[2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan] C:\WINDOWS\SYSTEM32\DOMUPDATE.EXE [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Deskipn] HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{48E688C8-609F-4B08-944E-3C7FAB99CD08} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{F9AD9D67-EFA8-480E-8291-0163F3960DE7} [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [OKTE Search Toolbar] C:\WINDOWS\SYSTEM32\YINGINSTALL C:\WINDOWS\SYSTEM32\YINGINSTALL\804.INI C:\WINDOWS\YING-UNINSTALL.EXE [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [BaiduSuperSoBa] C:\DOCUMENTS AND SETTINGS\无聊的游戏\LOCAL SETTINGS\APPLICATION DATA\BAIDU\ C:\PROGRAM FILES\BAIDU\BAR\ C:\WINDOWS\SOSUO.COL C:\WINDOWS\SYSTEM32\IEXP_LOG.TXT HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\ENUM\ROOT\LEGACY_BDGUARD HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\ENUM\ROOT\LEGACY_BDGUARD HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_BDGUARD [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [3721Keyword] C:\PROGRAM FILES\3721\ C:\PROGRAM FILES\3721\AUTOLIVE.DLL C:\PROGRAM FILES\3721\AUTOLIVE.INI C:\PROGRAM FILES\3721\AUTOLVSW.INI C:\PROGRAM FILES\3721\CNS01.DAT C:\PROGRAM FILES\3721\CNS03.DAT C:\PROGRAM FILES\3721\NOTIFIER.DLL C:\PROGRAM FILES\3721\WINDEX.DAT C:\PROGRAM FILES\3721\WINHEX.DAT HKEY_CLASSES_ROOT\CLSID\{1B0E7716-898E-48CC-9690-4E338E8DE1D3} HKEY_CLASSES_ROOT\CLSID\{7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} HKEY_CLASSES_ROOT\CLSID\{ABEC6103-F6AC-43A3-834F-FB03FBA339A2} HKEY_CLASSES_ROOT\INTERFACE\{48E688C8-609F-4B08-944E-3C7FAB99CD08} HKEY_CLASSES_ROOT\INTERFACE\{BE08F6BC-C3E6-4149-BEB1-CB449E1B372E} HKEY_CLASSES_ROOT\TYPELIB\{19069804-2CF0-4357-B696-BA6E9AAD99EF} HKEY_CLASSES_ROOT\TYPELIB\{4158DB95-DE71-41FF-BEA1-2C3D1C679DF1} HKEY_CLASSES_ROOT\TYPELIB\{F9AD9D67-EFA8-480E-8291-0163F3960DE7} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{1B0E7716-898E-48CC-9690-4E338E8DE1D3} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{ABEC6103-F6AC-43A3-834F-FB03FBA339A2} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{BE08F6BC-C3E6-4149-BEB1-CB449E1B372E} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{19069804-2CF0-4357-B696-BA6E9AAD99EF} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{4158DB95-DE71-41FF-BEA1-2C3D1C679DF1} [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Yahoo Toolbar] C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手 C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\ C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\IE修复专家.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\插件管理专家.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\恢复IE外观.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\清理IE地址栏.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\全面清理.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\卸载雅虎助手.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\雅虎助手.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\在线帮助.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\雅虎助手\在线升级.LNK C:\PROGRAM FILES\YAHOO!\ASSISTANT\ C:\PROGRAM FILES\YAHOO!\ASSISTANT\YAL01.DAT C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALIVE.DLL C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALIVE.DLL.1.LOG C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALIVE3.INI C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALVSW3.INI C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL C:\PROGRAM FILES\YAHOO!\ASSISTANT\YLIVE.EXE C:\PROGRAM FILES\YAHOO!\ASSISTANT\YNOTIFIER.DLL C:\PROGRAM FILES\YAHOO!\ASSISTANT\YSCRBLOCK.DLL C:\WINDOWS\ASSIST.DAT C:\WINDOWS\SYSTEM32\DRIVERS\YASKP.SYS HKEY_CLASSES_ROOT\ADKILLER.YASNOADCOM HKEY_CLASSES_ROOT\ADKILLER.YASNOADCOM.1 HKEY_CLASSES_ROOT\ANGLING.ANTIFISH HKEY_CLASSES_ROOT\ANGLING.ANTIFISH.1 HKEY_CLASSES_ROOT\APPID\YMAILP.DLL HKEY_CLASSES_ROOT\APPID\{12216F17-C31B-42FC-BCCF-715DC258548C} HKEY_CLASSES_ROOT\CLEARUPASSISTANT.CLASSFACTORY HKEY_CLASSES_ROOT\CLEARUPASSISTANT.CLASSFACTORY.1 HKEY_CLASSES_ROOT\CLEARUPASSISTANT.INTERNETPROTOCOL HKEY_CLASSES_ROOT\CLEARUPASSISTANT.INTERNETPROTOCOL.1 HKEY_CLASSES_ROOT\CLSID\{17F1C8E8-B99B-4D85-927B-A0EE7290455A} HKEY_CLASSES_ROOT\CLSID\{19CE93DE-8334-42C6-B2CA-BFE3DF5196A3} HKEY_CLASSES_ROOT\CLSID\{1C2EDD19-C2D5-4234-9339-785E5885B84D} HKEY_CLASSES_ROOT\CLSID\{2283BB66-A15D-4AC8-BA72-9C8C9F5A1691} HKEY_CLASSES_ROOT\CLSID\{33BBE430-0E42-4F12-B075-8D21ACB10DCB} HKEY_CLASSES_ROOT\CLSID\{406F94F0-504F-4A40-8DFD-58B0666ABEBD} HKEY_CLASSES_ROOT\CLSID\{4558FA8B-C683-4BD9-BB43-90E086A4C113} HKEY_CLASSES_ROOT\CLSID\{4B57D035-8A78-4E5A-82DF-FD5DEE51E578} HKEY_CLASSES_ROOT\CLSID\{4EBCAF82-5BE7-4FC5-938F-9CD284587139} HKEY_CLASSES_ROOT\CLSID\{4F2C1A0A-622E-4D23-9870-6FB6D109C170} HKEY_CLASSES_ROOT\CLSID\{55C32FB0-B5DE-432D-B143-7CA84EA3F888} HKEY_CLASSES_ROOT\CLSID\{57421194-58FB-49AE-9B4F-FD48869B9AD4} HKEY_CLASSES_ROOT\CLSID\{59E99ADD-E926-40E8-BD6F-1532124A4AAA} HKEY_CLASSES_ROOT\CLSID\{62EED7C6-9F02-42F9-B634-98E2899E147B} HKEY_CLASSES_ROOT\CLSID\{6940DBA6-CEBB-46B6-8058-CB358295BCCC} HKEY_CLASSES_ROOT\CLSID\{7992E7F8-5D81-4EAA-9E5F-6211215946E4} HKEY_CLASSES_ROOT\CLSID\{8FC688E0-3F7D-4517-8C30-459C4211A8A1} HKEY_CLASSES_ROOT\CLSID\{92AB9611-504A-4682-A9A2-696D77CE9371} HKEY_CLASSES_ROOT\CLSID\{94AFAA49-2B59-4A8C-85EB-9ACA60020935} HKEY_CLASSES_ROOT\CLSID\{9C3C2C08-C494-4F52-AE94-85156A447D43} HKEY_CLASSES_ROOT\CLSID\{A14600F7-E2AE-482D-9AFC-99CD4544DB4F} HKEY_CLASSES_ROOT\CLSID\{AB9BF611-F86A-43C5-A467-625E22D7A309} HKEY_CLASSES_ROOT\CLSID\{AF53D70E-29DF-443A-92AA-9C314AF5871E} HKEY_CLASSES_ROOT\CLSID\{B56FF3E8-B0C2-45C9-AF3F-8E6C5F010B9F} HKEY_CLASSES_ROOT\CLSID\{C459AB59-28A5-43A3-9D22-753F4C9586E6} HKEY_CLASSES_ROOT\CLSID\{CA1E3092-BC38-4FFC-AEAE-C8E8EEC70CA1} HKEY_CLASSES_ROOT\CLSID\{CEA8FC9F-3D3F-4486-B9DF-ADCEE875FFB2} HKEY_CLASSES_ROOT\CLSID\{D4A45C16-5E43-4769-AE49-A218036960BB} HKEY_CLASSES_ROOT\CLSID\{E3128A3A-C191-4149-8631-C632C8FC9919} HKEY_CLASSES_ROOT\CLSID\{EF4BA0B4-A877-45B3-B0BC-AD7A3CC22811} HKEY_CLASSES_ROOT\CLSID\{F166BC04-3C84-44CC-A6E9-2315EC4844B9} HKEY_CLASSES_ROOT\CLSID\{F40FED3D-F813-42F4-A1AE-8E1D60472BF0} HKEY_CLASSES_ROOT\CLSID\{FA6DA3A4-87E4-4A45-9FD6-ED26089B7104} HKEY_CLASSES_ROOT\CLSID\{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} HKEY_CLASSES_ROOT\CLSID\{FF0E5DF6-2375-4499-A97F-74954384D8D2} HKEY_CLASSES_ROOT\IEAUI.IEAUICOM HKEY_CLASSES_ROOT\IEAUI.IEAUICOM.1 HKEY_CLASSES_ROOT\IESECUI.IESECUICOM HKEY_CLASSES_ROOT\IESECUI.IESECUICOM.1 HKEY_CLASSES_ROOT\INTERFACE\{02DB2793-F3F8-42AB-9B03-19B25485BE29} HKEY_CLASSES_ROOT\INTERFACE\{054BFE5F-2E4E-434D-900F-617A54FE6E49} HKEY_CLASSES_ROOT\INTERFACE\{0920BDCF-0743-43F5-B0A1-F0A88A0C444E} HKEY_CLASSES_ROOT\INTERFACE\{1E2F9886-F13E-4C4D-BCB8-77139E1965D8} HKEY_CLASSES_ROOT\INTERFACE\{41654B61-5D3C-4988-B46D-9BD24A8B52FA} HKEY_CLASSES_ROOT\INTERFACE\{79367D43-4A71-4F51-B52B-08389320999C} HKEY_CLASSES_ROOT\INTERFACE\{88BE1146-DC38-4DCD-8D47-FDC712DFCF48} HKEY_CLASSES_ROOT\INTERFACE\{924F5B3A-7A27-484A-B873-E855C9708667} HKEY_CLASSES_ROOT\INTERFACE\{A9267C5F-A4A5-4BD3-B78B-80C497F32EDE} HKEY_CLASSES_ROOT\INTERFACE\{B76BAB6C-0C2E-4D19-9A65-51F733456020} HKEY_CLASSES_ROOT\INTERFACE\{C43273A6-9085-41CF-8A84-3881363A7EB9} HKEY_CLASSES_ROOT\INTERFACE\{CBEF989D-7C4C-4354-928C-EA81D055EE7C} HKEY_CLASSES_ROOT\JPEGFILE\SHELLEX\CONTEXTMENUHANDLERS\YAHOO!PHOTO HKEY_CLASSES_ROOT\TOOLBAND.BANDREG HKEY_CLASSES_ROOT\TOOLBAND.BANDREG.1 HKEY_CLASSES_ROOT\TOOLBAND.OBJECTBAR HKEY_CLASSES_ROOT\TOOLBAND.OBJECTBAR.1 HKEY_CLASSES_ROOT\TOTALWIPER.YASWIPERCOM HKEY_CLASSES_ROOT\TOTALWIPER.YASWIPERCOM.1 HKEY_CLASSES_ROOT\TYPELIB\{04D0FD01-C8FA-413B-AD83-519D10B93324} HKEY_CLASSES_ROOT\TYPELIB\{18AB154A-6084-4C2D-B12C-212E58D4751C} HKEY_CLASSES_ROOT\TYPELIB\{22242729-9EE0-4060-988D-BE2A9EFD8CD0} HKEY_CLASSES_ROOT\TYPELIB\{3A3116C7-9F1A-48E2-AF9C-E158FC2EF658} HKEY_CLASSES_ROOT\TYPELIB\{51C76AB9-D876-46A8-A20D-F606EDDD69ED} HKEY_CLASSES_ROOT\TYPELIB\{5517390C-60D1-4FFA-BD4C-81F8278AF29E} HKEY_CLASSES_ROOT\TYPELIB\{58E9B715-3C97-4048-9CBE-A708E0AEB29E} HKEY_CLASSES_ROOT\TYPELIB\{7CFDAB57-D8CD-4465-BD15-48CFFCEE3DF2} HKEY_CLASSES_ROOT\TYPELIB\{8417D3DB-4004-4259-952D-A6EC64A1800E} HKEY_CLASSES_ROOT\TYPELIB\{95E822B6-6B10-4E86-9603-6CECB6135867} HKEY_CLASSES_ROOT\TYPELIB\{AE9A3F59-E2D2-4EE8-A279-F2B6AF336B8E} HKEY_CLASSES_ROOT\TYPELIB\{CF67E74A-3C62-4867-9DFA-DD2374003333} HKEY_CLASSES_ROOT\TYPELIB\{D4D707DF-F46E-46EF-BDCA-512F6345F205} HKEY_CLASSES_ROOT\TYPELIB\{E816B7F9-96AB-4D4D-8DA4-B9D124959DA5} HKEY_CLASSES_ROOT\TYPELIB\{F8CC28B5-4042-4054-99CB-8855EFD0FAB7} HKEY_CLASSES_ROOT\YACONFIGCOM.YASETTING HKEY_CLASSES_ROOT\YACONFIGCOM.YASETTING.1 HKEY_CLASSES_ROOT\YAHOOASSISTBAR.ASNOADOBJ HKEY_CLASSES_ROOT\YAHOOASSISTBAR.ASNOADOBJ.1 HKEY_CLASSES_ROOT\YAHOOASSISTBAR.DRAGSEARCH HKEY_CLASSES_ROOT\YAHOOASSISTBAR.DRAGSEARCH.1 HKEY_CLASSES_ROOT\YAHOOASSISTBAR.PHOTOTB HKEY_CLASSES_ROOT\YAHOOASSISTBAR.PHOTOTB.1 HKEY_CLASSES_ROOT\YAHOOASSISTBAR.YFLASHDL HKEY_CLASSES_ROOT\YAHOOASSISTBAR.YFLASHDL.1 HKEY_CLASSES_ROOT\YALIVE.LIVE HKEY_CLASSES_ROOT\YALIVE.LIVE.1 HKEY_CLASSES_ROOT\YASSIST.EASYASSIST HKEY_CLASSES_ROOT\YASSIST.EASYASSIST.1 HKEY_CLASSES_ROOT\YFFLASH.FLASHOBJECTINTERFACE HKEY_CLASSES_ROOT\YFFLASH.FLASHOBJECTINTERFACE.1 HKEY_CLASSES_ROOT\YMAILP.YMAILBTN HKEY_CLASSES_ROOT\YMAILP.YMAILBTN.1 HKEY_CLASSES_ROOT\YMYWEB.MYWEBBTN HKEY_CLASSES_ROOT\YMYWEB.MYWEBBTN.1 HKEY_CLASSES_ROOT\YPAGETR.PAGETRANSLATE HKEY_CLASSES_ROOT\YPAGETR.PAGETRANSLATE.1 HKEY_CLASSES_ROOT\YPHOTOSEASY.PHOTOSCTRL HKEY_CLASSES_ROOT\YPHOTOSEASY.PHOTOSCTRL.1 HKEY_CLASSES_ROOT\YRSS HKEY_CLASSES_ROOT\YRSS.EXPBAND HKEY_CLASSES_ROOT\YRSS.EXPBAND.1 HKEY_CLASSES_ROOT\YRSS.SHOWBAR HKEY_CLASSES_ROOT\YRSS.SHOWBAR.1 HKEY_CLASSES_ROOT\YRSS.YRSSCOM HKEY_CLASSES_ROOT\YRSS.YRSSCOM.1 HKEY_CLASSES_ROOT\YRSS.YRSSPROTO HKEY_CLASSES_ROOT\YRSS.YRSSPROTO.1 HKEY_CLASSES_ROOT\YSEARCH.ALERTBUTTON HKEY_CLASSES_ROOT\YSEARCH.ALERTBUTTON.1 HKEY_CLASSES_ROOT\YSEARCH.CLOGO HKEY_CLASSES_ROOT\YSEARCH.CLOGO.1 HKEY_CLASSES_ROOT\YSEARCH.CMAINBUTTONCOM HKEY_CLASSES_ROOT\YSEARCH.CMAINBUTTONCOM.1 HKEY_CLASSES_ROOT\YSEARCH.HYPERLINK HKEY_CLASSES_ROOT\YSEARCH.HYPERLINK.1 HKEY_CLASSES_ROOT\YSEARCH.MARKBUTTON HKEY_CLASSES_ROOT\YSEARCH.MARKBUTTON.1 HKEY_CLASSES_ROOT\YSEARCH.SEARCHBOX HKEY_CLASSES_ROOT\YSEARCH.SEARCHBOX.1 HKEY_CLASSES_ROOT\YSEARCH.SEARCHBUTTON HKEY_CLASSES_ROOT\YSEARCH.SEARCHBUTTON.1 HKEY_CLASSES_ROOT\ZSNETPROTO.BLOCKLIST HKEY_CLASSES_ROOT\ZSNETPROTO.BLOCKLIST.1 HKEY_CLASSES_ROOT\ZSNETPROTO.MYPROTOCOL HKEY_CLASSES_ROOT\ZSNETPROTO.MYPROTOCOL.1 HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXPLORER BARS\{19CE93DE-8334-42C6-B2CA-BFE3DF5196A3} HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MENUEXT\添加到雅虎订阅(&Y) HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MENUEXT\雅虎搜索 HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\雅虎搜索 HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{33BBE430-0E42-4F12-B075-8D21ACB10DCB} HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{62EED7C6-9F02-42F9-B634-98E2899E147B} HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} HKEY_CURRENT_USER\SOFTWARE\YAHOO\ASSISTANT HKEY_CURRENT_USER\SOFTWARE\YAHOO\ASSISTANT\ASSIST HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANGLING.ANTIFISH HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANGLING.ANTIFISH.1 HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{12216F17-C31B-42FC-BCCF-715DC258548C} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{17F1C8E8-B99B-4D85-927B-A0EE7290455A} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{19CE93DE-8334-42C6-B2CA-BFE3DF5196A3} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{1C2EDD19-C2D5-4234-9339-785E5885B84D} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{2283BB66-A15D-4AC8-BA72-9C8C9F5A1691} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{33BBE430-0E42-4F12-B075-8D21ACB10DCB} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{406F94F0-504F-4A40-8DFD-58B0666ABEBD} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{4558FA8B-C683-4BD9-BB43-90E086A4C113} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{4B57D035-8A78-4E5A-82DF-FD5DEE51E578} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{4EBCAF82-5BE7-4FC5-938F-9CD284587139} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{4F2C1A0A-622E-4D23-9870-6FB6D109C170} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{55C32FB0-B5DE-432D-B143-7CA84EA3F888} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{57421194-58FB-49AE-9B4F-FD48869B9AD4} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{59E99ADD-E926-40E8-BD6F-1532124A4AAA} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{62EED7C6-9F02-42F9-B634-98E2899E147B} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{6940DBA6-CEBB-46B6-8058-CB358295BCCC} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{7992E7F8-5D81-4EAA-9E5F-6211215946E4} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{8FC688E0-3F7D-4517-8C30-459C4211A8A1} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{92AB9611-504A-4682-A9A2-696D77CE9371} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{94AFAA49-2B59-4A8C-85EB-9ACA60020935} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{9C3C2C08-C494-4F52-AE94-85156A447D43} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{A14600F7-E2AE-482D-9AFC-99CD4544DB4F} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{AB9BF611-F86A-43C5-A467-625E22D7A309} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{AF53D70E-29DF-443A-92AA-9C314AF5871E} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{B56FF3E8-B0C2-45C9-AF3F-8E6C5F010B9F} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{C459AB59-28A5-43A3-9D22-753F4C9586E6} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{CA1E3092-BC38-4FFC-AEAE-C8E8EEC70CA1} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{CEA8FC9F-3D3F-4486-B9DF-ADCEE875FFB2} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{D4A45C16-5E43-4769-AE49-A218036960BB} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{E3128A3A-C191-4149-8631-C632C8FC9919} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{EF4BA0B4-A877-45B3-B0BC-AD7A3CC22811} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{F166BC04-3C84-44CC-A6E9-2315EC4844B9} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{F40FED3D-F813-42F4-A1AE-8E1D60472BF0} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{FA6DA3A4-87E4-4A45-9FD6-ED26089B7104} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{FF0E5DF6-2375-4499-A97F-74954384D8D2} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{02DB2793-F3F8-42AB-9B03-19B25485BE29} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{054BFE5F-2E4E-434D-900F-617A54FE6E49} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{0920BDCF-0743-43F5-B0A1-F0A88A0C444E} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{1E2F9886-F13E-4C4D-BCB8-77139E1965D8} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{41654B61-5D3C-4988-B46D-9BD24A8B52FA} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{79367D43-4A71-4F51-B52B-08389320999C} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{88BE1146-DC38-4DCD-8D47-FDC712DFCF48} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{924F5B3A-7A27-484A-B873-E855C9708667} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{A9267C5F-A4A5-4BD3-B78B-80C497F32EDE} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{B76BAB6C-0C2E-4D19-9A65-51F733456020} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{C43273A6-9085-41CF-8A84-3881363A7EB9} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{CBEF989D-7C4C-4354-928C-EA81D055EE7C} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{04D0FD01-C8FA-413B-AD83-519D10B93324} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{18AB154A-6084-4C2D-B12C-212E58D4751C} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{22242729-9EE0-4060-988D-BE2A9EFD8CD0} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{3A3116C7-9F1A-48E2-AF9C-E158FC2EF658} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{51C76AB9-D876-46A8-A20D-F606EDDD69ED} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{5517390C-60D1-4FFA-BD4C-81F8278AF29E} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{58E9B715-3C97-4048-9CBE-A708E0AEB29E} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{7CFDAB57-D8CD-4465-BD15-48CFFCEE3DF2} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{8417D3DB-4004-4259-952D-A6EC64A1800E} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{95E822B6-6B10-4E86-9603-6CECB6135867} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{AE9A3F59-E2D2-4EE8-A279-F2B6AF336B8E} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{CF67E74A-3C62-4867-9DFA-DD2374003333} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{D4D707DF-F46E-46EF-BDCA-512F6345F205} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{E816B7F9-96AB-4D4D-8DA4-B9D124959DA5} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{F8CC28B5-4042-4054-99CB-8855EFD0FAB7} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YAHOOASSISTBAR.ASNOADOBJ HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YAHOOASSISTBAR.ASNOADOBJ.1 HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YAHOOASSISTBAR.DRAGSEARCH HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YAHOOASSISTBAR.DRAGSEARCH.1 HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YAHOOASSISTBAR.PHOTOTB HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YAHOOASSISTBAR.PHOTOTB.1 HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YALIVE.LIVE HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YALIVE.LIVE.1 HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YASSIST.EASYASSIST HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\YASSIST.EASYASSIST.1 HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19A43AD6-9ACE-4ABB-BAE0-B9577655F49D} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{406F94F0-504F-4A40-8DFD-58B0666ABEBD} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{33BBE430-0E42-4F12-B075-8D21ACB10DCB} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{62EED7C6-9F02-42F9-B634-98E2899E147B} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED\{33BBE430-0E42-4F12-B075-8D21ACB10DCB} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} HKEY_LOCAL_MACHINE\SOFTWARE\YAHOO\ASSISTANT HKEY_LOCAL_MACHINE\SOFTWARE\YAHOO\ASSISTANT\ASSIST HKEY_LOCAL_MACHINE\SOFTWARE\YAHOO\ASSISTANT\YALIVE HKEY_LOCAL_MACHINE\SOFTWARE\YAHOO\ASSISTANT\YSHELLSYSTRAY HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\ENUM\ROOT\LEGACY_YASKP HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\YASKP HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\ENUM\ROOT\LEGACY_YASKP HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\SERVICES\YASKP HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_YASKP HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\YASKP [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan.psw.avx] C:\WINDOWS\SYSTEM32\EKJYZ.DAT C:\WINDOWS\SYSTEM32\IMGUTILHX2.NLS C:\WINDOWS\SYSTEM32\LENSCHK.EXE C:\WINDOWS\SYSTEM32\MSTIMEWD.NLS C:\WINDOWS\SYSTEM32\TWAINYY.NLS C:\WINDOWS\SYSTEM\MZJJ32DLA.DLL HKEY_CLASSES_ROOT\CLSID\{EB9660D8-E1CD-4FF0-B4A9-00CD907F928A} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{EB9660D8-E1CD-4FF0-B4A9-00CD907F928A} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{EB9660D8-E1CD-4FF0-B4A9-00CD907F928A} [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan.myst.rds] HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\XOLEHLPJH.DLL [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Fake IE HomePage] HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\SHELL\OPENHOMEPAGE\COMMAND\\REG_SZ01"%PROGRAMFILES%\INTERNET EXPLORER\IEXPLORE.EXE" [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Uncorrect AppInit_DLLs] HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\APPINIT_DLLS\REG_SZ00 [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Eyiruanjian Canliu] C:\WINDOWS\SYSTEM32\BOOTVIDGJ.NLS C:\WINDOWS\SYSTEM32\DPVVOXMH.NLS C:\WINDOWS\SYSTEM32\SELUR.ENC [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [TROJAN FILES 2] C:\TMP.DAT [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan.msosiocp.dosjisn] C:\DOCUMENTS AND SETTINGS\ALL USERS\LLJYDF16.INI [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Adware.KdbCD.iSecurity] C:\WINDOWS\SYSTEM32\COMUIDSG.NLS [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan.ytewcxzsw.wrew2ds] C:\WINDOWS\SYSTEM32\KBDSWJR.NLS C:\WINDOWS\SYSTEM32\LWEURQHX.NLS C:\WINDOWS\SYSTEM32\TSCFGWMIJXSJ.NLS C:\WINDOWS\SYSTEM32\XOLEHLPJH.NLS HKEY_CLASSES_ROOT\CLSID\{D3112B69-A745-4805-874E-ABD480EA1299} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{D3112B69-A745-4805-874E-ABD480EA1299} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{D3112B69-A745-4805-874E-ABD480EA1299} [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan.inityuser.go10] HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\BOOTVIDGJ.DLL HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\KBDSWJR.DLL [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan.msiffei.abir] HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\MSIFFEI HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MSIFFEI [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan.dpvvoxmh] HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\SLBIOPFS2.DLL [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Trojan.comuidsg] HKEY_CLASSES_ROOT\CLSID\{898E02AB-9372-4A2C-9C4A-FFE1AF61097F} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{898E02AB-9372-4A2C-9C4A-FFE1AF61097F} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{898E02AB-9372-4A2C-9C4A-FFE1AF61097F} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\COMUIDSG.DLL [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Unknown Trojan Horse/Virus] C:\WINDOWS\ONEG.EXE C:\WINDOWS\SYSTEM32\BUWVZ.DAT C:\WINDOWS\SYSTEM32\BXIBZ.DAT C:\WINDOWS\SYSTEM32\CHGLZ.DAT C:\WINDOWS\SYSTEM32\DOETZ.DAT C:\WINDOWS\SYSTEM32\EXPBZ.DAT C:\WINDOWS\SYSTEM32\FRFHZ.DAT C:\WINDOWS\SYSTEM32\GYLCZ.DAT C:\WINDOWS\SYSTEM32\HHPDZ.DAT C:\WINDOWS\SYSTEM32\JDXXZ.DAT C:\WINDOWS\SYSTEM32\JIAJZ.DAT C:\WINDOWS\SYSTEM32\JNGIZ.DAT C:\WINDOWS\SYSTEM32\JSKAZ.DAT C:\WINDOWS\SYSTEM32\KAB12.EXE C:\WINDOWS\SYSTEM32\KYLUZ.DAT C:\WINDOWS\SYSTEM32\LHJLZ.DAT C:\WINDOWS\SYSTEM32\LMMTZ.DAT C:\WINDOWS\SYSTEM32\MZVBZ.DAT C:\WINDOWS\SYSTEM32\NKNNZ.DAT C:\WINDOWS\SYSTEM32\OCONZ.DAT C:\WINDOWS\SYSTEM32\OENAZ.DAT C:\WINDOWS\SYSTEM32\PSXNZ.DAT C:\WINDOWS\SYSTEM32\PWPFZ.DAT C:\WINDOWS\SYSTEM32\QESLZ.DAT C:\WINDOWS\SYSTEM32\QUZLZ.DAT C:\WINDOWS\SYSTEM32\QZONE.EXE C:\WINDOWS\SYSTEM32\SAKUZ.DAT C:\WINDOWS\SYSTEM32\SSMQZ.DAT C:\WINDOWS\SYSTEM32\STAOZ.DAT C:\WINDOWS\SYSTEM32\SXHEZ.DAT C:\WINDOWS\SYSTEM32\TAVGZ.DAT C:\WINDOWS\SYSTEM32\VHIMZ.DAT C:\WINDOWS\SYSTEM32\VLANZ.DAT C:\WINDOWS\SYSTEM32\WELAZ.DAT C:\WINDOWS\SYSTEM32\WELUZ.DAT C:\WINDOWS\SYSTEM32\WHOMZ.DAT C:\WINDOWS\SYSTEM32\WUOOZ.DAT C:\WINDOWS\SYSTEM32\XEKWZ.DAT C:\WINDOWS\SYSTEM32\YMHMZ.DAT C:\WINDOWS\SYSTEM32\YVGLZ.DAT C:\WINDOWS\SYSTEM32\ZMAEZ.DAT HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\ENUM\ROOT\LEGACY_QZONE HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\QZONE HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\ENUM\ROOT\LEGACY_QZONE HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\SERVICES\QZONE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_QZONE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\QZONE [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Maybe Useless object] C:\WINDOWS\SYSTEM32\SYSTEM.EXE [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Access deny Object] C:\WINDOWS\SYSTEM32\DRIVERS\HBKERNEL32.SYS C:\WINDOWS\SYSTEM32\L3VH5K.DLL HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\ENUM\ROOT\LEGACY_HBKERNEL32 HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\HBKERNEL32 HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\ENUM\ROOT\LEGACY_HBKERNEL32 HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\SERVICES\HBKERNEL32 HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HBKERNEL32 HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\HBKERNEL32 [2.8.1.8.0815 - 2.8.12.8.0911] 2008-09-14 17:12 [Infected System File,Can not Delete!] System Important File,Can not delete,Try Replace:C:\WINDOWS\SYSTEM32\COMCTL32.DLL System Important File,Can not delete,Try Replace:C:\WINDOWS\SYSTEM32\DEBUG.EXE