[2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Trojan] C:\DOCUMENTS AND SETTINGS\S\LOCAL SETTINGS\TEMP\WMSETUP.DLL C:\PROGRAM FILES\MESSENGER\MSGSWCAM.DLL C:\PROGRAM FILES\WINRAR\LIB7Z.DLL C:\PROGRAM FILES\WINRAR\LIBBZ2.DLL C:\PROGRAM FILES\WINRAR\LIBISO.DLL C:\WINDOWS\APPPATCH\SYSMAIN.DLL C:\WINDOWS\MKMKRNL.DLL C:\WINDOWS\MPKRNL.DLL C:\WINDOWS\UPDATE.DLL HKEY_CLASSES_ROOT\CLSID\{3F991DE0-A6A8-40ED-4B87-293AEDB29489} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{3F991DE0-A6A8-40ED-4B87-293AEDB29489} [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Adware.Bizmd] C:\WINDOWS\DOWNLOADED PROGRAM FILES\THUNDERADVISE.DLL HKEY_CLASSES_ROOT\CLSID\{97421D0D-E07F-40DF-8F07-99597B9585AD} HKEY_CLASSES_ROOT\THUNDERADVISE.THUNDERHLPOBJ HKEY_CLASSES_ROOT\THUNDERADVISE.THUNDERHLPOBJ.1 HKEY_CLASSES_ROOT\TYPELIB\{6D4C7E08-E021-414C-A42D-AB15A2302196} HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{97421D0D-E07F-40DF-8F07-99597B9585AD} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{97421D0D-E07F-40DF-8F07-99597B9585AD} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{6D4C7E08-E021-414C-A42D-AB15A2302196} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{97421D0D-E07F-40DF-8F07-99597B9585AD} [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Trojan.psw.avx] C:\WINDOWS\SYSTEM32\2EF0D734.DLL C:\WINDOWS\SYSTEM32\4FBFD5A4.DLL C:\WINDOWS\SYSTEM32\93DEE065.DLL C:\WINDOWS\SYSTEM32\D7C79813.DLL C:\WINDOWS\SYSTEM32\DE8296F.SYS C:\WINDOWS\SYSTEM32\F8AB57E9.DLL C:\WINDOWS\TEMP\WMSETUP.DLL HKEY_CLASSES_ROOT\CLSID\{2EF0D734-21FD-4225-A1A2-BCD296182AAF} HKEY_CLASSES_ROOT\CLSID\{4FBFD5A4-5FE8-4444-8BD9-FD0FAFA64F96} HKEY_CLASSES_ROOT\CLSID\{93DEE065-EC9B-4505-ADD3-19880AD3C38F} HKEY_CLASSES_ROOT\CLSID\{B3721C07-62B3-411A-9DC7-F5F27E3E21FF} HKEY_CLASSES_ROOT\CLSID\{D7C79813-9233-4AE0-832C-99B2E8019673} HKEY_CLASSES_ROOT\CLSID\{F8AB57E9-BA5D-4F11-8834-3DF603561B34} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{2EF0D734-21FD-4225-A1A2-BCD296182AAF} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{4FBFD5A4-5FE8-4444-8BD9-FD0FAFA64F96} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{93DEE065-EC9B-4505-ADD3-19880AD3C38F} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{B3721C07-62B3-411A-9DC7-F5F27E3E21FF} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{D7C79813-9233-4AE0-832C-99B2E8019673} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{F8AB57E9-BA5D-4F11-8834-3DF603561B34} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{2EF0D734-21FD-4225-A1A2-BCD296182AAF} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{4FBFD5A4-5FE8-4444-8BD9-FD0FAFA64F96} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{93DEE065-EC9B-4505-ADD3-19880AD3C38F} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{B3721C07-62B3-411A-9DC7-F5F27E3E21FF} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{D7C79813-9233-4AE0-832C-99B2E8019673} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{F8AB57E9-BA5D-4F11-8834-3DF603561B34} HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\ENUM\ROOT\LEGACY_DE8296F HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\DE8296F HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\ENUM\ROOT\LEGACY_DE8296F HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\DE8296F HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DE8296F HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DE8296F [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Uncorrect AppInit_DLLs] HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\APPINIT_DLLS\REG_SZ00 [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Trojan.msosiocp.dosjisn] C:\WINDOWS\SYSTEM32\41.TMP C:\WINDOWS\SYSTEM32\44.TMP C:\WINDOWS\SYSTEM32\47.TMP C:\WINDOWS\SYSTEM32\4A.TMP C:\WINDOWS\SYSTEM32\4E.TMP C:\WINDOWS\SYSTEM32\51.TMP C:\WINDOWS\SYSTEM32\54.TMP C:\WINDOWS\SYSTEM32\57.TMP C:\WINDOWS\SYSTEM32\5C.TMP C:\WINDOWS\SYSTEM32\60.TMP C:\WINDOWS\SYSTEM32\63.TMP C:\WINDOWS\SYSTEM32\HBASKTAO.DLL C:\WINDOWS\SYSTEM32\HBKDXY.DLL C:\WINDOWS\SYSTEM32\HBQQFFO.DLL C:\WINDOWS\SYSTEM32\HBQQSG.DLL C:\WINDOWS\SYSTEM32\HBSO2.DLL C:\WINDOWS\SYSTEM32\HBTL.DLL C:\WINDOWS\SYSTEM32\HBWD.DLL C:\WINDOWS\SYSTEM32\HBWOW.DLL C:\WINDOWS\SYSTEM32\HBXMJ.DLL C:\WINDOWS\SYSTEM32\HBXY2.DLL C:\WINDOWS\SYSTEM32\HBYY.DLL HKEY_CLASSES_ROOT\CLSID\{9CA963CA-107C-4089-B0AB-31380F90D7E3} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{9CA963CA-107C-4089-B0AB-31380F90D7E3} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{9CA963CA-107C-4089-B0AB-31380F90D7E3} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\3PMMUPDATE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\HBSERVICE32 [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Trojan.xpserve.lsoss] C:\WINDOWS\SYSTEM32\9CA963CA.CFG C:\WINDOWS\SYSTEM32\9CA963CA.DLL [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Trojan.ytewcxzsw.wrew2ds] C:\WINDOWS\SYSTEM32\122B901E.DLL C:\WINDOWS\SYSTEM32\70B0129E.DLL C:\WINDOWS\SYSTEM32\B3721C07.DLL C:\WINDOWS\SYSTEM32\C8FFD223.DLL C:\WINDOWS\SYSTEM32\DA63E650.DLL HKEY_CLASSES_ROOT\CLSID\{70B0129E-726E-4789-A7C0-5DDC33241E94} HKEY_CLASSES_ROOT\CLSID\{C8FFD223-C0FB-40C5-94A0-FD7891AC18E9} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{70B0129E-726E-4789-A7C0-5DDC33241E94} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{C8FFD223-C0FB-40C5-94A0-FD7891AC18E9} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{70B0129E-726E-4789-A7C0-5DDC33241E94} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{C8FFD223-C0FB-40C5-94A0-FD7891AC18E9} [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Trojan.upnpsrv] C:\WINDOWS\SYSTEM32\UPNPSRV.DLL HKEY_CLASSES_ROOT\CLSID\{122B901E-493F-4AD9-BC69-7DE8C3E52FCC} HKEY_CLASSES_ROOT\CLSID\{4D023DE9-F4B5-4BE0-99C6-7C7AD0CF5426} HKEY_CLASSES_ROOT\CLSID\{DA63E650-537C-4042-87BB-9D19D844680B} HKEY_CLASSES_ROOT\CLSID\{DE01DA19-A6A8-EB80-4D47-248DEB2A9399} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{122B901E-493F-4AD9-BC69-7DE8C3E52FCC} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{4D023DE9-F4B5-4BE0-99C6-7C7AD0CF5426} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{DA63E650-537C-4042-87BB-9D19D844680B} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{DE01DA19-A6A8-EB80-4D47-248DEB2A9399} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{122B901E-493F-4AD9-BC69-7DE8C3E52FCC} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{4D023DE9-F4B5-4BE0-99C6-7C7AD0CF5426} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{DA63E650-537C-4042-87BB-9D19D844680B} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\UPNP [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Trojan.htxvimes] C:\WINDOWS\SYSTEM32\4D023DE9.DLL [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Unknown Trojan Horse/Virus] C:\WINDOWS\SYSTEM32\B8E83D3C.DLL HKEY_CLASSES_ROOT\CLSID\{B8E83D3C-9466-4091-9AD1-1F89418A6EB7} HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{B8E83D3C-9466-4091-9AD1-1F89418A6EB7} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{B8E83D3C-9466-4091-9AD1-1F89418A6EB7} [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Access deny Object] C:\WINDOWS\SYSTEM32\SYSTEM.EXE [2.8.2.8.1115 - 2.8.30.8.1115] 2008-11-15 22:14 [Infected System File,Can not Delete!] System Important File,Can not delete,Try Replace:C:\WINDOWS\SYSTEM32\ACTXPRXY.DLL