瑞星卡卡安全论坛
mo蕶薍ゞ - 2008-2-21 10:55:00
QQ打不开啊
一打开就提示:没有找到basicctrldll.dll,因此这个应用程序未能启动。重新安装应用程序可能会修复此问题。
卸载了QQ重新下载还是这样
杀毒软件提示发现病毒在文件D:\qq\BasicCtrlDLL.dll中,病毒名称:win32.troj.onlinegamest.xy.118784
我该怎么办啊 大侠们帮忙看看啊
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MAXTHON 2.0)
侠者秋水 - 2008-2-21 10:58:00
http://www.kztechs.com/index1.html下载System Repair Engineer 2.5
扫描日志上来
mo蕶薍ゞ - 2008-2-21 11:10:00
[CODE]
2008-02-21,10:51:01
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<KavPFW><"C:\kav2005\KPFW32.EXE"> [Kingsoft Corporation]
<iDuba Personal FireWall><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<High Definition Audio Property Page Shortcut><CHDAudPropShortcut.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<EnergyUtility><C:\Program Files\Lenovo\EnergyCut\utilty.exe> [TODO: <Company name>]
<QkOnBtn><C:\PROGRA~1\QBU\QkOnBtn.EXE> [Dritek System Inc.]
<KavStart><"c:\kav2005\KAVStart.exe" -startup> [Kingsoft Corporation]
<runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."]
<domino><C:\WINDOWS\domino.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<VMSnap1><C:\WINDOWS\VMSnap1.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<360Safetray><f:\360safe\safemon\360tray.exe /start> [奇虎网]
<stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R> [(Verified)Tencent Technology(Shenzhen) Company Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
==================================
启动文件夹
N/A
mo蕶薍ゞ - 2008-2-21 11:10:00
==================================
服务
[Application Management / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
<"C:\kav2005\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
<C:\kav2005\KWatch.EXE><Kingsoft Corporation>
[File Replication Service / Ntfrs][Running/Auto Start]
<C:\WINDOWS\system32\ntfrs.exe><Microsoft Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
<C:\WINDOWS\system32\oodag.exe><Microsoft Corporation>
[SysICUD / SysICUD][Running/Auto Start]
<C:\Program Files\Lenovo\SysIC\SysICUD.exe><>
==================================
驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
<system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[DeepFree Update / DeepFree Update][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\pcihdd2.sys><N/A>
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
<system32\DRIVERS\DKbFltr.sys><Dritek System Inc.>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
<system32\drivers\CHDAud.sys><Conexant Systems Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
<system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[KAVBase / KAVBase][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
[KAVBootC / KAVBootC][Running/Boot Start]
<\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KNetWch / KNetWch][Running/System Start]
<\??\C:\kav2005\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[用于 Windows XP 32 Bit 版的英特尔(R) PRO/无线 3945ABG 适配器驱动程序 / NETw3x32][Stopped/Manual Start]
<system32\DRIVERS\NETw3x32.sys><Intel? Corporation>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NSC Infrared Device Driver / NSCIRDA][Running/Manual Start]
<system32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SAMSUNG Mobile USB Device 1.0 driver (WDM) / ss_bus][Stopped/Manual Start]
<system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl][Stopped/Manual Start]
<system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm][Stopped/Manual Start]
<system32\DRIVERS\ss_mdm.sys><MCCI>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[SysICDrv / SysICDrv][Running/Boot Start]
<\SystemRoot\system32\drivers\SysICDrv.SYS><联想集团有限公司>
[tifm21 / tifm21][Running/Manual Start]
<system32\drivers\tifm21.sys><Texas Instruments>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
<system32\DRIVERS\UIUSYS.SYS><Conexant Systems, Inc>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Stopped/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>
mo蕶薍ゞ - 2008-2-21 11:11:00
==================================
浏览器加载项
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司>
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <F:\thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent>
[QQToolbar]
{29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>
[CBrowseStakeout Class]
{55302805-482E-470E-8A57-6795A1487F90} <c:\kav2005\KAVAFish.DLL, Kingsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <F:\thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <f:\360safe\safemon\safemon.dll, 奇虎网>
[QQHelper Class]
{BF182DBF-1283-4BD3-86EE-D3239228770C} <C:\Program Files\Tencent\QQ\QQZoneHelper.dll, N/A>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[QQToolbar]
{29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>
[PhotoDraw Class]
{2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <C:\Program Files\Tencent\QQ\Qzone\QQPhotoDraw.dll, N/A>
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[KUpdateObj2 Class]
{D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
[PasswordEditCtrl Class]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <F:\thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent>
[QQToolbar]
{29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <F:\thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[CBrowseStakeout Class]
{55302805-482E-470E-8A57-6795A1487F90} <c:\kav2005\KAVAFish.DLL, Kingsoft Corporation>
[Microsoft 外壳 UI 帮助程序]
{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <f:\360safe\live.dll, 360safe.com>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <F:\thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <f:\360safe\safemon\safemon.dll, 奇虎网>
[QQHelper Class]
{BF182DBF-1283-4BD3-86EE-D3239228770C} <C:\Program Files\Tencent\QQ\QQZoneHelper.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[&使用超级旋风下载]
<C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
<C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
[使用迅雷下载]
<F:\thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<F:\thunder\Program\getallurl.htm, N/A>
[添加到QQ表情]
<D:\qq\AddEmotion.htm, N/A>
[金山毒霸反钓鱼...]
<c:\kav2005\KAF\ShowSet.htm, N/A>
mo蕶薍ゞ - 2008-2-21 11:12:00
正在运行的进程
[PID: 424 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 668 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 692 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 736 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 748 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 972 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1080 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1168 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1220 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1616 / lenovo][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543]
[F:\thunder\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 12]
[F:\thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[C:\Program Files\TENCENT\SSPlus\SAddr.dll] [Tencent, 5, 0, 4, 10]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[PID: 1632 / SYSTEM][C:\kav2005\KWatch.EXE] [Kingsoft Corporation, 2007, 8, 13, 78]
[C:\kav2005\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2005\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\kav2005\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\kav2005\KAEUnpack.DAT] [Kingsoft Corporation, 2008,01,25,202]
[C:\kav2005\KAVQuara.DLL] [Kingsoft Corporation, 2007, 6, 15, 4]
[PID: 1752 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 152 / SYSTEM][C:\kav2005\KPfwSvc.EXE] [Kingsoft Corporation, 2007, 2, 2, 31]
[PID: 208 / SYSTEM][C:\WINDOWS\system32\ntfrs.exe] [Microsoft Corporation, 5.2.0.1108]
[PID: 224 / SYSTEM][C:\WINDOWS\system32\oodag.exe] [Microsoft Corporation, 5.2.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 244 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 624 / SYSTEM][C:\Program Files\Lenovo\SysIC\SysICUD.exe] [, 1, 0, 0, 1]
[C:\Program Files\Lenovo\SysIC\FileCtrl.dll] [Lenovo 联想, 1, 0, 0, 3]
[PID: 532 / lenovo][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 8.3.8 16Jun06]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 8.3.8 16Jun06]
[C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 8.3.8 16Jun06]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 608 / lenovo][C:\Program Files\Lenovo\EnergyCut\utilty.exe] [TODO: <Company name>, 1.0.0.1]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1176 / lenovo][C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe] [N/A, ]
[C:\Program Files\Lenovo\EnergyCut\HookLib.dll] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[PID: 856 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1644 / lenovo][C:\PROGRA~1\QBU\QkOnBtn.EXE] [Dritek System Inc., 1, 0, 0, 421]
[C:\PROGRA~1\QBU\ComFnUtl.dll] [Dritek System Inc., 1, 0, 0, 711]
[C:\PROGRA~1\QBU\Wnd2File.dll] [Dritek System Inc., 3.00]
[C:\PROGRA~1\QBU\SzUPFUtl.dll] [Dritek System Inc., 1.00]
[C:\PROGRA~1\QBU\OSDUtl.dll] [Dritek System Inc., 1, 1, 1, 309]
[C:\PROGRA~1\QBU\RgnMaker.dll] [Dritek System Inc., 12.07.1999 ( VC60 )]
[C:\PROGRA~1\QBU\CDRomUtl.dll] [Dritek System Inc., 1.00]
[C:\PROGRA~1\QBU\MixerUtl.dll] [Dritek System Inc., 1.00]
[C:\PROGRA~1\QBU\LgKCUtl.dll] [Dritek System Inc., 2, 0, 2, 1007]
[C:\PROGRA~1\QBU\MMDUtl.DLL] [Dritek System Inc., 1, 2, 4, 4914]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\WINDOWS\system32\IGFXEXPS.DLL] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[PID: 1940 / lenovo][C:\kav2005\KAVStart.exe] [Kingsoft Corporation, 2007, 4, 2, 267]
[C:\kav2005\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2005\SvcTimer.DLL] [Kingsoft Corporation, 2006.12.22.84]
[C:\kav2005\KAVPassp.dll] [Kingsoft Corporation, 2006, 12, 30, 271]
[C:\kav2005\PopSprt3.dll] [Kingsoft Corporation, 2007, 1, 16, 45]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[PID: 1960 / lenovo][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 5.0.0.11]
[C:\Program Files\Rising\AntiSpyware\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[PID: 536 / lenovo][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3760]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 564 / lenovo][C:\WINDOWS\domino.exe] [, 3, 6, 703, 6]
[C:\WINDOWS\system32\msdmo.dll] [, ]
mo蕶薍ゞ - 2008-2-21 11:12:00
[PID: 660 / lenovo][C:\WINDOWS\VMSnap1.exe] [Vimicro, 4, 2, 1124, 6]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1368 / lenovo][F:\360safe\safemon\360tray.exe] [奇虎网, 4, 0, 3, 1001]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[F:\360safe\safemon\SafeKrnl.dll] [奇虎网, 4, 0, 3, 1001]
[F:\360safe\AntiAdwa.dll] [360Safe.com, 4, 0, 0, 1002]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[F:\360safe\live.dll] [360safe.com, 1, 0, 1, 1022]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[PID: 2040 / lenovo][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 932 / lenovo][C:\kav2005\KPFW32.EXE] [Kingsoft Corporation, 2007, 2, 2, 687]
[C:\kav2005\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2005\KAConfig.DLL] [Kingsoft Corporation, 2007, 1, 11, 41]
[C:\kav2005\FiltList.dll] [N/A, ]
[C:\kav2005\KAVPassp.DLL] [Kingsoft Corporation, 2006, 12, 30, 271]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[c:\kav2005\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[PID: 1364 / lenovo][F:\thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.7.6.427]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[F:\thunder\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 0, 52]
[F:\thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 21, 2, 208]
[F:\thunder\Program\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[F:\thunder\Program\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 21, 2, 208]
[F:\thunder\Program\streammedialib.dll] [, 1, 3, 12, 107]
[F:\thunder\Program\al.dll] [, 1, 0, 1, 2]
[F:\thunder\Program\xldc.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 12]
[F:\thunder\Program\bd.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 5]
[F:\thunder\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 3, 2, 16]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[F:\thunder\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 3, 34]
[F:\thunder\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
[F:\thunder\Components\DownAndPlay\DownAndPlay.dll] [, 1, 0, 8, 26]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx] [Adobe Systems, Inc., 9,0,115,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[F:\thunder\Components\InMedia\iEmbedShell.dll] [ , 1, 0, 1, 23]
[F:\thunder\Components\InMedia\iEmbed14.dll] [Thunder Networking Technologies,LTD, 3, 4, 5, 98]
[F:\thunder\Components\InMedia\XLIPC.DLL] [N/A, ]
[F:\thunder\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 5, 70]
[F:\thunder\Components\InMedia\PlayerHelper.dll] [thunder, 1, 1, 2, 34]
[F:\thunder\Components\InMedia\XLNet.dll] [Thunder Networking Technologies,LTD, 1, 2, 1, 9]
[F:\thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1, 5, 0, 15]
[F:\thunder\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
[F:\thunder\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[F:\thunder\Components\Security\ThunderSafe.dll] [深圳市迅雷网络技术有限公司, 1, 0, 7, 66]
[F:\thunder\Program\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[F:\thunder\Components\Security\XLSafeUI.dll] [深圳市迅雷网络技术有限公司, 1, 0, 7, 66]
[F:\thunder\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 6, 20]
[c:\kav2005\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[F:\thunder\Program\LiveUpdate.dll] [Thunder Networking Technologies,LTD, 1, 2, 2, 22]
[F:\thunder\Plugins\XLSafeHost\XLSafeHost.dll] [深圳市迅雷网络技术有限公司, 1, 0, 7, 57]
[F:\thunder\Plugins\XLSafeHost\ThunderKSAV\ThunderKSAV.dll] [N/A, ]
[F:\thunder\Plugins\XLSafeHost\ThunderKSAV\bin\XLScan.dll] [Kingsoft Corporation, 2007,09,27,2]
[F:\thunder\Plugins\BhoAdv\bho_adv.dll] [深圳市迅雷网络技术有限公司, 1.0.1.0]
[F:\thunder\Plugins\KanKanTop\KanKanTop.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
[F:\thunder\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 16]
[F:\thunder\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
[F:\thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 55]
[F:\thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[F:\thunder\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 10, 101]
[F:\thunder\Components\VPSHELL\VPSHELL.dll] [XunLei, 2, 3, 0, 28]
[F:\thunder\Components\VPSHELL\VideoPicture.dll] [XunLei, 2, 3, 0, 28]
[F:\thunder\Components\UserExperience\UserExperience.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[F:\thunder\Components\ResWorker\DsXlCom.dll] [, 1, 0, 0, 26]
[F:\thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
[F:\thunder\Components\ResWorker\MediaWorker.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 20]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[F:\thunder\Components\Tips\XLIPC.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
[F:\thunder\Components\DownloadStat\DownloadStat.dll] [深圳市迅雷网络技术有限公司, 1, 3, 1, 4]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL] [Microsoft Corporation, 11.0.8164]
[PID: 2104 / lenovo][C:\WINDOWS\system32\igfxext.exe] [Intel Corporation, 3.0.0.4543]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\IGFXEXPS.DLL] [Intel Corporation, 3.0.0.4543]
[PID: 2180 / lenovo][C:\kav2005\KMailMon.EXE] [Kingsoft Corporation, 2007, 2, 25, 948]
[C:\kav2005\KAntiSpm.dll] [Kingsoft Corporation, 2007, 2, 25, 129]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2005\KAECall2.DLL] [Kingsoft Corporation, 2004, 12, 28, 7]
[C:\kav2005\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\kav2005\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\kav2005\KAEUnpack.DAT] [Kingsoft Corporation, 2008,01,25,202]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KAConfig.DLL] [Kingsoft Corporation, 2007, 1, 11, 41]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[PID: 2316 / lenovo][C:\WINDOWS\system32\igfxsrvc.exe] [Intel Corporation, 3.0.0.4543]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4543]
[PID: 924 / lenovo][C:\Program Files\TTPlayer\TTPlayer.exe] [Alen Soft, 5, 1, 0, 0]
[C:\Program Files\TTPlayer\ttpcomm.dll] [N/A, ]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\TTPlayer\ttpres.dll] [Alen Soft, 5, 1, 0, 0]
[C:\Program Files\TTPlayer\msdmo.dll] [Microsoft Corporation, 6.03.01.0400]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\TTPlayer\AddIn\ttp_asf.dll] [N/A, ]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[PID: 3072 / lenovo][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
mo蕶薍ゞ - 2008-2-21 11:13:00
[PID: 3536 / lenovo][E:\Maxthon2\Maxthon.exe] [Maxthon International ltd., 2, 0, 6, 9024]
[E:\Maxthon2\MxExt.dll] [N/A, ]
[E:\Maxthon2\mxpp.dll] [Maxthon, 1, 0, 0, 61]
[E:\Maxthon2\MxSk.dll] [Maxthon, 1, 0, 0, 349]
[E:\Maxthon2\MxProxy2.dll] [Maxthon, 1, 0, 0, 3577]
[E:\Maxthon2\IMxWebBoost.dll] [Maxthon, 1, 0, 0, 1]
[E:\Maxthon2\mxdb.dll] [Max, 1, 0, 0, 1]
[E:\Maxthon2\mxsafe.dll] [Maxthon, 1, 0, 0, 626]
[E:\Maxthon2\MxSpellCheck.dll] [, 1, 0, 0, 9]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\Maxthon2\MxFav.dll] [Maxthon, 1, 0, 0, 220]
[E:\Maxthon2\maxzlib.dll] [, 1.2.3]
[E:\Maxthon2\mxtool.dll] [, 1, 0, 0, 1]
[E:\Maxthon2\mxfeedU.dll] [, 1, 0, 45, 89]
[C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL] [Microsoft Corporation, 11.0.8164]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[c:\kav2005\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[c:\kav2005\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[c:\kav2005\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[c:\kav2005\KAEUnpack.DAT] [Kingsoft Corporation, 2008,01,25,202]
[C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx] [Adobe Systems, Inc., 9,0,115,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[F:\thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 55]
[F:\thunder\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
[PID: 3324 / SYSTEM][C:\WINDOWS\system32\msiexec.exe] [Microsoft Corporation, 3.1.4000.1823]
[PID: 192 / lenovo][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1500 / lenovo][C:\DOCUME~1\lenovo\LOCALS~1\Temp\Rar$EX00.500\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 2, 16]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\360safe\safemon\safemon.dll] [奇虎网, 4, 0, 3, 1001]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\DOCUME~1\lenovo\LOCALS~1\Temp\Rar$EX00.500\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP Error. [winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
mo蕶薍ゞ - 2008-2-21 11:13:00
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 yu.8s7.net
127.0.0.1 1.jopanqc.com
127.0.0.1 2.joppnqq.com
127.0.0.1 wg.47255.com
127.0.0.1 1.joppnqq.com
127.0.0.1 xxx.m111.biz
127.0.0.1 1.jopenqc.com
127.0.0.1 1.jopenkk.com
127.0.0.1 xxx.vh7.biz
127.0.0.1 xxx.j41m.com
127.0.0.1 3.joppnqq.com
127.0.0.1 d.93se.com
127.0.0.1 www.868wg.com
127.0.0.1 xxx.mmma.biz
127.0.0.1 ilove.com
127.0.0.1 tp.shpzhan.cn
127.0.0.1 www.tomwg.com
127.0.0.1 www.cike007.cn
127.0.0.1 www.22aaa.com
127.0.0.1 xx.exiao01.com
127.0.0.1 www.exiao01.com
127.0.0.1 www.exiao01.com
127.0.0.1 new.749571.com
127.0.0.1 xtx.kv8.info
127.0.0.1 cao.kv8.info
127.0.0.1 1.jopmmqq.com
127.0.0.1 171817.171817.com
127.0.0.1 d2.llsging.com
127.0.0.1 down.malasc.cn
127.0.0.1 llboss.com
127.0.0.1 nx.51ylb.cn
127.0.0.1 my.531jx.cn
127.0.0.1 qqq.dzydhx.com
127.0.0.1 qqq.hao1658.com
127.0.0.1 www.333292.com
127.0.0.1 down.18dd.net
127.0.0.1 up.22x44.com
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 608, C:\PROGRAM FILES\LENOVO\ENERGYCUT\UTILTY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1176, C:\PROGRAM FILES\LENOVO\ENERGYCUT\ENERGYCUT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1644, C:\PROGRA~1\QBU\QKONBTN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1940, C:\KAV2005\KAVSTART.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1960, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1368, F:\360SAFE\SAFEMON\360TRAY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1368, F:\360SAFE\SAFEMON\360TRAY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 932, C:\KAV2005\KPFW32.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1364, F:\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1364, F:\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2180, C:\KAV2005\KMAILMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2180, C:\KAV2005\KMAILMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 924, C:\PROGRAM FILES\TTPLAYER\TTPLAYER.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 192, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 192, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
==================================
API HOOK
入口点错误:LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: C:\kav2005\KASocket.dll)
==================================
隐藏进程
N/A
==================================
[/CODE]
豪斯登堡新郎 - 2008-2-21 11:46:00
请直接以附件形式上传日志
mo蕶薍ゞ - 2008-2-21 11:51:00
传不上啊
天月来了 - 2008-2-21 11:52:00
直接将日志内容彻底复制到一个空记事本里,然后再保存,就可以以附件的形式发论坛来了。
一定以附件形式发这论坛来。
点击我这贴右下角的“引用”然后就应该知道怎么发了。
豪斯登堡新郎 - 2008-2-21 11:53:00
选标准模式回复后就能上传 上传前请把日志重命名为 我爱豪斯登堡新郎.txt 记住是.txt
mo蕶薍ゞ - 2008-2-21 11:56:00
| 引用: |
【天月来了的贴子】直接将日志内容彻底复制到一个空记事本里,然后再保存,就可以以附件的形式发论坛来了。
一定以附件形式发这论坛来。
点击我这贴右下角的“引用”然后就应该知道怎么发了。
……………… |
附件:
9366872008221114510.txt
侠者秋水 - 2008-2-21 13:21:00
断开网络1.建议使用XDelBox删除以下文件http://www.dodudou.com/down/index.php](XDelBox1.6下载)
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择
勾上抑制再生,从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。
c:\progra~1\tencent\ssplus\splus1.dll
c:\windows\system32\drivers\pcihdd2.sys
2.删除重启后使用SREng修复下面各项: 启动项目 -- 注册表之如下项删除:
[stup.exe] <Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R>
启动项目 -- 服务-- 驱动程序之如下项禁用:
[DeepFree Update / DeepFree Update] <\??\C:\WINDOWS\system32\drivers\pcihdd2.sys>
QQ卸后要把原来的所有文件都删除再装新的
mo蕶薍ゞ - 2008-2-21 13:47:00
| 引用: |
【侠者秋水的贴子】断开网络1.建议使用XDelBox删除以下文件(XDelBox1.6下载)
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择勾上抑制再生,从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。
c:\progra~1\tencent\ssplus\splus1.dll
c:\windows\system32\drivers\pcihdd2.sys
2.删除重启后使用SREng修复下面各项:
启动项目 -- 注册表之如下项删除:
[stup.exe] <Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R>
启动项目 -- 服务-- 驱动程序之如下项禁用:
[DeepFree Update / DeepFree Update] <\??\C:\WINDOWS\system32\drivers\pcihdd2.sys>
QQ卸后要把原来的所有文件都删除再装新的
……………… |
好复杂啊 能不能说的简单明白些哦``
1
© 2000 - 2026 Rising Corp. Ltd.