急死我了, 各位打大虾99我!!! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛急死我了, 各位打大虾99我!!!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

2 / 4 页

跳转页

[求助] 急死我了, 各位打大虾99我!!!

天月来了版主帖子:76904 注册: 2007-02-06 来自:	发表于： 2008-08-21 18:33 \| 短消息资料字号：小中大 11楼回复：急死我了, 各位打大虾99我!!! 那就还象刚才那样全部复制粘贴来吧好无奈
天月来了版主帖子:76904 注册: 2007-02-06 来自:

小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:	发表于： 2008-08-21 18:37 \| 只看楼主短消息资料字号：小中大 12楼回复: 急死我了, 各位打大虾99我!!! 我重起了电脑, 还是不能上传附件....晕死了, 这个木马搞了一天还没搞好先贴下SREng log, 麻烦看下 [复制到剪贴板] CODE: 2008-08-21,17:51:17 System Repair Engineer 2.6.12.1018 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher] <bgswitch><C:\WINDOWS\system32\bgswitch.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher] <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher] <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation] <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [Synaptics, Inc.] <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [Synaptics, Inc.] <ATIPTA><"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"> [ATI Technologies, Inc.] <ATICCC><"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime> [File is missing] <SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe> [Analog Devices, Inc.] <SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray> [Analog Devices, Inc.] <TP4EX><tp4ex.exe> [Lenovo Group Limited] <TPHOTKEY><C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe> [] <TPKMAPHELPER><C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper> [Lenovo] <EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe> [Lenovo Group Limited] <PSQLLauncher><"C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup> [UPEK Inc.] <PWRMGRTR><rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor> [Lenovo Group Limited] <BLOG><rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog> [] <CertificateRegistration><SafeSignCertReg.exe> [A.E.T. Europe B.V.] <MenuOrder><C:\Program Files\ICBCCO~1\ICBC\GD(Corp)\MenuOrder\MenuOrder.exe> [] <HP Network Registry Agent><C:\WINDOWS\system32\hpnra.exe> [Hewlett-Packard] <SetDefPrt><C:\Program Files\Brother\Brmfl04d\BrStDvPt.exe> [Brother Industories, Ltd.] <pdfFactory Pro 分配器 v3><"C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM> [FinePrint Software, LLC] <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation] <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe> [(Verified)Symantec Corporation] <LiveUpatePower><rem MyUpdate.exe> [N/A] <Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"] <Kernel and Hardware Abstraction Layer><KHALMNPR.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <Symantec Control Center><symcontrol.exe> [Ap] <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd] <360Safebox><"C:\Program Files\360Safebox\SafeBoxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher] <UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt] <WinlogonNotify: crypt><crypts.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] <WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll> [(Verified)Symantec Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] <WinlogonNotify: psfus><psqlpwd.dll> [UPEK Inc.] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2] <WinlogonNotify: tpfnf2><notifyf2.dll> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey] <WinlogonNotify: tphotkey><tphklock.dll> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] ================================== 启动文件夹 [ATI CATALYST System Tray] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ATI CATALYST System Tray.lnk --> C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [File is missing]><N> [Digital Line Detect] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Digital Line Detect.lnk --> C:\PROGRA~1\DIGITA~1\DLG.exe [BVRP Software]><N> [Logitech SetPoint] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Logitech SetPoint.lnk --> C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [Logitech Inc.]><N> ================================== 服务 [ACU Configuration Service / ACS][Stopped/Manual Start] <C:\WINDOWS\system32\acs.exe><N/A> [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.> [ATI Smart / ATI Smart][Stopped/Auto Start] <C:\WINDOWS\system32\ati2sgag.exe><> [Brother Popup Suspend service for Resource manager / brmfrmps][Running/Auto Start] <"C:\WINDOWS\system32\Brmfrmps.exe" -service ><Brother Industries, Ltd.> [BrSplService / Brother XP spl Service][Running/Auto Start] <C:\WINDOWS\system32\brsvc01a.exe><brother Industries Ltd> [Symantec Event Manager / ccEvtMgr][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation> [Symantec Settings Manager / ccSetMgr][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation> [Symantec AntiVirus Definition Watcher / DefWatch][Running/Auto Start] <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation> [EvtEng / EvtEng][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation> [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [ThinkPad PM Service / IBMPMSVC][Running/Auto Start] <C:\WINDOWS\system32\ibmpmsvc.exe><> [LiveUpdate / LiveUpdate][Stopped/Manual Start] <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation> [RegSrvc / RegSrvc][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation> [Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation> [SavRoam / SavRoam][Stopped/Manual Start] <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec> [Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation> [SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start] <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.> [Symantec SPBBCSvc / SPBBCSvc][Stopped/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation> [Symantec AntiVirus / Symantec AntiVirus][Stopped/Auto Start] <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation> [IBM KCU Service / TpKmpSVC][Running/Auto Start] <C:\WINDOWS\system32\TpKmpSVC.exe><N/A> ================================== 驱动程序 [aeaudio / aeaudio][Running/Manual Start] <system32\drivers\aeaudio.sys><Andrea Electronics Corporation> [AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP][Running/Auto Start] <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications> [Ahn06 / Ahn06][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Ahn06.sys><N/A> [ati2mtag / ati2mtag][Running/Manual Start] <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.> [atmeltpm / atmeltpm][Stopped/Manual Start] <system32\DRIVERS\atmeltpm.sys><Atmel, Inc.> [Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start] <system32\DRIVERS\b57xp32.sys><Broadcom Corporation> [蓝牙总线枚举器 / BTKRNL][Stopped/Manual Start] <system32\DRIVERS\btkrnl.sys><N/A> [Djp74 / Djp74][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Djp74.sys><N/A> [Dls42 / Dls42][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Dls42.sys><N/A> [Symantec Eraser Control driver / eeCtrl][Running/System Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation> [EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys><Symantec Corporation> [usb Card Device / ft2kEnum][Running/Manual Start] <system32\DRIVERS\ic2kenum.sys><OEM Corporation> [USB Chip Holder Service / GDBaseSmc][Running/Manual Start] <system32\DRIVERS\Chip_smc.sys><OEM> [USB Chip Service / GD_USB][Stopped/Manual Start] <system32\DRIVERS\Chip_usb.sys><> [Hqy87 / Hqy87][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Hqy87.sys><N/A> [HSFHWICH / HSFHWICH][Running/Manual Start] <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.> [HSF_DPV / HSF_DPV][Running/Manual Start] <system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.> [IBMPMDRV / IBMPMDRV][Running/Manual Start] <system32\DRIVERS\ibmpmdrv.sys><Lenovo.> [Ipx07 / Ipx07][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Ipx07.sys><N/A> [Jqw06 / Jqw06][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Jqw06.sys><N/A> [Jry42 / Jry42][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Jry42.sys><N/A> [Logitech SetPoint KMDF HID Filter Driver / LHidFilt][Running/Manual Start] <system32\DRIVERS\LHidFilt.Sys><Logitech, Inc.> [Logitech SetPoint KMDF Mouse Filter Driver / LMouFilt][Running/Manual Start] <system32\DRIVERS\LMouFilt.Sys><Logitech, Inc.> [Lsy28 / Lsy28][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Lsy28.sys><N/A> [Lsy30 / Lsy30][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Lsy30.sys><N/A> [AEGIS Protocol (IEEE 802.1x) v2.3.1.9 / MDC8021X][Running/Auto Start] <system32\DRIVERS\mdc8021x.sys><Meetinghouse Data Communications> [mdmxsdk / mdmxsdk][Running/Auto Start] <system32\DRIVERS\mdmxsdk.sys><Conexant> [NAVENG / NAVENG][Running/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080819.003\naveng.sys><Symantec Corporation> [NAVEX15 / NAVEX15][Running/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080819.003\navex15.sys><Symantec Corporation> [npkcrypt / npkcrypt][Running/Auto Start] <\??\d:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.> [NSC Infrared Device Driver / NSCIRDA][Running/Manual Start] <system32\DRIVERS\nscirda.sys><National Semiconductor Corporation> [Nub30 / Nub30][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Nub30.sys><N/A> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [Pwd41 / Pwd41][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Pwd41.sys><N/A> [Qwd17 / Qwd17][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Qwd17.sys><N/A> [Qwd18 / Qwd18][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Qwd18.sys><N/A> [SmartCard Reader Device / Reader_Device][Running/Manual Start] <system32\DRIVERS\usbic2k.sys><OEM> [WLAN 传输 / s24trans][Running/Auto Start] <system32\DRIVERS\s24trans.sys><Intel Corporation> [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心> [SAVRT / SAVRT][Running/System Start] <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation> [SAVRTPEL / SAVRTPEL][Running/System Start] <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation> [Secdrv / Secdrv][Running/Auto Start] <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.> [SMI helper driver / smihlp][Running/Auto Start] <\??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys><UPEK Inc.> [smwdm / smwdm][Running/Manual Start] <system32\drivers\smwdm.sys><Analog Devices, Inc.> [Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start] <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation> [SPBBCDrv / SPBBCDrv][Stopped/Manual Start] <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation> [sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys><N/A> [st3bus28 / st3bus28][Stopped/Manual Start] <system32\DRIVERS\st3bus28.sys><N/A> [SymEvent / SymEvent][Running/Manual Start] <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation> [SYMREDRV / SYMREDRV][Stopped/Manual Start] <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation> [SYMTDI / SYMTDI][Running/System Start] <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation> [Synaptics TouchPad Driver / SynTP][Running/Manual Start] <system32\DRIVERS\SynTP.sys><Synaptics, Inc.> [sysHostSvc / sysHostSvc][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\GuiHelp.sys><Microsoft Corporation> [TC USB Kernel Driver / TcUsb][Running/Manual Start] <System32\Drivers\tcusb.sys><UPEK Inc.> [Winbond Trusted Platform Module / TPM][Running/Manual Start] <system32\DRIVERS\tpm.sys><Winbond Electronics Corp.> [TPPWRIF / TPPWRIF][Running/System Start] <System32\drivers\Tppwrif.sys><N/A> [TSMAPIP / TSMAPIP][Running/System Start] <System32\drivers\TSMAPIP.SYS><N/A> [IBM PS/2 TrackPoint Filter Driver / TwoTrack][Stopped/Manual Start] <system32\DRIVERS\TwoTrack.sys><IBM Corporation> [Tyf30 / Tyf30][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Tyf30.sys><N/A> [Ubh52 / Ubh52][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Ubh52.sys><N/A> [Conexant Setup API / UIUSys][Stopped/Manual Start] <system32\drivers\UIUSys.sys><N/A> [Vinyl AC'97 Audio Controller (WDM) / VIAudio][Stopped/Manual Start] <system32\drivers\vinyl97.sys><VIA Technologies, Inc.> [用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Running/Manual Start] <system32\DRIVERS\w29n51.sys><Intel? Corporation> [winachsf / winachsf][Running/Manual Start] <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.> [Mtb63 / Mtb63][Stopped/Boot Start] <\SystemRoot\System32\Drivers\Mtb63.sys><N/A> ================================== 浏览器加载项 [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD> [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD> [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN> [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <d:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD> [更新 ThinkPad 软件] {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} <C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe, Lenovo Group Limited> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation> [MeadCo ScriptX] {1663ed61-23eb-11d2-b92f-008048fdd814} <C:\WINDOWS\system32\MCScripX.dll, (Signed) Mead & Co Limited> [InstallCertListAx Control] {2C867EBE-A499-44FB-8B4C-CC854C767EED} <C:\WINDOWS\DOWNLO~1\INSTAL~1.OCX, (Signed) > [GDGetTokenInfo Class] {3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\system32\GDREAD~1.DLL, > [InfoSecNetSign Class] {5CB840B5-A94E-4AD9-B785-4866E3B04476} <C:\WINDOWS\DOWNLO~1\ICBCNE~1.DLL, (Signed) Infosec Technologies Co., Ltd.> [PowerPlayer Control] {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\WINDOWS\DOWNLO~1\POWERP~1.DLL, PPStream Inc.> [DLoader Class] {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} <C:\WINDOWS\Downloaded Program Files\downloader.dll, (Signed) Sina Com> [] {B27CDB6E-AE6D-11CF-96B8-444553540000} <, > [CSetLET Class] {C35D7AE1-0865-4A30-BF07-29FA29324155} <C:\WINDOWS\system32\GDSetLET.dll, > [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.> [] {DC7094C6-8F61-42ED-AECE-63F5EEF647C5} <, > [CheckIssuer Class] {EEEB6303-48B4-4EC0-A6CA-575B0C168049} <C:\WINDOWS\DOWNLO~1\CHECKI~1.DLL, (Signed) > [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD> [] {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <, > [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated> [] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, > [] {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <, > [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <d:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD> [] {4E8A5278-C04E-4FE3-BF78-8A7CCD6EF333} <, > [Microsoft Terminal Services Client Control (redist)] {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [Microsoft Terminal Services Client Control (redist)] {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [] {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, > [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, > [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, > [Microsoft Terminal Services Client Control (redist)] {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [Microsoft Terminal Services Client Control (redist)] {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <d:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll, Thunder Networking Technologies,LTD> [] {7E853D72-626A-48EC-A868-BA8D5E23E045} <, > [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD> [Microsoft Terminal Services Client Control (redist)] {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <, > [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5803.60.(326).dll, ShenZhen Thunder Networking Technologies Ltd.> [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN> [] {BE9C13C3-9E46-4DB1-BC05-BD8DA44599F2} <, > [] {D1A4DEBD-C2EE-449F-B9FB-E8409F9A0BC5} <, > [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.> [] {D2DA0BDA-D20F-4B0B-98D4-8BEAAE175E6D} <, > [] {E2E2DD38-D088-4134-82B7-F2BA38496583} <, > [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <d:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.326.dll, ShenZhen Thunder Networking Technologies Ltd.> [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.181.(326).dll, Xunlei Networking Technologies,LTD> [] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, > [使用迅雷下载] <d:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A> [使用迅雷下载全部链接] <d:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A> [导出到 Microsoft Office Excel(&X)] <res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A> ================================== 正在运行的进程 [PID: 500 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 552 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 580 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4118] [C:\WINDOWS\system32\psqlpwd.dll] [UPEK Inc., 5.4.0.2786] [C:\Program Files\ThinkVantage Fingerprint Software\infra.dll] [UPEK Inc., 5.4.0.2786] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll] [UPEK Inc., 5.4.0.2786] [C:\WINDOWS\system32\biologon.dll] [Microsoft Corporation, 6.00.2497.0000 built by: main(SReasor)] [C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll] [UPEK Inc., 5.4.0.2786] [C:\Program Files\ThinkVantage Fingerprint Software\bio.dll] [UPEK Inc., 5.4.0.2786] [C:\Program Files\ThinkVantage Fingerprint Software\remote.dll] [UPEK Inc., 5.4.0.2786] [C:\WINDOWS\system32\tphklock.dll] [N/A, ] [C:\WINDOWS\system32\NavLogon.dll] [Symantec Corporation, 10.1.5.5000] [PID: 624 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 636 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\psqlpwd.dll] [UPEK Inc., 5.4.0.2786] [C:\Program Files\ThinkVantage Fingerprint Software\infra.dll] [UPEK Inc., 5.4.0.2786] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll] [UPEK Inc., 5.4.0.2786] [PID: 796 / SYSTEM][C:\WINDOWS\system32\ibmpmsvc.exe] [, ] [PID: 824 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4118] [C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497] [PID: 872 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 924 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1024 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1156 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 9, 0, 4, 0] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 4, 0] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 4, 0] [PID: 1252 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 9, 0, 4, 0] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 4, 0] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 4, 0] [PID: 1312 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1408 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1636 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] [Symantec Corporation, 104.0.11.1] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.11.1] [PID: 1920 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] [Symantec Corporation, 104.0.11.1] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 104.0.11.1] [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 2.2.0.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 104.0.11.1] [PID: 232 / SYSTEM][C:\WINDOWS\system32\brsvc01a.exe] [brother Industries Ltd, 1, 0, 0, 3] [PID: 240 / SYSTEM][C:\WINDOWS\system32\brss01a.exe] [brother Industries Ltd, 1.004] [PID: 312 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\fppmon3.dll] [FinePrint Software, LLC, 3.15] [C:\WINDOWS\system32\fppr332.dll] [FinePrint Software, LLC, 3.15] [C:\WINDOWS\system32\hpbmmon.dll] [Hewlett-Packard, 10.00.14] [C:\WINDOWS\system32\hpdomon.dll] [Hewlett-Packard, 03.42.00] [C:\WINDOWS\system32\HPBHealr.dll] [N/A, ] [C:\WINDOWS\system32\hptcpmon.dll] [Hewlett Packard, 2.40.00.015] [C:\WINDOWS\system32\hptcpmib.dll] [Hewlett Packard, 2.40.00.015] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\brmfpp1.dll] [Brother Industries ,Ltd , 1.10] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0] [PID: 348 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 1100 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4118] [C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 1360 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 8.0.0.0] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL] [Lenovo Group Limited, 1, 0, 0, 0] [C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWRMGRRT.DLL] [N/A, ] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL] [N/A, ] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll] [Symantec Corporation, 10.1.5.5000] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [d:\Program Files\GlobalSCAPE\CuteFTP ZH\Cuteshell.dll] [GlobalSCAPE, Inc., 50, 6, 3, 2] [C:\WINDOWS\system32\WmShell.dll] [KillSoft, 1.0.0.1] [d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200] [d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [PID: 1892 / Administrator][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 432 / Administrator][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [PID: 176 / SYSTEM][C:\WINDOWS\system32\Brmfrmps.exe] [Brother Industries, Ltd., 1.10.10.144] [PID: 1004 / SYSTEM][C:\Program Files\Symantec AntiVirus\DefWatch.exe] [Symantec Corporation, 10.1.5.5000] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.11.1] [PID: 980 / Administrator][C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe] [Analog Devices, Inc., 5, 0, 2, 2] [C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll] [Analog Devices, Inc., 5, 0, 2, 008] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 1128 / Administrator][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe] [Analog Devices, Inc., 5, 0, 2, 4] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [PID: 1720 / Administrator][C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe] [N/A, ] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Lenovo\PkgMgr\HOTKEY_2\tphk_2k.dll] [N/A, ] [C:\WINDOWS\system32\Oemdspif.dll] [ATI Technologies, Inc., 6.14.0013] [C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\tpfnf7.dll] [N/A, ] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [PID: 1840 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 9, 0, 4, 0] [PID: 2060 / SYSTEM][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0] [PID: 2144 / Administrator][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe] [Lenovo Group Limited, 1, 0, 0, 0] [C:\PROGRA~1\ThinkPad\UTILIT~1\SC\EzMApRes.dll] [N/A, ] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 2160 / Administrator][C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe] [N/A, ] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 2172 / Administrator][C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe] [Lenovo Group Limited, 1.16] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 2388 / Administrator][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL] [Lenovo Group Limited, 1, 0, 0, 0] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWRMGRRT.DLL] [N/A, ] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL] [N/A, ] [C:\WINDOWS\system32\OEMDSPIF.DLL] [ATI Technologies, Inc., 6.14.0013] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 2432 / Administrator][C:\WINDOWS\system32\SafeSignCertReg.exe] [A.E.T. Europe B.V., 2.0.0.2] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [PID: 2460 / Administrator][C:\WINDOWS\system32\hpnra.exe] [Hewlett-Packard, 5.0.41.5] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 2496 / Administrator][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe] [FinePrint Software, LLC, 3.15] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppr332.dll] [FinePrint Software, LLC, 3.15] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppint3.dll] [FinePrint Software, LLC, 3.15] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppgraf3.dll] [FinePrint Software, LLC, 3.15] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 2544 / Administrator][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 104.0.11.1] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.11.1] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 104.0.11.1] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 104.0.11.1] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 104.0.11.1] [C:\WINDOWS\system32\SYMREDIR.DLL] [Symantec Corporation, 6.0.4.402] [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Symantec AntiVirus\SavEmail.dll] [Symantec Corporation, 10.1.5.5000] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 2600 / Administrator][C:\PROGRA~1\SYMANT~1\VPTray.exe] [Symantec Corporation, 10.1.5.5000] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.7.2.3] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Common Files\Symantec Shared\ccAlert.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Symantec AntiVirus\Cliproxy.dll] [Symantec Corporation, 10.1.5.5000] [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] [Symantec Corporation, 10.1.5.5000] [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 104.0.11.1] [C:\Program Files\Symantec AntiVirus\Cliscan.dll] [Symantec Corporation, 10.1.5.5000] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [PID: 2624 / Administrator][C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe] [Adobe Systems Incorporated, 8.0.0.0] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [PID: 2620 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [PID: 2700 / SYSTEM][C:\WINDOWS\system32\TpKmpSVC.exe] [N/A, ] [PID: 2784 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 3512 / Administrator][C:\Program Files\Digital Line Detect\DLG.exe] [BVRP Software, 1, 0, 0, 1] [C:\Program Files\Digital Line Detect\BVRPDIAG.dll] [BVRP Software, 1.0] [C:\WINDOWS\system32\MdmXSdk.dll] [Conexant, 1.0.2.010] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 3544 / Administrator][C:\Program Files\Logitech\SetPoint\SetPoint.exe] [Logitech Inc., 3.30.165] [C:\WINDOWS\system32\KemUtil.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\SetPointCOM.dll] [Logitech Inc., 3.30.165] [C:\WINDOWS\system32\kemutb.dll] [Logitech Inc., 3.30.165] [C:\WINDOWS\system32\KemWnd.dll] [Logitech Inc., 3.30.165] [C:\WINDOWS\system32\KemXML.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\WebBrowserSupport.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\IMHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Common Files\Logitech\khalshared\KhalApi.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\kgame.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\LCabHandler.dll] [Logitech Inc., 3.30.165] [PID: 3944 / Administrator][C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE] [Logitech Inc., 3.30.152] [C:\Program Files\Common Files\Logitech\khalshared\KHALAPI.DLL] [Logitech Inc., 3.30.165] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Common Files\Logitech\khalshared\KHALITCH.DLL] [Logitech Inc., 3.30.165] [C:\Program Files\Common Files\Logitech\khalshared\KHALMW.DLL] [Logitech Inc., 3.30.165] [C:\Program Files\Common Files\Logitech\khalshared\KHALHPP.DLL] [Logitech Inc., 3.30.165] [C:\Program Files\Common Files\Logitech\khalshared\KHALMOU.DLL] [Logitech Inc., 3.30.165] [C:\Program Files\Common Files\Logitech\khalshared\KHALHID.DLL] [Logitech Inc., 3.30.165] [C:\Program Files\Common Files\Logitech\khalshared\KHALUSB.DLL] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [PID: 1248 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [PID: 1300 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 2356 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\11.exe] [Ap, 1.0] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [PID: 3808 / Administrator][D:\aa\SReng\SRE213a72df.EXE] [Smallfrogs Studio, 2.6.12.1018] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03] [C:\Program Files\Logitech\SetPoint\GameHook.dll] [Logitech Inc., 3.30.165] [C:\Program Files\Logitech\SetPoint\lgscroll.dll] [Logitech Inc., 3.30.165] [D:\aa\SReng\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [PID: 1088 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 N/A ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 1252, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1892, C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 432, C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 980, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4PNP.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1128, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1720, C:\PROGRA~1\LENOVO\PKGMGR\HOTKEY\TPHKMGR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2144, C:\PROGRA~1\THINKPAD\UTILIT~1\EZEJMNAP.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2160, C:\PROGRAM FILES\LENOVO\PKGMGR\HOTKEY\TPONSCR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2172, C:\PROGRAM FILES\LENOVO\PKGMGR\HOTKEY_1\TPSCREX.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2432, C:\WINDOWS\SYSTEM32\SAFESIGNCERTREG.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2460, C:\WINDOWS\SYSTEM32\HPNRA.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2496, C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\FPPDIS3A.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3512, C:\PROGRAM FILES\DIGITAL LINE DETECT\DLG.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3544, C:\PROGRAM FILES\LOGITECH\SETPOINT\SETPOINT.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2356, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\11.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2356, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\11.EXE] ================================== API HOOK N/A ================================== 隐藏进程 [2844] C:\WINDOWS\system32\symcontrol.exe ==================================
小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:

aaccbbdd 卡卡巡查帖子:45933 注册: 2007-11-17 来自:蜀山仙剑派	发表于： 2008-08-21 18:37 \| 短消息资料字号：小中大 13楼回复：急死我了, 各位打大虾99我!!! 删除驱动/禁用 [Ahn06] [已启用] <System32\Drivers\Ahn06.sys> [Djp74] [已启用] <System32\Drivers\Djp74.sys> [Djp74] [已启用] <System32\Drivers\Djp74.sys> 操作前强烈要求先断网建议使用XDelBox删除以下文件：(Xdelbox1.7下载地址：http://www.qispace.com.cn/read.php/1.htm 的工具19或http://www.dodudou.com/down/index.php?dirpath=./01.原创软件&order=0）使用说明：先勾选抑制再生，删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入不检查路径，导入后在要删除文件上点击右键，选择立刻重启删除(不论文件是否存在，继续操作重启删除 )，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\64.exe [Dls42] [已启用] <System32\Drivers\Dls42.sys> [Elr06] [已禁用] <System32\Drivers\Elr06.sys> [Hqy87] [已启用] <System32\Drivers\Hqy87.sys> [Ipw63] [已启用] <System32\Drivers\Ipw63.sys> [Ipx07] [已启用] <System32\Drivers\Ipx07.sys> [Jqw06] [已启用] <System32\Drivers\Jqw06.sys> [Jry42] [已启用] <System32\Drivers\Jry42.sys> [Lsy28] [已启用] <System32\Drivers\Lsy28.sys> [Lsy30] [已启用] <System32\Drivers\Lsy30.sys> [Mtb63] [已启用] <System32\Drivers\Mtb63.sys> [Nub30] [已启用] <System32\Drivers\Nub30.sys> st3bus28] [已启用] <system32\DRIVERS\st3bus28.sys> [Tyf30] [已启用] <System32\Drivers\Tyf30.sys> [Ubh52] [已启用] <System32\Drivers\Ubh52.sys> [UIUSys] [已启用] <system32\drivers\UIUSys.sys> [Vdj41] [已禁用] <System32\Drivers\Vdj41.sys> [Wek17] [已禁用] <System32\Drivers\Wek17.sys> [Pwd41] [已启用] <System32\Drivers\Pwd41.sys> [Qwd17] [已启用] <System32\Drivers\Qwd17.sys> [Qwd18] [已启用] <System32\Drivers\Qwd18.sys>
aaccbbdd 卡卡巡查帖子:45933 注册: 2007-11-17 来自:蜀山仙剑派

小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:	发表于： 2008-08-21 18:43 \| 只看楼主短消息资料字号：小中大 14楼回复: 急死我了, 各位打大虾99我!!! 删除驱动/禁用 [Ahn06] [已启用] <System32\Drivers\Ahn06.sys> [Djp74] [已启用] <System32\Drivers\Djp74.sys> [Djp74] [已启用] <System32\Drivers\Djp74.sys> 这个用SREng 来删除么, 不好意思我是菜鸟...
小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:

aaccbbdd 卡卡巡查帖子:45933 注册: 2007-11-17 来自:蜀山仙剑派	发表于： 2008-08-21 18:45 \| 短消息资料字号：小中大 15楼回复 14F 小小虾仁的帖子 SRENG启动项目－－服务－－驱动程序之如下项禁用：改为disabled
aaccbbdd 卡卡巡查帖子:45933 注册: 2007-11-17 来自:蜀山仙剑派

小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:	发表于： 2008-08-21 19:32 \| 只看楼主短消息资料字号：小中大 16楼回复: 急死我了, 各位打大虾99我!!! 按您的方法试了下,貌似问题还没有解决, 找了台机器把log文件发上来, 麻烦再帮忙看下...谢谢了~~ 附件: 文件名:SREngLOG.log 下载次数:109 文件类型:application/octet-stream 文件大小: 上传时间:2008-8-21 19:31:58 描述:log
小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:

小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:	发表于： 2008-08-21 20:18 \| 只看楼主短消息资料字号：小中大 17楼回复: 急死我了, 各位打大虾99我!!! 再帮我看看啊, 谢谢拉
小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:

aaccbbdd 卡卡巡查帖子:45933 注册: 2007-11-17 来自:蜀山仙剑派	发表于： 2008-08-21 20:26 \| 短消息资料字号：小中大 18楼回复 17F 小小虾仁的帖子刚刚弄乱了 sorry 貌似问题不大呀
aaccbbdd 卡卡巡查帖子:45933 注册: 2007-11-17 来自:蜀山仙剑派

天云一剑叱咤花甲狮帖子:2028 注册: 2008-07-06 来自:知识折旧派	发表于： 2008-08-21 20:27 \| 短消息资料字号：小中大 19楼回复: 急死我了, 各位打大虾99我!!! SCR也是特殊的可执行文件，建议询问朋友再运行此类附件而且现在没什么人发屏幕保护给朋友了吧。。。。 c:\windows\system32\tphklock.dll c:\windows\system32\notifyf2.dll c:\windows\system32\crypts.dll c:\windows\tphklock.dll c:\windows\notifyf2.dll c:\windows\crypts.dll （由于上面这三个文件路径不确定，搜索吧） c:\windows\system32\acs.exe c:\windows\system32\drivers\uiusys.sys c:\windows\system32\drivers\ubh52.sys c:\windows\system32\drivers\tyf30.sys c:\windows\system32\drivers\qwd18.sys c:\windows\system32\drivers\qwd17.sys c:\windows\system32\drivers\pwd41.sys c:\windows\system32\drivers\nub30.sys c:\windows\system32\drivers\mtb63.sys c:\windows\system32\drivers\lsy30.sys c:\windows\system32\drivers\lsy28.sys c:\windows\system32\drivers\jry42.sys c:\windows\system32\drivers\jqw06.sys c:\windows\system32\drivers\ipx07.sys d:\program files\tencent\qq\npkcrypt.sys 以上所有文件，压缩为RAR，上传到可疑文件交流区然后上传到www.virustotal.com/ 检测是否病毒是就使用POWERRMV，XDELBOX等等删除（如果不是，下面的修复，请选择清理）使用方法看其它说明删除重启后使用SREng修复下面各项：启动项目－－注册表之如下项删除： [WinlogonNotify: tphotkey] <tphklock.dll> [WinlogonNotify: tpfnf2] <notifyf2.dll> [WinlogonNotify: crypt] <crypts.dll> 启动项目－－服务－－ Win32服务应用程序之如下项禁用：（如果您装了Outpost Firewall ，就不用删了） [ACU Configuration Service / ACS] <C:\WINDOWS\system32\acs.exe> 启动项目－－服务－－驱动程序之如下项删除： [160093 / 160093] <> [160093 / 160093] <> [Conexant Setup API / UIUSys] <system32\drivers\UIUSys.sys> [Ubh52 / Ubh52] <\SystemRoot\System32\Drivers\Ubh52.sys> [Tyf30 / Tyf30] <\SystemRoot\System32\Drivers\Tyf30.sys> [Qwd18 / Qwd18] <\SystemRoot\System32\Drivers\Qwd18.sys> [Qwd17 / Qwd17] <\SystemRoot\System32\Drivers\Qwd17.sys> [Pwd41 / Pwd41] <\SystemRoot\System32\Drivers\Pwd41.sys> [Nub30 / Nub30] <\SystemRoot\System32\Drivers\Nub30.sys> [Mtb63 / Mtb63] <\SystemRoot\System32\Drivers\Mtb63.sys> [Lsy30 / Lsy30] <\SystemRoot\System32\Drivers\Lsy30.sys> [Lsy28 / Lsy28] <\SystemRoot\System32\Drivers\Lsy28.sys> [Jry42 / Jry42] <\SystemRoot\System32\Drivers\Jry42.sys> [Jqw06 / Jqw06] <\SystemRoot\System32\Drivers\Jqw06.sys> [Ipx07 / Ipx07] <\SystemRoot\System32\Drivers\Ipx07.sys> 下面这个先禁用 [npkcrypt / npkcrypt] <\??\d:\Program Files\Tencent\QQ\npkcrypt.sys> 系统修复－－　浏览器加载项之如下项删除： [] <> [] <> 形如上面的都删除清除完后，个别软件不能使用的，请您重新安装好了最后使用杀软，更新后，断网，完整扫描好了天云一剑最后编辑于 2008-08-21 20:35:22 汰丸，你妈妈六十大寿让你回家吃饭 http://hi.baidu.com/roxiel
天云一剑叱咤花甲狮帖子:2028 注册: 2008-07-06 来自:知识折旧派

小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:	发表于： 2008-08-21 20:37 \| 只看楼主短消息资料字号：小中大 20楼回复: 急死我了, 各位打大虾99我!!! c:\windows\system32\tphklock.dll c:\windows\system32\notifyf2.dll c:\windows\system32\crypts.dll c:\windows\tphklock.dll c:\windows\notifyf2.dll c:\windows\crypts.dll （由于上面这三个文件路径不确定，搜索吧）这些是用XDelBox 删除么?
小小虾仁初生襁褓狮帖子:17 注册: 2008-08-21 来自:

<<上一主题|下一主题>>

2 / 4 页

跳转页

页面顶部

Powered by Discuz!NT