受灰鸽子毒害ing,请各位朋友帮忙解毒!!! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛受灰鸽子毒害ing,请各位朋友帮忙解毒!!!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

2 / 2 页

跳转页

受灰鸽子毒害ing,请各位朋友帮忙解毒!!!

ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:	发表于： 2006-02-23 18:24 \| 只看楼主短消息资料字号：小中大 11楼 HKLM\System\CurrentControlSet\Services + ACPI ACPI Driver for NT Microsoft Corporation c:\windows\system32\drivers\acpi.sys + aec Microsoft Acoustic Echo Canceller Microsoft Corporation c:\windows\system32\drivers\aec.sys + AFD AFD 网络支持环境 Microsoft Corporation c:\windows\system32\drivers\afd.sys + ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. c:\windows\system32\drivers\alcxwdm.sys + AsyncMac RAS Asynchronous Media Driver Microsoft Corporation c:\windows\system32\drivers\asyncmac.sys + atapi IDE/ATAPI Port Driver Microsoft Corporation c:\windows\system32\drivers\atapi.sys + ati2mtag ATI Radeon WindowsNT Miniport Driver ATI Technologies Inc. c:\windows\system32\drivers\ati2mtag.sys + Atmarpc ATM ARP Client Protocol Microsoft Corporation c:\windows\system32\drivers\atmarpc.sys + audstub AudStub Driver Microsoft Corporation c:\windows\system32\drivers\audstub.sys + BaseTDI basetdi Beijing Rising Technology Co., Ltd. c:\windows\system32\drivers\basetdi.sys + cdnprot cdnprot CNNIC c:\windows\system32\drivers\cdnprot.sys + cdntran cdntran CNNIC c:\windows\system32\drivers\cdntran.sys + Cdrom SCSI CD-ROM Driver Microsoft Corporation c:\windows\system32\drivers\cdrom.sys + d347bus PnP BIOS Extension c:\windows\system32\drivers\d347bus.sys + d347prt SCSI miniport c:\windows\system32\drivers\d347prt.sys + Disk PnP Disk Driver Microsoft Corporation c:\windows\system32\drivers\disk.sys + dmio NT Disk Manager I/O Driver Microsoft Corp., Veritas Software c:\windows\system32\drivers\dmio.sys + dmload NT Disk Manager Startup Driver Microsoft Corp., Veritas Software. c:\windows\system32\drivers\dmload.sys + DMusic Microsoft Kernel DLS Synthesizer Microsoft Corporation c:\windows\system32\drivers\dmusic.sys + drmkaud Microsoft Kernel DRM Audio Descrambler Filter Microsoft Corporation c:\windows\system32\drivers\drmkaud.sys + ExpScaner ExpScan.sys c:\program files\rising\rav\expscan.sys + FETNDIS NDIS 5.0 miniport driver VIA Technologies, Inc. c:\windows\system32\drivers\fetnd5.sys + FsVga Full Screen Video Driver Microsoft Corporation c:\windows\system32\drivers\fsvga.sys + Ftdisk FT Disk Driver Microsoft Corporation c:\windows\system32\drivers\ftdisk.sys + gagp30kx MS Generic AGPv3.0 Filter for K8/9 Processor Platforms Microsoft Corporation c:\windows\system32\drivers\gagp30kx.sys + Gpc Generic Packet Classifier Microsoft Corporation c:\windows\system32\drivers\msgpc.sys + hidusb USB Miniport Driver for Input Devices Microsoft Corporation c:\windows\system32\drivers\hidusb.sys + HOOKAPI HOOKAPI Driver 瑞星软件有限公司 c:\program files\rising\rav\hookapi.sys + HookCont TDI HOOK Driver Rising tech Co. ltd c:\program files\rising\rav\hookcont.sys + HookReg c:\program files\rising\rav\hookreg.sys + HookSys Hooksys Rising c:\program files\rising\rav\hooksys.sys + HTTP 此服务实现超文本传送协议(HTTP)。如果此服务被禁用，任何依赖它的服务将无法启动。 Microsoft Corporation c:\windows\system32\drivers\http.sys + i8042prt i8042 Port Driver Microsoft Corporation c:\windows\system32\drivers\i8042prt.sys + Imapi IMAPI Kernel Driver Microsoft Corporation c:\windows\system32\drivers\imapi.sys + Ip6Fw 为家庭和小型办公网络提供入侵保护服务。 Microsoft Corporation c:\windows\system32\drivers\ip6fw.sys + IpFilterDriver IP Traffic Filter Driver Microsoft Corporation c:\windows\system32\drivers\ipfltdrv.sys + IpInIp IP in IP Tunnel Driver Microsoft Corporation c:\windows\system32\drivers\ipinip.sys + IpNat IP Network Address Translator Microsoft Corporation c:\windows\system32\drivers\ipnat.sys + IPSec IPSEC driver Microsoft Corporation c:\windows\system32\drivers\ipsec.sys + IRENUM Infra-Red Bus Enumerator Microsoft Corporation c:\windows\system32\drivers\irenum.sys + isapnp PNP ISA Bus Driver Microsoft Corporation c:\windows\system32\drivers\isapnp.sys + Kbdclass Keyboard Class Driver Microsoft Corporation c:\windows\system32\drivers\kbdclass.sys + kmixer Kernel Mode Audio Mixer Microsoft Corporation c:\windows\system32\drivers\kmixer.sys + MEMSCAN MemScan Driver 瑞星软件有限公司 c:\program files\rising\rav\memscan.sys + Mouclass Mouse Class Driver Microsoft Corporation c:\windows\system32\drivers\mouclass.sys + mouhid HID Mouse Filter Driver Microsoft Corporation c:\windows\system32\drivers\mouhid.sys + MSKSSRV MS KS Server Microsoft Corporation c:\windows\system32\drivers\mskssrv.sys + MSPCLOCK MS Proxy Clock Microsoft Corporation c:\windows\system32\drivers\mspclock.sys + MSPQM MS Proxy Quality Manager Microsoft Corporation c:\windows\system32\drivers\mspqm.sys + mssmbios System Management BIOS Driver Microsoft Corporation c:\windows\system32\drivers\mssmbios.sys + NdisTapi Remote Access NDIS TAPI Driver Microsoft Corporation c:\windows\system32\drivers\ndistapi.sys + Ndisuio NDIS 用户模式 I/O 协议 Microsoft Corporation c:\windows\system32\drivers\ndisuio.sys + NdisWan Remote Access NDIS WAN Driver Microsoft Corporation c:\windows\system32\drivers\ndiswan.sys + NetBT NetBios over Tcpip Microsoft Corporation c:\windows\system32\drivers\netbt.sys + npkcrypt nProtect KeyCrypt Driver INCA Internet Co., Ltd. e:\program files\tencent\qq\npkcrypt.sys + NwlnkFlt IPX Traffic Filter Driver Microsoft Corporation c:\windows\system32\drivers\nwlnkflt.sys + NwlnkFwd IPX Traffic Forwarder Driver Microsoft Corporation c:\windows\system32\drivers\nwlnkfwd.sys + Parport Parallel Port Driver Microsoft Corporation c:\windows\system32\drivers\parport.sys + PCAMPR5 PCAUSA NDIS 5.0 MPR Protocol Driver Printing Communications Assoc., Inc. (PCAUSA) c:\windows\system32\pcampr5.sys + PCANDIS5 PCAUSA NDIS 5.0 Protocol Driver Printing Communications Assoc., Inc. (PCAUSA) c:\windows\system32\pcandis5.sys + PCI NT Plug and Play PCI Enumerator Microsoft Corporation c:\windows\system32\drivers\pci.sys + PptpMiniport WAN Miniport (PPTP) Microsoft Corporation c:\windows\system32\drivers\raspptp.sys + Processor Processor Device Driver Microsoft Corporation c:\windows\system32\drivers\processr.sys + PSched QoS Packet Scheduler Microsoft Corporation c:\windows\system32\drivers\psched.sys + Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys + PxHelp20 Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys + RasAcd Remote Access Auto Connection Driver Microsoft Corporation c:\windows\system32\drivers\rasacd.sys + Rasl2tp WAN Miniport (L2TP) Microsoft Corporation c:\windows\system32\drivers\rasl2tp.sys + RasPppoe 远程访问 PPPOE 驱动程序 Microsoft Corporation c:\windows\system32\drivers\raspppoe.sys + Raspti Direct Parallel Microsoft Corporation c:\windows\system32\drivers\raspti.sys + RDPCDD RDP Miniport Microsoft Corporation c:\windows\system32\drivers\rdpcdd.sys + rdpdr Microsoft RDP Device redirector Microsoft Corporation c:\windows\system32\drivers\rdpdr.sys + redbook Redbook Audio Filter Driver Microsoft Corporation c:\windows\system32\drivers\redbook.sys + Secdrv SafeDisc driver c:\windows\system32\drivers\secdrv.sys + serenum Serial Port Enumerator Microsoft Corporation c:\windows\system32\drivers\serenum.sys + Serial Serial Device Driver Microsoft Corporation c:\windows\system32\drivers\serial.sys + splitter Microsoft Kernel Audio Splitter Microsoft Corporation c:\windows\system32\drivers\splitter.sys + swenum Plug and Play Software Device Enumerator Microsoft Corporation c:\windows\system32\drivers\swenum.sys + swmidi Microsoft GS Wavetable Synthesizer Microsoft Corporation c:\windows\system32\drivers\swmidi.sys + sysaudio System Audio WDM Filter Microsoft Corporation c:\windows\system32\drivers\sysaudio.sys + Tcpip TCP/IP Protocol Driver Microsoft Corporation c:\windows\system32\drivers\tcpip.sys
ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:

ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:	发表于： 2006-02-23 18:24 \| 只看楼主短消息资料字号：小中大 12楼 + TermDD Terminal Server Driver Microsoft Corporation c:\windows\system32\drivers\termdd.sys + Update Update Driver Microsoft Corporation c:\windows\system32\drivers\update.sys + usbehci EHCI eUSB Miniport Driver Microsoft Corporation c:\windows\system32\drivers\usbehci.sys + usbhub Default Hub Driver for USB Microsoft Corporation c:\windows\system32\drivers\usbhub.sys + USBSTOR USB Mass Storage Class Driver Microsoft Corporation c:\windows\system32\drivers\usbstor.sys + usbuhci UHCI USB Miniport Driver Microsoft Corporation c:\windows\system32\drivers\usbuhci.sys + VgaSave VGA/Super VGA Video Driver Microsoft Corporation c:\windows\system32\drivers\vga.sys + viaagp1 VIA NT AGP Filter VIA Technologies, Inc. c:\windows\system32\drivers\viaagp1.sys + ViaIde Generic PCI IDE Bus Driver Microsoft Corporation c:\windows\system32\drivers\viaide.sys + viamraid VIA RAID DRIVER FOR WIN 2000/XP/2003IA32 VIA Technologies inc,.ltd c:\windows\system32\drivers\viamraid.sys + Wanarp Remote Access IP ARP Driver Microsoft Corporation c:\windows\system32\drivers\wanarp.sys + wdmaud MMSYSTEM Wave/Midi API mapper Microsoft Corporation c:\windows\system32\drivers\wdmaud.sys HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute + autocheck autochk * File not found: autocheck HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options + Your Image File Name Here without a path Symbolic Debugger for Windows 2000 Microsoft Corporation c:\windows\system32\ntsd.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls + APIHookDll.dll File not found: APIHookDll.dll HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls + advapi32 Advanced Windows 32 Base API Microsoft Corporation c:\windows\system32\advapi32.dll + comdlg32 Common Dialogs DLL Microsoft Corporation c:\windows\system32\comdlg32.dll + gdi32 GDI Client DLL Microsoft Corporation c:\windows\system32\gdi32.dll + imagehlp Windows NT Image Helper Microsoft Corporation c:\windows\system32\imagehlp.dll + kernel32 Windows NT BASE API Client DLL Microsoft Corporation c:\windows\system32\kernel32.dll + lz32 LZ Expand/Compress API DLL Microsoft Corporation c:\windows\system32\lz32.dll + ole32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\ole32.dll + oleaut32 Microsoft Corporation c:\windows\system32\oleaut32.dll + olecli32 Object Linking and Embedding Client Library Microsoft Corporation c:\windows\system32\olecli32.dll + olecnv32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\olecnv32.dll + olesvr32 Object Linking and Embedding Server Library Microsoft Corporation c:\windows\system32\olesvr32.dll + olethk32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\olethk32.dll + rpcrt4 Remote Procedure Call Runtime Microsoft Corporation c:\windows\system32\rpcrt4.dll + shell32 Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll + url Internet Shortcut Shell Extension DLL Microsoft Corporation c:\windows\system32\url.dll + urlmon OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll + user32 Windows XP USER API Client DLL Microsoft Corporation c:\windows\system32\user32.dll + version Version Checking and File Installation Libraries Microsoft Corporation c:\windows\system32\version.dll + wininet Internet Extensions for Win32 Microsoft Corporation c:\windows\system32\wininet.dll + wldap32 Win32 LDAP API DLL Microsoft Corporation c:\windows\system32\wldap32.dll HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify + crypt32chain Crypto API32 Microsoft Corporation c:\windows\system32\crypt32.dll + cryptnet Crypto Network Related API Microsoft Corporation c:\windows\system32\cryptnet.dll + cscdll Offline Network Agent Microsoft Corporation c:\windows\system32\cscdll.dll + ScCertProp Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll + Schedule Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll + sclgntfy Secondary Logon Service Notification DLL Microsoft Corporation c:\windows\system32\sclgntfy.dll + SensLogn Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll + termsrv Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll + wlballoon Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll HKCU\Control Panel\Desktop\Scrnsave.exe + C:\WINDOWS\system32\ssmypics.scr My Pictures Slideshow Screensaver Microsoft Corporation c:\windows\system32\ssmypics.scr HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9 + MSAFD NetBIOS [\Device\NetBT_Tcpip_{57A76A50-E6FD-4123-8310-12F923F9A5EE}] DATAGRAM 0 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{57A76A50-E6FD-4123-8310-12F923F9A5EE}] SEQPACKET 0 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{766D0AC9-C689-40D4-A5B1-89DD1787257F}] DATAGRAM 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{766D0AC9-C689-40D4-A5B1-89DD1787257F}] SEQPACKET 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{93C2F07F-8165-4FD4-8D38-41E75C074B35}] DATAGRAM 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{93C2F07F-8165-4FD4-8D38-41E75C074B35}] SEQPACKET 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD Tcpip [RAW/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD Tcpip [TCP/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD Tcpip [UDP/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll + RSVP TCP Service Provider Microsoft Windows Rsvp 1.0 Service Provider Microsoft Corporation c:\windows\system32\rsvpsp.dll + RSVP UDP Service Provider Microsoft Windows Rsvp 1.0 Service Provider Microsoft Corporation c:\windows\system32\rsvpsp.dll HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors + BJ Language Monitor Langage Monitor for Canon Bubble-Jet Printer Microsoft Corporation c:\windows\system32\cnbjmon.dll + Local Port Local Spooler DLL Microsoft Corporation c:\windows\system32\localspl.dll + Microsoft Document Imaging Writer Monitor Microsoft? Document Imaging Microsoft Corporation c:\windows\system32\mdimon.dll + PJL Language Monitor PJL Language monitor Microsoft Corporation c:\windows\system32\pjlmon.dll + Standard TCP/IP Port Standard TCP/IP Port Monitor DLL Microsoft Corporation c:\windows\system32\tcpmon.dll + USB Monitor Standard Dynamic Printing Port Monitor DLL Microsoft Corporation c:\windows\system32\usbmon.dll
ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:

ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:	发表于： 2006-02-23 20:02 \| 只看楼主短消息资料字号：小中大 13楼 help...........
ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:

leasu 初生襁褓狮帖子:527 注册: 2005-01-08 来自:	发表于： 2006-02-23 21:19 \| 短消息资料字号：小中大 14楼 “灰鸽子”专用检测清除工具注入型病毒....
leasu 初生襁褓狮帖子:527 注册: 2005-01-08 来自:

ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:	发表于： 2006-02-24 00:05 \| 只看楼主短消息资料字号：小中大 15楼重新发扫描信息 HijackThis_zww汉化版扫描日志 V1.99.1 保存于 23:59:02, 日期 2006-2-23 操作系统： Windows XP SP2 (WinNT 5.01.2600) 浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180) 当前运行的进程： C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Huawei-3Com\H3C 认证客户端\AuthenMngService.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Huawei-3Com\H3C 认证客户端\H3C Client.exe C:\Documents and Settings\Administrator\桌面\新建文件夹\HijackThis1991汉化版\HijackThis1991zww.exe R3 - URLSearchHook: QQ Search Hook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\AdPlus\IEHelp.dll O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v11.dll O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\AdPlus\IEHelp.dll O2 - BHO: URLMonitor Class - {3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92} - C:\WINDOWS\system32\hap.dll O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - e:\Program Files\Tencent\QQ\QQIEHelper.dll O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll O2 - BHO: Router Layer - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - C:\WINDOWS\System32\aclayer.dll (file missing) O2 - BHO: DownloadValue Class - {616D4040-5712-4F0F-BCF1-5C6420A99E14} - C:\WINDOWS\system32\winhtp.dll O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX O2 - BHO: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll O3 - IE工具栏增项: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - f:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - IE工具栏增项: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll O3 - IE工具栏增项: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll (file missing) O3 - IE工具栏增项: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\YiSou\yisou.dll (file missing) O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE O4 - 启动项HKLM\\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - 启动项HKLM\\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - 启动项HKLM\\Run: [AddrPlus3] C:\PROGRA~1\TENCENT\AdPlus\Runner.exe C:\PROGRA~1\TENCENT\AdPlus\QAHook.dll Rundll32 O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: AutoCAD 启动加速器.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\Program Files\Tencent\qq\AddToNetDisk.htm O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - C:\Program Files\KuGoo3\KuGoo3DownX.htm O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Program Files\Tencent\qq\AddPanel.htm O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Program Files\Tencent\qq\AddEmotion.htm O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Program Files\Tencent\qq\SendMMS.htm O8 - IE右键菜单中的新增项目: 百度-搜索MP3 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUMP3.HTM O8 - IE右键菜单中的新增项目: 百度-搜索图片 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUIMG.HTM O8 - IE右键菜单中的新增项目: 百度-搜索新闻 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM O8 - IE右键菜单中的新增项目: 百度-搜索歌词 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDULYRIC.HTM O8 - IE右键菜单中的新增项目: 百度-搜索网页 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUSEARCH.HTM O8 - IE右键菜单中的新增项目: 百度-搜索贴吧 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUPOST.HTM O8 - IE右键菜单中的新增项目: 百度-词典搜索 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDU_DIC.HTM O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\Game\hf\HFGame3\GameClient.exe O9 - 浏览器额外的按钮: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll O9 - 浏览器额外的“工具”菜单项: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - e:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - e:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - 浏览器额外的按钮: 易趣购物 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=50 (file missing) O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=50 (file missing) O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing O11 - Options group: [CDNCLIENT] 中文上网 O11 - Options group: [TBH] QQ地址栏搜索插件 O14 - IERESET.INF: START_PAGE_URL=http://www.tomatolei.com O20 - AppInit_DLLs: APIHookDll.dll O23 - NT 服务: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - NT 服务: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - NT 服务: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - NT 服务: Gray_Pigeon_Server2.0 (GrayPigeonServer2.0) - Unknown owner - C:\WINDOWS\G_Server2.0.exe O23 - NT 服务: huawei-3com EAD appendix service (H3C_EAD_APX_SVR) - Unknown owner - C:\Program Files\Huawei-3Com\H3C 认证客户端\eadApxSvr.exe O23 - NT 服务: huawei-3com protocol authentication service manage center (H3C_SVR_MNG_SERVICE) - Unknown owner - C:\Program Files\Huawei-3Com\H3C 认证客户端\AuthenMngService.exe O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:

ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:	发表于： 2006-02-24 00:07 \| 只看楼主短消息资料字号：小中大 16楼我用了瑞星的灰鸽子的专杀工具了,没用,它不能删除只是结束进程.
ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:

ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:	发表于： 2006-02-24 00:08 \| 只看楼主短消息资料字号：小中大 17楼 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run + AddrPlus3TENCENTc:\program files\tencent\adplus\runner.exe + ATIPTAATI Desktop Control PanelATI Technologies, Inc.c:\program files\ati technologies\ati control panel\atiptaxx.exe + NeroFilterCheckNeroCheckAhead Software Gmbhc:\windows\system32\nerocheck.exe + RavTaskRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtask.exe + SoundManRealtek Sound ManagerRealtek Semiconductor Corp.C:\WINDOWS\soundman.exe + StormCodec_Helperc:\program files\ringz studio\storm codec\stormset.exe + TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe C:\Documents and Settings\All Users\「开始」菜单\程序\启动 + AutoCAD 启动加速器.lnkAutoCAD Startup AcceleratorAutodesk, Incc:\program files\common files\autodesk shared\acstart16.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run + helperdllc:\windows\system32\drivers\pupw.sys HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks + Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved + AutoCAD 数字签名图标覆盖处理程序AcSignIcon ModuleAutodeskc:\windows\system32\acsignicon.dll + Autodesk Drawing PreviewAcThumbnail ModuleAutodeskc:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll + Autodesk DWF PreviewAcThumbnail ModuleAutodeskc:\program files\common files\autodesk shared\thumbnail\acdwfthmbprxy16.dll + QQ Search HookTencentc:\program files\tencent\adplus\iehelp.dll + QQAddrBar Drop TargetTencentc:\program files\tencent\adplus\iehelp.dll + RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll + Tencent Browser HelperTencentc:\program files\tencent\adplus\iehelp.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects + CdnForIE ClassCdnForIECNNICc:\program files\cnnic\cdn\cdnforie.dll + DownloadValue ClassDownloadStart Modulec:\windows\system32\winhtp.dll + Infofo 工具栏珊瑚虫 Infofo 工具栏珊瑚虫工作室泰格工作室c:\program files\infofo bar\infofobar.dll + QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司e:\program files\tencent\qq\qqiehelper.dll + Router LayerFile not found: C:\WINDOWS\System32\aclayer.dll + Tencent Browser HelperTencentc:\program files\tencent\adplus\iehelp.dll + ThunderIEHelper Classxunleibho BHOThunder Networking Technologies,LTDc:\windows\system32\xunleibho_v11.dll + URLMonitor ClassHAPHenbangc:\windows\system32\hap.dll + WMHlprObj ClassCNNIC Web Mail for WindowsCNNICc:\program files\cnnic\cdn\wmhlpr.dll + 百度超级搜霸BaiduBar ModuleBaidu.com, Inc.c:\program files\baidu\bar\baidubar.dll HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks + iehelp.dllTencentc:\program files\tencent\adplus\iehelp.dll HKLM\Software\Microsoft\Internet Explorer\Toolbar + 一搜File not found: C:\Program Files\YiSou\yisou.dll HKLM\Software\Microsoft\Internet Explorer\Extensions + 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司d:\game\hf\hfgame3\gameclient.exe + 易趣购物File not found: http://click2.ad4all.net/url2/urlmanage/url.asp?id=50 HKLM\System\CurrentControlSet\Services + Ati HotKey Pollerc:\windows\system32\ati2evxx.exe + ATI SmartATI Smartc:\windows\system32\ati2sgag.exe + GrayPigeonServer2.0监控管理.c:\windows\g_server2.0.exe + RsCCenterCCenterBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ccenter.exe + RsRavMonRavMondBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmond.exe HKLM\System\CurrentControlSet\Services + ALCXWDMRealtek AC'97 Audio Driver (WDM)Realtek Semiconductor Corp.c:\windows\system32\drivers\alcxwdm.sys + ati2mtagATI Radeon WindowsNT Miniport DriverATI Technologies Inc.c:\windows\system32\drivers\ati2mtag.sys + BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys + cdnprotcdnprotCNNICc:\windows\system32\drivers\cdnprot.sys + cdntrancdntranCNNICc:\windows\system32\drivers\cdntran.sys + d347busPnP BIOS Extension c:\windows\system32\drivers\d347bus.sys + d347prtSCSI miniport c:\windows\system32\drivers\d347prt.sys + ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys + FETNDISNDIS 5.0 miniport driverVIA Technologies, Inc. c:\windows\system32\drivers\fetnd5.sys + HOOKAPIHOOKAPI Driver瑞星软件有限公司c:\program files\rising\rav\hookapi.sys + HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys + HookRegc:\program files\rising\rav\hookreg.sys + HookSysHooksysRisingc:\program files\rising\rav\hooksys.sys + MEMSCANMemScan Driver瑞星软件有限公司c:\program files\rising\rav\memscan.sys + npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.e:\program files\tencent\qq\npkcrypt.sys + PCAMPR5PCAUSA NDIS 5.0 MPR Protocol DriverPrinting Communications Assoc., Inc. (PCAUSA)c:\windows\system32\pcampr5.sys + PCANDIS5PCAUSA NDIS 5.0 Protocol DriverPrinting Communications Assoc., Inc. (PCAUSA)c:\windows\system32\pcandis5.sys + PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys + PxHelp20Px Engine Device Driver for Windows 2000/XPSonic Solutionsc:\windows\system32\drivers\pxhelp20.sys + SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys + viaagp1VIA NT AGP FilterVIA Technologies, Inc.c:\windows\system32\drivers\viaagp1.sys + viamraidVIA RAID DRIVER FOR WIN 2000/XP/2003IA32VIA Technologies inc,.ltdc:\windows\system32\drivers\viamraid.sys HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute + autocheck autochk *File not found: autocheck HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls + APIHookDll.dllFile not found: APIHookDll.dll
ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:

蝴蝶飞过海初生襁褓狮帖子:100 注册: 2005-09-05 来自:	发表于： 2006-02-24 00:26 \| 短消息资料字号：小中大 18楼 O23 - NT 服务: Gray_Pigeon_Server2.0 (GrayPigeonServer2.0) - Unknown owner - C:\WINDOWS\G_Server2.0.exe 这个是鸽子
蝴蝶飞过海初生襁褓狮帖子:100 注册: 2005-09-05 来自:

ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:	发表于： 2006-02-24 00:44 \| 只看楼主短消息资料字号：小中大 19楼 http://forum.ikaka.com/topic.asp?board=28&artid=5666824 按这里的做,没了.......
ewengod 初生襁褓狮帖子:18 注册: 2006-02-23 来自:

<<上一主题|下一主题>>

12

2 / 2 页

跳转页

页面顶部

Powered by Discuz!NT