警告:2008-5-2 下午 10:09:18用户在浏览http://www.guanai.net/site/hottoo/index.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\82YRUMLK\index[2].htm类型:不是木马 C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\82YRUMLK\index[2].htm已经清除 警告:2008-5-2 下午 10:09:18用户在浏览http://www.guanai.net/11skjeiruijs.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\82YRUMLK\11skjeiruijs[1].htm类型:不是木马 警告:2008-5-2 下午 11:29:14用户在浏览http://www.guanai.net/08hjoiseurjf.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\82YRUMLK\08hjoiseurjf[1].htm类型:不是木马 警告:2008-5-2 下午 11:36:59用户在浏览http://www.guanai.net/site/gutx/index.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\7VEGKSVF\index[3].htm类型:不是木马 警告:2008-5-2 下午 11:29:14用户在浏览http://www.guanai.net/site/chinanics/index.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\L31JBHM1\index[1].htm类型:不是木马 警告:2008-5-2 下午 11:36:50用户在浏览http://www.guanai.net/site/tcc360/index.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\L31JBHM1\index[2].htm类型:不是木马 警告:2008-5-2 下午 11:36:50用户在浏览http://www.guanai.net/03cuanjdjfis.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\RJ9VAGKI\03cuanjdjfis[1].htm类型:不是木马 C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\RJ9VAGKI\03cuanjdjfis[1].htm已经清除 扫描浏览器插件:C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll 扫描浏览器插件:C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll 浏览器插件扫描结束. 扫描浏览器插件:C:\WINDOWS\system32\kakatool.dll 发现无效的外壳插件位置:{32CD708B-60A7-4C00-9377-D73EAA495F0F} 系统外壳插件扫描结束. 警告:2008-5-2 下午 10:09:18用户在浏览http://www.guanai.net/11skjeiruijs.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\82YRUMLK\11skjeiruijs[1].htm类型:不是木马 C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\82YRUMLK\11skjeiruijs[1].htm已经清除 警告:2008-5-2 下午 11:29:14用户在浏览http://www.guanai.net/08hjoiseurjf.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\82YRUMLK\08hjoiseurjf[1].htm类型:不是木马 警告:2008-5-2 下午 11:36:59用户在浏览http://www.guanai.net/site/gutx/index.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\7VEGKSVF\index[3].htm类型:不是木马 警告:2008-5-2 下午 11:29:14用户在浏览http://www.guanai.net/site/chinanics/index.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\L31JBHM1\index[1].htm类型:不是木马 C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\L31JBHM1\index[1].htm已经清除 警告:2008-5-2 下午 11:36:50用户在浏览http://www.guanai.net/site/tcc360/index.htm时候怀疑打开了隐藏窗体1839:C:\Documents and Settings\suiyi\Local Settings\Temporary Internet Files\Content.IE5\L31JBHM1\index[2].htm类型:不是木马 扫描浏览器插件:C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll 扫描浏览器插件:C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll 浏览器插件扫描结束. 扫描浏览器插件:C:\WINDOWS\system32\kakatool.dll 发现无效的外壳插件位置:{32CD708B-60A7-4C00-9377-D73EAA495F0F} 系统外壳插件扫描结束. [br][br][color=#990000][b]-=-=-=- 以下内容由 [i]suichaojun[/i] 在 [i]2008年05月03日 00:30pm[/i] 时添加 -=-=-=-[/b][/color] 还有可疑文件数 \??\C:\WINDOWS\system32\csrss.exe C:\WINDOWS\RTHDCPL.EXE \??\C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\ieprot.dll C:\WINDOWS\system32\shlhook.dll C:\WINDOWS\system32\ffdshow.ax C:\WINDOWS\system32\xvid.ax C:\WINDOWS\system32\SOGOUPY.IME 这都是刚装完系统查的。