON
C:\WINDOWS\FONTS\WIJIBFW.FON
C:\WINDOWS\FONTS\WYMOBFZ.FON
C:\WINDOWS\SYSTEM32\DRIVERS\1.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\10.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\11.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\12.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\13.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\14.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\15.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\16.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\17.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\18.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\19.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\2.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\20.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\21.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\22.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\23.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\24.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\25.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\26.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\3.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\4.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\5.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\6.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\7.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\8.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\9.TXT
C:\WINDOWS\SYSTEM32\SELUR.ENC

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Trojan Files]
HKEY_CLASSES_ROOT\CLSID\{4FA10261-B890-F432-A453-69F1023513F4}
HKEY_CLASSES_ROOT\CLSID\{D64AC2E4-95B1-40DD-90D9-0C60F7CA64BF}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{4FA10261-B890-F432-A453-69F1023513F4}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{D64AC2E4-95B1-40DD-90D9-0C60F7CA64BF}

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Risk.PictureShow]
D:\PROGRAM FILES\PICTURESHOW\
D:\PROGRAM FILES\PICTURESHOW\CONFIG.INI
D:\PROGRAM FILES\PICTURESHOW\UPDATE.EXE

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Risk program]
HKEY_CLASSES_ROOT\CLSID\{6598FF45-DA60-F48A-BC43-10AC47853D56}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{6598FF45-DA60-F48A-BC43-10AC47853D56}

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Trojan.usbinite.Wisin]
HKEY_CLASSES_ROOT\CLSID\{F859245F-345D-BC13-AC4F-145D47DA34FF}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{F859245F-345D-BC13-AC4F-145D47DA34FF}

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[TROJAN FILES 2]
HKEY_CLASSES_ROOT\CLSID\{7914E0AA-ECCB-4311-B584-C49538227824}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{7914E0AA-ECCB-4311-B584-C49538227824}

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Trojan.computerbro]
HKEY_CLASSES_ROOT\CLSID\{54909874-8982-F344-A322-7898787FA745}
HKEY_CLASSES_ROOT\CLSID\{992FADFA-BCDE-ACDF-CDEF-21054865CBA9}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{54909874-8982-F344-A322-7898787FA745}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{992FADFA-BCDE-ACDF-CDEF-21054865CBA9}

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Trojan.microsfots(*).aiizr]
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FPIDS32

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Trojan.ttservices.apcdli]
C:\WINDOWS\SYSTEM32\DRIVERS\SAFE1.SYS
C:\WINDOWS\SYSTEM32\DRIVERS\SAFE2.SYS
C:\WINDOWS\SYSTEM32\DRIVERS\SAFE3.SYS

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Trojan.msosiocp.dosjisn]
C:\WINDOWS\SYSTEM32\JWLAH.CFG
HKEY_CLASSES_ROOT\CLSID\{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Trojan.wrqszl.zgxfdx]
HKEY_CLASSES_ROOT\CLSID\{841529CB-7F77-4B99-A895-B5441E0D302F}
HKEY_CLASSES_ROOT\CLSID\{F99DEFDD-200B-4410-B572-E90883D527D2}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{841529CB-7F77-4B99-A895-B5441E0D302F}
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{F99DEFDD-200B-4410-B572-E90883D527D2}

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Unknown Trojan Horse/Virus]
C:\WINDOWS\SYSTEM32\DRIVERS\NTNDIS.EXE
C:\WINDOWS\SYSTEM32\G39C5.TMP.EXE
C:\WINDOWS\SYSTEM32\G8487.TMP.EXE
C:\WINDOWS\SYSTEM32\G8AAF.TMP.EXE
C:\WINDOWS\SYSTEM32\GB03B.TMP.EXE
C:\WINDOWS\SYSTEM32\GC54.TMP.EXE
C:\WINDOWS\SYSTEM32\LPHC9G5J0ER2M.EXE

[2.8.1.8.0815 - 2.8.6.8.0816]
2008-08-22 17:27
[Maybe Useless object]
C:\WINDOWS\FONTS\GJCSDSS.DLL
C:\WINDOWS\FONTS\GJFHBSS.DLL
C:\WINDOWS\FONTS\RSJZBFG.DLL
C:\WINDOWS\SYSTEM32\9940950B04.DLL
C:\WINDOWS\SYSTEM32\WBEM\9691\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WRQSZL.DLL