1   1  /  1  页   跳转

[已解决] 谁能告诉我应该怎么办?

谁能告诉我应该怎么办?

公司有一台电脑,XP系统,今天发现E盘无法打开,不管单击双击都不行,程序没有响应(假死机)。用计算机自带的搜索功能能够找到E盘里的文件,而且也能打开。用最新病毒库的杀毒软件和360卫士都查不到有病毒,怎么办?急!!!!!

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
分享到:
gototop
 

回复:谁能告诉我应该怎么办?

扫SRENG日志发这论坛来

下载最新版本的SRENG工具:http://www.kztechs.com/sreng/download.html
操作方法可以看这贴2楼:http://bbs.ikaka.com/showtopic-8442813.aspx
gototop
 

回复:谁能告诉我应该怎么办?

用解压工具WinRAR打开磁盘看根目录下不明文件:
百年以后,你的墓碑旁 刻着的名字不是我
gototop
 

回复:谁能告诉我应该怎么办?

[CODE]

2009-05-06,16:53:42

System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <ctfmon><ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Component Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Component Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Component Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <360Antiarp><C:\Program Files\360safe\antiarp\antiarp.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <mcagent_exe><C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey>  [(Verified)"McAfee, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\ssmypics.scr>  [(Verified)Microsoft Windows Component Publisher]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
服务
[McAfee Application Installer Cleanup (0226051241598504) / 0226051241598504mcinstcleanup][Stopped/Auto Start]
  <C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\022605~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service><McAfee, Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[McAfee Services / mcmscsvc][Running/Auto Start]
  <C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe><McAfee, Inc.>
[McAfee Network Agent / McNASvc][Running/Auto Start]
  <"c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe"><McAfee, Inc.>
[McAfee Scanner / McODS][Stopped/Manual Start]
  <C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe><McAfee, Inc.>
[McAfee Proxy Service / McProxy][Running/Auto Start]
  <c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe><McAfee, Inc.>
[McAfee Real-time Scanner / McShield][Running/Auto Start]
  <C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe><McAfee, Inc.>
[McAfee SystemGuards / McSysmon][Running/Manual Start]
  <C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe><McAfee, Inc.>
[McAfee Personal Firewall Service / MpfService][Running/Auto Start]
  <"C:\Program Files\McAfee\MPF\MPFSrv.exe"><McAfee, Inc.>
[Network Location Awareness (NLA) / Nla][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mswsock.dll><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
驱动程序
[360AntiArp / 360AntiArp][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
[AFD / AFD][Running/System Start]
  <\SystemRoot\System32\drivers\afd.sys><Microsoft Corporation>
[AMD Processor Driver / AmdK8][Running/System Start]
  <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start]
  <system32\drivers\es1371mp.sys><Creative Technology Ltd.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[McAfee Inc. mfeavfk / mfeavfk][Running/Manual Start]
  <system32\drivers\mfeavfk.sys><McAfee, Inc.>
[McAfee Inc. mfebopk / mfebopk][Running/Manual Start]
  <system32\drivers\mfebopk.sys><McAfee, Inc.>
[McAfee Inc. mfehidk / mfehidk][Running/System Start]
  <system32\drivers\mfehidk.sys><McAfee, Inc.>
[McAfee Inc. mferkdk / mferkdk][Stopped/Manual Start]
  <system32\drivers\mferkdk.sys><McAfee, Inc.>
[McAfee Inc. mfesmfk / mfesmfk][Running/Manual Start]
  <system32\drivers\mfesmfk.sys><McAfee, Inc.>
[MPFP / MPFP][Running/System Start]
  <System32\Drivers\Mpfp.sys><McAfee, Inc.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[DDK PACKET Protocol / Packet][Running/Manual Start]
  <system32\DRIVERS\ProtoDrv.sys><360安全中心>
[AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start]
  <system32\DRIVERS\pcntpci5.sys><AMD Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[scriptproxy]
  {7DB2D5A0-7241-4E79-B68D-6309F01C5231} <c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll, (Signed) McAfee, Inc.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[PPLive]
  {95B3F550-91C4-4627-BCC4-521288C52977} <C:\Program Files\PPLive\PPLive.exe, (Signed) N/A>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[Microsoft Office Control]
  {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~1\OFFICE11\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[CCtInf Class]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[scriptproxy]
  {7DB2D5A0-7241-4E79-B68D-6309F01C5231} <c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll, (Signed) McAfee, Inc.>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {95B3F550-91C4-4627-BCC4-521288C52977} <, >
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5802.54.(12).dll, ShenZhen Thunder Networking Technologies Ltd.>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.12.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.166.(12).dll, Thunder>
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
gototop
 

回复:谁能告诉我应该怎么办?

==================================
正在运行的进程
[PID: 616 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 672 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 696 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 740 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 752 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 912 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 960 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1056 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1140 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1160 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1528 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\FreeLaunchBar\flb.dll]  [TrueSoft, 1.0.0.0]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
[PID: 1564 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ZLHP1600.DLL]  [Zenographics, Inc., 5, 60, 307, 1]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\ZIMFPrnt.DLL]  [Zenographics, Inc., 6, 1, 1, 0]
    [C:\WINDOWS\system32\ZIMF.dll]  [Zenographics, Inc., 5, 70, 616, 0]
    [C:\WINDOWS\system32\ZTAG.dll]  [Zenographics, Inc., 5, 60, 1210, 0]
    [C:\WINDOWS\system32\ZSPOOL.dll]  [Zenographics, Inc., 6, 1, 1, 0]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1780 / Administrator][C:\Program Files\360safe\safemon\360tray.exe]  [奇虎网, 4, 1, 8, 1004]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 4, 2, 0, 1001]
    [C:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 4, 2, 0, 1001]
[PID: 1796 / Administrator][C:\Program Files\360safe\antiarp\antiarp.exe]  [360安全中心, 2, 0, 0, 1008]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1820 / Administrator][C:\Program Files\McAfee.com\Agent\mcagent.exe]  [McAfee, Inc., 8,0,237,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 8,0,226,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 8,1,153,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 8,1,165,0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [c:\PROGRA~1\mcafee\msc\mcsubmgr\8_1_13~1\mcsubmgr.dll]  [McAfee, Inc., 8,1,133,0]
    [c:\PROGRA~1\mcafee\msc\mcregobj\8_0_22~1\mcregobj.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9848.0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 3,0,115,0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\PROGRA~1\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\PROGRA~1\mcafee\msc\mccfgpv.dll]  [McAfee, Inc., 8,1,133,0]
    [c:\PROGRA~1\mcafee\msc\mcuicfg.dll]  [McAfee, Inc., 8,0,226,0]
[PID: 1872 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
[PID: 168 / SYSTEM][C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe]  [McAfee, Inc., 8,1,159,0]
    [c:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\8_1_11~1\McUtil.dll]  [McAfee, Inc., 8,1,114,0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 8,0,226,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 8,1,153,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 8,1,165,0]
    [C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll]  [McAfee, Inc., 8,1,125,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 3,0,115,0]
    [c:\PROGRA~1\mcafee\msc\mcshllps.dll]  [McAfee, Inc., 8,1,133,0]
    [c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll]  [McAfee, Inc., 9.0.136.0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvscp.dll]  [McAfee, Inc., 12,0,172,0]
    [c:\PROGRA~1\mcafee\msc\mcuicfg.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll]  [McAfee, Inc., 12,1,118,0]
    [c:\PROGRA~1\mcafee\msc\mccfgpv.dll]  [McAfee, Inc., 8,1,133,0]
    [c:\PROGRA~1\mcafee\msc\mcdemenu.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9848.0]
    [c:\PROGRA~1\mcafee\msc\mcsubmgr\8_1_13~1\mcsubmgr.dll]  [McAfee, Inc., 8,1,133,0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvsap.dll]  [McAfee, Inc., 12,0,172,0]
    [C:\Program Files\McAfee\MPF\L10N.DLL]  [McAfee, Inc., 9.1.108.0]
    [c:\PROGRA~1\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\PROGRA~1\mcafee\msc\mcmscver.dll]  [McAfee, Inc., 8,1,136,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mcvspp.dll]  [McAfee, Inc., 12,1,109,0]
    [c:\PROGRA~1\mcafee\msc\mcprotpv.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\PROGRA~1\mcafee\msc\mcnmcprv.dll]  [McAfee, Inc., 2,1,151,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcRes.dll]  [McAfee, Inc., 2,1,151,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcLoR.dll]  [McAfee, Inc., 2,1,151,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcCoR.dll]  [McAfee, Inc., 2,1,151,0]
    [c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL]  [McAfee, Inc., 2,1,143,0]
    [c:\PROGRA~1\mcafee\msc\mcnmcsps.dll]  [McAfee, Inc., 2,0,115,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll]  [McAfee, Inc., 12,0,188,0]
    [c:\PROGRA~1\mcafee\msc\mcregobj\8_0_22~1\mcregobj.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\PROGRA~1\mcafee\mpf\mc\mpfp.dll]  [McAfee, Inc., 9.0.136.0]
    [C:\PROGRA~1\McAfee\MSC\McProHlp.dll]  [McAfee, Inc., 8,0,226,0]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 260 / SYSTEM][c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe]  [McAfee, Inc., 2,1,143,0]
    [c:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\8_1_11~1\McUtil.dll]  [McAfee, Inc., 8,1,114,0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\PROGRA~1\mcafee\msc\mcnmcsrv.dll]  [McAfee, Inc., 2,1,151,0]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 3,0,115,0]
    [c:\PROGRA~1\mcafee\msc\mcshllps.dll]  [McAfee, Inc., 8,1,133,0]
    [c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL]  [McAfee, Inc., 2,1,143,0]
    [c:\PROGRA~1\mcafee\msc\mcnmcsps.dll]  [McAfee, Inc., 2,0,115,0]
    [c:\PROGRA~1\mcafee\mpf\mc\mpfp.dll]  [McAfee, Inc., 9.0.136.0]
    [c:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9848.0]
    [c:\PROGRA~1\mcafee\msc\mcregobj\8_0_22~1\mcregobj.dll]  [McAfee, Inc., 8,0,226,0]
    [c:\PROGRA~1\mcafee\msc\mcmismgr.dll]  [McAfee, Inc., 8,1,149,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 8,0,226,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 8,1,153,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 8,1,165,0]
    [c:\PROGRA~1\mcafee\msc\mcsubmgr\8_1_13~1\mcsubmgr.dll]  [McAfee, Inc., 8,1,133,0]
    [c:\PROGRA~1\COMMON~1\mcafee\mna\mcuj.dll]  [McAfee, Inc., 2,1,143,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcRes.dll]  [McAfee, Inc., 2,1,151,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcLoR.dll]  [McAfee, Inc., 2,1,151,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcCoR.dll]  [McAfee, Inc., 2,1,151,0]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 440 / SYSTEM][c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe]  [McAfee, Inc., 2,0,150,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\escnplug.dll]  [McAfee, Inc., 12,1,109,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\EsPlgRes.dll]  [McAfee, Inc., 12,0,188,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll]  [McAfee, Inc., 12,1,118,0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\PROGRA~1\mcafee\msc\mcsubmgr\8_1_13~1\mcsubmgr.dll]  [McAfee, Inc., 8,1,133,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 3,0,115,0]
    [c:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9848.0]
    [C:\Program Files\McAfee\VirusScan\mvslog.dll]  [McAfee, Inc., 12,0,172,0]
[PID: 512 / SYSTEM][C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe]  [McAfee, Inc., VSCORE.14.0.0.349.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\LockDown.dll]  [McAfee, Inc., VSCORE.14.0.0.349.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3.dll]  [McAfee, Inc., VSCORE.14.0.0.349.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3_worker.dll]  [McAfee, Inc., VSCORE.14.0.0.349.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3_server.dll]  [McAfee, Inc., VSCORE.14.0.0.349.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\RES00\McShield.dll]  [McAfee, Inc., VSCORE.14.0.0.349]
    [C:\PROGRA~1\McAfee\VIRUSS~1\FTL.Dll]  [McAfee, Inc., VSCORE.14.0.0.349.x86]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\PROGRA~1\McAfee\VIRUSS~1\naiann.dll]  [McAfee, Inc., 12,0,188,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 3,0,115,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll]  [McAfee, Inc., 12,0,188,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll]  [McAfee, Inc., 12,0,188,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll]  [McAfee, Inc., 12,1,118,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll]  [McAfee, Inc., 3,0,115,0]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll]  [McAfee, Inc., 12,0,172,0]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\Program Files\McAfee\VirusScan\Engine\5301.4018\mcscan32.dll]  [McAfee, Inc., 5.3.00]
    [C:\Program Files\McAfee\VirusScan\Engine\5301.4018\mc5300up.001]  [McAfee, Inc., 5.3.00]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 8,0,226,0]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfebopa.dll]  [McAfee, Inc., SYSCORE.14.0.0.291.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll]  [McAfee, Inc., SYSCORE.14.0.0.291.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfeavfa.dll]  [McAfee, Inc., SYSCORE.14.0.0.291.x86]
[PID: 600 / SYSTEM][C:\Program Files\McAfee\MPF\MPFSrv.exe]  [McAfee, Inc., 9.0.136.0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.dll]  [McAfee, Inc., 9.1.9.0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll]  [McAfee, Inc., 3,0,115,0]
    [c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll]  [McAfee, Inc., 9.0.136.0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 8,0,226,0]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [c:\PROGRA~1\mcafee\msc\mccfgpv.dll]  [McAfee, Inc., 8,1,133,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 8,0,226,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 8,1,153,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 8,1,165,0]
    [c:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9848.0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 3,0,115,0]
    [c:\PROGRA~1\mcafee\mpf\mc\mpfaltps.dll]  [McAfee, Inc., 9.0.136.0]
[PID: 1036 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.7519]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7519]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1184 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1452 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll]  [McAfee, Inc., VSCORE.14.0.0.366.x86]
    [C:\WINDOWS\system32\JScript.dll]  [Microsoft Corporation, 5.7.0.18066]
    [C:\WINDOWS\system32\VBScript.dll]  [Microsoft Corporation, 5.7.0.18066]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mytilus3.dll]  [McAfee, Inc., VSCORE.14.0.0.349.x86]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mytilus3_worker.dll]  [McAfee, Inc., VSCORE.14.0.0.349.x86]
    [c:\PROGRA~1\mcafee\VIRUSS~1\RES00\McShield.dll]  [McAfee, Inc., VSCORE.14.0.0.349]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 2856 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\MSWSOCK.DLL]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3776 / Administrator][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
[PID: 2808 / Administrator][C:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.8.2.515]
    [C:\Program Files\Thunder\Program\BugReport.dll]  [Thunder Networking Technologies,LTD, 1, 5, 1, 22]
    [C:\Program Files\Thunder\Program\ThunderEx.dll]  [, 1, 2, 5, 24]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\Program Files\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 6, 66]
    [C:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 3, 1, 2, 315]
    [C:\Program Files\Thunder\Program\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Thunder\Program\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Thunder\Program\asyn_frame.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 17]
gototop
 

回复:谁能告诉我应该怎么办?

[C:\WINDOWS\system32\MSWSOCK.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\Program Files\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Thunder\Program\emule_id.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 7]
    [C:\Program Files\Thunder\Program\backend_agent.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 19]
    [C:\Program Files\Thunder\Program\ptl.dll]  [Thunder Networking Technologies,LTD, 3, 1, 2, 22]
    [C:\Program Files\Thunder\Program\xl_stat.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 3]
    [C:\Program Files\Thunder\Program\p2p_upload.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 8]
    [C:\Program Files\Thunder\Program\p2p.dll]  [Thunder Networking Technologies,LTD, 1,1,2,24]
    [C:\Program Files\Thunder\Program\xldc.dll]  [Thunder Networking Technologies,LTD, 3, 6, 2, 15]
    [C:\Program Files\Thunder\Program\fs.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 10]
    [C:\Program Files\Thunder\Program\stream.dll]  [Thunder Networking Technologies,LTD, 2, 1, 2, 375]
    [C:\Program Files\Thunder\Program\p2sp.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 25]
    [C:\Program Files\Thunder\Program\down_dispatcher.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 17]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\Program Files\Thunder\Program\p2p_local_res.dll]  [Thunder Networking Technologies,LTD, 1,1,2,12]
    [C:\Program Files\Thunder\Program\al.dll]  [Thunder Networking Technologies,LTD, 1,1,2,15]
    [C:\Program Files\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 5, 1, 24]
    [C:\Program Files\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 10]
    [C:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 12, 30]
    [C:\Program Files\Thunder\Program\iTargetAD.dll]  [N/A, ]
    [C:\Program Files\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 2, 3, 0, 59]
    [C:\Program Files\Thunder\Program\XLCommunityEx.dll]  [N/A, ]
    [C:\Program Files\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 17, 0, 67]
    [C:\Program Files\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Thunder\Program\imdt.dll]  [TODO: <Company name>, 1.0.2.5]
    [C:\Program Files\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 6, 21]
    [C:\Program Files\Thunder\Plugins\GouGouTop\GouGouTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 5]
    [C:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 19]
    [C:\Program Files\Thunder\Components\DownloadStat\DownloadStat.dll]  [Thunder Networking Technologies,LTD, 1, 4, 1, 6]
    [C:\Program Files\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 17]
[PID: 3184 / Administrator][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
[PID: 3836 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.750\sr-engldr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 3848 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.750\SREcec25149.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.750\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 4088 / SYSTEM][C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe]  [McAfee, Inc., 12,1,111,0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 8,0,226,0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll]  [McAfee, Inc., 12,0,172,0]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfesmfa.dll]  [McAfee, Inc., SYSCORE.14.0.0.291.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll]  [McAfee, Inc., SYSCORE.14.0.0.291.x86]
    [c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.dll]  [McAfee, Inc., 9.1.9.0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll]  [McAfee, Inc., 12,1,118,0]
[PID: 3296 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{1F62F359-21DB-4229-9375-9D66025E0BD8}] SEQPACKET 0
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{1F62F359-21DB-4229-9375-9D66025E0BD8}] DATAGRAM 0
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] SEQPACKET 1
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] DATAGRAM 1
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] SEQPACKET 2
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] DATAGRAM 2
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1    858656.com
127.0.0.1    my123.com
127.0.0.1    8749.com
127.0.0.1    4199.com
127.0.0.1    7379.com
127.0.0.1    7255.com
127.0.0.1    3448.com
127.0.0.1    7939.com
127.0.0.1    8009.com
127.0.0.1    piaoxue.com
127.0.0.1    kzdh.com
127.0.0.1    about.blank.la
127.0.0.1    6781.com
127.0.0.1    7322.com
127.0.0.1    9991.com

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1036, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2808, C:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3184, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3836, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX01.750\SR-ENGLDR.EXE]

==================================
计划任务
[已启用] McQcTask.job
        c:\PROGRA~1\mcafee\mqc\QcConsol.exe
[已启用] McDefragTask.job
        c:\PROGRA~1\mcafee\mqc\QcConsol.exe

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT