2000FUN論壇

標題: 電腦好像中毒了(已解決) [打印本頁]

作者: ALEXYUI 時間: 07-1-8 01:07 AM 標題: 電腦好像中毒了(已解決)

Logfile of HijackThis v1.99.1
Scan saved at 1:03:05, on 8/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\MRTServ.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\zts2.exe
C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\Logo1_.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\桌面\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP 檢視 - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [load] C:\WINDOWS\uninstall\rundl132.exe
O4 - HKLM\..\Run: [SOUNDM] winsmd.exe
O4 - HKLM\..\Run: [zts2] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\zts2.exe
O4 - HKLM\..\Run: [run1132] C:\WINDOWS\SMSS.EXE
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\SVCHOST.EXE
O4 - HKLM\..\Run: [wsvbs] C:\WINDOWS\RUNDLL32.exe
O4 - HKLM\..\Run: [wlzs] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java 主控台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: 49400M.BMP
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - c:\program files\internet explorer\PLUGINS\nppdf.dll
O21 - SSODL: IPicture - {D9466D6A-0F7B-5892-A7E3-290F0343337E} - c:\program files\internet explorer\PLUGINS\IPictureEx.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod 服務 (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Unknown owner - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Unknown owner - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Server Advance (ServerAC) - Unknown owner - C:\WINDOWS\system32\Security.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

[ 本帖最後由 ALEXYUI 於 2007-1-14 03:55 PM 編輯 ]

作者: uhthn2002 時間: 07-1-8 05:44 PM

下載並使用
http://download.rising.com.cn/zsgj/Vikingkiller.scr

之後貼上新hijackthis

作者: ALEXYUI 時間: 07-1-8 08:19 PM

Logfile of HijackThis v1.99.1
Scan saved at 20:18:26, on 8/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\MRTServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Internet Explorer\PLUGINS\system.jmp
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\zts2.exe
C:\WINDOWS\system32\conime.exe
C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\桌面\HijackThis.exe

作者: ALEXYUI 時間: 07-1-8 08:20 PM

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP 檢視 - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [SOUNDM] winsmd.exe
O4 - HKLM\..\Run: [zts2] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\zts2.exe
O4 - HKLM\..\Run: [run1132] C:\WINDOWS\SMSS.EXE
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\SVCHOST.EXE
O4 - HKLM\..\Run: [wsvbs] C:\WINDOWS\RUNDLL32.exe
O4 - HKLM\..\Run: [wlzs] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java 主控台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: 49400M.BMP
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - c:\program files\internet explorer\PLUGINS\nppdf.dll
O21 - SSODL: IPicture - {D9466D6A-0F7B-5892-A7E3-290F0343337E} - c:\program files\internet explorer\PLUGINS\IPictureEx.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod 服務 (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Server Advance (ServerAC) - Unknown owner - C:\WINDOWS\system32\Security.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

作者: ALEXYUI 時間: 07-1-8 08:21 PM

請問一下大大給我的程式是不是不能刪病毒的？？

作者: uhthn2002 時間: 07-1-8 11:04 PM

之前那個 Vikingkiller.scr 是用來修復及移除Viking病毒的

關閉瀏覽器,開啟HijackThis 按do a system scan only勾選以下內容:
O4 - HKLM\..\Run: [SOUNDM] winsmd.exe
O4 - HKLM\..\Run: [zts2] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\zts2.exe
O4 - HKLM\..\Run: [run1132] C:\WINDOWS\SMSS.EXE
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\SVCHOST.EXE
O4 - HKLM\..\Run: [wsvbs] C:\WINDOWS\RUNDLL32.exe
O4 - HKLM\..\Run: [wlzs] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
O20 - AppInit_DLLs: 49400M.BMP
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - c:\program files\internet explorer\PLUGINS\nppdf.dll
O21 - SSODL: IPicture - {D9466D6A-0F7B-5892-A7E3-290F0343337E} - c:\program files\internet explorer\PLUGINS\IPictureEx.dll
O23 - Service: Server Advance (ServerAC) - Unknown owner - C:\WINDOWS\system32\Security.exe
按 fix checked

下載 ATF-Cleaner:

http://www.atribune.org/ccount/click.php?id=1
- 關閉所有視窗及瀏覽器.
- 執行 ATF-Cleaner --> Select All --> Empty Selected
- 清理結束後按 Exit

複製以下粗黑文字

Drivers to unload:
ServerAC

Files to delete:
C:\WINDOWS\SMSS.EXE
C:\WINDOWS\SVCHOST.EXE
C:\WINDOWS\RUNDLL32.exe
C:\WINDOWS\system32\49400M.BMP
C:\WINDOWS\system32\Security.exe
下載 The Avenger http://swandog46.geekstogo.com/avenger.zip ,儲存到桌面並解壓出來
- 執行 The Avenger , 按 Input script manually 再按放大鏡
- 按 Ctrl + V/右click貼上剛才複製的內容 ,按 Done ,按綠燈開始,當有提示彈出, 按 Yes 兩次
- The Avenger 會重新啟動你的電腦大約一至兩次,如果重新啟動時有黑色視窗彈出,這是正常情況
- 當重新啟動後,把 C:\avenger.txt 的內容貼上來,掃個新的HijackThis上來

作者: ALEXYUI 時間: 07-1-8 11:35 PM

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\cxmddlnb
*******************
Script file located at: \??\C:\fbqwwgra.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Driver ServerAC unloaded successfully.
File C:\WINDOWS\SMSS.EXE deleted successfully.
File C:\WINDOWS\SVCHOST.EXE deleted successfully.
File C:\WINDOWS\RUNDLL32.exe deleted successfully.

File C:\WINDOWS\system32\49400M.BMP not found!
Deletion of file C:\WINDOWS\system32\49400M.BMP failed!
Could not process line:
C:\WINDOWS\system32\49400M.BMP
Status: 0xc0000034
File C:\WINDOWS\system32\Security.exe deleted successfully.
Completed script processing.
*******************
Finished! Terminate.

作者: ALEXYUI 時間: 07-1-8 11:36 PM

Logfile of HijackThis v1.99.1
Scan saved at 23:35:44, on 8/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\MRTServ.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\WINDOWS\system32\rundll32.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\桌面\HijackThis.exe

作者: ALEXYUI 時間: 07-1-8 11:36 PM

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP 檢視 - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [wlzs] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SOUNDM] winsmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java 主控台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: 49400M.BMP
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod 服務 (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

作者: uhthn2002 時間: 07-1-9 09:07 PM

刪除
C:\Avenger

下載 AVG Anti-Spyware

http://www.ewido.net/en/download/
- 安裝完成後執行 AVG Anti-Spyware
- 按 Update-->Start update(更新完成後會顯示 Update succesfful!)
- 按 Scanner-->Settings
- 於 How to act? 選 Recommended actions-->Quarantine
- 於 Reports 勾選 Automatically generate report after every scan
- 關閉 AVG Anti-Spyware

重新啟動電腦後 F8 進入安全模式，登入你使用的用戶.

執行 AVG Anti-Spyware
- 按 Scanner--->Complete System Scan.
- 完成掃瞄後選 Apply all actions .
- 如果移除期間彈出視窗，按 Yes，for all
- 移除完成後按 Save Report--->Save report as .
- 關閉 AVG Anti-Spyware

re機
貼上 avg report

作者: ALEXYUI 時間: 07-1-10 02:11 AM

請問點解我按了　 Scanner--->Complete System Scan 在掃毒的時候點解會自動關閉??

作者: uhthn2002 時間: 07-1-10 08:43 PM

下安全模式到用啵
唉算

下載 Dr.Web CureIT!

ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
- 執行 Dr.Web CureIT!
- 按 Start 繼續,會提示你執行一次Express Scan (掃瞄記憶體) ,如果找到已感染的檔案,會提示你進行清除(Cure)
- Express Scan完成後,按 Select drives ,再按右手面的三角形/箭頭開始掃瞄
- 當掃瞄過程中找到已感染的檔案,按 Yes to All 去清除/移動檔案
- 掃瞄完成後,如果找到已感染的檔案,根據圖中按紅圈 ---> 藍圈 ---> 綠圈
- 關閉Dr.Web CureIT並重新啟動電腦,之後,把 C:\Documents and Settings\[你的用戶名稱]\DoctorWeb\CureIT.log 內容post 上黎

作者: ALEXYUI 時間: 07-1-10 11:09 PM

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.10060)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2007-01-10, 21:11:30 [HP_Owner]
Command-line: "C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.5.10110)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 582 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43369.cdb - 687 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43368.cdb - 1099 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43367.cdb - 1834 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43366.cdb - 4015 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43365.cdb - 1342 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43364.cdb - 1335 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43363.cdb - 1152 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43362.cdb - 1006 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43361.cdb - 879 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43360.cdb - 988 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43359.cdb - 1205 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43358.cdb - 1139 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43357.cdb - 1302 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43356.cdb - 1332 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43355.cdb - 2456 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43354.cdb - 1283 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43353.cdb - 795 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 941 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1428 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 380 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 371 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43306.cdb - 781 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43305.cdb - 752 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 772 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records
Total virus records: 166741
Key file: C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

作者: ALEXYUI 時間: 07-1-10 11:12 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] c:\documents and settings\all users\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\cureit.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤drweb-cureit.exe
[Scan path] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
[Scan path] c:\hp\kbd\kbd.exe
[Scan path] c:\program files\21cn\vgo\vgoiebho.dll
[Scan path] c:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll
[Scan path] c:\program files\common files\installshield\updateservice\issch.exe
[Scan path] c:\program files\common files\installshield\updateservice\isuspm.exe
[Scan path] c:\program files\common files\intervideo\schsvr\schsvr.exe
[Scan path] c:\program files\common files\lightscribe\lssrvc.exe
[Scan path] c:\program files\common files\real\update_ob\realsched.exe
[Scan path] c:\program files\common files\symantec shared\ccapp.exe
[Scan path] c:\program files\common files\symantec shared\ccevtmgr.exe
[Scan path] c:\program files\common files\symantec shared\ccproxy.exe
[Scan path] c:\program files\common files\symantec shared\ccpwdsvc.exe
[Scan path] c:\program files\common files\symantec shared\ccsetmgr.exe
[Scan path] c:\program files\common files\symantec shared\security center\symwsc.exe
[Scan path] c:\program files\common files\symantec shared\security center\usrprmpt.exe
[Scan path] c:\program files\common files\symantec shared\sndsrvc.exe
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\naveng.sys
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\navex15.sys
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\flashget\jccatch.dll
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpdtlk02.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
[Scan path] c:\program files\internet explorer\iexplore.exe
[Scan path] c:\program files\intervideo\common\bin\winremote.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\itunes\ituneshelper.exe
[Scan path] c:\program files\itunes\itunesminiplayer.dll
[Scan path] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\msn messenger\fsshext.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msnmsgr.exe
[Scan path] c:\program files\norton internet security\issvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navapsvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navshext.dll
[Scan path] c:\program files\norton internet security\norton antivirus\savrt.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savrtpel.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savscan.exe
[Scan path] c:\program files\outlook express\setup50.exe
[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\real\realplayer\rpshell.dll
[Scan path] c:\program files\sonic recordnow!\shlext.dll
[Scan path] c:\program files\symantec\symevent.sys
[Scan path] c:\program files\updates from hp\309731\program\updates from hp.exe
[Scan path] c:\program files\windows live toolbar\msntb.dll
[Scan path] c:\program files\winrar\rarext.dll
[Scan path] c:\windows\creator\remind_xp.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\ime\imjp8_1\imjpmig.exe
[Scan path] c:\windows\ime\imkr6_1\imekrmig.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\sminst\recguard.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys

作者: ALEXYUI 時間: 07-1-10 11:12 PM

[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\cap7134.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\fsvga.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\hdaudbus.sys
[Scan path] c:\windows\system32\drivers\hidusb.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\iviaspi.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kbdhid.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mouhid.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\npf.sys
[Scan path] c:\windows\system32\drivers\nv4_mini.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\oreans32.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pctsapu.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\phtvtune.sys
[Scan path] c:\windows\system32\drivers\ps2.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\r8139n51.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rtkhdaud.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\symredrv.sys
[Scan path] c:\windows\system32\drivers\symtdi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys

作者: ALEXYUI 時間: 07-1-10 11:13 PM

[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hphmon06.exe
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\igfxsrvc.dll
[Scan path] c:\windows\system32\igfxtray.exe
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\ime\pintlgnt\imscinst.exe
[Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logon.scr
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\nvcpl.dll
[Scan path] c:\windows\system32\nvshell.dll
[Scan path] c:\windows\system32\nvsvc32.exe
[Scan path] c:\windows\system32\nwiz.exe
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\ps2.exe
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setup\fxsocm.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shellvrtf.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuauclt.exe
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] c:\windows\system\hpsysdrv.exe

作者: ALEXYUI 時間: 07-1-10 11:14 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 329
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 7100 Kb/s
Scan time: 00:00:13
-----------------------------------------------------------------------------

[Scan path] C:\
C:\hiberfil.sys - read error
C:\_desktop.ini infected with Win32.HLLW.Gavir.ini - deleted
C:\Documents and Settings\HP_Owner\(R)酯崤CA0XYBCT - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAY3ODQD - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAZWH33C - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\ntuser.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\NTUSER~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\Cg_5006.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\qq.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤PetCalc_2006\?☆孕~1.RMV - read error
C:\Documents and Settings\LocalService\ntuser.dat - read error
C:\Documents and Settings\LocalService\NTUSER~1.LOG - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\NetworkService\NTUSER.DAT - read error
C:\Documents and Settings\NetworkService\NTUSER~1.LOG - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
>>C:\Program Files\ESET\infected\1QIA3KAA.NQF>C:\Program Files\ESET\infected\2HVZ3QDA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\2L1A25AA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\2OOY40BA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\3FK2XPCA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\4XCFXODA.NQF infected with Win32.HLLW.Gavir.54 - cured
>>>C:\Program Files\ESET\infected\4YE4JKBA.NQF infected with Trojan.DownLoader.11923 - deleted
>C:\Program Files\ESET\infected\5LGWD1BA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\ESET\infected\F3DXCABA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\GHGXOBDA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\GKVCRLAA.NQF infected with Trojan.PWS.Wool - deleted
>C:\Program Files\ESET\infected\GOM4VGCA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\IIALJTBA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\IZDJ1QBA.NQF infected with BackDoor.Bifrost - deleted
>>C:\Program Files\ESET\infected\JCGBOBDA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\KGIOEMDA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\LG11ZUAA.NQF infected with Win32.HLLW.Gavir.54 - incurable - moved
>C:\Program Files\ESET\infected\LHUCBGAA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\MDYDLUCA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\MZEW4YCA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\N23CWGAA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\ESET\infected\N2VXDRAA.NQF infected with Trojan.PWS.Legmir.681 - deleted
>>C:\Program Files\ESET\infected\O5D1C4CA.NQF>>C:\Program Files\ESET\infected\OHEPFUBA.NQF infected with Trojan.PWS.Wool - deleted
>C:\Program Files\ESET\infected\POO3W0AA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\ESET\infected\Q5PV4DAA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\QVJ2KEBA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\QXJK2GAA.NQF infected with BackDoor.Pigeon.775 - deleted
>C:\Program Files\ESET\infected\RH2BCCCA.NQF infected with Win32.HLLW.Gavir.54 - cured
>>C:\Program Files\ESET\infected\RISIAJAA.NQF infected with Trojan.Killer - deleted
>>C:\Program Files\ESET\infected\RWJCK2DA.NQF infected with Trojan.PWS.Wool - deleted
>>C:\Program Files\ESET\infected\TCLGFDBA.NQF infected with Trojan.PWS.Tencent - deleted
>>C:\Program Files\ESET\infected\VXOXWHBA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>>C:\Program Files\ESET\infected\WE1ZE2AA.NQF infected with Trojan.MulDrop.4194 - deleted
>C:\Program Files\ESET\infected\XABRMCCA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\XJKPBVCA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\ESET\infected\YWNNTYBA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\Internet Explorer\9Sy.exe infected with Trojan.PWS.Legmir.805 - deleted
>>C:\Program Files\Internet Explorer\CSRSS.Vexe\data001 infected with Trojan.PWS.Legmir.730
>>C:\Program Files\Internet Explorer\CSRSS.Vexe\data002 infected with Trojan.PWS.Zhengtu
C:\Program Files\Internet Explorer\CSRSS.Vexe - archive contains infected objects - moved
>C:\Program Files\Internet Explorer\EXPLORER.EXE infected with Trojan.PWS.Qqpass.395 - deleted
C:\Program Files\Internet Explorer\RUNDLL32.exe infected with Trojan.PWS.Wsgame - deleted
>C:\Program Files\Internet Explorer\SERVICES.EXEC:\Program Files\Internet Explorer\SVCHOST.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\Program Files\Internet Explorer\PLUGINS\HMAPI.DLL infected with Trojan.DownLoader.15581 - deleted
C:\Program Files\Internet Explorer\PLUGINS\IPictureEx.dll infected with Trojan.DownLoader.15581 - deleted
C:\Program Files\Internet Explorer\PLUGINS\nppdf.dll infected with Trojan.MulDrop.4551 - deleted
C:\Program Files\Internet Explorer\PLUGINS\nppdfx.dll infected with Trojan.DownLoader.14932 - deleted
>C:\Program Files\Internet Explorer\PLUGINS\system.jmp infected with Trojan.PWS.Qqpass.395 - deleted
>C:\Program Files\Internet Explorer\PLUGINS\__delete_on_reboot__s_y_s_t_e_m_H_k_._s_y_s_ infected with Trojan.PWS.Qqpass.395 - will be cured after reboot

作者: ALEXYUI 時間: 07-1-10 11:15 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 49969
Infected objects found: 48
Objects with modifications found: 0
Suspicious objects found: 2
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 9
Objects deleted: 35
Objects renamed: 0
Objects moved: 2
Objects ignored: 0
Scan speed: 3095 Kb/s
Scan time: 00:21:23
-----------------------------------------------------------------------------

Scanning interrupted by user! - viruses found
=============================================================================
Total session statistics
=============================================================================
Objects scanned: 50298
Infected objects found: 48
Objects with modifications found: 0
Suspicious objects found: 2
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 9
Objects deleted: 35
Objects renamed: 0
Objects moved: 2
Objects ignored: 0
Scan speed: 3135 Kb/s
Scan time: 00:21:36
=============================================================================

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.10060)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2007-01-10, 21:35:08 [HP_Owner]
Command-line: "C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.5.10110)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 582 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43369.cdb - 687 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43368.cdb - 1099 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43367.cdb - 1834 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43366.cdb - 4015 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43365.cdb - 1342 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43364.cdb - 1335 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43363.cdb - 1152 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43362.cdb - 1006 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43361.cdb - 879 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43360.cdb - 988 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43359.cdb - 1205 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43358.cdb - 1139 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43357.cdb - 1302 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43356.cdb - 1332 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43355.cdb - 2456 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43354.cdb - 1283 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43353.cdb - 795 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 941 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1428 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records

作者: ALEXYUI 時間: 07-1-10 11:15 PM

[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 380 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 371 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43306.cdb - 781 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43305.cdb - 752 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 772 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records
Total virus records: 166741
Key file: C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

作者: ALEXYUI 時間: 07-1-10 11:16 PM

[Scan path] c:\documents and settings\all users\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\cureit.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤drweb-cureit.exe
[Scan path] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
[Scan path] c:\hp\kbd\kbd.exe
[Scan path] c:\program files\21cn\vgo\vgoiebho.dll
[Scan path] c:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll
[Scan path] c:\program files\common files\installshield\updateservice\issch.exe
[Scan path] c:\program files\common files\installshield\updateservice\isuspm.exe
[Scan path] c:\program files\common files\intervideo\schsvr\schsvr.exe
[Scan path] c:\program files\common files\lightscribe\lssrvc.exe
[Scan path] c:\program files\common files\real\update_ob\realsched.exe
[Scan path] c:\program files\common files\symantec shared\ccapp.exe
[Scan path] c:\program files\common files\symantec shared\ccevtmgr.exe
[Scan path] c:\program files\common files\symantec shared\ccproxy.exe
[Scan path] c:\program files\common files\symantec shared\ccpwdsvc.exe
[Scan path] c:\program files\common files\symantec shared\ccsetmgr.exe
[Scan path] c:\program files\common files\symantec shared\security center\symwsc.exe
[Scan path] c:\program files\common files\symantec shared\security center\usrprmpt.exe
[Scan path] c:\program files\common files\symantec shared\sndsrvc.exe
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\naveng.sys
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\navex15.sys
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\flashget\jccatch.dll
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpdtlk02.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
[Scan path] c:\program files\internet explorer\iexplore.exe
[Scan path] c:\program files\intervideo\common\bin\winremote.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\itunes\ituneshelper.exe
[Scan path] c:\program files\itunes\itunesminiplayer.dll
[Scan path] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\msn messenger\fsshext.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msnmsgr.exe
[Scan path] c:\program files\norton internet security\issvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navapsvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navshext.dll
[Scan path] c:\program files\norton internet security\norton antivirus\savrt.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savrtpel.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savscan.exe
[Scan path] c:\program files\outlook express\setup50.exe
[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\real\realplayer\rpshell.dll
[Scan path] c:\program files\sonic recordnow!\shlext.dll
[Scan path] c:\program files\symantec\symevent.sys
[Scan path] c:\program files\updates from hp\309731\program\updates from hp.exe
[Scan path] c:\program files\windows live toolbar\msntb.dll
[Scan path] c:\program files\winrar\rarext.dll
[Scan path] c:\windows\creator\remind_xp.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\ime\imjp8_1\imjpmig.exe
[Scan path] c:\windows\ime\imkr6_1\imekrmig.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\sminst\recguard.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe

作者: ALEXYUI 時間: 07-1-10 11:16 PM

[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\cap7134.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\fsvga.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\hdaudbus.sys
[Scan path] c:\windows\system32\drivers\hidusb.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\iviaspi.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kbdhid.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mouhid.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\npf.sys
[Scan path] c:\windows\system32\drivers\nv4_mini.sys

作者: ALEXYUI 時間: 07-1-10 11:17 PM

[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\oreans32.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pctsapu.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\phtvtune.sys
[Scan path] c:\windows\system32\drivers\ps2.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\r8139n51.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rtkhdaud.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\symredrv.sys
[Scan path] c:\windows\system32\drivers\symtdi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hphmon06.exe
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\igfxsrvc.dll
[Scan path] c:\windows\system32\igfxtray.exe
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\ime\pintlgnt\imscinst.exe
[Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logon.scr
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll

作者: ALEXYUI 時間: 07-1-10 11:18 PM

[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\nvcpl.dll
[Scan path] c:\windows\system32\nvshell.dll
[Scan path] c:\windows\system32\nvsvc32.exe
[Scan path] c:\windows\system32\nwiz.exe
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\ps2.exe
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setup\fxsocm.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shellvrtf.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuauclt.exe
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] c:\windows\system\hpsysdrv.exe

作者: ALEXYUI 時間: 07-1-10 11:19 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 329
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 6153 Kb/s
Scan time: 00:00:15
-----------------------------------------------------------------------------

[Scan path] C:\
C:\hiberfil.sys - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CA0XYBCT - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAY3ODQD - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAZWH33C - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\ntuser.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\NTUSER~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\Cg_5006.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\qq.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤PetCalc_2006\?☆孕~1.RMV - read error
C:\Documents and Settings\LocalService\ntuser.dat - read error
C:\Documents and Settings\LocalService\NTUSER~1.LOG - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\NetworkService\NTUSER.DAT - read error
C:\Documents and Settings\NetworkService\NTUSER~1.LOG - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
>>C:\Program Files\ESET\infected\1QIA3KAA.NQF>>C:\Program Files\ESET\infected\O5D1C4CA.NQF>C:\Program Files\Internet Explorer\SERVICES.EXE>C:\Program Files\Internet Explorer\PLUGINS\__delete_on_reboot__s_y_s_t_e_m_H_k_._s_y_s_ infected with Trojan.PWS.Qqpass.395 - will be cured after reboot
>C:\Program Files\Super Rabbit\magicset\srck.exe probably infected with BACKDOOR.Trojan
C:\Program Files\Updates from HP\309731\Users\Default\Data\chandir.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chandir.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chn.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chn.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\D0000000.FCS - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\L0000001.FCS - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_die.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_die.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_dnd.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_dnd.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_ext.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_ext.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_rcv.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_rcv.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\storydb.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\storydb.idx - read error
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000092.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000228.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000273.Exe infected with Win32.HLLW.Gavir.54 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000613.exe probably infected with BACKDOOR.Trojan
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000620.exe probably infected with BACKDOOR.Trojan
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000658.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000698.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000699.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000700.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000702.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000737.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000747.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000765.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000779.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000780.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000781.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000782.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000787.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:20 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0003814.exe is adware program Adware.SaveNow
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024979.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024980.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024986.EXE infected with Trojan.PWS.Gamania - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024995.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024996.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025008.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025009.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025014.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025021.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025022.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025042.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025043.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025044.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025045.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025082.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025083.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025087.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025090.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025091.dll infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025092.EXE infected with Trojan.Puma - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025093.ocx infected with Trojan.Puma - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025094.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025101.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025102.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025108.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025109.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025119.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025120.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025124.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025125.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025165.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025166.dll infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025173.exe infected with Trojan.PWS.Wool - deleted
>>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025174.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025175.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025183.EXE infected with Trojan.MulDrop.4894 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025185.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025186.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025191.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025193.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025197.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025198.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025204.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025205.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025215.exe infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025264.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025265.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025277.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025278.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025288.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025289.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025308.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025309.DLL infected with Trojan.DownLoader.15581 - deleted

作者: ALEXYUI 時間: 07-1-10 11:21 PM

>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025318.exeC:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025321.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025322.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025340.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025341.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025342.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025352.exe infected with BackDoor.IRC.Sdbot.909 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025368.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025369.DLL infected with Trojan.DownLoader.15581 - deleted
>>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025379.exe infected with Trojan.PWS.Qqgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025381.exe infected with Trojan.PWS.Legmir.805 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0026366.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0026367.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0027366.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0027367.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0027377.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028427.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028436.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028437.dll infected with Trojan.DownLoader.14932 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028445.ocx infected with Trojan.Havedo - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028446.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028457.exe infected with BackDoor.IRC.Sdbot.909 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028462.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028537.exe infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028540.Exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028542.exe infected with Trojan.PWS.Wool - deleted
>>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028543.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028544.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028545.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028546.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028598.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028599.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028602.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028604.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028605.EXE infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028607.EXE infected with Trojan.Puma - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028612.ocx infected with Trojan.Puma - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028618.exe infected with Win32.HLLW.Gavir.54 - cured
>>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028625.exe infected with Trojan.PWS.Qqgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028627.exe infected with Trojan.PWS.Legmir.805 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029834.dll infected with Trojan.DownLoader.14932 - deleted

作者: ALEXYUI 時間: 07-1-10 11:21 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029835.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029841.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029842.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029844.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029845.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029848.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029849.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029851.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030771.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030772.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030783.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030784.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030787.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030788.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030790.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030791.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030833.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030836.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030837.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030848.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030856.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030857.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030865.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0030872.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0030937.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0030938.dll infected with Trojan.DownLoader.14932 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0031007.EXE infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0031009.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0031013.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0031019.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032573.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032575.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032620.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032621.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032654.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032780.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032896.exe infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032902.ocx infected with Trojan.Havedo - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032905.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032906.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032907.EXE infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032911.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032915.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032916.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032921.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032922.EXE infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032923.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032928.exe infected with Win32.HLLW.Gavir.54 - incurable - moved

作者: ALEXYUI 時間: 07-1-10 11:23 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032929.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032932.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032933.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032934.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032935.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032936.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032937.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032938.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032939.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032940.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032941.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032942.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032943.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032944.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032945.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032946.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032947.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032948.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032949.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032950.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032951.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032952.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032953.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032954.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032955.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032956.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032957.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032958.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032959.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032960.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032961.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032962.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032963.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032964.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032965.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032966.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032967.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032968.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032969.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032970.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032971.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032972.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032973.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032974.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032975.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032976.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032977.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032978.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032979.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032980.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032981.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032982.EXE infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:23 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032983.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032984.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032985.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032986.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032987.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032988.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032989.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032990.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032991.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032992.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032993.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032994.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032995.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032996.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032997.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032998.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032999.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033000.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033001.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033002.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033003.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033004.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033005.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033006.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033007.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033008.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033009.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033010.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033011.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033012.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033013.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033014.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033015.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033016.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033017.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033018.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033019.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033020.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033021.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033022.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033023.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033024.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033025.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033026.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033027.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033028.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033029.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033030.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033031.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033032.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033033.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033034.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033035.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033036.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033037.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033038.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033039.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033040.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033041.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033042.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033043.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033044.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033045.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033046.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033047.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033048.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033049.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033050.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033051.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:24 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033052.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033053.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033054.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033055.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033056.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033057.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033058.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033059.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033060.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033061.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033062.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033063.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033064.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033065.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033066.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033067.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033068.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033069.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033070.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033071.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033072.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033073.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033074.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033075.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033076.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033077.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033078.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033079.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033080.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033081.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033082.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033083.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033084.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033085.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033086.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033087.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033088.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033089.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033090.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033091.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033092.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033093.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033094.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033095.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033096.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033097.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033098.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033099.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033100.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033101.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033102.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033103.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033104.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033105.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033106.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033107.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033108.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:25 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033109.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033110.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033111.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033112.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033113.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033114.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033115.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033116.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033117.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033118.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033119.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033120.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033121.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033122.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033123.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033124.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033125.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033126.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033127.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033128.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033129.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033130.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033131.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033132.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033133.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033134.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033135.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033136.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033137.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033138.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033139.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033140.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033141.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033142.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033143.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033144.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033145.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033146.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033147.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033148.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033149.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033150.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033151.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033152.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033153.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033154.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033155.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033156.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033157.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033158.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033159.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033160.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033161.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033162.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033163.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:25 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033164.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033165.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033166.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033167.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033168.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033169.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033170.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033171.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033172.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033173.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033174.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033175.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033176.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033177.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033178.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033179.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033180.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033181.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033182.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033183.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033184.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033185.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033185.exe probably infected with BACKDOOR.Trojan
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033186.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033187.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033188.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033189.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033190.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033191.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033192.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033192.exe probably infected with BACKDOOR.Trojan
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033193.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033194.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033195.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033196.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033197.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033198.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033199.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033200.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033201.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033202.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033203.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033204.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033205.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033206.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033207.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033208.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033209.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033210.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033211.EXE infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:26 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033212.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033213.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033214.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033215.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033216.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033217.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033218.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033219.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033220.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033221.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033222.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033223.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033224.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033225.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033226.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033227.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033228.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033229.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033230.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033231.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033232.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033233.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033234.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033235.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033236.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033237.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033238.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033239.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033240.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033241.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033242.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033243.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033244.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033245.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033246.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033247.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033248.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033249.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033250.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033251.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033252.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033253.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033254.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033255.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033256.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033257.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033258.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033259.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033260.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033261.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033262.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033263.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033264.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033265.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:27 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033266.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033267.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033268.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033269.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033270.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033271.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033272.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033273.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033274.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033275.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033276.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033277.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033278.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033279.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033280.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033281.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033282.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033283.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033284.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033285.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033286.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033287.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033288.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033289.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033290.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033291.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033292.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033293.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033294.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033295.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033296.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033297.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033298.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033299.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033300.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033301.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033302.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033303.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033304.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033305.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033306.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033307.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033308.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033309.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033310.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033311.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033312.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033313.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033314.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033315.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033316.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033317.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033318.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033319.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033320.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033321.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033322.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033323.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033324.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033325.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033326.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033327.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033328.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033329.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033330.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033331.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033332.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033333.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033334.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033335.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:27 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033336.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033337.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033338.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033339.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033340.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033341.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033342.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033343.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033344.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033345.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033346.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033347.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033348.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033349.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033350.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033351.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033352.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033353.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033354.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033355.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033356.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033357.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033358.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033359.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033360.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033361.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033362.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033363.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033364.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033365.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033366.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033367.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033368.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033369.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033370.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033371.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033372.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033373.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033374.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033375.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033376.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033377.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033378.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033379.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033380.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033381.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033382.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033383.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033384.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033385.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033386.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033387.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033388.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033389.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033390.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:28 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033391.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033392.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033393.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033394.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033395.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033396.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033397.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033398.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033399.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033400.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033401.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033402.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033403.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033404.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033405.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033406.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033407.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033408.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033409.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033410.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033411.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033412.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033413.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033414.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033415.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033416.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033417.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033418.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033419.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033420.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033421.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033422.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033423.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033424.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033425.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033426.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033427.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033428.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033429.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033430.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033431.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033432.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033433.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033434.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033435.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033436.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033437.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033438.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033439.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033440.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033441.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033442.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033443.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033444.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:29 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033445.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033446.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033447.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033448.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033449.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033489.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033497.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033503.exe infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033504.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033505.EXE infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033506.EXE probably infected with BINARYRES
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033524.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033552.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033563.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033569.exe infected with Trojan.PWS.Qqpass.256 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033570.ocx infected with Trojan.Havedo - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033571.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033578.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033586.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033594.exe infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033600.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033608.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\snapshot\MFEX-1.DAT infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\snapshot\MFEX-2.DAT infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033682.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033696.exe infected with Trojan.PWS.Legmir.805 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033697.EXE infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033698.exe infected with Trojan.PWS.Wsgame - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033699.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033700.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033701.dll infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033702.dll infected with Trojan.MulDrop.4551 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033703.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014875.exe is adware program Adware.SaveNow
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014882.exe infected with Trojan.PWS.Legmir.805 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014883.exe infected with Trojan.PWS.Gamania - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014884.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014885.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014886.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014887.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014888.exe infected with Trojan.PWS.Wsgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014892.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014893.EXE infected with Trojan.PWS.Lineage - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014895.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014896.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014936.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014937.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014938.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014939.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014944.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014947.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014951.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014962.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017044.exe is adware program Adware.SaveNow
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017092.exe infected with Trojan.PWS.Legmir.805 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017093.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017094.exe infected with Trojan.PWS.Wool - deleted

作者: ALEXYUI 時間: 07-1-10 11:29 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017095.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017096.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017097.exe infected with Trojan.PWS.Wsgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017099.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017102.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017103.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017110.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017136.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017137.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017138.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017139.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017144.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017152.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019240.exe infected with Trojan.PWS.Legmir.805 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019241.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019243.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019244.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019245.exe infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019247.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019248.EXE infected with Trojan.PWS.Lineage - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019250.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019251.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019253.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019280.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019284.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019326.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019327.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019328.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019330.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019335.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019369.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019381.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020341.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020342.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020343.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020344.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020345.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020349.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020350.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020351.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022334.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022335.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022336.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022339.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022341.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022343.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022347.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022348.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022349.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023347.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023348.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023349.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023361.EXE infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023362.EXE infected with Trojan.PWS.Wsgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023363.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023368.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023369.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:30 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023370.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023371.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023399.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023401.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023402.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023406.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023407.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023420.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023446.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023447.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023448.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023450.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023495.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023496.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023503.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023504.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023533.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023534.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023588.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023589.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023590.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023591.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023593.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023594.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023598.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023608.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023609.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023610.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023611.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023612.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023613.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023617.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023645.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023647.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023652.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023653.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023734.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023736.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023737.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023739.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023741.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023795.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023796.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023814.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023815.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023822.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023823.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023824.exe infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023825.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023842.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023843.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023844.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023845.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023847.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:30 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023848.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023851.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023852.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023854.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023857.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023867.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023869.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023870.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023873.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023874.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023891.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024864.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024866.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024871.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024872.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024873.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024874.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024883.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024884.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024890.EXE infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024891.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024893.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024894.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024895.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024898.EXE infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024898.EXE infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024900.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024900.EXE infected with Trojan.PWS.Wsgame - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024901.EXE infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024901.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024903.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024924.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024958.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024959.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024960.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024961.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024963.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024964.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-10 11:32 PM

C:\USERDATA\(R)酯崤CAAZ4LE7 - read error
C:\USERDATA\(R)酯崤CAMZWFLA - read error
C:\USERDATA\(R)酯崤CAQXKRGJ - read error
C:\WINDOWS\SoftwareDistribution\EventCache\{FBD77~1.BIN - read error
C:\WINDOWS\system32\KB494006.LOG infected with Trojan.PWS.Wool - deleted
>>C:\WINDOWS\system32\userspi.dll infected with Trojan.PWS.Wool - deleted
>C:\WINDOWS\system32\winlogin.exe infected with Trojan.PWS.Wool - deleted
C:\WINDOWS\system32\CatRoot2\edb.log - read error
C:\WINDOWS\system32\CatRoot2\tmp.edb - read error
C:\WINDOWS\system32\config\default - read error
C:\WINDOWS\system32\config\default.LOG - read error
C:\WINDOWS\system32\config\SAM - read error
C:\WINDOWS\system32\config\SAM.LOG - read error
C:\WINDOWS\system32\config\SECURITY - read error
C:\WINDOWS\system32\config\SECURITY.LOG - read error
C:\WINDOWS\system32\config\software - read error
C:\WINDOWS\system32\config\software.LOG - read error
C:\WINDOWS\system32\config\system - read error
C:\WINDOWS\system32\config\system.LOG - read error

[Scan path] D:\
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 137078
Infected objects found: 878
Objects with modifications found: 0
Suspicious objects found: 8
Adware programs found: 3
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 640
Objects deleted: 171
Objects renamed: 0
Objects moved: 66
Objects ignored: 0
Scan speed: 536 Kb/s
Scan time: 01:21:35
-----------------------------------------------------------------------------

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.10060)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2007-01-10, 23:01:27 [HP_Owner]
Command-line: "C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.5.10110)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 582 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43369.cdb - 687 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43368.cdb - 1099 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43367.cdb - 1834 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43366.cdb - 4015 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43365.cdb - 1342 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43364.cdb - 1335 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43363.cdb - 1152 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43362.cdb - 1006 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43361.cdb - 879 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43360.cdb - 988 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43359.cdb - 1205 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43358.cdb - 1139 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43357.cdb - 1302 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43356.cdb - 1332 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43355.cdb - 2456 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43354.cdb - 1283 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43353.cdb - 795 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 941 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records

作者: ALEXYUI 時間: 07-1-10 11:32 PM

[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1428 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 380 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 371 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43306.cdb - 781 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43305.cdb - 752 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 772 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records
Total virus records: 166741
Key file: C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

作者: ALEXYUI 時間: 07-1-10 11:33 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] c:\documents and settings\all users\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\cureit.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤crossgatepuk3\crossgatepuk3\cg_5006.exe
c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤crossgatepuk3\crossgatepuk3\cg_5006.exe probably infected with DLOADER.Trojan

[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤drweb-cureit.exe
[Scan path] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
[Scan path] c:\hp\kbd\kbd.exe
[Scan path] c:\program files\21cn\vgo\vgoiebho.dll
[Scan path] c:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll
[Scan path] c:\program files\common files\installshield\updateservice\issch.exe
[Scan path] c:\program files\common files\installshield\updateservice\isuspm.exe
[Scan path] c:\program files\common files\intervideo\schsvr\schsvr.exe
[Scan path] c:\program files\common files\lightscribe\lssrvc.exe
[Scan path] c:\program files\common files\real\update_ob\realsched.exe
[Scan path] c:\program files\common files\symantec shared\ccapp.exe
[Scan path] c:\program files\common files\symantec shared\ccevtmgr.exe
[Scan path] c:\program files\common files\symantec shared\ccproxy.exe
[Scan path] c:\program files\common files\symantec shared\ccpwdsvc.exe
[Scan path] c:\program files\common files\symantec shared\ccsetmgr.exe
[Scan path] c:\program files\common files\symantec shared\security center\symwsc.exe
[Scan path] c:\program files\common files\symantec shared\security center\usrprmpt.exe
[Scan path] c:\program files\common files\symantec shared\sndsrvc.exe
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\naveng.sys
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\navex15.sys
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\flashget\jccatch.dll
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpdtlk02.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
[Scan path] c:\program files\internet explorer\iexplore.exe
[Scan path] c:\program files\intervideo\common\bin\winremote.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\itunes\ituneshelper.exe
[Scan path] c:\program files\itunes\itunesminiplayer.dll
[Scan path] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\msn messenger\fsshext.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msnmsgr.exe
[Scan path] c:\program files\norton internet security\issvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navapsvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navshext.dll
[Scan path] c:\program files\norton internet security\norton antivirus\savrt.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savrtpel.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savscan.exe
[Scan path] c:\program files\outlook express\setup50.exe
[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\real\realplayer\rpshell.dll
[Scan path] c:\program files\sonic recordnow!\shlext.dll

作者: ALEXYUI 時間: 07-1-10 11:33 PM

[Scan path] c:\program files\symantec\symevent.sys
[Scan path] c:\program files\updates from hp\309731\program\updates from hp.exe
[Scan path] c:\program files\windows live toolbar\msntb.dll
[Scan path] c:\program files\winrar\rarext.dll
[Scan path] c:\windows\creator\remind_xp.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\ime\imjp8_1\imjpmig.exe
[Scan path] c:\windows\ime\imkr6_1\imekrmig.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\sminst\recguard.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\cap7134.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\fsvga.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\hdaudbus.sys
[Scan path] c:\windows\system32\drivers\hidusb.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\iviaspi.sys

作者: ALEXYUI 時間: 07-1-10 11:34 PM

[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kbdhid.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mouhid.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\npf.sys
[Scan path] c:\windows\system32\drivers\nv4_mini.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\oreans32.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pctsapu.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\phtvtune.sys
[Scan path] c:\windows\system32\drivers\ps2.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\r8139n51.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rtkhdaud.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\symredrv.sys
[Scan path] c:\windows\system32\drivers\symtdi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hphmon06.exe
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\igfxsrvc.dll
[Scan path] c:\windows\system32\igfxtray.exe
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\ime\pintlgnt\imscinst.exe
[Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logon.scr
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\nvcpl.dll
[Scan path] c:\windows\system32\nvshell.dll
[Scan path] c:\windows\system32\nvsvc32.exe
[Scan path] c:\windows\system32\nwiz.exe
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\ps2.exe
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setup\fxsocm.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shellvrtf.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuauclt.exe
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] c:\windows\system\hpsysdrv.exe
-----------------------------------------------------------------------------

作者: ALEXYUI 時間: 07-1-10 11:35 PM

Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 330
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 1
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 4509 Kb/s
Scan time: 00:00:23
-----------------------------------------------------------------------------

c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤crossgatepuk3\crossgatepuk3\cg_5006.exe - incurable - will be moved after reboot

=============================================================================
Total session statistics
=============================================================================
Objects scanned: 330
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 1
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 1
Objects ignored: 0
Scan speed: 4509 Kb/s
Scan time: 00:00:23
=============================================================================

作者: uhthn2002 時間: 07-1-10 11:40 PM

我的電腦--->空白地方右鍵內容--->系統還原-->勾選關閉系統還原--->確定

再用drweb掃

之後

我的電腦--->空白地方右鍵內容--->系統還原-->取消勾選關閉系統還原--->確定

貼上 report

作者: ALEXYUI 時間: 07-1-11 01:53 AM

請問一下　report　在哪可以看到？

作者: uhthn2002 時間: 07-1-11 03:15 PM

C:\Documents and Settings\[你的用戶名稱]\DoctorWeb\CureIT.log

作者: ALEXYUI 時間: 07-1-11 08:58 PM

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.10060)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2007-01-10, 21:11:30 [HP_Owner]
Command-line: "C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.5.10110)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 582 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43369.cdb - 687 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43368.cdb - 1099 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43367.cdb - 1834 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43366.cdb - 4015 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43365.cdb - 1342 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43364.cdb - 1335 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43363.cdb - 1152 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43362.cdb - 1006 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43361.cdb - 879 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43360.cdb - 988 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43359.cdb - 1205 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43358.cdb - 1139 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43357.cdb - 1302 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43356.cdb - 1332 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43355.cdb - 2456 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43354.cdb - 1283 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43353.cdb - 795 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 941 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1428 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 380 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 371 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43306.cdb - 781 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43305.cdb - 752 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 772 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records
Total virus records: 166741
Key file: C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

作者: ALEXYUI 時間: 07-1-11 08:59 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------
[Scan path] c:\documents and settings\all users\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\cureit.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤drweb-cureit.exe
[Scan path] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
[Scan path] c:\hp\kbd\kbd.exe
[Scan path] c:\program files\21cn\vgo\vgoiebho.dll
[Scan path] c:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll
[Scan path] c:\program files\common files\installshield\updateservice\issch.exe
[Scan path] c:\program files\common files\installshield\updateservice\isuspm.exe
[Scan path] c:\program files\common files\intervideo\schsvr\schsvr.exe
[Scan path] c:\program files\common files\lightscribe\lssrvc.exe
[Scan path] c:\program files\common files\real\update_ob\realsched.exe
[Scan path] c:\program files\common files\symantec shared\ccapp.exe
[Scan path] c:\program files\common files\symantec shared\ccevtmgr.exe
[Scan path] c:\program files\common files\symantec shared\ccproxy.exe
[Scan path] c:\program files\common files\symantec shared\ccpwdsvc.exe
[Scan path] c:\program files\common files\symantec shared\ccsetmgr.exe
[Scan path] c:\program files\common files\symantec shared\security center\symwsc.exe
[Scan path] c:\program files\common files\symantec shared\security center\usrprmpt.exe
[Scan path] c:\program files\common files\symantec shared\sndsrvc.exe
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\naveng.sys
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\navex15.sys
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\flashget\jccatch.dll
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpdtlk02.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
[Scan path] c:\program files\internet explorer\iexplore.exe
[Scan path] c:\program files\intervideo\common\bin\winremote.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\itunes\ituneshelper.exe
[Scan path] c:\program files\itunes\itunesminiplayer.dll
[Scan path] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\msn messenger\fsshext.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msnmsgr.exe
[Scan path] c:\program files\norton internet security\issvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navapsvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navshext.dll
[Scan path] c:\program files\norton internet security\norton antivirus\savrt.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savrtpel.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savscan.exe
[Scan path] c:\program files\outlook express\setup50.exe
[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\real\realplayer\rpshell.dll
[Scan path] c:\program files\sonic recordnow!\shlext.dll
[Scan path] c:\program files\symantec\symevent.sys
[Scan path] c:\program files\updates from hp\309731\program\updates from hp.exe
[Scan path] c:\program files\windows live toolbar\msntb.dll
[Scan path] c:\program files\winrar\rarext.dll
[Scan path] c:\windows\creator\remind_xp.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\ime\imjp8_1\imjpmig.exe
[Scan path] c:\windows\ime\imkr6_1\imekrmig.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\sminst\recguard.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll

作者: ALEXYUI 時間: 07-1-11 09:00 PM

[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\cap7134.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\fsvga.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\hdaudbus.sys
[Scan path] c:\windows\system32\drivers\hidusb.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\iviaspi.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kbdhid.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mouhid.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\npf.sys
[Scan path] c:\windows\system32\drivers\nv4_mini.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\oreans32.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pctsapu.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\phtvtune.sys
[Scan path] c:\windows\system32\drivers\ps2.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\r8139n51.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rtkhdaud.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\slip.sys

作者: ALEXYUI 時間: 07-1-11 09:01 PM

[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\symredrv.sys
[Scan path] c:\windows\system32\drivers\symtdi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hphmon06.exe
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\igfxsrvc.dll
[Scan path] c:\windows\system32\igfxtray.exe
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\ime\pintlgnt\imscinst.exe
[Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logon.scr
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\nvcpl.dll
[Scan path] c:\windows\system32\nvshell.dll
[Scan path] c:\windows\system32\nvsvc32.exe
[Scan path] c:\windows\system32\nwiz.exe
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\ps2.exe
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setup\fxsocm.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shellvrtf.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuauclt.exe
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] c:\windows\system\hpsysdrv.exe

作者: ALEXYUI 時間: 07-1-11 09:02 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 329
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 7100 Kb/s
Scan time: 00:00:13
-----------------------------------------------------------------------------

[Scan path] C:\
C:\hiberfil.sys - read error
C:\_desktop.ini infected with Win32.HLLW.Gavir.ini - deleted
C:\Documents and Settings\HP_Owner\(R)酯崤CA0XYBCT - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAY3ODQD - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAZWH33C - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\ntuser.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\NTUSER~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\Cg_5006.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\qq.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤PetCalc_2006\?☆孕~1.RMV - read error
C:\Documents and Settings\LocalService\ntuser.dat - read error
C:\Documents and Settings\LocalService\NTUSER~1.LOG - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\NetworkService\NTUSER.DAT - read error
C:\Documents and Settings\NetworkService\NTUSER~1.LOG - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
>>C:\Program Files\ESET\infected\1QIA3KAA.NQF>C:\Program Files\ESET\infected\2HVZ3QDA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\2L1A25AA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\2OOY40BA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\3FK2XPCA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\4XCFXODA.NQF infected with Win32.HLLW.Gavir.54 - cured
>>>C:\Program Files\ESET\infected\4YE4JKBA.NQF infected with Trojan.DownLoader.11923 - deleted
>C:\Program Files\ESET\infected\5LGWD1BA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\ESET\infected\F3DXCABA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\GHGXOBDA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\GKVCRLAA.NQF infected with Trojan.PWS.Wool - deleted
>C:\Program Files\ESET\infected\GOM4VGCA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\IIALJTBA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\IZDJ1QBA.NQF infected with BackDoor.Bifrost - deleted
>>C:\Program Files\ESET\infected\JCGBOBDA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\KGIOEMDA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\LG11ZUAA.NQF infected with Win32.HLLW.Gavir.54 - incurable - moved
>C:\Program Files\ESET\infected\LHUCBGAA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\MDYDLUCA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\MZEW4YCA.NQF infected with Trojan.PWS.Lineage - deleted
>C:\Program Files\ESET\infected\N23CWGAA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\ESET\infected\N2VXDRAA.NQF infected with Trojan.PWS.Legmir.681 - deleted
>>C:\Program Files\ESET\infected\O5D1C4CA.NQF>>C:\Program Files\ESET\infected\OHEPFUBA.NQF infected with Trojan.PWS.Wool - deleted
>C:\Program Files\ESET\infected\POO3W0AA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\ESET\infected\Q5PV4DAA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\QVJ2KEBA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\QXJK2GAA.NQF infected with BackDoor.Pigeon.775 - deleted
>C:\Program Files\ESET\infected\RH2BCCCA.NQF infected with Win32.HLLW.Gavir.54 - cured
>>C:\Program Files\ESET\infected\RISIAJAA.NQF infected with Trojan.Killer - deleted
>>C:\Program Files\ESET\infected\RWJCK2DA.NQF infected with Trojan.PWS.Wool - deleted
>>C:\Program Files\ESET\infected\TCLGFDBA.NQF infected with Trojan.PWS.Tencent - deleted
>>C:\Program Files\ESET\infected\VXOXWHBA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>>C:\Program Files\ESET\infected\WE1ZE2AA.NQF infected with Trojan.MulDrop.4194 - deleted
>C:\Program Files\ESET\infected\XABRMCCA.NQF infected with Win32.HLLW.Gavir.54 - cured
>C:\Program Files\ESET\infected\XJKPBVCA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\ESET\infected\YWNNTYBA.NQF infected with Trojan.PWS.Qqpass.373 - deleted
>C:\Program Files\Internet Explorer\9Sy.exe infected with Trojan.PWS.Legmir.805 - deleted
>>C:\Program Files\Internet Explorer\CSRSS.Vexe\data001 infected with Trojan.PWS.Legmir.730
>>C:\Program Files\Internet Explorer\CSRSS.Vexe\data002 infected with Trojan.PWS.Zhengtu
C:\Program Files\Internet Explorer\CSRSS.Vexe - archive contains infected objects - moved
>C:\Program Files\Internet Explorer\EXPLORER.EXE infected with Trojan.PWS.Qqpass.395 - deleted
C:\Program Files\Internet Explorer\RUNDLL32.exe infected with Trojan.PWS.Wsgame - deleted
>C:\Program Files\Internet Explorer\SERVICES.EXEC:\Program Files\Internet Explorer\SVCHOST.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\Program Files\Internet Explorer\PLUGINS\HMAPI.DLL infected with Trojan.DownLoader.15581 - deleted
C:\Program Files\Internet Explorer\PLUGINS\IPictureEx.dll infected with Trojan.DownLoader.15581 - deleted
C:\Program Files\Internet Explorer\PLUGINS\nppdf.dll infected with Trojan.MulDrop.4551 - deleted
C:\Program Files\Internet Explorer\PLUGINS\nppdfx.dll infected with Trojan.DownLoader.14932 - deleted
>C:\Program Files\Internet Explorer\PLUGINS\system.jmp infected with Trojan.PWS.Qqpass.395 - deleted
>C:\Program Files\Internet Explorer\PLUGINS\__delete_on_reboot__s_y_s_t_e_m_H_k_._s_y_s_ infected with Trojan.PWS.Qqpass.395 - will be cured after reboot

作者: ALEXYUI 時間: 07-1-11 09:04 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 49969
Infected objects found: 48
Objects with modifications found: 0
Suspicious objects found: 2
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 9
Objects deleted: 35
Objects renamed: 0
Objects moved: 2
Objects ignored: 0
Scan speed: 3095 Kb/s
Scan time: 00:21:23
-----------------------------------------------------------------------------

Scanning interrupted by user! - viruses found
=============================================================================
Total session statistics
=============================================================================
Objects scanned: 50298
Infected objects found: 48
Objects with modifications found: 0
Suspicious objects found: 2
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 9
Objects deleted: 35
Objects renamed: 0
Objects moved: 2
Objects ignored: 0
Scan speed: 3135 Kb/s
Scan time: 00:21:36
=============================================================================

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.10060)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2007-01-10, 21:35:08 [HP_Owner]
Command-line: "C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.5.10110)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 582 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43369.cdb - 687 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43368.cdb - 1099 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43367.cdb - 1834 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43366.cdb - 4015 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43365.cdb - 1342 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43364.cdb - 1335 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43363.cdb - 1152 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43362.cdb - 1006 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43361.cdb - 879 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43360.cdb - 988 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43359.cdb - 1205 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43358.cdb - 1139 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43357.cdb - 1302 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43356.cdb - 1332 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43355.cdb - 2456 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43354.cdb - 1283 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43353.cdb - 795 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 941 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1428 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records

作者: ALEXYUI 時間: 07-1-11 09:04 PM

[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 380 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 371 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43306.cdb - 781 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43305.cdb - 752 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 772 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records
Total virus records: 166741
Key file: C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] c:\documents and settings\all users\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\cureit.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤drweb-cureit.exe
[Scan path] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
[Scan path] c:\hp\kbd\kbd.exe
[Scan path] c:\program files\21cn\vgo\vgoiebho.dll
[Scan path] c:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll
[Scan path] c:\program files\common files\installshield\updateservice\issch.exe
[Scan path] c:\program files\common files\installshield\updateservice\isuspm.exe
[Scan path] c:\program files\common files\intervideo\schsvr\schsvr.exe
[Scan path] c:\program files\common files\lightscribe\lssrvc.exe
[Scan path] c:\program files\common files\real\update_ob\realsched.exe
[Scan path] c:\program files\common files\symantec shared\ccapp.exe
[Scan path] c:\program files\common files\symantec shared\ccevtmgr.exe
[Scan path] c:\program files\common files\symantec shared\ccproxy.exe
[Scan path] c:\program files\common files\symantec shared\ccpwdsvc.exe
[Scan path] c:\program files\common files\symantec shared\ccsetmgr.exe
[Scan path] c:\program files\common files\symantec shared\security center\symwsc.exe
[Scan path] c:\program files\common files\symantec shared\security center\usrprmpt.exe
[Scan path] c:\program files\common files\symantec shared\sndsrvc.exe
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\naveng.sys
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\navex15.sys
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\flashget\jccatch.dll
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpdtlk02.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
[Scan path] c:\program files\internet explorer\iexplore.exe
[Scan path] c:\program files\intervideo\common\bin\winremote.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\itunes\ituneshelper.exe
[Scan path] c:\program files\itunes\itunesminiplayer.dll
[Scan path] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\msn messenger\fsshext.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msnmsgr.exe
[Scan path] c:\program files\norton internet security\issvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navapsvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navshext.dll
[Scan path] c:\program files\norton internet security\norton antivirus\savrt.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savrtpel.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savscan.exe
[Scan path] c:\program files\outlook express\setup50.exe

作者: ALEXYUI 時間: 07-1-11 09:05 PM

[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\real\realplayer\rpshell.dll
[Scan path] c:\program files\sonic recordnow!\shlext.dll
[Scan path] c:\program files\symantec\symevent.sys
[Scan path] c:\program files\updates from hp\309731\program\updates from hp.exe
[Scan path] c:\program files\windows live toolbar\msntb.dll
[Scan path] c:\program files\winrar\rarext.dll
[Scan path] c:\windows\creator\remind_xp.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\ime\imjp8_1\imjpmig.exe
[Scan path] c:\windows\ime\imkr6_1\imekrmig.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\sminst\recguard.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\cap7134.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\fsvga.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\hdaudbus.sys
[Scan path] c:\windows\system32\drivers\hidusb.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys

作者: ALEXYUI 時間: 07-1-11 09:06 PM

[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\iviaspi.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kbdhid.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mouhid.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\npf.sys
[Scan path] c:\windows\system32\drivers\nv4_mini.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\oreans32.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pctsapu.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\phtvtune.sys
[Scan path] c:\windows\system32\drivers\ps2.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\r8139n51.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rtkhdaud.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\symredrv.sys
[Scan path] c:\windows\system32\drivers\symtdi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hphmon06.exe
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\igfxsrvc.dll
[Scan path] c:\windows\system32\igfxtray.exe
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\ime\pintlgnt\imscinst.exe
[Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logon.scr
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\nvcpl.dll
[Scan path] c:\windows\system32\nvshell.dll
[Scan path] c:\windows\system32\nvsvc32.exe
[Scan path] c:\windows\system32\nwiz.exe
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll

作者: ALEXYUI 時間: 07-1-11 09:07 PM

[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\ps2.exe
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setup\fxsocm.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shellvrtf.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuauclt.exe
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] c:\windows\system\hpsysdrv.exe
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 329
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 6153 Kb/s
Scan time: 00:00:15
-----------------------------------------------------------------------------

作者: ALEXYUI 時間: 07-1-11 09:07 PM

[Scan path] C:\
C:\hiberfil.sys - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CA0XYBCT - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAY3ODQD - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAZWH33C - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\ntuser.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\NTUSER~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\Cg_5006.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\qq.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤PetCalc_2006\?☆孕~1.RMV - read error
C:\Documents and Settings\LocalService\ntuser.dat - read error
C:\Documents and Settings\LocalService\NTUSER~1.LOG - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\NetworkService\NTUSER.DAT - read error
C:\Documents and Settings\NetworkService\NTUSER~1.LOG - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
>>C:\Program Files\ESET\infected\1QIA3KAA.NQF>>C:\Program Files\ESET\infected\O5D1C4CA.NQF>C:\Program Files\Internet Explorer\SERVICES.EXE>C:\Program Files\Internet Explorer\PLUGINS\__delete_on_reboot__s_y_s_t_e_m_H_k_._s_y_s_ infected with Trojan.PWS.Qqpass.395 - will be cured after reboot
>C:\Program Files\Super Rabbit\magicset\srck.exe probably infected with BACKDOOR.Trojan
C:\Program Files\Updates from HP\309731\Users\Default\Data\chandir.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chandir.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chn.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chn.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\D0000000.FCS - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\L0000001.FCS - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_die.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_die.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_dnd.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_dnd.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_ext.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_ext.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_rcv.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_rcv.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\storydb.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\storydb.idx - read error
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000092.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000228.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000273.Exe infected with Win32.HLLW.Gavir.54 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000613.exe probably infected with BACKDOOR.Trojan
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000620.exe probably infected with BACKDOOR.Trojan
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000658.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000698.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000699.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000700.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000702.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP0\A0000737.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000747.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000765.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000779.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000780.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000781.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000782.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0000787.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP1\A0003814.exe is adware program Adware.SaveNow
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024979.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024980.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024986.EXE infected with Trojan.PWS.Gamania - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024995.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0024996.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025008.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025009.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025014.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025021.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025022.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025042.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025043.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025044.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP10\A0025045.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025082.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025083.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025087.exe infected with Win32.HLLW.Gavir.54 - incurable - moved

作者: ALEXYUI 時間: 07-1-11 09:08 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025090.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025091.dll infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025092.EXE infected with Trojan.Puma - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025093.ocx infected with Trojan.Puma - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025094.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025101.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025102.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025108.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025109.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025119.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025120.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025124.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025125.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025165.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025166.dll infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025173.exe infected with Trojan.PWS.Wool - deleted
>>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025174.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025175.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025183.EXE infected with Trojan.MulDrop.4894 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025185.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025186.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025191.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025193.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025197.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025198.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025204.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025205.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP11\A0025215.exe infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025264.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025265.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025277.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025278.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025288.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025289.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025308.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025309.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025318.exeC:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025321.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025322.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025340.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025341.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025342.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025352.exe infected with BackDoor.IRC.Sdbot.909 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025368.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025369.DLL infected with Trojan.DownLoader.15581 - deleted
>>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025379.exe infected with Trojan.PWS.Qqgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0025381.exe infected with Trojan.PWS.Legmir.805 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0026366.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0026367.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0027366.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0027367.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP12\A0027377.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028427.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028436.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028437.dll infected with Trojan.DownLoader.14932 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028445.ocx infected with Trojan.Havedo - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028446.EXE infected with Trojan.Havedo - deleted

作者: ALEXYUI 時間: 07-1-11 09:09 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028457.exe infected with BackDoor.IRC.Sdbot.909 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028462.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028537.exe infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028540.Exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028542.exe infected with Trojan.PWS.Wool - deleted
>>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028543.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028544.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028545.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP13\A0028546.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028598.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028599.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028602.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028604.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028605.EXE infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028607.EXE infected with Trojan.Puma - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028612.ocx infected with Trojan.Puma - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028618.exe infected with Win32.HLLW.Gavir.54 - cured
>>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028625.exe infected with Trojan.PWS.Qqgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0028627.exe infected with Trojan.PWS.Legmir.805 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029834.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029835.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029841.dll infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029842.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029844.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029845.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029848.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029849.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0029851.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030771.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030772.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030783.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030784.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030787.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030788.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030790.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP14\A0030791.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030833.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030836.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030837.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030848.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030856.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030857.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP15\A0030865.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0030872.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0030937.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0030938.dll infected with Trojan.DownLoader.14932 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0031007.EXE infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0031009.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0031013.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0031019.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032573.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032575.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032620.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032621.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032654.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032780.Exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032896.exe infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032902.ocx infected with Trojan.Havedo - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032905.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032906.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032907.EXE infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032911.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032915.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032916.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032921.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032922.EXE infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032923.EXE infected with Trojan.Havedo - deleted

作者: ALEXYUI 時間: 07-1-11 09:10 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032928.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032929.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032932.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032933.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032934.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032935.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032936.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032937.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032938.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032939.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032940.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032941.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032942.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032943.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032944.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032945.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032946.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032947.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032948.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032949.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032950.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032951.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032952.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032953.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032954.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032955.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032956.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032957.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032958.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032959.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032960.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032961.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032962.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032963.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032964.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032965.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032966.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032967.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032968.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032969.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032970.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032971.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032972.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032973.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032974.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032975.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032976.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032977.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032978.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032979.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032980.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032981.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:10 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032982.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032983.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032984.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032985.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032986.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032987.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032988.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032989.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032990.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032991.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032992.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032993.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032994.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032995.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032996.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032997.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032998.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0032999.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033000.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033001.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033002.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033003.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033004.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033005.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033006.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033007.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033008.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033009.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033010.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033011.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033012.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033013.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033014.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033015.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033016.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033017.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033018.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033019.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033020.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033021.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033022.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033023.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033024.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033025.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033026.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033027.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033028.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033029.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033030.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033031.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033032.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033033.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033034.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033035.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033036.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:11 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033037.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033038.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033039.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033040.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033041.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033042.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033043.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033044.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033045.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033046.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033047.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033048.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033049.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033050.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033051.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033052.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033053.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033054.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033055.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033056.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033057.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033058.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033059.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033060.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033061.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033062.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033063.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033064.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033065.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033066.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033067.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033068.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033069.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033070.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033071.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033072.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033073.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033074.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033075.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033076.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033077.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033078.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033079.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033080.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033081.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033082.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033083.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033084.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033085.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033086.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033087.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033088.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033089.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033090.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033091.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033092.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033093.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033094.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033095.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033096.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033097.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033098.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033099.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033100.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:11 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033101.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033102.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033103.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033104.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033105.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033106.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033107.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033108.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033109.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033110.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033111.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033112.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033113.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033114.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033115.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033116.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033117.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033118.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033119.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033120.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033121.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033122.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033123.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033124.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033125.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033126.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033127.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033128.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033129.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033130.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033131.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033132.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033133.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033134.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033135.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033136.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033137.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033138.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033139.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033140.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033141.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033142.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033143.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033144.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033145.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033146.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033147.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033148.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033149.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033150.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033151.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033152.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033153.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033154.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033155.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033156.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033157.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033158.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033159.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:12 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033160.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033161.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033162.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033163.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033164.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033165.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033166.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033167.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033168.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033169.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033170.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033171.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033172.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033173.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033174.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033175.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033176.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033177.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033178.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033179.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033180.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033181.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033182.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033183.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033184.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033185.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033185.exe probably infected with BACKDOOR.Trojan
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033186.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033187.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033188.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033189.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033190.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033191.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033192.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033192.exe probably infected with BACKDOOR.Trojan
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033193.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033194.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033195.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033196.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033197.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033198.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033199.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033200.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033201.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033202.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033203.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033204.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033205.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033206.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033207.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033208.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033209.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033210.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033211.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033212.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033213.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033214.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033215.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033216.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033217.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033218.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033219.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033220.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033221.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033222.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033223.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033224.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033225.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:13 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033226.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033227.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033228.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033229.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033230.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033231.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033232.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033233.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033234.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033235.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033236.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033237.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033238.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033239.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033240.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033241.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033242.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033243.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033244.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033245.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033246.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033247.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033248.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033249.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033250.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033251.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033252.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033253.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033254.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033255.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033256.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033257.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033258.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033259.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033260.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033261.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033262.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033263.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033264.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033265.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033266.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033267.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033268.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033269.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033270.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033271.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033272.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033273.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033274.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033275.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033276.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033277.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033278.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033279.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033280.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033281.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033282.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033283.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033284.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033285.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:14 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033286.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033287.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033288.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033289.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033290.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033291.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033292.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033293.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033294.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033295.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033296.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033297.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033298.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033299.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033300.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033301.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033302.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033303.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033304.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033305.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033306.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033307.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033308.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033309.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033310.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033311.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033312.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033313.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033314.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033315.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033316.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033317.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033318.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033319.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033320.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033321.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033322.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033323.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033324.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033325.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033326.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033327.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033328.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033329.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033330.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033331.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033332.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033333.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033334.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033335.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033336.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033337.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033338.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033339.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033340.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033341.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033342.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:15 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033343.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033344.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033345.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033346.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033347.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033348.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033349.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033350.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033351.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033352.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033353.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033354.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033355.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033356.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033357.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033358.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033359.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033360.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033361.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033362.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033363.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033364.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033365.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033366.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033367.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033368.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033369.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033370.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033371.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033372.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033373.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033374.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033375.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033376.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033377.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033378.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033379.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033380.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033381.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033382.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033383.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033384.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033385.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033386.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033387.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033388.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033389.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033390.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033391.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033392.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033393.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033394.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033395.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033396.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033397.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033398.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033399.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033400.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:16 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033401.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033402.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033403.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033404.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033405.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033406.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033407.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033408.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033409.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033410.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033411.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033412.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033413.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033414.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033415.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033416.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033417.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033418.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033419.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033420.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033421.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033422.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033423.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033424.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033425.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033426.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033427.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033428.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033429.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033430.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033431.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033432.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033433.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033434.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033435.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033436.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033437.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033438.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033439.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033440.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033441.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033442.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033443.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033444.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033445.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033446.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033447.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033448.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033449.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033489.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033497.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033503.exe infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033504.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033505.EXE infected with Trojan.PWS.Zhengtu - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP16\A0033506.EXE probably infected with BINARYRES
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033524.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033552.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033563.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033569.exe infected with Trojan.PWS.Qqpass.256 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033570.ocx infected with Trojan.Havedo - deleted

作者: ALEXYUI 時間: 07-1-11 09:17 PM

>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033571.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033578.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033586.sys infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033594.exe infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033600.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\A0033608.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\snapshot\MFEX-1.DAT infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP17\snapshot\MFEX-2.DAT infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033682.sys infected with Trojan.PWS.Qqpass.395 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033696.exe infected with Trojan.PWS.Legmir.805 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033697.EXE infected with Trojan.PWS.Qqpass.395 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033698.exe infected with Trojan.PWS.Wsgame - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033699.EXE infected with Trojan.PWS.Zhengtu - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033700.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033701.dll infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033702.dll infected with Trojan.MulDrop.4551 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP18\A0033703.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014875.exe is adware program Adware.SaveNow
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014882.exe infected with Trojan.PWS.Legmir.805 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014883.exe infected with Trojan.PWS.Gamania - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014884.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014885.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014886.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014887.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014888.exe infected with Trojan.PWS.Wsgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014892.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014893.EXE infected with Trojan.PWS.Lineage - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014895.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014896.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014936.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014937.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014938.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014939.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014944.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014947.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014951.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP3\A0014962.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017044.exe is adware program Adware.SaveNow
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017092.exe infected with Trojan.PWS.Legmir.805 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017093.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017094.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017095.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017096.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017097.exe infected with Trojan.PWS.Wsgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017099.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017102.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017103.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017110.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017136.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017137.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017138.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017139.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017144.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP4\A0017152.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019240.exe infected with Trojan.PWS.Legmir.805 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019241.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019243.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019244.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019245.exe infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019247.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019248.EXE infected with Trojan.PWS.Lineage - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019250.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019251.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019253.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019280.exe infected with Win32.HLLW.Gavir.54 - cured

作者: ALEXYUI 時間: 07-1-11 09:18 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019284.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019326.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019327.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019328.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019330.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019335.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019369.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0019381.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020341.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020342.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020343.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020344.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020345.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020349.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020350.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0020351.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022334.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022335.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022336.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022339.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022341.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022343.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022347.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022348.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0022349.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023347.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023348.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023349.exe infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023361.EXE infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023362.EXE infected with Trojan.PWS.Wsgame - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023363.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023368.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023369.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023370.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023371.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023399.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023401.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023402.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023406.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023407.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP5\A0023420.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023446.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023447.exe infected with Win32.HLLW.Gavir.54 - incurable - moved

作者: ALEXYUI 時間: 07-1-11 09:18 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023448.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023450.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023495.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023496.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023503.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023504.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023533.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023534.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023588.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023589.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023590.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023591.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023593.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023594.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023598.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023608.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023609.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023610.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023611.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023612.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023613.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023617.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023645.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023647.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023652.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP6\A0023653.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023734.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023736.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023737.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023739.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP7\A0023741.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023795.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023796.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023814.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023815.DLL infected with Trojan.DownLoader.15581 - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023822.exe infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023823.dll infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023824.exe infected with Trojan.PWS.Wool - deleted
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023825.exe infected with Trojan.PWS.Legmir.812 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023842.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023843.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023844.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023845.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023847.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023848.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023851.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023852.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023854.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023857.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023867.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023869.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023870.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023873.dll infected with Trojan.DownLoader.14932 - deleted

作者: ALEXYUI 時間: 07-1-11 09:19 PM

C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023874.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0023891.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024864.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024866.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024871.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024872.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024873.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024874.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024883.dll infected with Trojan.DownLoader.14932 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024884.DLL infected with Trojan.DownLoader.15581 - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024890.EXE infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024891.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024893.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024894.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024895.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024898.EXE infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024898.EXE infected with Trojan.PWS.Wool - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024900.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024900.EXE infected with Trojan.PWS.Wsgame - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024901.EXE infected with Win32.HLLW.Gavir.54 - cured
>C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024901.EXE infected with Trojan.Havedo - deleted
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024903.EXE infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024924.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024958.exe infected with Win32.HLLW.Gavir.54 - incurable - moved
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024959.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024960.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024961.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024963.exe infected with Win32.HLLW.Gavir.54 - cured
C:\System Volume Information\_restore{64CDFA88-D3CF-42B3-8F45-861C46E3ACD4}\RP9\A0024964.exe infected with Win32.HLLW.Gavir.54 - cured
C:\USERDATA\(R)酯崤CAAZ4LE7 - read error
C:\USERDATA\(R)酯崤CAMZWFLA - read error
C:\USERDATA\(R)酯崤CAQXKRGJ - read error
C:\WINDOWS\SoftwareDistribution\EventCache\{FBD77~1.BIN - read error
C:\WINDOWS\system32\KB494006.LOG infected with Trojan.PWS.Wool - deleted
>>C:\WINDOWS\system32\userspi.dll infected with Trojan.PWS.Wool - deleted
>C:\WINDOWS\system32\winlogin.exe infected with Trojan.PWS.Wool - deleted
C:\WINDOWS\system32\CatRoot2\edb.log - read error
C:\WINDOWS\system32\CatRoot2\tmp.edb - read error
C:\WINDOWS\system32\config\default - read error
C:\WINDOWS\system32\config\default.LOG - read error
C:\WINDOWS\system32\config\SAM - read error
C:\WINDOWS\system32\config\SAM.LOG - read error
C:\WINDOWS\system32\config\SECURITY - read error
C:\WINDOWS\system32\config\SECURITY.LOG - read error
C:\WINDOWS\system32\config\software - read error
C:\WINDOWS\system32\config\software.LOG - read error
C:\WINDOWS\system32\config\system - read error
C:\WINDOWS\system32\config\system.LOG - read error

[Scan path] D:\

作者: ALEXYUI 時間: 07-1-11 09:20 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 137078
Infected objects found: 878
Objects with modifications found: 0
Suspicious objects found: 8
Adware programs found: 3
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 640
Objects deleted: 171
Objects renamed: 0
Objects moved: 66
Objects ignored: 0
Scan speed: 536 Kb/s
Scan time: 01:21:35
-----------------------------------------------------------------------------

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.10060)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2007-01-10, 23:01:27 [HP_Owner]
Command-line: "C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.5.10110)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 582 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43369.cdb - 687 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43368.cdb - 1099 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43367.cdb - 1834 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43366.cdb - 4015 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43365.cdb - 1342 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43364.cdb - 1335 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43363.cdb - 1152 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43362.cdb - 1006 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43361.cdb - 879 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43360.cdb - 988 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43359.cdb - 1205 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43358.cdb - 1139 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43357.cdb - 1302 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43356.cdb - 1332 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43355.cdb - 2456 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43354.cdb - 1283 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43353.cdb - 795 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 941 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1428 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records

作者: ALEXYUI 時間: 07-1-11 09:21 PM

[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 380 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 371 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43306.cdb - 781 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43305.cdb - 752 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 772 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records
Total virus records: 166741
Key file: C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

作者: ALEXYUI 時間: 07-1-11 09:21 PM

[Scan path] c:\documents and settings\all users\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\cureit.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤crossgatepuk3\crossgatepuk3\cg_5006.exe
c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤crossgatepuk3\crossgatepuk3\cg_5006.exe probably infected with DLOADER.Trojan

[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤drweb-cureit.exe
[Scan path] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
[Scan path] c:\hp\kbd\kbd.exe
[Scan path] c:\program files\21cn\vgo\vgoiebho.dll
[Scan path] c:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll
[Scan path] c:\program files\common files\installshield\updateservice\issch.exe
[Scan path] c:\program files\common files\installshield\updateservice\isuspm.exe
[Scan path] c:\program files\common files\intervideo\schsvr\schsvr.exe
[Scan path] c:\program files\common files\lightscribe\lssrvc.exe
[Scan path] c:\program files\common files\real\update_ob\realsched.exe
[Scan path] c:\program files\common files\symantec shared\ccapp.exe
[Scan path] c:\program files\common files\symantec shared\ccevtmgr.exe
[Scan path] c:\program files\common files\symantec shared\ccproxy.exe
[Scan path] c:\program files\common files\symantec shared\ccpwdsvc.exe
[Scan path] c:\program files\common files\symantec shared\ccsetmgr.exe
[Scan path] c:\program files\common files\symantec shared\security center\symwsc.exe
[Scan path] c:\program files\common files\symantec shared\security center\usrprmpt.exe
[Scan path] c:\program files\common files\symantec shared\sndsrvc.exe
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\naveng.sys
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\navex15.sys
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\flashget\jccatch.dll
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpdtlk02.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
[Scan path] c:\program files\internet explorer\iexplore.exe
[Scan path] c:\program files\intervideo\common\bin\winremote.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\itunes\ituneshelper.exe
[Scan path] c:\program files\itunes\itunesminiplayer.dll
[Scan path] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\msn messenger\fsshext.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msnmsgr.exe
[Scan path] c:\program files\norton internet security\issvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navapsvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navshext.dll
[Scan path] c:\program files\norton internet security\norton antivirus\savrt.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savrtpel.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savscan.exe
[Scan path] c:\program files\outlook express\setup50.exe
[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\real\realplayer\rpshell.dll
[Scan path] c:\program files\sonic recordnow!\shlext.dll
[Scan path] c:\program files\symantec\symevent.sys
[Scan path] c:\program files\updates from hp\309731\program\updates from hp.exe
[Scan path] c:\program files\windows live toolbar\msntb.dll
[Scan path] c:\program files\winrar\rarext.dll
[Scan path] c:\windows\creator\remind_xp.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\ime\imjp8_1\imjpmig.exe
[Scan path] c:\windows\ime\imkr6_1\imekrmig.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\sminst\recguard.exe

作者: ALEXYUI 時間: 07-1-11 09:22 PM

[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\cap7134.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\fsvga.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\hdaudbus.sys
[Scan path] c:\windows\system32\drivers\hidusb.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\iviaspi.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kbdhid.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mouhid.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\npf.sys
[Scan path] c:\windows\system32\drivers\nv4_mini.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\oreans32.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pctsapu.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\phtvtune.sys

作者: ALEXYUI 時間: 07-1-11 09:22 PM

[Scan path] c:\windows\system32\drivers\ps2.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\r8139n51.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rtkhdaud.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\symredrv.sys
[Scan path] c:\windows\system32\drivers\symtdi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hphmon06.exe
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\igfxsrvc.dll
[Scan path] c:\windows\system32\igfxtray.exe
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\ime\pintlgnt\imscinst.exe
[Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logon.scr
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\nvcpl.dll
[Scan path] c:\windows\system32\nvshell.dll
[Scan path] c:\windows\system32\nvsvc32.exe
[Scan path] c:\windows\system32\nwiz.exe
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\ps2.exe
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setup\fxsocm.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shellvrtf.dll

作者: ALEXYUI 時間: 07-1-11 09:23 PM

[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuauclt.exe
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] c:\windows\system\hpsysdrv.exe
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 330
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 1
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 4509 Kb/s
Scan time: 00:00:23
-----------------------------------------------------------------------------

c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤crossgatepuk3\crossgatepuk3\cg_5006.exe - incurable - will be moved after reboot

=============================================================================
Total session statistics
=============================================================================
Objects scanned: 330
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 1
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 1
Objects ignored: 0
Scan speed: 4509 Kb/s
Scan time: 00:00:23
=============================================================================

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.10060)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2007-01-11, 00:53:54 [HP_Owner]
Command-line: "C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================

作者: ALEXYUI 時間: 07-1-11 09:24 PM

Engine version: 4.33 (4.33.5.10110)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 582 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43369.cdb - 687 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43368.cdb - 1099 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43367.cdb - 1834 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43366.cdb - 4015 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43365.cdb - 1342 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43364.cdb - 1335 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43363.cdb - 1152 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43362.cdb - 1006 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43361.cdb - 879 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43360.cdb - 988 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43359.cdb - 1205 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43358.cdb - 1139 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43357.cdb - 1302 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43356.cdb - 1332 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43355.cdb - 2456 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43354.cdb - 1283 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43353.cdb - 795 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 941 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1428 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records

作者: ALEXYUI 時間: 07-1-11 09:25 PM

[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 380 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 371 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43306.cdb - 781 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43305.cdb - 752 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 772 virus records
[Virus base] C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records
Total virus records: 166741
Key file: C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\RarSFX0\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

作者: ALEXYUI 時間: 07-1-11 09:25 PM

[Scan path] c:\documents and settings\all users\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\local settings\temp\rarsfx0\cureit.exe
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\「開(c)l」功能表\程式集\啟動\desktop.ini
[Scan path] c:\documents and settings\hp_owner.your-6a15acd7c6\(R)酯崤drweb-cureit.exe
[Scan path] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
[Scan path] c:\hp\kbd\kbd.exe
[Scan path] c:\program files\21cn\vgo\vgoiebho.dll
[Scan path] c:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll
[Scan path] c:\program files\common files\installshield\updateservice\issch.exe
[Scan path] c:\program files\common files\installshield\updateservice\isuspm.exe
[Scan path] c:\program files\common files\intervideo\schsvr\schsvr.exe
[Scan path] c:\program files\common files\lightscribe\lssrvc.exe
[Scan path] c:\program files\common files\real\update_ob\realsched.exe
[Scan path] c:\program files\common files\symantec shared\ccapp.exe
[Scan path] c:\program files\common files\symantec shared\ccevtmgr.exe
[Scan path] c:\program files\common files\symantec shared\ccproxy.exe
[Scan path] c:\program files\common files\symantec shared\ccpwdsvc.exe
[Scan path] c:\program files\common files\symantec shared\ccsetmgr.exe
[Scan path] c:\program files\common files\symantec shared\security center\symwsc.exe
[Scan path] c:\program files\common files\symantec shared\security center\usrprmpt.exe
[Scan path] c:\program files\common files\symantec shared\sndsrvc.exe
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys
[Scan path] c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\naveng.sys
[Scan path] c:\program files\common files\symantec shared\virusdefs\20041117.006\navex15.sys
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\flashget\jccatch.dll
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpdtlk02.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
[Scan path] c:\program files\internet explorer\iexplore.exe
[Scan path] c:\program files\intervideo\common\bin\winremote.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\itunes\ituneshelper.exe
[Scan path] c:\program files\itunes\itunesminiplayer.dll
[Scan path] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\msn messenger\fsshext.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.0.0812.00.dll
[Scan path] c:\program files\msn messenger\msnmsgr.exe
[Scan path] c:\program files\norton internet security\issvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navapsvc.exe
[Scan path] c:\program files\norton internet security\norton antivirus\navshext.dll
[Scan path] c:\program files\norton internet security\norton antivirus\savrt.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savrtpel.sys
[Scan path] c:\program files\norton internet security\norton antivirus\savscan.exe
[Scan path] c:\program files\outlook express\setup50.exe
[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\real\realplayer\rpshell.dll
[Scan path] c:\program files\sonic recordnow!\shlext.dll
[Scan path] c:\program files\symantec\symevent.sys
[Scan path] c:\program files\updates from hp\309731\program\updates from hp.exe
[Scan path] c:\program files\windows live toolbar\msntb.dll
[Scan path] c:\program files\winrar\rarext.dll
[Scan path] c:\windows\creator\remind_xp.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\ime\imjp8_1\imjpmig.exe
[Scan path] c:\windows\ime\imkr6_1\imekrmig.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\sminst\recguard.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll

作者: ALEXYUI 時間: 07-1-11 09:26 PM

[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\cap7134.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\fsvga.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\hdaudbus.sys
[Scan path] c:\windows\system32\drivers\hidusb.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\iviaspi.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kbdhid.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mouhid.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\npf.sys
[Scan path] c:\windows\system32\drivers\nv4_mini.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\oreans32.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pctsapu.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\phtvtune.sys
[Scan path] c:\windows\system32\drivers\ps2.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\r8139n51.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rtkhdaud.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\symredrv.sys
[Scan path] c:\windows\system32\drivers\symtdi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hphmon06.exe

作者: ALEXYUI 時間: 07-1-11 09:27 PM

[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\igfxsrvc.dll
[Scan path] c:\windows\system32\igfxtray.exe
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\ime\pintlgnt\imscinst.exe
[Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logon.scr
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\nvcpl.dll
[Scan path] c:\windows\system32\nvshell.dll
[Scan path] c:\windows\system32\nvsvc32.exe
[Scan path] c:\windows\system32\nwiz.exe
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\ps2.exe
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setup\fxsocm.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shellvrtf.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuauclt.exe
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] c:\windows\system\hpsysdrv.exe

作者: ALEXYUI 時間: 07-1-11 09:28 PM

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 329
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 6153 Kb/s
Scan time: 00:00:15
-----------------------------------------------------------------------------

[Scan path] C:\
C:\hiberfil.sys - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CA0XYBCT - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAY3ODQD - read error
C:\Documents and Settings\HP_Owner\(R)酯崤CAZWH33C - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\ntuser.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\NTUSER~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Messenger\chanyuicheong@hotmail.com\SharingMetadata\pending.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Messenger\chanyuicheong@hotmail.com\SharingMetadata\Working\database_1EA8_8098_A880_6FD7\dfsr.db - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Messenger\chanyuicheong@hotmail.com\SharingMetadata\Working\database_1EA8_8098_A880_6FD7\fsr.log - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Messenger\chanyuicheong@hotmail.com\SharingMetadata\Working\database_1EA8_8098_A880_6FD7\fsrtmp.log - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Messenger\chanyuicheong@hotmail.com\SharingMetadata\Working\database_1EA8_8098_A880_6FD7\tmp.edb - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Temp\~DF21C4.tmp - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Temp\~DF2276.tmp - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Temp\~DFED0D.tmp - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\Local Settings\Temp\~DFED6B.tmp - read error
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\Cg_5006.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤CrossgatePUK3\CrossgatePUK3\qq.exe probably infected with DLOADER.Trojan
C:\Documents and Settings\HP_Owner.YOUR-6A15ACD7C6\(R)酯崤PetCalc_2006\?☆孕~1.RMV - read error
C:\Documents and Settings\LocalService\ntuser.dat - read error
C:\Documents and Settings\LocalService\NTUSER~1.LOG - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\NetworkService\NTUSER.DAT - read error
C:\Documents and Settings\NetworkService\NTUSER~1.LOG - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
>>C:\Program Files\ESET\infected\1QIA3KAA.NQF>>C:\Program Files\ESET\infected\O5D1C4CA.NQF>C:\Program Files\Internet Explorer\SERVICES.EXE>C:\Program Files\Super Rabbit\magicset\srck.exe probably infected with BACKDOOR.Trojan
C:\Program Files\Updates from HP\309731\Users\Default\Data\chandir.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chandir.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chn.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\chn.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\D0000000.FCS - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\L0000001.FCS - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_die.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_die.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_dnd.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_dnd.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_ext.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_ext.idx - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_rcv.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\prs_rcv.idx - read error

作者: ALEXYUI 時間: 07-1-11 09:28 PM

C:\Program Files\Updates from HP\309731\Users\Default\Data\storydb.dat - read error
C:\Program Files\Updates from HP\309731\Users\Default\Data\storydb.idx - read error
C:\USERDATA\(R)酯崤CAAZ4LE7 - read error
C:\USERDATA\(R)酯崤CAMZWFLA - read error
C:\USERDATA\(R)酯崤CAQXKRGJ - read error
C:\WINDOWS\SoftwareDistribution\DataStore\DATAST~1.EDB - read error
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log - read error
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb - read error
C:\WINDOWS\SoftwareDistribution\EventCache\{D2C5E~1.BIN - read error
C:\WINDOWS\system32\CatRoot2\edb.log - read error
C:\WINDOWS\system32\CatRoot2\tmp.edb - read error
C:\WINDOWS\system32\config\default - read error
C:\WINDOWS\system32\config\default.LOG - read error
C:\WINDOWS\system32\config\SAM - read error
C:\WINDOWS\system32\config\SAM.LOG - read error
C:\WINDOWS\system32\config\SECURITY - read error
C:\WINDOWS\system32\config\SECURITY.LOG - read error
C:\WINDOWS\system32\config\software - read error
C:\WINDOWS\system32\config\software.LOG - read error
C:\WINDOWS\system32\config\system - read error
C:\WINDOWS\system32\config\system.LOG - read error

[Scan path] D:\
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 131225
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 3
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 868 Kb/s
Scan time: 00:51:46
-----------------------------------------------------------------------------

=============================================================================
Total session statistics
=============================================================================
Objects scanned: 131554
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 3
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 893 Kb/s
Scan time: 00:52:01
=============================================================================

作者: uhthn2002 時間: 07-1-11 09:30 PM

我的電腦--->空白地方右鍵內容--->系統還原-->勾選關閉系統還原--->確定

我的電腦--->空白地方右鍵內容--->系統還原-->取消勾選關閉系統還原--->確定

重有冇問題

作者: ALEXYUI 時間: 07-1-11 09:34 PM

抱歉！！我貼了這麼多

我的電腦--->空白地方右鍵內容--->系統還原-->勾選關閉系統還原--->確定

我的電腦--->空白地方右鍵內容--->系統還原-->取消勾選關閉系統還原--->確定

是沒問題的
但是我重開電腦就彈了一句說話

作者: uhthn2002 時間: 07-1-11 09:38 PM

給張圖來看看@@

作者: ALEXYUI 時間: 07-1-11 10:17 PM

抱歉　要你等這麼久＠＠　因為要裝回小畫家

作者: uhthn2002 時間: 07-1-12 09:04 PM

下載 System Repair Engineer (SREng)
http://www.kztechs.com/sreng/sreng2.zip
- 解壓並執行SREng.exe
- 按 Smart Scan,確認已選取所有項目,按 Scan
- 最後,按 Save Reports ----> 儲存到桌面, SREngLOG.log
  
  將SREngLOG.log ,上傳到 http://www.sendspace.com/
  貼上 (下載link)

作者: ALEXYUI 時間: 07-1-12 10:21 PM

http://www.sendspace.com/file/aij03j

作者: uhthn2002 時間: 07-1-12 10:27 PM

執行 SREng.exe --> Boot Items ---> Registry
逐一選取以下項目名稱 ----> 按 Delete ----> Yes

<wlzs><C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe>  [N/A]
<twin><C:\WINDOWS\system32\twunk32.exe>  [N/A]
<KAV><rundll32.exe "C:\Program Files\Kav\Kav.dll",AntiVirus>  [N/A]
<{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\Program Files\Internet Explorer\PLUGINS\systemHk.sys>  [N/A]

逐一選取以下項目名稱----> 按 edit 刪除中的內容 --->確定
<AppInit_DLLs><49400M.BMP>  [N/A]

複製以下粗黑文字

Files to delete:
C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
C:\WINDOWS\system32\twunk32.exe
C:\Program Files\Kav\Kav.dll
C:\Program Files\Internet Explorer\PLUGINS\systemHk.sys
下載 The Avenger http://swandog46.geekstogo.com/avenger.zip ,儲存到桌面並解壓出來
- 執行 The Avenger , 按 Input script manually 再按放大鏡
- 按 Ctrl + V/右click貼上剛才複製的內容 ,按 Done ,按綠燈開始,當有提示彈出, 按 Yes 兩次
- The Avenger 會重新啟動你的電腦大約一至兩次,如果重新啟動時有黑色視窗彈出,這是正常情況
- 當重新啟動後,把 C:\avenger.txt 的內容貼上來
  作者: ALEXYUI 時間: 07-1-13 03:06 AM
  
  Logfile of The Avenger version 1, by Swandog46
  Running from registry key:
  \Registry\Machine\System\CurrentControlSet\Services\dnsbrkfu
  
  *******************
  
  Script file located at: ttemdmdm
  
  Could not open script file!  Error
  
  Could not open script file!  Status: 0xc000003b  Abort!
  作者: uhthn2002 時間: 07-1-13 02:15 PM
  
  The Avenger 步驟做多次
  
  下面既野係要全部copy
  
  Files to delete:
  C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
  C:\WINDOWS\system32\twunk32.exe
  C:\Program Files\Kav\Kav.dll
  C:\Program Files\Internet Explorer\PLUGINS\systemHk.sys
  作者: ALEXYUI 時間: 07-1-14 04:14 AM
  
  Logfile of The Avenger version 1, by Swandog46
  Running from registry key:
  \Registry\Machine\System\CurrentControlSet\Services\ytfhlcoh
  
  *******************
  
  Script file located at: \??\C:\Documents and Settings\ksrdcjto.txt
  Script file opened successfully.
  
  Script file read successfully
  
  Backups directory opened successfully at C:\Avenger
  
  *******************
  
  Beginning to process script file:
  
  File C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe not found!
  Deletion of file C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe failed!
  
  Could not process line:
  C:\DOCUME~1\HP_OWN~1.YOU\LOCALS~1\Temp\wlzs.exe
  Status: 0xc0000034
  
  File C:\WINDOWS\system32\twunk32.exe not found!
  Deletion of file C:\WINDOWS\system32\twunk32.exe failed!
  
  Could not process line:
  C:\WINDOWS\system32\twunk32.exe
  Status: 0xc0000034
  
  File C:\Program Files\Kav\Kav.dll not found!
  Deletion of file C:\Program Files\Kav\Kav.dll failed!
  
  Could not process line:
  C:\Program Files\Kav\Kav.dll
  Status: 0xc0000034
  
  File C:\Program Files\Internet Explorer\PLUGINS\systemHk.sys not found!
  Deletion of file C:\Program Files\Internet Explorer\PLUGINS\systemHk.sys failed!
  
  Could not process line:
  C:\Program Files\Internet Explorer\PLUGINS\systemHk.sys
  Status: 0xc0000034
  
  Completed script processing.
  
  *******************
  
  Finished!  Terminate.
  作者: uhthn2002 時間: 07-1-14 11:17 AM
  
  ok
  而家重有問題嗎?
  作者: ALEXYUI 時間: 07-1-14 03:54 PM
  
  已經沒問題了^^ 多謝板主長期解答
  
  歡迎光臨 2000FUN論壇 (https://www.2000fun.com/) Powered by Discuz! X1.5.1