开QQ时“麦咖啡”提示这段东西，不知道是不是中了毒-

宇智 - 2007-2-2 23:09:00

McAfee has blocked a potentially unauthorized change to your computer.

Details
SystemGuard Name: Startup Items
Change: Registry Created

More Info
SystemGuard Description: Monitors changes made to your startup registry keys and folders. Startup registry keys in the Windows registry and startup folders in the Start Menu store paths to programs on your computer. Programs listed in these locations load automatically when Windows starts. Spyware or other potentially unwanted programs often try to load automatically when Windows starts.

Process: C:\WINDOWS\system32\svchost.exe
Process Name: Generic Host Process for Win32 Services
Process Publisher: Microsoft Corporation
Affected Items: C:\WINDOWS\system32\twunk32.exe, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\twin

------------------------------------------
我英语不太好，见谅……

宇智 - 2007-2-2 23:19:00

还有在C:\Program Files\Internet Explorer目录下有这几个东西，不知道是不是……病毒……那个explore.exe好可疑……我觉得。

附件: 457244200722230944.jpg

两个铁球 - 2007-2-2 23:33:00

twunk32.exe
这个是你装的吗？什么程序？不知道？
可试着删除此文件和相应的注册表项：HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\twin
那几个图标本身好像看不出什么不对。
麦克提示已经为你阻止了这一活动。

宇智 - 2007-2-2 23:36:00

试着？……那个不是我装的。删了之后会不会整天都有错误弹出了的……那个explore.exe我怎么看都不顺，IE浏览器不是多个R的莫？explorer.exe -_-!

宇智 - 2007-2-2 23:40:00

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ 下是默认的键值啊～～～

两个铁球 - 2007-2-2 23:40:00

看着不顺眼的东西就删掉，删错了再捡回来，没什么了不起的事。
run/下的twin什么的是要新建的，你找展开到注册表这个位置，又这个twin什么的，就删。看来你不太会看注册表的表达法啊。

宇智 - 2007-2-2 23:42:00

补充下，在我刚刚逛卡社的这段时间，咖啡提示了3次：
McAfee has detected a potentially unauthorized change to your computer.

Details
SystemGuard Name: Internet Explorer URLs
Change: Registry Modified

More Info
SystemGuard Description: Monitors changes to your Internet Explorer preset URLs to prevent spyware or other potentially unwanted programs from changing your browser settings without your permission.

Process: C:\Program Files\Internet Explorer\iexplore.exe
Process Name: Internet Explorer
Process Publisher: Microsoft Corporation
Affected Items: HKEY_USERS\S-1-5-21-1229272821-839522115-1060284298-1003\Software\Microsoft\Internet Explorer\Main\Start Page

If you did not expect this change, McAfee recommends that you block it. If you expected this change, allow it.

这个又有没问题啊……

宇智 - 2007-2-2 23:44:00

引用:

【两个铁球的贴子】看着不顺眼的东西就删掉，删错了再捡回来，没什么了不起的事。
………………

删除不了，结束所以相关进程后可以删除，但重启后它自动重建……

两个铁球 - 2007-2-2 23:48:00

给你摘译一下：麦克发现了这样的注册表修改迹象，如果是你希望的改变，就点“允许”，如果你什么都不作，麦克会为你阻止这些活动的。看来，放心吧，没事，有麦克咧。

宇智 - 2007-2-2 23:48:00

引用:

【两个铁球的贴子】看着不顺眼的东西就删掉，删错了再捡回来，没什么了不起的事。
run/下的twin什么的是要新建的，你找展开到注册表这个位置，又这个twin什么的，就删。看来你不太会看注册表的表达法啊。
………………

我找不到任何有关twin的项or值～～

498823070孙涛 - 2007-2-2 23:50:00

看着不睡眼,旧删了,如果删了就不对的话,你在从装一回,笨蛋

宇智 - 2007-2-2 23:50:00

引用:

【宇智的贴子】补充下，在我刚刚逛卡社的这段时间，咖啡提示了3次：
McAfee has detected a potentially unauthorized change to your computer.

Details
SystemGuard Name: Internet Explorer URLs
Change: Registry Modified

More Info
SystemGuard Description: Monitors changes to your Internet Explorer preset URLs to prevent spyware or other potentially unwanted programs from changing your browser settings without your permission.

Process: C:\Program Files\Internet Explorer\iexplore.exe
Process Name: Internet Explorer
Process Publisher: Microsoft Corporation
Affected Items: HKEY_USERS\S-1-5-21-1229272821-839522115-1060284298-1003\Software\Microsoft\Internet Explorer\Main\Start Page

If you did not expect this change, McAfee recommends that you block it. If you expected this change, allow it.

这个又有没问题啊……
………………

再补充下……结束进程时回关闭我正在浏览的网页，这样看来，我觉得，那个Exopore.exe应该、也许、大概、可能或许是安全的……

两个铁球 - 2007-2-2 23:50:00

【回复“宇智”的帖子】
麦克自动为你阻止了。没事。

宇智 - 2007-2-2 23:54:00

引用:

【两个铁球的贴子】给你摘译一下：麦克发现了这样的注册表修改迹象，如果是你希望的改变，就点“允许”，如果你什么都不作，麦克会为你阻止这些活动的。看来，放心吧，没事，有麦克咧。
………………

其实麦咖啡提示我是完全看的懂的，不懂的是里面的内容，也就是说我不知道它列出的程序是不是病毒～～虽然我选择了咖啡，但是我也……不太绝对信任它滴……还是小心点好。。。。。

两个铁球 - 2007-2-2 23:57:00

仔细看了一下，有程序要修改你的主页，被麦克挡住了。
另，删除的东西不是可从回收站还原回来吗？！·重装也不难嘛

两个铁球 - 2007-2-2 23:59:00

可能是病毒，扫个SREng.的日志贴上来吧。

宇智 - 2007-2-3 0:02:00

其实你可以叫我还原，我有用GHOST备份……重装是简单，但是要时间的哈，而且我上星期为了测试个东西已经重装了系统N遍了，装到头都大了，我不想再重温恶梦……

終生學習 - 2007-2-3 0:03:00

是病毒进去把twunk32.exe删除掉。。。
我想你的版本应该是8.5i的版本，我用8。0i的时候都没有提示一大串的英文

宇智 - 2007-2-3 0:06:00

[CODE]

2007-02-02,23:54:19

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\windows\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<pyjj><C:\常用软件\拼音加加\jj4\jjsvr4.exe> [加加开发组]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<SiteAdvisor><C:\Program Files\SiteAdvisor\6009\SiteAdv.exe> [(Verified)McAfee, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Corporation]

==================================
启动文件夹
[QQ游戏启动加速程序]
<C:\Documents and Settings\Windows XP\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> D:\软件\QQ游戏\Accel.exe [深圳市腾讯计算机系统有限公司]><H>

==================================
服务
[McAfee E-mail Proxy / Emproxy][Stopped/Manual Start]
<C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe><McAfee, Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\windows\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
<"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[McAfee HackerWatch Service / McAfee HackerWatch Service][Running/Auto Start]
<"C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"><McAfee, Inc.>
[McAfee Log Manager / McLogManagerService][Running/Auto Start]
<C:\PROGRA~1\McAfee\MSC\mclogsrv.exe><McAfee, Inc.>
[McAfee Update Manager / mcmispupdmgr][Running/Auto Start]
<C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe><McAfee, Inc.>
[McAfee Network Agent / McNASvc][Running/Auto Start]
<"c:\program files\common files\mcafee\mna\mcnasvc.exe"><McAfee, Inc.>
[McAfee Scanner / McODS][Running/Auto Start]
<C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe><McAfee, Inc.>
[McAfee Protection Manager / mcpromgr][Running/Auto Start]
<C:\PROGRA~1\McAfee\MSC\mcpromgr.exe><McAfee, Inc.>
[McAfee Redirector Service / McRedirector][Running/Auto Start]
<c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe><McAfee, Inc.>
[McAfee Real-time Scanner / McShield][Running/Auto Start]
<C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe><McAfee, Inc.>
[McAfee SystemGuards / McSysmon][Running/Auto Start]
<C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe><McAfee, Inc.>
[McAfee Task Scheduler / mctskshd.exe][Running/Auto Start]
<C:\PROGRA~1\McAfee\MSC\mctskshd.exe><McAfee, Inc.>
[McAfee User Manager / mcusrmgr][Running/Auto Start]
<C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe><McAfee, Inc.>
[McAfee Personal Firewall Service / MpfService][Running/Auto Start]
<"C:\Program Files\McAfee\MPF\MPFSrv.exe"><McAfee, Inc.>
[Shadow System Service / ShadowSystemService][Running/Auto Start]
<C:\WINDOWS\system32\shadow\ShadowService.exe><N/A>
[SiteAdvisor Service / SiteAdvisor Service][Running/Auto Start]
<C:\Program Files\SiteAdvisor\6009\SAService.exe><McAfee, Inc.>
[StarWind iSCSI Service / StarWindService][Running/Auto Start]
<D:\软件\虚拟光驱\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
<C:\windows\system32\\rundll32.exe windhcp.ocx,input><Microsoft Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[McAfee Inc. / mfeavfk][Running/Manual Start]
<system32\drivers\mfeavfk.sys><McAfee, Inc.>
[McAfee Inc. / mfebopk][Running/Manual Start]
<system32\drivers\mfebopk.sys><McAfee, Inc.>
[McAfee Inc. / mfehidk][Running/Manual Start]
<system32\drivers\mfehidk.sys><McAfee, Inc.>
[McAfee Inc. / mferkdk][Stopped/Manual Start]
<system32\drivers\mferkdk.sys><McAfee, Inc.>
[McAfee Inc. / mfesmfk][Running/Manual Start]
<system32\drivers\mfesmfk.sys><McAfee, Inc.>
[MPFP / MPFP][Running/System Start]
<System32\Drivers\Mpfp.sys><McAfee, Inc.>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\D:\软件\腾讯QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><N/A>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
<system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<System32\DRIVERS\tcpip.sys><Microsoft Corporation>
[vax347b / vax347b][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\vax347b.sys><>
[vax347s / vax347s][Running/Boot Start]
<\SystemRoot\System32\Drivers\vax347s.sys><>

==================================
浏览器加载项
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\软件\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[McAfee SiteAdvisor]
{0BF43445-2F28-4351-9252-17FE6E806AA0} <C:\Program Files\SiteAdvisor\6009\SiteAdv.dll, McAfee, Inc.>
[全能助手广告拦截专家]
{ED51E9A3-16C5-4236-99E0-9F093B021433} <D:\软件\全能助手\TweakAssist\AssistIEBar.dll, 全能助手工作室>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\windows\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[]
{089FD14D-132B-48FC-8861-0048AE113215} <C:\Program Files\SiteAdvisor\6009\SiteAdv.dll, McAfee, Inc.>
[McAfee SiteAdvisor]
{0BF43445-2F28-4351-9252-17FE6E806AA0} <C:\Program Files\SiteAdvisor\6009\SiteAdv.dll, McAfee, Inc.>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\System32\mshtmled.dll, Microsoft Corporation>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <D:\软件\BitComet\tools\BitCometBHO.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[scriptproxy]
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} <c:\program files\mcafee\virusscan\scriptcl.dll, McAfee, Inc.>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\软件\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft

宇智 - 2007-2-3 0:07:00

Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\windows\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[全能助手广告拦截专家]
{ED51E9A3-16C5-4236-99E0-9F093B021433} <D:\软件\全能助手\TweakAssist\AssistIEBar.dll, 全能助手工作室>
[&使用迅雷下载]
<D:\软件\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<D:\软件\迅雷\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
<D:\软件\腾讯QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\常用软件\OFFICE~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<D:\软件\腾讯QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\软件\腾讯QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<D:\软件\腾讯QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 472][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524][\??\C:\windows\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 548][\??\C:\windows\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 592][C:\windows\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 604][C:\windows\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760][C:\windows\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 824][C:\windows\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][C:\windows\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1016][C:\windows\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1044][C:\windows\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1280][C:\windows\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1364][C:\windows\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows\system32\windhcp.ocx] [N/A, N/A]
[C:\常用软件\WinRAR\rarext.dll] [N/A, N/A]
[c:\PROGRA~1\mcafee\VIRUSS~1\mcodsax.dll] [McAfee, Inc., 11,1,124,0]
[D:\软件\迅雷\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[PID: 1536][C:\Program Files\SiteAdvisor\6009\SiteAdv.exe] [McAfee, Inc., 1.6.0.23]
[C:\Program Files\SiteAdvisor\6009\SiteAdv.dll] [McAfee, Inc., 2.3.0]
[C:\Program Files\SiteAdvisor\6009\SASubMgr.dll] [McAfee, Inc., 2,3,6009,0]
[PID: 1544][C:\windows\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1552][C:\常用软件\拼音加加\jj4\jjsvr4.exe] [加加开发组, 4.0.0.19]
[PID: 1624][C:\Program Files\Common Files\LightScribe\LSSrvc.exe] [Hewlett-Packard Company, 1.4.39.1]
[PID: 1660][C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe] [McAfee, Inc., 8.1.105.0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll] [McAfee, Inc., 8.1.105.0]
[PID: 1728][C:\PROGRA~1\McAfee\MSC\mclogsrv.exe] [McAfee, Inc., 7,1,131,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\msc\mcdbmgr.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll] [McAfee, Inc., 7,1,114,0]
[PID: 1756][C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe] [McAfee, Inc., 7,1,137,0]
[C:\PROGRA~1\COMMON~1\McAfee\MSC\McUtil.dll] [McAfee, Inc., 7,1,114,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\msc\mcshllps.dll] [McAfee, Inc., 7,1,128,0]
[PID: 1776][c:\program files\common files\mcafee\mna\mcnasvc.exe] [McAfee, Inc., 1,1,110,0]
[C:\PROGRA~1\COMMON~1\McAfee\MSC\McUtil.dll] [McAfee, Inc., 7,1,114,0]
[c:\PROGRA~1\mcafee\msc\mcnmcsrv.dll] [McAfee, Inc., 1,1,108,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\msc\mcshllps.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL] [McAfee, Inc., 1,1,110,0]
[c:\PROGRA~1\mcafee\msc\mcnmcsps.dll] [McAfee, Inc., 1,1,108,0]
[c:\program files\mcafee\msc\mcregobj\7,1,128,0\mcregobj.dll] [McAfee, Inc., 7,1,128,0]
[c:\program files\mcafee\msc\mcmismgr.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\Program Files\McAfee\MSC\oem\0-195\Mccobres.dll] [McAfee, Inc., 7,0,327,0]
[C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 7,1,128,0]
[c:\program files\mcafee\msc\mcsubmgr\7,1,128,0\mcsubmgr.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\COMMON~1\mcafee\mna\mcuj.dll] [McAfee, Inc., 1,1,110,0]
[C:\PROGRA~1\McAfee\MSC\McNmcRes.dll] [McAfee, Inc., 1,1,108,0]
[C:\PROGRA~1\McAfee\MSC\McNmcLoR.dll] [McAfee, Inc., 1,1,108,0]
[C:\PROGRA~1\McAfee\MSC\McNmcCoR.dll] [McAfee, Inc., 1,1,108,0]
[PID: 1812][C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe] [McAfee, Inc., 11,1,124,0]
[PID: 1836][C:\PROGRA~1\McAfee\MSC\mcpromgr.exe] [McAfee, Inc., 7,1,131,0]
[C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\Program Files\McAfee\MSC\oem\0-195\Mccobres.dll] [McAfee, Inc., 7,0,327,0]
[C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\COMMON~1\McAfee\MSC\McUtil.dll] [McAfee, Inc., 7,1,114,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\msc\mcshllps.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 7,1,128,0]
[c:\program files\mcafee\msc\mcsubmgr\7,1,128,0\mcsubmgr.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\msc\mcmscver.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mvsap.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll] [McAfee, Inc., 8.1.123.0]
[C:\Program Files\McAfee\MPF\L10N.DLL] [McAfee Security, 8.1.123.0]
[C:\Program Files\SiteAdvisor\6009\SiteAdv.dll] [McAfee, Inc., 2.3.0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mcvspp.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\mcafee\msc\mcprotpv.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\msc\mcnmcprv.dll] [McAfee, Inc., 1,1,108,0]
[C:\PROGRA~1\McAfee\MSC\McNmcRes.dll] [McAfee, Inc., 1,1,108,0]
[C:\PROGRA~1\McAfee\MSC\McNmcLoR.dll] [McAfee, Inc., 1,1,108,0]
[C:\PROGRA~1\McAfee\MSC\McNmcCoR.dll] [McAfee, Inc., 1,1,108,0]
[c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL] [McAfee, Inc., 1,1,110,0]
[c:\PROGRA~1\mcafee\msc\mcnmcsps.dll] [McAfee, Inc., 1,1,108,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mcodsax.dll] [McAfee, Inc., 11,1,124,0]
[c:\program files\mcafee\msc\mcregobj\7,1,128,0\mcregobj.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee.com\agent\mcagntps.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\mpf\mc\mpfp.dll] [McAfee, Inc., 8.1.123.0]
[C:\PROGRA~1\McAfee\MSC\McProHlp.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mvsver.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\COMMON~1\mcafee\emproxy\empxyver.dll] [McAfee, Inc., 11,2,115,0]
[c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirver.dll] [McAfee, Inc., 1,1,116,0]
[c:\PROGRA~1\mcafee\msc\mcnmcver.dll] [McAfee, Inc., 1,1,108,0]
[c:\PROGRA~1\mcafee\mqc\qcmisp.dll] [McAfee, Inc., 7,1,123,0]
[c:\PROGRA~1\mcafee\mqc\QcLite.dll] [McAfee, Inc., 7,1,123,0]
[PID: 1888][c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe] [McAfee, Inc., 1,1,116,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll] [McAfee, Inc., 8.1.105.0]
[PID: 1900][C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[C:\PROGRA~1\McAfee\VIRUSS~1\LockDown.dll] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[C:\PROGRA~1\McAfee\VIRUSS~1\mytilus.dll] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[C:\PROGRA~1\McAfee\VIRUSS~1\mytilus2.dll] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[C:\PROGRA~1\McAfee\VIRUSS~1\RES00\McShield.dll] [McAfee, Inc., VSCORE.13.3.0.132]
[C:\PROGRA~1\McAfee\VIRUSS~1\FTL.Dll] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[C:\PROGRA~1\McAfee\VIRUSS~1\naiann.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mcvsqt.dll] [McAfee, Inc., 11,1,124,0]
[C:\PROGRA~1\McAfee\VIRUSS~1\McQtLib.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 2,1,103,0]
[C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll] [McAfee, Inc., 11,1,124,0]
[C:\PROGRA~1\McAfee\VIRUSS~1\scriptsv.dll] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[C:\Program Files\McAfee\VirusScan\mcscan32.dll] [McAfee, Inc., 5.1.00]
[C:\PROGRA~1\McAfee\VIRUSS~1\mfebopa.dll] [McAfee, Inc., SYSCORE.13.3.0.111.x86]
[C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll] [McAfee, Inc., SYSCORE.13.3.0.111.x86]
[C:\PROGRA~1\McAfee\VIRUSS~1\mfeavfa.dll] [McAfee, Inc., SYSCORE.13.3.0.111.x86]
[c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 7,1,128,0]
[c:\program files\mcafee\msc\mcsubmgr\7,1,128,0\mcsubmgr.dll] [McAfee, Inc., 7,1,128,0

宇智 - 2007-2-3 0:07:00

[PID: 1988][C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe] [McAfee, Inc., 11,1,130,0]
[C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll] [McAfee, Inc., 11,1,124,0]
[C:\PROGRA~1\McAfee\VIRUSS~1\mfesmfa.dll] [McAfee, Inc., SYSCORE.13.3.0.111.x86]
[C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll] [McAfee, Inc., SYSCORE.13.3.0.111.x86]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll] [McAfee, Inc., 8.1.105.0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll] [McAfee, Inc., 11,1,124,0]
[c:\program files\mcafee\msc\mcsubmgr\7,1,128,0\mcsubmgr.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll] [McAfee, Inc., 11,1,124,0]
[c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll] [McAfee, Inc., 11,1,124,0]
[PID: 148][C:\PROGRA~1\McAfee\MSC\mctskshd.exe] [McAfee, Inc., 7,1,133,0]
[PID: 212][C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe] [McAfee, Inc., 7,1,131,0]
[C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\Program Files\McAfee\MSC\oem\0-195\Mccobres.dll] [McAfee, Inc., 7,0,327,0]
[C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll] [McAfee, Inc., 7,1,114,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 7,1,128,0]
[PID: 244][C:\Program Files\McAfee\MPF\MPFSrv.exe] [McAfee, Inc., 8.1.123.0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll] [McAfee, Inc., 8.1.105.0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll] [McAfee, Inc., 8.1.123.0]
[c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 7,1,128,0]
[C:\Program Files\McAfee\MPF\L10N.DLL] [McAfee Security, 8.1.123.0]
[c:\PROGRA~1\mcafee\mpf\mc\mpfaltps.dll] [McAfee, Inc., 8.1.123.0]
[PID: 276][C:\WINDOWS\system32\shadow\ShadowService.exe] [N/A, N/A]
[PID: 352][C:\Program Files\SiteAdvisor\6009\SAService.exe] [McAfee, Inc., 1, 0, 0, 1]
[PID: 672][D:\软件\虚拟光驱\Alcohol 120\StarWind\StarWindService.exe] [Rocket Division Software, 2.6.1 Build 0x20050401]
[PID: 2796][C:\windows\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2808][C:\PROGRA~1\mcafee.com\agent\mcagent.exe] [McAfee, Inc., 7,1,133,0]
[C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\Program Files\McAfee\MSC\oem\0-195\Mccobres.dll] [McAfee, Inc., 7,0,327,0]
[C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 7,1,128,0]
[c:\program files\mcafee\msc\mcsubmgr\7,1,128,0\mcsubmgr.dll] [McAfee, Inc., 7,1,128,0]
[c:\program files\mcafee\msc\mcregobj\7,1,128,0\mcregobj.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee.com\agent\mcagntps.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\msc\mccfgpv.dll] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\mcafee\msc\mcuicfg.dll] [McAfee, Inc., 7,1,128,0]
[PID: 3552][D:\软件\超级魔法兔子\magicset.exe] [Super Rabbit Soft, 7.82]
[PID: 3824][C:\PROGRA~1\mcafee\msc\mcuimgr.exe] [McAfee, Inc., 7,1,128,0]
[c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 2,1,103,0]
[c:\PROGRA~1\mcafee\msc\mcshllps.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 7,1,128,0]
[C:\Program Files\McAfee\MSC\oem\0-195\Mccobres.dll] [McAfee, Inc., 7,0,327,0]
[C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 7,1,128,0]
[PID: 2928][D:\软件\腾讯QQ\QQ.exe] [TENCENT, 0, 0, 0, 0]
[D:\软件\腾讯QQ\CoralAssist.DLL] [Coral Team, 5.0.0 build 20060829]
[D:\软件\腾讯QQ\CoralQQ.DLL] [Coral Team, 5.0 Build 20061225]
[D:\软件\腾讯QQ\kql.dll] [Coral Team, 5.0.0 build 20061225]
[D:\软件\腾讯QQ\ipsearcher.dll] [, 1.0.0.3]
[D:\软件\腾讯QQ\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\QQHelperDll.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\BasicCtrlDll.dll] [Tencent, 6, 0, 200, 320]
[D:\软件\腾讯QQ\NoDisturbFilter.cqx] [Coral Team, 1.0]
[D:\软件\腾讯QQ\ConfigHotkey.cqx] [Coral Team, 1.0]
[D:\软件\腾讯QQ\QQAPI.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[D:\软件\腾讯QQ\AutoReconnect.cqx] [Coral Team, 1.0.0]
[D:\软件\腾讯QQ\QQRes.dll] [tencent, 1, 0, 0, 1]
[D:\软件\腾讯QQ\WizardCtrl.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\QQMainFrame.dll] [N/A, N/A]
[D:\软件\腾讯QQ\LoginCtrl.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 6, 27, 1]
[D:\软件\腾讯QQ\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[C:\windows\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[D:\软件\腾讯QQ\CQQApplication.dll] [N/A, N/A]
[D:\软件\腾讯QQ\NewSkin.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\HostingMgr.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\CameraDll.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\MailSummary.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\CoralHotkey.cqx] [Coral Team, 1.0]
[D:\软件\腾讯QQ\QQKnowledgeSearch.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\QQAllInOne.dll] [N/A, N/A]
[D:\软件\腾讯QQ\GroupLive.dll] [N/A, N/A]
[D:\软件\腾讯QQ\SCCore.dll] [TENCENT, 2, 0, 0, 1]
[D:\软件\腾讯QQ\QQSpace.dll] [, 1, 0, 0, 1]
[C:\windows\system32\msdmo.dll] [N/A, N/A]
[D:\软件\腾讯QQ\QQGroupMng.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\QQSysMsgMng.dll] [N/A, N/A]
[D:\软件\腾讯QQ\UserDefinedHead.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\QQPlugin.dll] [N/A, N/A]
[D:\软件\腾讯QQ\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\LongConnection.dll] [tencent, 5, 0, 200, 160]
[D:\软件\腾讯QQ\QRingMng.dll] [N/A, N/A]
[D:\软件\腾讯QQ\QQAvatar.dll] [N/A, N/A]
[D:\软件\腾讯QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[D:\软件\腾讯QQ\QQPet.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\QQCustomFace.dll] [N/A, N/A]
[D:\软件\腾讯QQ\QQSceneMng.dll] [N/A, N/A]
[C:\windows\system32\PYJJ4.IME] [加加工作组, 4.0.0.20]
[D:\软件\腾讯QQ\BQQApplication.dll] [N/A, N/A]
[D:\软件\腾讯QQ\CommercesMng.dll] [, 1, 0, 0, 1]
[D:\软件\腾讯QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[D:\软件\腾讯QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 271]
[D:\软件\腾讯QQ\GroupConnection.dll] [Tencent, 0, 3, 3, 5]
[D:\软件\腾讯QQ\QQPhoneHelper.dll] [腾讯科技（深圳）有限公司, 2, 1, 3, 30]
[C:\WINDOWS\system32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[D:\软件\腾讯QQ\ImageOle.dll] [TODO: <Company name>, 1.0.0.1]
[c:\program files\mcafee\virusscan\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[PID: 2972][D:\软件\腾讯QQ\TIMPlatfrom.exe] [tencent, 0, 3, 1, 8]
[D:\软件\腾讯QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 4064][D:\软件\迅雷\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.2.0.207]
[D:\软件\迅雷\Program\UpdateDownload.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
[D:\软件\迅雷\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 1, 0, 3, 70]
[D:\软件\迅雷\Program\log4cplus.dll] [, 1, 0, 2, 1]
[D:\软件\迅雷\Program\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[D:\软件\迅雷\Program\asyn_dns.dll] [N/A, N/A]
[D:\软件\迅雷\Program\msgmanage.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
[D:\软件\迅雷\Program\historyinfo_manage.dll] [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
[D:\软件\迅雷\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 7]
[D:\软件\迅雷\Program\FloatBar.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
[D:\软件\迅雷\Components\InMedia\iEmbedShell.dll] [　, 1, 0, 0, 5]
[D:\软件\迅雷\Components\InMedia\iEmbed.dll] [　, 2, 1, 0, 29]
[D:\软件\迅雷\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 6]
[c:\program files\mcafee\virusscan\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[D:\软件\迅雷\Program\iTargetAd.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 60]
[C:\windows\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[PID: 3360][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\软件\全能助手\TweakAssist\AssistIEBar.dll] [全能助手工作室, 6, 0, 7, 1]
[C:\windows\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[D:\软件\迅雷\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[c:\program files\mcafee\virusscan\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.0.132.x86]
[C:\windows\system32\PYJJ4.IME] [加加工作组, 4.0.0.20]
[PID: 2748][D:\软件\SREng\SREng.exe] [Smallfrogs Studio, 2.3.13.690]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
API HOOK
N/A

==================================

[/CODE]

两个铁球 - 2007-2-3 0:37:00

vax347b / vax347b][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\vax347b.sys><>
[vax347s / vax347s][Running/Boot Start]
<\SystemRoot\System32\Drivers\vax347s.sys><>
[C:\windows\system32\msdmo.dll] [N/A, N/A]
上面两个是什么程序的驱动？
最后一个是什么？

宇智 - 2007-2-3 0:40:00

……不太清楚，手机的吧，我用的是索爱的。。。。

宇智 - 2007-2-3 0:43:00

哦，也可能是数码相机的，Sony的～

宇智 - 2007-2-3 0:45:00

引用:

【終生學習的贴子】是病毒进去把twunk32.exe删除掉。。。
我想你的版本应该是8.5i的版本，我用8。0i的时候都没有提示一大串的英文

………………

怪，刚刚半个小时前还搜出twunk32.exe来了，重启一下回来看竟然找不到了，已经显示了所有隐藏文件了……

瑞星卡卡安全论坛