清理或破坏病毒流氓若干

最新推荐文章于 2022-09-26 13:24:42 发布
最新推荐文章于 2022-09-26 13:24:42 发布
阅读量1.2k 收藏
点赞数
文章标签: 操作系统 大数据

http://about.blank.la
http://Qyule.com
http://591ani.cn

//--1------------

591ani.cn清理:网上未发现有用资料,以下均为自己胡整。

system32目录下有个arpcb.exe的自解压压缩包,里面的内容有jopen.vbs,npf.sys,Packet.dll,run.bat,wanpacket.dll和wpcap.dll。故把arpcb.exe删除,system32下的这些解压出来的文件也以并删除。

另外还发现有各downloadpath0.txt文件,内容

[path]
http://wm.591ani.cn/fz/systemabc.vbs v1
http://wm.591ani.cn/Game.exe v1
http://wm.591ani.cn/fz/iis.exe v1
http://wm.591ani.cn/fz/nsettop.exe v1
[killprocess]
RavMonD.exe
RavMon.exe
RavTask.exe
RavStub.exe
UIHost.exe
KRegEx.exe
Navapw32.exe
Navapsvc.exe
NMain.exe
navw32.EXE
KVFW.EXE
KAVSvcUI.exe
KAVPFW.EXE
KAV32.exe
TrojDie.kxp
KVSrvXP.exe
KvXP.kxp
KVMonXP.kxp
KVwsc.exe
KAVsvc.exe
KWatchUI.EXE
Iparmor.exe
TrojanHunter.exe
THGUARD.EXE
EGHOST.EXE
MAILMON.EXE
yassistse.exe
gfosdg.exe
mpnxyl.exe
KVSrvXp_1.exe
RRfwMain.exe
kavstart.exe
KVCenter.kxp
kvolself.exe
MSKAGENT.exe
MCVSESCN.exe
RfwMain.exe
KpopMon.exe
CCenter.exe
KVMonXP.exe
Nvsvc32.exe
Rtvscan.exe
KAVPLUS.exe
MCAGENT.exe
SHSTAT.exe
VPTray.exe
CCAPP.exe
TBMon.exe
qqav.exe
adam.exe
KVOL.exe
Kav.exe
mmsk.exe
SREng.exe
MagicSet.exe
360Safe.exe
runiep.exe
kabaload.exe
WoptiClean.exe
SREng.exe
360tray.exe
AntiArp.exe
RsAgent.exe
KWatch.EXE
KPFW32.EXE
AgentSrv.exe
Frogagent.exe
KvDetect.exe
GameSetup.exe
[protectprocess]
pk1.exe
pk2.exe
pk3.exe
pk4.exe
pk5.exe
pk6.exe
[proveddelete]
pd1.exe
pd2.exe
pd3.exe
pd4.exe
pd5.exe
pd6.exe
[end]

不用说,删。连[path],[protectprocess],[proveddelete]项下的那些文件,一经发现,删无赦。[killprocess]下的文件就不要动了,这些都是病毒的对头。

//--2--------------

另外还发现system32下有文件wwwzw.ini和zzwzz.ini。打开,把里面列的那些文件删除,此两个文件也删了。

wwwzw.ini的内容

[settings]
ID=71
hasdown=dodolook391.exe;dodolook391.exe;bind_50467.exe;ad_2225.exe;5d009.exe;UUSEE_digital_Setup_8.exe;maa.exe;my_70074.exe;12d009.exe;yuhan.exe;f.exe;

zzwzz.ini的内容

[settings]
hasdown=setup237.exe;dodolook406.exe;my_70200.exe;ad_2238.exe;mgoogle.exe;
currentday=2007-08-05
currentIP=
haspop=

//--3------------------
IE页面顶部都有qyule的连接图片等,暂时的解决方法

打开internet选项,程序页,点击下面的管理加载项按钮。也不清楚是哪个,就把可以的都禁用了。问题(暂时)解决。

IE管理加载项窗口

//--4--------------

删除的可疑文件(前几日已删除无数,没有记录,下面的只是今天的,这些文件avast都没有检测出来是病毒):

C:/Windows目录下:

003.exe
d16.exe
d070.exe
uda.exe
yuhan.exe
iun6002.exe
12d001.exe
setup237.exe
mgoogle.exe
SET8.tmp
SET3.tmp
SET4.tmp
QTFont.for
erttersbar.dll
sss.dll
video.dll

C:/WINDOWS/System32目录下

5.exe
4.exe
d03.exe
d3d8.dll
downloadpath0.txt
QQDownload.exe
fuck.exe
viking.exe
wwwzw.ini
sysfuck.exe
zzwzz.ini
iis.exe
arpcb.exe
jopen.vbs
run.bat
npf.sys
Packet.dll
WanPacket.dll
wpcap.dll
nsettop.exe
wdbini.dll
ztkini.dll
mohgcyiai.dll

//--5--------------

可能是我前几天删除的文件

c:/windows/system32/djkk.exe
C:/WINDOWS/system32/drivers/acpidisk.sys
C:/WINDOWS/system32/drivers/daidgccd.sys
C:/WINDOWS/system32/drivers/dbdjgdij.sys
C:/WINDOWS/system32/drivers/EntDrv51.sys

//--6-----------------

avast的日志中的病毒

2007-8-10 10:22:31new2712Sign of "Win32:Cinmus-D [Adw]" has been found in "c:/documents and settings/all users/application data/microsoft/pctools/pctools.dll" file.
2007-8-10 10:23:05new2712Sign of "Win32:Lmir-KB [Trj]" has been found in "c:/windows/system32/mswsock30.dll/[NsPack]" file.
2007-8-10 10:23:08new2712Sign of "Win32:Agent-HJW [Trj]" has been found in "c:/windows/system32/remotedbg.dll/[PECompact]" file.
2007-8-10 10:28:16SYSTEM1228Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-10 10:28:16SYSTEM1228Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-10 10:30:35new3988Sign of "Win32:Cinmus-H [Adw]" has been found in "C:/WINDOWS/system32/drivers/acpidisk.sys" file.
2007-8-10 10:31:55new3988Sign of "Win32:Delf-DQP [Trj]" has been found in "C:/WINDOWS/system32/arpcb.exe/qq.exe" file.
2007-8-10 10:32:27new3988Sign of "Win32:Agent-HUT [Wrm]" has been found in "C:/WINDOWS/system32/新建文件夹/djkk.exe/[NsPack]" file.
2007-8-10 10:32:28new3988Sign of "Win32:Agent-JRM [Trj]" has been found in "C:/WINDOWS/system32/pqwq6c4l.dll" file.
2007-8-10 10:32:29new3020Sign of "Win32:Boran-N [Adw]" has been found in "c:/program files/ezfs/ojpc.dll" file.
2007-8-10 10:32:29new3988Sign of "Win32:Small-HHY [Trj]" has been found in "C:/WINDOWS/system32/wdbpri.dll_" file.
2007-8-10 10:32:37new3988Sign of "Win32:Delf-FKI [Trj]" has been found in "C:/WINDOWS/system32/ppinjyldqbywx.dll" file.
2007-8-10 10:32:37new3988Sign of "Win32:Delf-FKI [Trj]" has been found in "C:/WINDOWS/system32/yzvkmutvfdadx.dll" file.
2007-8-10 10:32:37new3988Sign of "Win32:Delf-FKI [Trj]" has been found in "C:/WINDOWS/system32/midbxsmundzcl.dll" file.
2007-8-10 10:32:37new3988Sign of "Win32:Lmir-KB [Trj]" has been found in "C:/WINDOWS/system32/WSP_Fix.dll/[NsPack]" file.
2007-8-10 10:32:38new3988Sign of "Win32:Ieser-J [Trj]" has been found in "C:/WINDOWS/system32/jrxngnxppjcgr.dll" file.
2007-8-10 10:33:23new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/4FED3553.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Cinmus-G [Adw]" has been found in "C:/WINDOWS/Temp/3F36168D.exe/$TEMP/$TEMP/dosss11.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Cinmus-H [Adw]" has been found in "C:/WINDOWS/Temp/3F36168D.exe/$TEMP/acpidisk.sys" file.
2007-8-10 10:33:24new3988Sign of "Win32:Cinmus-G [Adw]" has been found in "C:/WINDOWS/Temp/dosss11.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/cndsv.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/cnprov.sys/[Embedded#0c158]" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/cnprovh.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/config.exe" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/convs.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/idnreg.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/idnsvr.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/idnsvr.exe" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/ieaux.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/loader.exe/[Embedded#08040]" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/loader.exe/[Embedded#0f040]" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/setup.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/setup.exe" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/27/uninstall.exe/[Embedded#14a54]" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/cndsv.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/cnprov.sys/[Embedded#0c358]" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/cnprovh.dll" file.
2007-8-10 10:33:24new3988Sign of "JS:Agent-B [Trj]" has been found in "C:/WINDOWS/Temp/29/cnrbtn.html" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/config.exe" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/convf.dll" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/idnaux.sys" file.
2007-8-10 10:33:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/idnreg.dll" file.
2007-8-10 10:33:25new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/idnsvr.exe" file.
2007-8-10 10:33:25new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/ieaux.dll" file.
2007-8-10 10:33:25new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/setup.exe" file.
2007-8-10 10:33:25new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/29/uninstall.exe/[Embedded#14a3c]" file.
2007-8-10 10:33:25new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/Temp/nl23251e39.exe/[ASPack]/[Embedded#007040]" file.
2007-8-10 10:36:05new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/WINDOWS/QQIEHelper.dll/[UPX]" file.
2007-8-10 10:36:06new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/WINDOWS/kulionrx.dll" file.
2007-8-10 10:36:06new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/WINDOWS/kulionwl.dll" file.
2007-8-10 10:36:06new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/WINDOWS/kulionwm.dll" file.
2007-8-10 10:36:06new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/WINDOWS/kulionzx.dll" file.
2007-8-10 10:36:06new3988Sign of "Win32:Qqhelper-CY [Trj]" has been found in "C:/WINDOWS/KB/KB998013.log" file.
2007-8-10 10:36:23new3988Sign of "Win32:Cinmus-G [Adw]" has been found in "C:/WINDOWS/可疑文件/dodolook406.exe/$TEMP/$TEMP/1558.exe/$TEMP/DoSSSetup.dll" file.
2007-8-10 10:36:23new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/可疑文件/dodolook406.exe/$TEMP/$TEMP/1558.exe" file.
2007-8-10 10:36:23new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/WINDOWS/可疑文件/5d009.exe/$SYSDIR/netdde32.exe" file.
2007-8-10 10:36:24new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/WINDOWS/可疑文件/5d009.exe/$SYSDIR/d03.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:36:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/可疑文件/5d009.exe/$SYSDIR/d03.exe" file.
2007-8-10 10:36:24new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/WINDOWS/可疑文件/12d009.exe/$SYSDIR/netdde32.exe" file.
2007-8-10 10:36:24new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_22.exe/$TEMP/Insshell.exe/[Embedded#2c3d8]" file.
2007-8-10 10:36:24new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_22.exe/$TEMP/Insshell.exe/[Embedded#493d8]" file.
2007-8-10 10:36:24new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_22.exe/$TEMP/Insshell.exe/[Embedded#a53d8]" file.
2007-8-10 10:36:24new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_22.exe/$TEMP/Insshell.exe" file.
2007-8-10 10:36:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2225.exe/$TEMP/insshell.exe/[Embedded#093d8]" file.
2007-8-10 10:36:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2225.exe/$TEMP/insshell.exe/[Embedded#303d8]" file.
2007-8-10 10:36:24new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2225.exe/$TEMP/insshell.exe/[Embedded#4a3d8]" file.
2007-8-10 10:36:24new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2225.exe/$TEMP/insshell.exe/[Embedded#683d8]" file.
2007-8-10 10:36:24new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2225.exe/$TEMP/insshell.exe/[Embedded#903d8]" file.
2007-8-10 10:36:24new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2225.exe/$TEMP/insshell.exe" file.
2007-8-10 10:36:24new3988Sign of "Win32:QQHelper-BN [Trj]" has been found in "C:/WINDOWS/可疑文件/bind_50467.exe" file.
2007-8-10 10:36:24new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/WINDOWS/可疑文件/d063.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:36:24new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/WINDOWS/可疑文件/d064.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:36:24new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/WINDOWS/可疑文件/d065.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:36:24new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/WINDOWS/可疑文件/d066.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:36:24new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/WINDOWS/可疑文件/d067.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:36:25new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/WINDOWS/可疑文件/d068.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:36:25new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/WINDOWS/可疑文件/d069.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:36:25new3988Sign of "Win32:Cinmus-G [Adw]" has been found in "C:/WINDOWS/可疑文件/dodolook391.exe/$TEMP/$TEMP/1208.exe/$TEMP/DoSSSetup.dll" file.
2007-8-10 10:36:25new3988Sign of "Win32:Cinmus-H [Adw]" has been found in "C:/WINDOWS/可疑文件/dodolook391.exe/$TEMP/$TEMP/1208.exe/$TEMP/acpidisk.sys" file.
2007-8-10 10:36:25new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/可疑文件/dodolook391.exe/$TEMP/$TEMP/1208.exe" file.
2007-8-10 10:36:25new3988Sign of "Win32:BHO-FG [Trj]" has been found in "C:/WINDOWS/可疑文件/maa.exe/[PECompact]" file.
2007-8-10 10:36:25new3988Sign of "Win32:Agent-IWX [Trj]" has been found in "C:/WINDOWS/可疑文件/my_70074.exe" file.
2007-8-10 10:36:25new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/WINDOWS/可疑文件/UUSEE_digital_Setup_8.exe/$TEMP/UUSEE_digital_Setup_8.exe" file.
2007-8-10 10:36:25new3988Sign of "Win32:BHO-FG [Trj]" has been found in "C:/WINDOWS/可疑文件/f.exe/[PECompact]" file.
2007-8-10 10:36:25new3988Sign of "Win32:Agent-JRJ [Trj]" has been found in "C:/WINDOWS/可疑文件/my_70200.exe" file.
2007-8-10 10:36:25new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2238.exe/$TEMP/Insshell.exe/[Embedded#423d8]" file.
2007-8-10 10:36:25new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2238.exe/$TEMP/Insshell.exe/[Embedded#5b3d8]" file.
2007-8-10 10:36:25new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2238.exe/$TEMP/Insshell.exe/[Embedded#c63d8]" file.
2007-8-10 10:36:25new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/WINDOWS/可疑文件/ad_2238.exe/$TEMP/Insshell.exe" file.
2007-8-10 10:36:52new3988Sign of "Win32:Agent-JQE [Trj]" has been found in "C:/Documents and Settings/new/Local Settings/Temp/tempaq/[UPX]" file.
2007-8-10 10:37:18new3988Sign of "Win32:Cinmus-G [Adw]" has been found in "C:/Documents and Settings/new/Local Settings/Temporary Internet Files/Content.IE5/3ENQIT3A/dodolook406[1].exe/$TEMP/$TEMP/1558.exe/$TEMP/DoSSSetup.dll" file.
2007-8-10 10:37:18new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Documents and Settings/new/Local Settings/Temporary Internet Files/Content.IE5/3ENQIT3A/dodolook406[1].exe/$TEMP/$TEMP/1558.exe" file.
2007-8-10 10:37:25new3988Sign of "Win32:Agent-GZD [Trj]" has been found in "C:/Documents and Settings/new/Local Settings/Temporary Internet Files/Content.IE5/HG1D3XXZ/barsetup[1]" file.
2007-8-10 10:38:50new3988Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:/Documents and Settings/new/桌面/资料/IPQQ2007_v5.0.rar/IPQQ2007.exe/$INSTDIR/../QQDoctor/TSECUA.COM" file.
2007-8-10 10:41:07new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "C:/Program Files/装机人员工具/UPIEA(IE插件屏蔽) 2006.exe" file.
2007-8-10 10:41:07new3988Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:/Program Files/装机人员工具/自动填IP地址/填写IP为192.168.0.158.exe" file.
2007-8-10 10:41:08new3988Sign of "BVCK-05 [Tool]" has been found in "C:/Program Files/装机人员工具/一键还原精灵6.8/setup.exe" file.
2007-8-10 10:41:19new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Program Files/Ringz Studio/Storm Codec/StormSet.exe" file.
2007-8-10 10:42:29new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/Program Files/ezfs/rmsf.dll" file.
2007-8-10 10:42:29new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/Program Files/ezfs/touh.dll" file.
2007-8-10 10:42:35new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0034783.exe" file.
2007-8-10 10:42:35new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0034784.exe" file.
2007-8-10 10:42:35new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0034800.exe" file.
2007-8-10 10:42:35new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0034801.dll/[ASPack]" file.
2007-8-10 10:42:35new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0035520.exe" file.
2007-8-10 10:42:35new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0035521.exe" file.
2007-8-10 10:42:36new3988Sign of "Win32:Cinmus-H [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0035578.sys" file.
2007-8-10 10:42:38new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0035825.exe" file.
2007-8-10 10:42:38new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP245/A0035826.exe" file.
2007-8-10 10:42:39new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0036550.exe" file.
2007-8-10 10:42:39new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0036551.exe" file.
2007-8-10 10:42:40new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0036571.exe" file.
2007-8-10 10:42:40new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0036572.dll/[ASPack]" file.
2007-8-10 10:42:41new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0037893.exe" file.
2007-8-10 10:42:41new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0037894.exe" file.
2007-8-10 10:42:41new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0038163.exe" file.
2007-8-10 10:42:41new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0038164.exe" file.
2007-8-10 10:42:42new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0038488.exe" file.
2007-8-10 10:42:42new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0038489.exe" file.
2007-8-10 10:42:42new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0038505.exe" file.
2007-8-10 10:42:42new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0038506.dll/[ASPack]" file.
2007-8-10 10:42:43new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038568.exe" file.
2007-8-10 10:42:43new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038569.exe" file.
2007-8-10 10:42:43new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038688.exe" file.
2007-8-10 10:42:43new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038689.exe" file.
2007-8-10 10:42:43new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038705.exe" file.
2007-8-10 10:42:43new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038710.dll/[ASPack]" file.
2007-8-10 10:42:43new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038768.exe" file.
2007-8-10 10:42:43new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038769.exe" file.
2007-8-10 10:42:44new3988Sign of "Win32:Agent-IXE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038785.dll/[NsPack]/[Embedded#12070]/[NsPack]" file.
2007-8-10 10:42:44new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038787.exe" file.
2007-8-10 10:42:44new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038900.exe" file.
2007-8-10 10:42:44new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038901.exe" file.
2007-8-10 10:42:44new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038916.dll/[ASPack]" file.
2007-8-10 10:42:45new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038960.exe" file.
2007-8-10 10:42:45new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038961.exe" file.
2007-8-10 10:42:45new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038966.exe" file.
2007-8-10 10:42:45new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0038967.exe" file.
2007-8-10 10:42:45new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0039059.exe" file.
2007-8-10 10:42:45new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0039060.exe" file.
2007-8-10 10:42:45new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0039065.exe" file.
2007-8-10 10:42:46new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0039066.exe" file.
2007-8-10 10:42:46new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0040065.exe" file.
2007-8-10 10:42:46new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0040066.exe" file.
2007-8-10 10:42:46new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0040140.exe" file.
2007-8-10 10:42:46new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0040141.exe" file.
2007-8-10 10:42:46new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0040146.exe" file.
2007-8-10 10:42:46new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP247/A0040147.exe" file.
2007-8-10 10:42:47new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040337.exe" file.
2007-8-10 10:42:47new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040338.exe" file.
2007-8-10 10:42:48new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040407.exe" file.
2007-8-10 10:42:48new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040408.exe" file.
2007-8-10 10:42:48new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040409.exe" file.
2007-8-10 10:42:48new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040410.exe/$TEMP/Insshell.exe/[Embedded#2c3d8]" file.
2007-8-10 10:42:48new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040410.exe/$TEMP/Insshell.exe/[Embedded#493d8]" file.
2007-8-10 10:42:48new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040410.exe/$TEMP/Insshell.exe/[Embedded#a53d8]" file.
2007-8-10 10:42:48new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040410.exe/$TEMP/Insshell.exe" file.
2007-8-10 10:42:48new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040412.dll/[ASPack]" file.
2007-8-10 10:42:48new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040463.exe" file.
2007-8-10 10:42:48new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP248/A0040465.exe" file.
2007-8-10 10:42:52new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040724.exe" file.
2007-8-10 10:42:52new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040725.exe" file.
2007-8-10 10:42:52new3988Sign of "Win32:Delf-DQP [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049434.exe" file.
2007-8-10 10:42:53new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040744.exe" file.
2007-8-10 10:42:53new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040746.exe" file.
2007-8-10 10:42:53new3988Sign of "Win32:Delf-DTT [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049436.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:53new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040752.exe" file.
2007-8-10 10:42:53new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040753.exe" file.
2007-8-10 10:42:53new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049437.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:53new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049438.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:53new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040791.exe" file.
2007-8-10 10:42:53new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040792.exe" file.
2007-8-10 10:42:53new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049439.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:54new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049440.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:54new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040856.exe" file.
2007-8-10 10:42:54new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040857.exe" file.
2007-8-10 10:42:54new3988Sign of "Win32:Delf-EQW [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049441.exe/[Upack]" file.
2007-8-10 10:42:54new3988Sign of "Win32:BHO-FG [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049442.exe/[PECompact]" file.
2007-8-10 10:42:54new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040879.exe" file.
2007-8-10 10:42:54new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040880.exe" file.
2007-8-10 10:42:54new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040898.exe" file.
2007-8-10 10:42:54new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040899.exe" file.
2007-8-10 10:42:55new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040952.exe/$TEMP/Insshell.exe/[Embedded#2c3d8]" file.
2007-8-10 10:42:55new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040952.exe/$TEMP/Insshell.exe/[Embedded#493d8]" file.
2007-8-10 10:42:55new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040952.exe/$TEMP/Insshell.exe/[Embedded#a53d8]" file.
2007-8-10 10:42:55new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040952.exe/$TEMP/Insshell.exe" file.
2007-8-10 10:42:55new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040954.dll/[ASPack]" file.
2007-8-10 10:42:55new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040980.exe" file.
2007-8-10 10:42:55new3988Sign of "Win32:Agent-GJB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040981.exe" file.
2007-8-10 10:42:55new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040982.exe" file.
2007-8-10 10:42:56new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0040983.dll/[ASPack]" file.
2007-8-10 10:42:56new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0041288.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:42:56new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0041963.exe" file.
2007-8-10 10:42:56new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0042963.exe" file.
2007-8-10 10:42:56new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0042964.exe" file.
2007-8-10 10:42:57new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0043980.exe" file.
2007-8-10 10:42:57new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0044979.exe" file.
2007-8-10 10:42:57new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0044980.exe" file.
2007-8-10 10:42:57new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0044981.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:57new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0044982.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:57new3988Sign of "Win32:Delf-EQW [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0044984.exe/[Upack]" file.
2007-8-10 10:42:57new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0044985.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:57new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0044986.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:57new3988Sign of "Win32:Delf-DTT [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0044987.exe/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:42:57new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0045968.exe" file.
2007-8-10 10:42:57new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048968.exe" file.
2007-8-10 10:42:57new3988Sign of "Win32:Delf-DTT [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048970.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048987.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048992.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048994.sys" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048995.sys/[Embedded#0c358]" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048996.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048998.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0048999.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049000.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049001.exe" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049002.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049003.dll" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049004.exe" file.
2007-8-10 10:42:58new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049008.exe/[ASPack]/[Embedded#007040]" file.
2007-8-10 10:43:04new3988Sign of "Win32:Trojan-gen. {VC}" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049426.exe" file.
2007-8-10 10:43:05new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP251/A0049481.exe" file.
2007-8-10 10:43:14new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP252/A0049694.exe/[Embedded#14a3c]" file.
2007-8-10 10:43:14new3988Sign of "Win32:Small-HHY [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP252/A0049701.DLL" file.
2007-8-10 10:44:14new3988Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP254/A0050686.exe/$INSTDIR/../QQDoctor/TSECUA.COM" file.
2007-8-10 10:44:30new3988Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051035.dll" file.
2007-8-10 10:44:30new3988Sign of "Win32:Lmir-KB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051036.dll/[NsPack]" file.
2007-8-10 10:44:30new3988Sign of "Win32:Agent-HJW [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051039.dll/[PECompact]" file.
2007-8-10 10:44:30new3988Sign of "Win32:Cinmus-H [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051055.sys" file.
2007-8-10 10:44:31new3988Sign of "Win32:Delf-DQP [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051056.exe/qq.exe" file.
2007-8-10 10:44:31new3988Sign of "Win32:Agent-HUT [Wrm]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051057.exe/[NsPack]" file.
2007-8-10 10:44:31new3988Sign of "Win32:Agent-JRM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051058.dll" file.
2007-8-10 10:44:31new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051059.dll" file.
2007-8-10 10:44:31new3988Sign of "Win32:Delf-FKI [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051060.dll" file.
2007-8-10 10:44:31new3988Sign of "Win32:Delf-FKI [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051061.dll" file.
2007-8-10 10:44:31new3988Sign of "Win32:Delf-FKI [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051062.dll" file.
2007-8-10 10:44:31new3988Sign of "Win32:Lmir-KB [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051063.dll/[NsPack]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Ieser-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051064.dll" file.
2007-8-10 10:44:32new3988Sign of "Win32:Qqhelper-DE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051066.dll/[UPX]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051067.dll" file.
2007-8-10 10:44:32new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051068.dll" file.
2007-8-10 10:44:32new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051069.dll" file.
2007-8-10 10:44:32new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051070.dll" file.
2007-8-10 10:44:32new3988Sign of "Win32:Cinmus-G [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051071.exe/$TEMP/$TEMP/1558.exe/$TEMP/DoSSSetup.dll" file.
2007-8-10 10:44:32new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051071.exe/$TEMP/$TEMP/1558.exe" file.
2007-8-10 10:44:32new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051072.exe/$SYSDIR/netdde32.exe" file.
2007-8-10 10:44:32new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051072.exe/$SYSDIR/d03.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:44:32new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051072.exe/$SYSDIR/d03.exe" file.
2007-8-10 10:44:32new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051073.exe/$SYSDIR/netdde32.exe" file.
2007-8-10 10:44:32new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051074.exe/$TEMP/Insshell.exe/[Embedded#2c3d8]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051074.exe/$TEMP/Insshell.exe/[Embedded#493d8]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051074.exe/$TEMP/Insshell.exe/[Embedded#a53d8]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051074.exe/$TEMP/Insshell.exe" file.
2007-8-10 10:44:32new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051075.exe/$TEMP/insshell.exe/[Embedded#093d8]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051075.exe/$TEMP/insshell.exe/[Embedded#303d8]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051075.exe/$TEMP/insshell.exe/[Embedded#4a3d8]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051075.exe/$TEMP/insshell.exe/[Embedded#683d8]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051075.exe/$TEMP/insshell.exe/[Embedded#903d8]" file.
2007-8-10 10:44:32new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051075.exe/$TEMP/insshell.exe" file.
2007-8-10 10:44:32new3988Sign of "Win32:QQHelper-BN [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051076.exe" file.
2007-8-10 10:44:32new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051077.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:44:32new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051078.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:44:33new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051079.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:44:33new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051080.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:44:33new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051081.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:44:33new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051082.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:44:33new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051083.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 10:44:33new3988Sign of "Win32:Cinmus-G [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051084.exe/$TEMP/$TEMP/1208.exe/$TEMP/DoSSSetup.dll" file.
2007-8-10 10:44:33new3988Sign of "Win32:Cinmus-H [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051084.exe/$TEMP/$TEMP/1208.exe/$TEMP/acpidisk.sys" file.
2007-8-10 10:44:33new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051084.exe/$TEMP/$TEMP/1208.exe" file.
2007-8-10 10:44:33new3988Sign of "Win32:BHO-FG [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051085.exe/[PECompact]" file.
2007-8-10 10:44:33new3988Sign of "Win32:Agent-IWX [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051086.exe" file.
2007-8-10 10:44:33new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051087.exe/$TEMP/UUSEE_digital_Setup_8.exe" file.
2007-8-10 10:44:33new3988Sign of "Win32:BHO-FG [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051088.exe/[PECompact]" file.
2007-8-10 10:44:33new3988Sign of "Win32:Agent-JRJ [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051089.exe" file.
2007-8-10 10:44:33new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051090.exe/$TEMP/Insshell.exe/[Embedded#423d8]" file.
2007-8-10 10:44:33new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051090.exe/$TEMP/Insshell.exe/[Embedded#5b3d8]" file.
2007-8-10 10:44:33new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051090.exe/$TEMP/Insshell.exe/[Embedded#c63d8]" file.
2007-8-10 10:44:33new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051090.exe/$TEMP/Insshell.exe" file.
2007-8-10 10:44:33new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051091.exe" file.
2007-8-10 10:44:33new3988Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051092.exe" file.
2007-8-10 10:44:33new3988Sign of "BVCK-05 [Tool]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051093.exe" file.
2007-8-10 10:44:33new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051094.exe" file.
2007-8-10 10:44:33new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051095.dll" file.
2007-8-10 10:44:33new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051096.dll" file.
2007-8-10 10:44:51new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034537.exe" file.
2007-8-10 10:44:51new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034538.exe" file.
2007-8-10 10:44:51new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034563.exe" file.
2007-8-10 10:44:51new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034564.exe" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034616.dll" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034618.sys" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034619.sys/[Embedded#0c158]" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034620.dll" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034622.dll" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034623.dll" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034624.exe" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034626.dll" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034627.exe" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034628.dll" file.
2007-8-10 10:44:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034631.exe/[ASPack]/[Embedded#007040]" file.
2007-8-10 10:44:53new3988Sign of "Win32:Boran-J [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP242/A0034646.exe" file.
2007-8-10 10:44:53new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP243/A0034653.exe" file.
2007-8-10 10:44:53new3988Sign of "Win32:Trojano-2575 [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP243/A0034654.exe" file.
2007-8-10 10:44:53new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP243/A0034655.exe/[Embedded#14a54]" file.
2007-8-10 10:45:18new3988Sign of "Win32:VB-DJP [Wrm]" has been found in "C:/Recycled/Dc3.exe/[Upack]" file.
2007-8-10 10:45:19new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc9.exe" file.
2007-8-10 10:45:20new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc12.exe" file.
2007-8-10 10:45:20new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc13.exe/[ASPack]/[Embedded#009150]" file.
2007-8-10 10:45:21new3988Sign of "Win32:Agent-IXE [Trj]" has been found in "C:/Recycled/Dc15.exe/[NsPack]/[Embedded#4070]/[NsPack]/[Embedded#12070]/[NsPack]" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc16.exe" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc17.exe/[ASPack]/[Embedded#018f20]" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc18.exe" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc19.exe" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc20.exe" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc21.exe" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc22.exe" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc23.exe" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc24.exe" file.
2007-8-10 10:45:21new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/Recycled/Dc25.exe" file.
2007-8-10 10:45:23new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/Recycled/Dc29/Content.IE5/ZQC6CEXG/ad_2238[1].exe/$TEMP/Insshell.exe/[Embedded#423d8]" file.
2007-8-10 10:45:23new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/Recycled/Dc29/Content.IE5/ZQC6CEXG/ad_2238[1].exe/$TEMP/Insshell.exe/[Embedded#5b3d8]" file.
2007-8-10 10:45:23new3988Sign of "Win32:Boran-N [Adw]" has been found in "C:/Recycled/Dc29/Content.IE5/ZQC6CEXG/ad_2238[1].exe/$TEMP/Insshell.exe/[Embedded#c63d8]" file.
2007-8-10 10:45:23new3988Sign of "Win32:Boran-M [Adw]" has been found in "C:/Recycled/Dc29/Content.IE5/ZQC6CEXG/ad_2238[1].exe/$TEMP/Insshell.exe" file.
2007-8-10 10:45:24new3988Sign of "Win32:Agent-JRJ [Trj]" has been found in "C:/Recycled/Dc29/Content.IE5/TEUMYP6T/my_70200[1].exe" file.
2007-8-10 10:45:25new3988Sign of "Win32:AdPlus [Adw]" has been found in "C:/Recycled/Dc41.tmp/Setup_QQ.exe/[UPX]" file.
2007-8-10 10:45:26new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "C:/Ghost/original/boot.exe" file.
2007-8-10 10:45:39new3988Sign of "Win32:VB-DJP [Wrm]" has been found in "C:/quarantine/odbcasvc.EXE.Vir/[Upack]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-DTT [Trj]" has been found in "C:/quarantine/sys06.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/quarantine/sys05.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/quarantine/sys04.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/quarantine/sys03.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/quarantine/sys02.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-EQW [Trj]" has been found in "C:/quarantine/sys01.exe.Vir/[Upack]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Cinmus-I [Adw]" has been found in "C:/quarantine/cpush.dll.Vir" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/quarantine/kulionzx.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/quarantine/kulionrx.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-EQW [Trj]" has been found in "C:/quarantine/wmsj.exe.Vir/[Upack]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/quarantine/winwm.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-FFM [Trj]" has been found in "C:/quarantine/winwl.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 10:45:40new3988Sign of "Win32:Delf-DTT [Trj]" has been found in "C:/quarantine/winow.exe.Vir/[Upack]/[Embedded#DOWN]" file.
2007-8-10 11:00:15new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "D:/Program Files/Maxthon/Thundermini/xunleibho_v4.dll" file.
2007-8-10 11:07:11new3988Sign of "Win32:Trojan-gen. {UPX!}" has been found in "D:/Program Files/QQDoctor/TSECUA.COM" file.
2007-8-10 11:09:55new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "D:/System Volume Information/_restore{31EC3B86-07D6-4822-8C77-AF04A1D9D099}/RP54/A0009131.dll/[Embedded#22250]" file.
2007-8-10 11:11:28new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "D:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051120.dll" file.
2007-8-10 11:11:28new3988Sign of "Win32:Trojan-gen. {UPX!}" has been found in "D:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051121.COM" file.
2007-8-10 11:14:46new3988Sign of "Win32:VB-DJP [Wrm]" has been found in "E:/Recycled/INFO.EXE/[Upack]" file.
2007-8-10 11:15:31new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "E:/System Volume Information/_restore{31EC3B86-07D6-4822-8C77-AF04A1D9D099}/RP53/A0008589.exe/$INSTDIR/Thundermini/xunleibho_v4.dll" file.
2007-8-10 11:15:33new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "E:/System Volume Information/_restore{31EC3B86-07D6-4822-8C77-AF04A1D9D099}/RP53/A0008590.exe/$INSTDIR/Plugins/xpsp2.dll/[Embedded#22250]" file.
2007-8-10 11:15:52new3988Sign of "Win32:QQHelper-BF [Trj]" has been found in "E:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0036875.exe/$TEMP/kzdh.exe" file.
2007-8-10 11:15:52new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP246/A0036875.exe/$TEMP/bimonycb.exe" file.
2007-8-10 11:16:05new3988Sign of "Win32:Ieser-J [Trj]" has been found in "E:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP252/A0049673.exe/[PECompact]/[Embedded#123]" file.
2007-8-10 11:16:06new3988Sign of "Win32:VB-DJP [Wrm]" has been found in "E:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051122.EXE/[Upack]" file.
2007-8-10 11:16:53new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/BitTorrent Plus! 1.3 Beta2.exe/$TEMP/BaiduBar.exe/$INSTDIR/BaiduBar.dll" file.
2007-8-10 11:16:53new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "E:/安装文件备份/BitTorrent Plus! 1.3 Beta2.exe/$TEMP/BaiduBar.exe" file.
2007-8-10 11:16:53new3988Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/BitTorrent Plus! 1.3 Beta2.exe/$TEMP/CNNIC.exe/[ASPack]/[Embedded#018f20]" file.
2007-8-10 11:19:55new3988Sign of "Win32:Trojan-gen. {Other}" has been found in "E:/安装文件备份/FlashPlayer.rar/FlashPlayer.EXE/Wise0020.bin/Wise0011.bin" file.
2007-8-10 11:19:55new3988Sign of "Win32:Small-BTZ [Trj]" has been found in "E:/安装文件备份/FlashPlayer.rar/FlashPlayer.EXE/Wise0020.bin" file.
2007-8-10 11:19:56new3988Sign of "Win32:VB-BBW [Trj]" has been found in "E:/安装文件备份/FlashPlayer.rar/FlashPlayer.EXE/Wise0151.bin/[ASPack]" file.
2007-8-10 11:19:56new3988Sign of "Win32:Small-BTZ [Trj]" has been found in "E:/安装文件备份/FlashPlayer.rar/FlashPlayer.EXE" file.
2007-8-10 14:49:25SYSTEM1196Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-10 14:49:25SYSTEM1196Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-10 14:58:44new3260Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:/Documents and Settings/new/桌面/资料/IPQQ2007_v5.0.rar/IPQQ2007.exe/$INSTDIR/../QQDoctor/TSECUA.COM" file.
2007-8-10 15:04:38new3260Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP254/A0050686.exe/$INSTDIR/../QQDoctor/TSECUA.COM" file.
2007-8-10 15:05:00new3260Sign of "Win32:VB-DJP [Wrm]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051099.exe/[Upack]" file.
2007-8-10 15:05:06new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051100.exe" file.
2007-8-10 15:05:10new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051101.exe" file.
2007-8-10 15:05:13new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051102.exe/[ASPack]/[Embedded#009150]" file.
2007-8-10 15:05:15new3260Sign of "Win32:Agent-IXE [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051103.exe/[NsPack]/[Embedded#4070]/[NsPack]/[Embedded#12070]/[NsPack]" file.
2007-8-10 15:05:18new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051104.exe" file.
2007-8-10 15:05:20new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051105.exe/[ASPack]/[Embedded#018f20]" file.
2007-8-10 15:05:22new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051106.exe" file.
2007-8-10 15:05:24new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051107.exe" file.
2007-8-10 15:05:26new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051108.exe" file.
2007-8-10 15:05:28new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051109.exe" file.
2007-8-10 15:05:30new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051110.exe" file.
2007-8-10 15:05:32new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051111.exe" file.
2007-8-10 15:05:35new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051112.exe" file.
2007-8-10 15:05:38new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051113.exe" file.
2007-8-10 15:05:41new3260Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051114.exe/$TEMP/Insshell.exe/[Embedded#423d8]" file.
2007-8-10 15:05:43new3260Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051114.exe/$TEMP/Insshell.exe/[Embedded#5b3d8]" file.
2007-8-10 15:05:46new3260Sign of "Win32:Boran-N [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051114.exe/$TEMP/Insshell.exe/[Embedded#c63d8]" file.
2007-8-10 15:05:48new3260Sign of "Win32:Boran-M [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051114.exe/$TEMP/Insshell.exe" file.
2007-8-10 15:05:51new3260Sign of "Win32:Agent-JRJ [Trj]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051115.exe" file.
2007-8-10 15:05:53new3260Sign of "Win32:AdPlus [Adw]" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051116.exe/[UPX]" file.
2007-8-10 15:05:55new3260Sign of "Win32:Trojan-gen. {Other}" has been found in "C:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051117.exe" file.
2007-8-10 15:44:54new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051123.exe/$TEMP/BaiduBar.exe/$INSTDIR/BaiduBar.dll" file.
2007-8-10 15:45:42new3260Sign of "Win32:Trojan-gen. {Other}" has been found in "E:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051123.exe/$TEMP/BaiduBar.exe" file.
2007-8-10 15:45:45new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051123.exe/$TEMP/CNNIC.exe/[ASPack]/[Embedded#018f20]" file.
2007-8-10 16:15:11new3260Sign of "Win32:Trojan-gen. {VC}" has been found in "E:/安装文件备份/qq2006standard.exe/$[65]/config/Original/QQGame.exe" file.
2007-8-10 16:15:33new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/StormCodec6.04.08.exe/$TEMP/mms.exe/$INSTDIR/$INSTDIR/Mmsass~1.dll" file.
2007-8-10 16:15:39new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/StormCodec6.04.08.exe/$TEMP/mms.exe" file.
2007-8-10 16:15:53new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/ttpsetup.exe/files/BaiduBar.dll" file.
2007-8-10 16:16:19new3260Sign of "Win32:Small-EFC [Trj]" has been found in "E:/安装文件备份/upload2006112035412setup.exe/bind_50024.exe" file.
2007-8-10 16:16:23new3260Sign of "Win32:Small-EXB [Trj]" has been found in "E:/安装文件备份/upload2006112035412setup.exe/5715.exe/[NsPack]/[Embedded#4010]/[NsPack]" file.
2007-8-10 16:16:25new3260Sign of "Win32:Qqhelper-CY [Trj]" has been found in "E:/安装文件备份/upload2006112035412setup.exe/ssof17.exe/$SYSDIR/drwtsm32.exe/[Embedded#EGG1]" file.
2007-8-10 16:16:28new3260Sign of "Win32:Qqhelper-BW [Trj]" has been found in "E:/安装文件备份/upload2006112035412setup.exe/ssof17.exe/$SYSDIR/drwtsm32.exe" file.
2007-8-10 16:16:30new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/upload2006112035412setup.exe/ssof17.exe/$SYSDIR/202.exe/$COMMONFILES/CPUSH/cpush.dll" file.
2007-8-10 16:16:32new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/upload2006112035412setup.exe/ssof17.exe/$SYSDIR/202.exe" file.
2007-8-10 16:16:34new3260Sign of "Win32:Trojan-gen. {Other}" has been found in "E:/安装文件备份/upload2006112035412setup.exe/ssof17.exe" file.
2007-8-10 16:30:30new3260Sign of "Win32:VB-QK [Trj]" has been found in "E:/安装文件备份/webhy.zip/webhy.exe/webhy/setup.exe/[ASPack]" file.
2007-8-10 16:30:37new3260Sign of "Win32:QQHelper-BK [Trj]" has been found in "E:/安装文件备份/webhy.zip/webhy.exe/webhy/yqu.exe/bind_50100.exe" file.
2007-8-10 16:30:39new3260Sign of "Win32:Baidu-B [Adw]" has been found in "E:/安装文件备份/webhy.zip/webhy.exe/webhy/yqu.exe/yqud.exe/BaiduBar.dll" file.
2007-8-10 16:30:41new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/webhy.zip/webhy.exe/webhy/yqu.exe/yqud.exe" file.
2007-8-10 16:30:43new3260Sign of "Win32:Delf-FCJ [Trj]" has been found in "E:/安装文件备份/webhy.zip/webhy.exe/webhy/yqu.exe/yqu.exe" file.
2007-8-10 16:30:45new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/webhy.zip/webhy.exe/webhy/yqu.exe/cngr.exe/[ASPack]/[Embedded#009150]" file.
2007-8-10 16:30:53new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/WindowsXP-KB835935-SP2-CHS.exe/i386/6to4svc.dl_/6to4svc.dll" file.
2007-8-10 16:31:51new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "E:/安装文件备份/WindowsXP-KB835935-SP2-CHS.exe/i386/fltmc.ex_/fltmc.exe" file.
2007-8-10 16:33:57new3260Sign of "Win32:Trojan-gen. {Other}" has been found in "E:/安装文件备份/优化大师附注册机/优化大师6.56.exe/assist4.exe/Wise0019.bin" file.
2007-8-10 16:36:38new3260Sign of "Win32:VB-DJP [Wrm]" has been found in "F:/Recycled/INFO.EXE/[Upack]" file.
2007-8-10 16:37:13new3260Sign of "Win32:Ieser-J [Trj]" has been found in "F:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP252/A0049677.exe/[PECompact]/[Embedded#123]" file.
2007-8-10 16:37:17new3260Sign of "Win32:VB-DJP [Wrm]" has been found in "F:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051164.EXE/[Upack]" file.
2007-8-10 16:44:44new3260Sign of "Win32:Trojan-gen. {UPX!}" has been found in "F:/资料/工具/WinRAR 3.50 Beta 3 汉化美化版.exe/Default.sfx" file.
2007-8-10 16:44:54new3260Sign of "Win32:Baidu-C [Trj]" has been found in "F:/资料/工具/优化大师/Wom.exe/setup_lamblujincb.exe/BaiduBar.dll" file.
2007-8-10 16:44:58new3260Sign of "Win32:Trojan-gen. {Other}" has been found in "F:/资料/工具/优化大师/Wom.exe/assist4.exe/Wise0019.bin" file.
2007-8-10 16:45:00new3260Sign of "Win32:Adware-gen. [Adw]" has been found in "F:/资料/工具/天网/SkynetPFW_Beta_v2.8_Build0909.EXE/UNREGSKYPFW.EXE" file.
2007-8-10 16:55:59new3260Sign of "Win32:VB-DJP [Wrm]" has been found in "G:/Recycled/INFO.EXE/[Upack]" file.
2007-8-10 16:56:11new3260Sign of "Win32:Ieser-J [Trj]" has been found in "G:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP252/A0049680.exe/[PECompact]/[Embedded#123]" file.
2007-8-10 16:57:12new3260Sign of "Win32:VB-DJP [Wrm]" has been found in "G:/System Volume Information/_restore{7619898A-B5C3-490F-A9B0-454B4418678B}/RP256/A0051168.EXE/[Upack]" file.
2007-8-10 18:16:58SYSTEM1208Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-10 18:16:59SYSTEM1208Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-10 19:12:12SYSTEM1188Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-10 19:12:12SYSTEM1188Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-11 8:30:27SYSTEM1188Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-11 8:30:27SYSTEM1188Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-11 13:27:41SYSTEM1208Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-11 13:27:41SYSTEM1208Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-11 13:44:21SYSTEM1176Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-11 13:44:21SYSTEM1176Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-11 21:43:59SYSTEM1180Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-11 21:43:59SYSTEM1180Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-12 10:16:46SYSTEM1180Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-12 10:16:46SYSTEM1180Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-12 10:31:45SYSTEM1180Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-12 10:31:45SYSTEM1180Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-12 10:41:18SYSTEM1180Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-12 10:41:18SYSTEM1180Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-12 11:42:04SYSTEM1212Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-12 11:42:04SYSTEM1212Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.
2007-8-12 13:03:45SYSTEM1216Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/System32/msplrct.dll" file.
2007-8-12 13:03:45SYSTEM1216Sign of "Win32:Cinmus-D [Adw]" has been found in "C:/WINDOWS/system32/msplrct.dll" file.

//--7---

mvplayer.syb注册成了服务“Network Connections”,描述为“管理‘网络与拨号连接’文件夹中的对象。。。”

djkk.exe也注册成了服务“WindowsDsss”,描述为“为即插即用设备提供支持”。

// --END--------

如有哪位大虾发现我有删错的和漏删的,谢谢告知。不甚感及。

又挽救了一台电脑。

最看不起老重装系统了。对系统重装呗儿熟(辈儿熟?哪个?抑或其它)不是高手,高手从不重装系统。

iteye_887
关注
中国十大最狠的流氓网站曝光!
李德成的网志 × lidecheng's WeBlog
12-17 9万+
 动了流氓软件的发展?谁又从流氓软件中获利,揭开流氓软件背后的始佣者,网易科技独家选出中国十大流氓网站. 以下是网易科技评选的十大流氓网站: 1、3721.com(中文实名) screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor=hand; this.alt=Click h
流氓软件清理大师|Windows流氓软件清理大师官方免费版下载 v6.5
weixin_44130595的博客
07-28 3865
点击下载来源:Windows流氓软件清理大师官方免费版 v6.5 Windows 流氓软件清理大师是一款运行在Windows系统上专业的流氓软件清理工具,功能强大、操作简单、使用方便、运行速度快不卡顿电脑,可清除76种软件。它能够清理系统,专业卸载,标准卸载,优化系统及软件,系统补丁升级等,是一款非常好用、高效便捷且能提高工作效率的多功能软件。电脑流氓软件清理大师比起其它同类软件,清理软件更方便...
cleanfda攻击防范
IT从业者
04-15 1996
1.检测crontab任务列表 crontab -l 如果任务列表中出现任务你不清楚的定时任务,请马上去检测该定时任务是干什么的。 2.查看是否存在异常进程 通过top命令查看那些占用CPU高的异常进程,这种进程一般都是攻击者使用,注意如果前面没有清理掉异常的定时任务,在这里杀点异常进程,过一段时间定时任务一会再次执行的。 3.查找cleanfda挖矿攻击的核心文件 如何出现下面的情况,表示你的主机已经中招了,请第一时间清理异常定时任务和异常进程。 ...
十大流氓软件及卸载方法整理
LAvA WORLD
02-23 12万+
第一名:3721上网助手 所属公司:北京三七二一科技有限公司厂商网址:www.3721.com存在问题:1、 强制安装 2、 浏览器劫持(添加用户不需要的按钮、ie地址菜单项中添加非法内容)3、 干扰其他软件运行4、无法彻底卸载卸载方法:下载专用卸载工具卸载,工具请见下面链接名称:“3721卸载工具 ”,软件语言 简体中文 整理时间 2005-2-13 2:50:57 软件类型 绿色软件 授权
怎么把流氓软件清理干净?.doc
08-08
如何清理流氓软件 流氓软件是指捆绑在软件安装包中的恶意程序,旨在收集用户数据、推广广告、盗取账户信息等。这些软件通常会安装在用户不知情的情况下,导致电脑运行缓慢、弹出大量广告、甚至破坏系统安全。因此,...
SoftCnKiller流氓软件清理工具
最新发布
10-31
SoftCnKiller是一款功能强大的流氓软件清理工具,该软件不仅能够轻松的帮助用户清理电脑中的一些流氓软件和流氓文件,还附带了广告弹窗定位工具,可以针对性地找到并清楚系统中的弹窗广告,有需要的就来下载吧。
流氓软件清理助手,清理流氓软件,清理插件,清理系统垃圾文件
09-03
4. **DosTools.exe**:这可能是一个DOS命令行工具,用于执行一些低级的系统维护任务,如磁盘清理或文件管理。在某些情况下,这样的工具可以帮助用户在图形界面无法解决的问题上找到解决方案。 5. **WinSockFix.exe*...
杀毒-广告-流氓软件-电脑垃圾-插件电脑清理集合
11-21
工具箱包括:AdwCleaner广告清理 ccsetup404电脑垃圾清理 tdsskiller ComboFix杀毒软件 JRT广告去除软件 rkill病毒强制停止 tweaking.com_windows_repair_aio_setup 电脑修复 其中杀毒软件和广告去除软件是绿色软件
中国互联网十大流氓网站
思考的空间
10-14 14万+
1、3721.com(中文实名)  这个是流氓软件的开山鼻祖,就是因它将中国互联网带入到一个流氓时代,这里就不作再多说,相信大多数人都装过这个网站的插件。  2、MOP.com(猫扑)  猫扑从2004年开始流量一路狂涨,现在 Alexa 68位,这其中与它的“播霸”与前期与其它流氓合作推广是分开不的。  3、Zhongsou.com(中搜)  中搜在网友中的骂名是除了3721最大的,“网络猪”与
Win7系统IE、搜狗等浏览器首页被恶意网址qq789.com.cn劫持……
Purpleendurer@CSDN
07-26 7277
C\Users\Administrator\AppData\Local\tucao\module\TCPlugin.dll|$ShanghaiBanRuTechCo.Ltd.|2017-8-16174854|口水党插件模块|1.2.0.13|口水党插件模块|Copyright(C)2011-2016KouShuiDangNetworkTechnologyCo.Ltd.|1.2.0.13|koushuidang.cn|?
各种进程名称
lniwn
08-26 1万+
下载进程 FlashBT.exe 网络电视  PPStream.exe QQ下载  QQDownload.exe PP狗 PPGou.exe 脱兔 TuoTu.exe BT下载 BitTorrent.exe BitSpirit.exe 快车 Flash
中国十大最狠的流氓网站曝光!送查杀流氓的工具
热门推荐
hzbairly的专栏
10-12 31万+
谁推动了流氓软件的发展?谁又从流氓软件中获利,揭开流氓软件背后的始佣者,网易科技独家选出中国十大流氓网站。 以下是网易科技评选的十大流氓网站:   3721网站的出现注定会写入中国互联网历史。他的意义在于它将十年中国互联网分为了两段,一段是纯洁的互联网,一段就是一直到现在的互联网流氓时代。当中国互联网进入2006年,丝毫没有看到流氓时代逝去的迹象,反而越演越烈。各式各样的流氓软件满天横飞,争吵与辱
cygwin生成可执行文件360弹出Win32/Trojan.Generic.750问题解决
caixiaoxun的专栏
11-16 4746
由于工作需要,作了一些将LINUX下程序移植到Win平台的工作。但编译发布后,发现360弹出Win32/Trojan.Generic.750报错。 通过反复研究,发现如下方法可以极大的规避些问题。如下: 1:通过STRIP命令,去除所有不必要的调试信息。(可以解决95%以上的问题) 2:通过方法1还是有些问题不能解决,将CFLAGS 不加任何的优化选项。 我想应该可以直接通
几种媒体文件(MediaPlayer,Realplay,QuickTime)的调用代码
编程岁月
01-18 4588
在论坛中自动播放wmv的html代码 例如,要播放http://www.it190.com/baidu.wmv试试这个           综合型:http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab#Version=6,1,5,217"id=MediaPlayer type=application/x
[转]十大流氓软件及卸载方法整理
weixin_33895016的博客
02-15 7864
作者:lawdoor 时间: 2005-12-19 文档类型:转载 来自:中软网blog第一名:3721上网助手 所属公司:北京三七二一科技有限公司厂商网址:www.3721.com存在问题:1、 强制安装 2、 浏览器劫持(添加用户不需要的按钮、ie地址菜单项中添加非法内容)3、 干扰其他软件运行4、无法彻底卸载卸载方法:下载专用卸载工具卸载,工具请见下面链接名称:“372...
记一次 newinit.sh 相关病毒处理
muyu_feng的博客
09-26 4674
(ps:在这之前经历过五六次木马病毒攻击,都是搞个定时任务下载脚本,然后就拿你服务器搞事情。去年活动 我自己买了一台腾讯云服务器 100多 三年的(巨便宜,现在再也买不到 QAQ)自己玩的。然后服务器被挖矿被封了,钱倒是退了,可再也买不到这么便宜的服务起了。因为是刚弄的一台16G服务器,才部署2个项目运行几天一切正常。再次部署多实例时发现,已部署好的服务老是掉,项目日志一切正常,感觉不太正常。去查看 隐藏权限中会多了ai权限 ,它修改了很多文件权限。最后还是CPU100%的问题只能重启服务器,再看就好了。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值