1   1  /  1  页   跳转

[求助] 紧急救助

收藏
恋上77啦
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-06-25
  • 来自:
发表于: 2008-06-25 22:21 | 只看楼主 短消息 资料
字号: 1楼

紧急救助

Trojan-Downloader.Win32.Murlo.nn     Trojan-Downloader.Win32.Agent.qpv删不掉
检测到:木马程序 Trojan-Downloader.Win32.Murlo.nn    URL:
检测到:木马程序 Trojan-Downloader.Win32.Agent.qpv    URL: //UPX
检测到:木马程序 Trojan-Downloader.Win32.Agent.nwl    URL: //#
卡巴一直在报这些东西,就是删不掉,怎么办?


用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
分享到:
gototop
 
恋上77啦
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-06-25
  • 来自:
发表于: 2008-06-25 22:22 | 只看楼主 短消息 资料
字号: 2楼

回复:紧急救助

[CODE]

2008-06-25,22:15:18

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <360Safetray><D:\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <360Antiarp><D:\360safe\antiarp\AntiArp.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe">  [(Verified)Kaspersky Lab]
    <Grid Service><"C:\Program Files\GridService\peer.exe" -n Grid>  [FS2YOU]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{4F4F0064-71E0-4f0d-0025-708476C7815F}><C:\WINDOWS\system32\midimapfs2.dll>  [N/A]
    <{00120012-0012-0012-0012-00120012BB15}><C:\WINDOWS\system32\kbdswjr.dll>  [N/A]
    <{00170017-0017-0017-0017-00170017BB15}><C:\WINDOWS\system32\msobjstl.dll>  [N/A]
    <{00010001-0001-0001-0001-00010001BB15}><C:\WINDOWS\system32\adsntzt.dll>  [N/A]
    <{4F4F0064-71E0-4f0d-0002-708476C7815F}><C:\WINDOWS\system32\midimapwm.dll>  [N/A]
    <{00150015-0015-0015-0015-00150015BB15}><C:\WINDOWS\system32\csrsrvmy.dll>  [N/A]
    <{4F4F0064-71E0-4f0d-0005-708476C7815F}><C:\WINDOWS\system32\midimapzx.dll>  [N/A]
    <{4F4F0064-71E0-4f0d-0023-708476C7815F}><C:\WINDOWS\system32\midimapcq.dll>  [N/A]
    <{4F4F0064-71E0-4f0d-0004-708476C7815F}><C:\WINDOWS\system32\midimapwl.dll>  [N/A]
    <{4F4F0064-71E0-4f0d-0018-708476C7815F}><C:\WINDOWS\system32\midimapwd.dll>  [N/A]
    <{4F4F0064-71E0-4f0d-0006-708476C7815F}><C:\WINDOWS\system32\midimapcb.dll>  [N/A]
    <{00030003-0003-0003-0003-00030003BB15}><C:\WINDOWS\system32\bootvidgj.dll>  [N/A]
    <{4F4F0064-71E0-4f0d-0028-708476C7815F}><C:\WINDOWS\system32\midimapyt2.dll>  [N/A]
    <{6FD45A54-9875-698F-E56E-65102358FDF6}><>  [N/A]
    <{25FD6584-698F-BCD2-602C-698745210352}><>  [N/A]
    <{3C954872-1230-6541-9548-6541025884C3}><>  [N/A]
    <{A490415F-65F8-B5C5-D8BA-9405FB12054A}><>  [N/A]
    <{60A345CD-ABCD-EFAB-CDEF-ABCD01020306}><>  [N/A]
    <{20909876-4567-3908-4056-909834565102}><>  [N/A]
    <{9629FF4F-ACDB-5C90-A098-FACB3456A269}><>  [N/A]
    <{45694105-5108-9405-3695-954187462154}><>  [N/A]
    <{32023698-6984-8541-9654-698745012523}><>  [N/A]
    <{77FD640A-158F-48AC-FD14-1597F14A9777}><>  [N/A]
    <{7C8D1401-A58D-A81C-CD24-A5915C4517C7}><>  [N/A]
    <{6A041F13-A111-12A3-B0CF-F99818AA68A6}><>  [N/A]
    <{5A069845-2036-6084-9054-6087502480A5}><>  [N/A]
    <{2B69874A-C58C-458D-69F0-698F874E41B2}><>  [N/A]
    <{54FAE856-AD58-20CB-A025-CD4895FA6E45}><>  [N/A]
    <{18093456-9012-4568-9076-908765467181}><>  [N/A]
    <{3A908760-8000-4000-A000-9000322145A3}><>  [N/A]
    <{22596546-2036-9451-6058-658402589722}><>  [N/A]
    <{83BA45AF-FAAA-CDDD-BEEE-BCDE1234AB38}><>  [N/A]
    <{50940F85-F015-14F1-A05F-F69858AC6D05}><>  [N/A]
    <{528DF602-9541-A985-210A-984A698C6F25}><>  [N/A]
    <{35671234-7890-ABCD-CDEF-567801237653}><>  [N/A]
    <{43512378-9874-5641-1025-985420368734}><>  [N/A]
    <{4D165A2A-4BC1-4CA8-8299-08E05AAAB5A4}><C:\WINDOWS\system32\tdggrz.dll>  [N/A]
    <{81AF1CF6-D1C9-4C6A-AC01-EDE54E71945B}><C:\WINDOWS\system32\jfdses.dll>  [N/A]
    <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><>  [N/A]
    <{B490415F-65F8-B5C5-D8BA-9405FB12054B}><>  [N/A]
    <{A629FF4F-ACDB-5C90-A098-FACB3456A26A}><>  [N/A]
    <{7A041F13-A111-12A3-B0CF-F99818AA68A7}><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <midimapfs2><C:\WINDOWS\system32\midimapfs2.dll>  [N/A]
    <midimapjx2><C:\WINDOWS\system32\midimapjx2.dll>  [N/A]
    <rasmanqn3><C:\WINDOWS\system32\rasmanqn3.dll>  [N/A]
    <ksuserfy><C:\WINDOWS\system32\ksuserfy.dll>  [N/A]
    <kbdswjr><C:\WINDOWS\system32\kbdswjr.dll>  [N/A]
    <msobjstl><C:\WINDOWS\system32\msobjstl.dll>  [N/A]
    <adsntzt><C:\WINDOWS\system32\adsntzt.dll>  [N/A]
    <midimapwm><C:\WINDOWS\system32\midimapwm.dll>  [N/A]
    <csrsrvmy><C:\WINDOWS\system32\csrsrvmy.dll>  [N/A]
    <midimapzx><C:\WINDOWS\system32\midimapzx.dll>  [N/A]
    <midimapcq><C:\WINDOWS\system32\midimapcq.dll>  [N/A]
    <midimapwl><C:\WINDOWS\system32\midimapwl.dll>  [N/A]
    <midimapwd><C:\WINDOWS\system32\midimapwd.dll>  [N/A]
    <midimapcb><C:\WINDOWS\system32\midimapcb.dll>  [N/A]
    <bootvidgj><C:\WINDOWS\system32\bootvidgj.dll>  [N/A]
    <midimapyt2><C:\WINDOWS\system32\midimapyt2.dll>  [N/A]
    <ThunderAdvise><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\透明七~1.SCR>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; >  [N/A]
    <PHIME2002A><; >  [N/A]
    <PHIME2002ASync><; >  [N/A]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[卡巴斯基反病毒软件 7.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r><Kaspersky Lab>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <D:\Storm3\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Help and Support / helpsvc][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
驱动程序
[00b33d9e / 00b33d9e][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\00b33d9e.sys><N/A>
[00e14791 / 00e14791][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\00e14791.sys><N/A>
[360AntiArp / 360AntiArp][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
[ahcix86 / ahcix86][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ahci8086.sys><AMD Technologies Inc.>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\drivers\amdk8.sys><Advanced Micro Devices>
[NVIDIA Compatible Windows Miniport Driver / cdralw][Stopped/Auto Start]
  <system32\DRIVERS\nvmini.sys><N/A>
[dump_wmimmc / dump_wmimmc][Stopped/Manual Start]
gototop
 
恋上77啦
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-06-25
  • 来自:
发表于: 2008-06-25 22:22 | 只看楼主 短消息 资料
字号: 3楼

回复:紧急救助

<2 - 系统找不到指定的文件。
><N/A>
[Intel RAID Controller / iaStor][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor7.sys><Intel Corporation>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iteatapi.sys><Integrated Technology Express, Inc.>
[JRAID / JRAID][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[m5228 / m5228][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5281.sys><ALi Corporation>
[m5287 / m5287][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5287.sys><ULi Electronics Inc.>
[m5288 / m5288][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5288.sys><ULi Electronics Inc.>
[m5289 / m5289][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5289.sys><ULi Electronics Inc.>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvatabus / nvatabus][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[nvgts / nvgts][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvgts.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[DDK PACKET Protocol / Packet][Running/Manual Start]
  <system32\DRIVERS\ProtoDrv.sys><360安全中心>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[ATI-437A Serial ATA Controller / SI3112r][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3112r.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SiSRaid / SiSRaid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisraid4.sys><Silicon Integrated Systems>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[System Restore Filter Driver / sr][Stopped/Disabled]
  <system32\DRIVERS\sr.sys><N/A>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\vmscsi.sys><VMware, Inc.>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[]
  {6C69034A-F45F-D34D-A33A-C33C4D324FC6} <C:\WINDOWS\system32\arjrdler.dll, N/A>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\360safe\safemon\safemon.dll, 360.CN>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[Web 反病毒统计]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll, Kaspersky Lab>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[GerneralPeerID Class]
  {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <D:\迅雷\Components\InMedia\peerid.dll, >
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[UUUpgrade Control]
  {2CACD7BB-1C59-4BBB-8E81-6E83F82C813B} <C:\PROGRA~1\COMMON~1\uusee\UUUPGR~1.OCX, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\迅雷\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[]
  {6C69034A-F45F-D34D-A33A-C33C4D324FC6} <C:\WINDOWS\system32\arjrdler.dll, N/A>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\迅雷\Components\InMedia\MediaAddin17.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\360safe\live.dll, 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5802.54.(163).dll, ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\360safe\safemon\safemon.dll, 360.CN>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <D:\迅雷\Components\DownAndPlay\DapPlayer3.0.5712.71.163.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.166.(163).dll, Thunder>
[使用迅雷下载]
  <D:\迅雷\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\迅雷\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 952 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1036 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1060 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.7.0018.7]
[PID: 1104 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 1116 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 1264 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 1396 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 1524 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 1624 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 1724 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 1868 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 268 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [D:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [D:\迅雷\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\迅雷\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
[PID: 448 / Administrator][D:\360safe\antiarp\AntiArp.exe]  [360安全中心, 2, 0, 0, 1008]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 484 / Administrator][C:\Program Files\GridService\peer.exe]  [FS2YOU, 2, 0, 10, 8148]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 512 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 528 / Administrator][D:\QQ\QQ.exe]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQBaseClassInDll.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQHelperDll.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\BasicCtrlDll.dll]  [TENCENT, 8,0,830,1811]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [D:\QQ\QQAPI.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\LoginCtrl.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\LoginCtrlRes.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQRes.dll]  [TENCENT, 8, 0, 830, 1811]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [D:\QQ\QQMainFrame.dll]  [N/A, ]
    [D:\QQ\UnReadMsgMgr.dll]  [N/A, ]
    [D:\QQ\CQQApplication.dll]  [N/A, ]
    [D:\QQ\QQPlugin.dll]  [N/A, ]
    [D:\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\QQ\NewSkin.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\MailSummary.dll]  [TENCENT, 8,0,773,1801]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
gototop
 
恋上77啦
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-06-25
  • 来自:
发表于: 2008-06-25 22:23 | 只看楼主 短消息 资料
字号: 4楼

回复:紧急救助

[C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\QQ\OEMApplication.dll]  [TENCENT, 8,0,830,1811]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\QQ\QQKnowledgeSearch.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQGroupMng.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQAllInOne.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [D:\QQ\CameraDll.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQSysMsgMng.dll]  [N/A, ]
    [D:\QQ\QQPet.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\UserDefinedHead.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQConfigPlugin.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQCustomFace.dll]  [N/A, ]
    [D:\QQ\QRingMng.dll]  [N/A, ]
    [D:\QQ\LongConnection.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQAvatar.dll]  [N/A, ]
    [D:\QQ\PhoneAPI.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\QQ\BQQApplication.dll]  [N/A, ]
    [D:\QQ\GroupConnection.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\CommercesMng.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\PersonalDesktop.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [D:\QQ\ImageOle.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\QQSceneMng.dll]  [N/A, ]
    [D:\QQ\QQSpace.dll]  [TENCENT, 8,0,830,1811]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.325]
    [D:\QQ\QQLiveQMng.dll]  [TENCENT, 8,0,830,1811]
    [D:\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 2, 1, 15]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6117]
[PID: 1688 / Administrator][D:\QQ\TXPlatform.exe]  [Tencent, 1, 5, 225, 0]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 1448 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 1484 / SYSTEM][D:\Storm3\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 6, 20]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 1600 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.6375]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.6375]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 180 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
[PID: 248 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [D:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [D:\迅雷\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\迅雷\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\nfio.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\fsdrvplg.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\basegui.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\thpimpl.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\winreg.ppl]  [Kaspersky Lab, 7.0.1.325]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wmsetup.dll]  [N/A, ]
[PID: 2648 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [D:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [D:\迅雷\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\迅雷\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\nfio.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\fsdrvplg.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\basegui.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\thpimpl.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\winreg.ppl]  [Kaspersky Lab, 7.0.1.325]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wmsetup.dll]  [N/A, ]
[PID: 4088 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [D:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [D:\迅雷\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\迅雷\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\nfio.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\fsdrvplg.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\basegui.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\thpimpl.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\winreg.ppl]  [Kaspersky Lab, 7.0.1.325]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6117]
[PID: 3340 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [D:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [D:\迅雷\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\迅雷\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\nfio.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\fsdrvplg.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\basegui.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\thpimpl.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\winreg.ppl]  [Kaspersky Lab, 7.0.1.325]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
[PID: 2800 / Administrator][D:\迅雷\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.8.2.515]
    [D:\迅雷\Program\BugReport.dll]  [Thunder Networking Technologies,LTD, 1, 5, 1, 22]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [D:\迅雷\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 6, 66]
    [D:\迅雷\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 3, 1, 2, 315]
    [D:\迅雷\Program\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\迅雷\Program\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\迅雷\Program\asyn_frame.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 17]
    [D:\迅雷\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\迅雷\Program\emule_id.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 7]
    [D:\迅雷\Program\backend_agent.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 19]
    [D:\迅雷\Program\ptl.dll]  [Thunder Networking Technologies,LTD, 3, 1, 2, 22]
    [D:\迅雷\Program\xl_stat.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 3]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\迅雷\Program\fs.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 10]
    [D:\迅雷\Program\emule.dll]  [, 1, 1, 2, 12]
    [D:\迅雷\Program\down_dispatcher.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 17]
    [D:\迅雷\Program\p2p_upload.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 8]
    [D:\迅雷\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 5, 1, 24]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [D:\迅雷\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 10]
    [D:\迅雷\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 12, 30]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [D:\迅雷\Program\p2sp.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 25]
    [D:\迅雷\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 35]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [D:\迅雷\Program\p2p.dll]  [Thunder Networking Technologies,LTD, 1,1,2,24]
    [D:\迅雷\Program\xldc.dll]  [Thunder Networking Technologies,LTD, 3, 6, 2, 15]
    [D:\迅雷\Program\stream.dll]  [Thunder Networking Technologies,LTD, 2, 1, 2, 375]
    [D:\迅雷\Program\p2p_local_res.dll]  [Thunder Networking Technologies,LTD, 1,1,2,12]
    [D:\迅雷\Program\al.dll]  [Thunder Networking Technologies,LTD, 1,1,2,15]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.325]
gototop
 
恋上77啦
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-06-25
  • 来自:
发表于: 2008-06-25 22:23 | 只看楼主 短消息 资料
字号: 5楼

回复:紧急救助

[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.325]
    [c:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.325]
    [D:\迅雷\Components\InMedia\iEmbedShell.dll]  [ , 1, 0, 2, 24]
    [D:\迅雷\Components\InMedia\iEmbed17.dll]  [Thunder Networking Technologies,LTD, 3, 4, 8, 107]
    [D:\迅雷\Components\InMedia\PlayerHelper.dll]  [thunder, 1, 2, 6, 58]
    [D:\迅雷\Components\InMedia\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [D:\迅雷\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 5, 70]
    [D:\迅雷\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 2, 3, 0, 59]
    [D:\迅雷\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 17, 0, 67]
    [D:\迅雷\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\迅雷\Program\imdt.dll]  [TODO: <Company name>, 1.0.2.5]
    [D:\迅雷\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 2, 0, 0, 88]
    [D:\迅雷\Components\Security\ConfigManager.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 1]
    [D:\迅雷\Components\Security\SafeManager.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 11]
    [D:\迅雷\Plugins\XLSafeHost\XLSafeHost.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 0, 65]
    [D:\迅雷\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 6, 21]
    [D:\迅雷\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 3, 25]
    [D:\迅雷\Components\XLSoftBase\XLSoftwareBase.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 3]
    [D:\迅雷\Plugins\KanKanTop\KanKanTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
    [D:\迅雷\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 19]
    [D:\迅雷\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 12, 108]
    [D:\迅雷\Components\VPSHELL\VPSHELL.dll]  [迅雷网络, 3, 0, 1, 33]
    [D:\迅雷\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 5]
    [D:\迅雷\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 30]
    [D:\迅雷\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [D:\迅雷\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 22]
    [D:\迅雷\Components\Tips\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [D:\迅雷\Components\DownloadStat\DownloadStat.dll]  [Thunder Networking Technologies,LTD, 1, 4, 1, 6]
    [D:\迅雷\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 17]
[PID: 3516 / Administrator][E:\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [E:\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1060, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 484, C:\PROGRAM FILES\GRIDSERVICE\PEER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1484, D:\STORM3\STORMLIV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1600, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2800, D:\迅雷\PROGRAM\THUNDER5.EXE]

==================================
API HOOK
RVA  错误: LoadLibraryA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: GetProcAddress (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT