1   1  /  1  页   跳转

电脑中了毒,请看看我的日志

收藏
OPPOSE
头像
初生襁褓狮
  • 帖子:34
  • 注册: 2006-08-05
  • 来自:
发表于: 2006-08-20 18:03 | 只看楼主 短消息 资料
字号: 1楼

电脑中了毒,请看看我的日志

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Super Rabbit IEPro><C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft Corporation]
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [Yahoo!]
    <MINI_BFYY><C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe>  [深圳市三代科技开发有限公司]
    <SSLcnt><; rem "F:\网上下载软件\汉唐证券\sslcnt\SSLCnt.exe">  [杭州核新软件技术有限公司]
    <vptray><; C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe>  [Symantec Corporation]
    <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [ ]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <GrpConv><grpconv.exe -o>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <CheckFaultKernel><C:\WINNT\system32\mswdm.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINNT\system32\NavLogon.dll>  []

==================================
启动文件夹
服务
[DefWatch / DefWatch]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[DameWare Mini Remote Control / DWMRCS]
  <C:\WINNT\SYSTEM32\DWRCS.EXE -service><DameWare Development LLC>
[EPSON Printer Status Agent2 / EPSONStatusAgent2]
  <C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe><SEIKO EPSON CORPORATION>
[Symantec AntiVirus Client / Norton AntiVirus Server]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe><Symantec Corporation>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINNT\System32\nvsvc32.exe><NVIDIA Corporation>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINNT\system32\xunleibho_v4.dll, >
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\PROGRA~1\SUPERR~1\MagicSet\haokanbar.dll, N/A>
[Schedule Class]
  {8B316DA1-9950-4926-B9EA-1AEC124AFA45} <C:\WINNT\system32\sscli.dll, >
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[百万图库]
  {6713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www.26-3.com/star, N/A>
[铃声图片下载]
  {7713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www.26-3.com/sms/index.htm, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[SiteAdvisor]
  {0BF43445-2F28-4351-9252-17FE6E806AA0} <C:\Program Files\SiteAdvisor\saIE.dll, McAfee>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\PROGRA~1\SUPERR~1\MagicSet\haokanbar.dll, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINNT\system32\LegitCheckControl.DLL, Microsoft Corporation>
[趋势科技在线扫毒程序]
  {74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\WINNT\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
[&使用暴风下载器下载]
  <C:\Program Files\Ringz Studio\Storm Downloader\geturl.htm, N/A>
[使用KuGoo3下载(&K)]
  <C:\Program Files\KuGoo3\KuGoo3DownX.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <F:\网上下载软件\QQ2004奥运\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\网上下载软件\QQ2004奥运\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\网上下载软件\QQ2004奥运\SendMMS.htm, N/A>
最后编辑2006-08-20 18:13:28
分享到:
gototop
 
OPPOSE
头像
初生襁褓狮
  • 帖子:34
  • 注册: 2006-08-05
  • 来自:
发表于: 2006-08-20 18:06 | 只看楼主 短消息 资料
字号: 2楼

正在运行的进程
[PID: 208][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.5695>
[PID: 168][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.5265>
[PID: 136][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6970>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\NavLogon.dll]  <N/A><N/A>
[PID: 236][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.3940>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.3649.297.3>
[PID: 248][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 432][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 456][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.4299>
    [C:\WINNT\system32\E_SL2352.DLL]  <SEIKO EPSON CORPORATION><2, 15, 0, 0>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 504][C:\WINNT\SYSTEM32\DWRCS.EXE]  <DameWare Development LLC><4, 9, 2, 5>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 520][C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe]  <SEIKO EPSON CORPORATION><1, 2, 0, 0>
    [C:\WINNT\system32\EBAPI2.DLL]  <SEIKO EPSON CORPORATION><1, 1, 0, 0>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\Program Files\Common Files\EPSON\EBAPI\EBPLPT.DLL]  <SEIKO EPSON CORPORATION><2, 14, 0, 0>
[PID: 548][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 684][C:\WINNT\System32\nvsvc32.exe]  <NVIDIA Corporation><6.13.10.4103>
[PID: 708][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6920>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 840][C:\WINNT\system32\stisvc.exe]  <Microsoft Corporation><5.00.2195.3649>
[PID: 892][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0070>
[PID: 924][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 1132][C:\WINNT\SYSTEM32\DWRCST.exe]  <DameWare Development><4, 9, 2, 5>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 1392][C:\WINNT\system32\msime.exe]  <N/A><N/A>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 1420][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]  <Yahoo!><1, 0, 1, 1001>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll]  <Yahoo><1, 0, 1, 1006>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll]  <Yahoo><1, 0, 2, 1002>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll]  <Yahoo><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll]  <Yahoo><1, 0, 0, 2>
[PID: 488][C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe]  <深圳市三代科技开发有限公司><1, 1, 0, 4>
    [C:\Program Files\Ringz Studio\Storm Downloader\boost_thread-vc6-mt-1_31.dll]  <N/A><N/A>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 1428][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 1368][C:\Program Files\VnetClient1.6\VnetClient.exe]  <><1, 0, 0, 1>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 780][C:\猎人\NewsBar3.1\NewsBar3.1.exe]  <star><1.00>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\WINNT\system32\devenum.dll]  <N/A><N/A>
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\OGGSplt.ax]  <Gabest><1, 0, 0, 0>
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\RMSplt.ax]  <Gabest><1, 0, 1, 0>
    [C:\WINNT\system32\ffdshow.ax]  <N/A><1.0.2.9>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
[PID: 308][C:\WINNT\system32\taskmgr.exe]  <Microsoft Corporation><5.00.2137.1>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 1484][C:\WINNT\explorer.exe]  <Microsoft Corporation><5.00.3502.5321>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\Program Files\3721\Assist\asbar.dll]  <3721><1, 0, 0, 8>
    [C:\PROGRA~1\3721\Assist\ieaUI.dll]  <yahoo!china><1, 0, 1, 1005>
    [C:\PROGRA~1\3721\Assist\TbWrap.dll]  <3721><1, 0, 0, 2>
    [C:\PROGRA~1\3721\Assist\asnoad.dll]  <><1, 0, 0, 9>
    [C:\PROGRA~1\3721\Assist\aswiper.dll]  <3721><1, 0, 0, 3>
    [C:\PROGRA~1\3721\Assist\asiesec.dll]  <yahoo><1, 0, 0, 9>
    [C:\WINNT\system32\xunleibho_v5.dll]  <><4, 3, 3, 30>
    [C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX]  <N/A><N/A>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
    [c:\progra~1\3721\assist\adfilter.dll]  < ><1, 0, 1, 6>
    [C:\PROGRA~1\3721\Assist\assecblk.dll]  <3721><1, 0, 0, 9>
    [C:\PROGRA~1\3721\Assist\optimum.dll]  <N/A><N/A>
    [C:\PROGRA~1\3721\Assist\repair.dll]  <北京三七二一科技有限公司><1, 0, 2, 4>
    [C:\PROGRA~1\3721\Assist\asfsks.dll]  <3721.com><2, 1, 1, 87>
    [C:\WINNT\system32\sscli.dll]  <><5, 0, 2195, 6696>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 1, 4, 1044>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll]  <Yahoo!><2, 0, 6, 1004>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll]  <3721.com><2, 1, 1, 87>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yprockg.dll]  <Yahoo!><1, 0, 6, 1007>
[PID: 1500][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.5433>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 4944][C:\WINNT\System32\SCardSvr.exe]  <Microsoft Corporation><5.00.2195.3649>
[PID: 2824][C:\KuGoo\hijackthis1991\HijackThis.exe]  <Soeperman Enterprises Ltd.><1.99.0001>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 3828][C:\Documents and Settings\Administrator\桌面\VPTray.exe]  <Symantec Corporation><8.1.0.821>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Cliscan.dll]  <Symantec Corporation><8.1.0.821>
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
[PID: 1588][C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\VPC32.EXE]  <Symantec Corporation><8.1.0.821>
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\S32NAVS.DLL]  <Symantec Corporation><5.3.0.180>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\Program Files\Common Files\Symantec Shared\SSC\LDVPCtls.ocx]  <Symantec Corporation><8.1.0.821>
    [C:\Program Files\Common Files\Symantec Shared\SSC\LDVPView.ocx]  <Symantec Corporation><8.1.0.821>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SSC\LDVPTask.ocx]  <Symantec Corporation><8.1.0.821>
gototop
 
我无邪
头像
高贵耄耋狮
  • 帖子:20720
  • 注册: 2004-06-10
  • 来自:广西玉林
发表于: 2006-08-20 18:15 | 短消息 资料
字号: 3楼

DameWare Mini Remote Control / DWMRCS]
<C:\WINNT\SYSTEM32\DWRCS.EXE -service><DameWare Development LLC>
这一个有些敏感,如果你根本不知道,就要注意。

关闭所有浏览窗口以及一些不必要的程序
运行(双击)System Repair Engineer,使用“系统修复,浏览器加载项”来删除以下选项。
C:\PROGRA~1\DESKAD~1\deskipn.dll
运行(双击)System Repair Engineer,使用“启动项目,注册表”来删除以下选项。
C:\WINNT\system32\mswdm.exe
重启后删除
C:\PROGRA~1\DESKAD~
C:\WINNT\system32\mswdm.exe
修复后重启
再扫份日志粘上来,粘全日志啊。
gototop
 
OPPOSE
头像
初生襁褓狮
  • 帖子:34
  • 注册: 2006-08-05
  • 来自:
发表于: 2006-08-20 18:21 | 只看楼主 短消息 资料
字号: 4楼

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Super Rabbit IEPro><C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft Corporation]
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [Yahoo!]
    <MINI_BFYY><C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe>  [深圳市三代科技开发有限公司]
    <SSLcnt><; rem "F:\网上下载软件\汉唐证券\sslcnt\SSLCnt.exe">  [杭州核新软件技术有限公司]
    <vptray><; C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe>  [Symantec Corporation]
    <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [ ]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <GrpConv><grpconv.exe -o>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <CheckFaultKernel><C:\WINNT\system32\mswdm.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINNT\system32\NavLogon.dll>  []

==================================
启动文件夹
服务
[DefWatch / DefWatch]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[DameWare Mini Remote Control / DWMRCS]
  <C:\WINNT\SYSTEM32\DWRCS.EXE -service><DameWare Development LLC>
[EPSON Printer Status Agent2 / EPSONStatusAgent2]
  <C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe><SEIKO EPSON CORPORATION>
[Symantec AntiVirus Client / Norton AntiVirus Server]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe><Symantec Corporation>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINNT\System32\nvsvc32.exe><NVIDIA Corporation>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINNT\system32\xunleibho_v5.dll, >
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\PROGRA~1\SUPERR~1\MagicSet\haokanbar.dll, N/A>
[Schedule Class]
  {8B316DA1-9950-4926-B9EA-1AEC124AFA45} <C:\WINNT\system32\sscli.dll, >
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[百万图库]
  {6713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www.26-3.com/star, N/A>
[铃声图片下载]
  {7713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www.26-3.com/sms/index.htm, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[SiteAdvisor]
  {0BF43445-2F28-4351-9252-17FE6E806AA0} <C:\Program Files\SiteAdvisor\saIE.dll, McAfee>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\PROGRA~1\SUPERR~1\MagicSet\haokanbar.dll, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINNT\system32\LegitCheckControl.DLL, Microsoft Corporation>
[趋势科技在线扫毒程序]
  {74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\WINNT\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
[&使用暴风下载器下载]
  <C:\Program Files\Ringz Studio\Storm Downloader\geturl.htm, N/A>
[使用KuGoo3下载(&K)]
  <C:\Program Files\KuGoo3\KuGoo3DownX.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <F:\网上下载软件\QQ2004奥运\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\网上下载软件\QQ2004奥运\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\网上下载软件\QQ2004奥运\SendMMS.htm, N/A>
gototop
 
OPPOSE
头像
初生襁褓狮
  • 帖子:34
  • 注册: 2006-08-05
  • 来自:
发表于: 2006-08-20 18:21 | 只看楼主 短消息 资料
字号: 5楼

正在运行的进程
[PID: 208][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.5695>
[PID: 168][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.5265>
[PID: 136][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6970>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\NavLogon.dll]  <N/A><N/A>
[PID: 236][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.3940>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.3649.297.3>
[PID: 248][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 432][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 456][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.4299>
    [C:\WINNT\system32\E_SL2352.DLL]  <SEIKO EPSON CORPORATION><2, 15, 0, 0>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 504][C:\WINNT\SYSTEM32\DWRCS.EXE]  <DameWare Development LLC><4, 9, 2, 5>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 520][C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe]  <SEIKO EPSON CORPORATION><1, 2, 0, 0>
    [C:\WINNT\system32\EBAPI2.DLL]  <SEIKO EPSON CORPORATION><1, 1, 0, 0>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\Program Files\Common Files\EPSON\EBAPI\EBPLPT.DLL]  <SEIKO EPSON CORPORATION><2, 14, 0, 0>
[PID: 548][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 684][C:\WINNT\System32\nvsvc32.exe]  <NVIDIA Corporation><6.13.10.4103>
[PID: 708][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6920>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 840][C:\WINNT\system32\stisvc.exe]  <Microsoft Corporation><5.00.2195.3649>
[PID: 892][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0070>
[PID: 924][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 1132][C:\WINNT\SYSTEM32\DWRCST.exe]  <DameWare Development><4, 9, 2, 5>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 1392][C:\WINNT\system32\msime.exe]  <N/A><N/A>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 1420][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]  <Yahoo!><1, 0, 1, 1001>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll]  <Yahoo><1, 0, 1, 1006>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll]  <Yahoo><1, 0, 2, 1002>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll]  <Yahoo><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll]  <Yahoo><1, 0, 0, 2>
[PID: 488][C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe]  <深圳市三代科技开发有限公司><1, 1, 0, 4>
    [C:\Program Files\Ringz Studio\Storm Downloader\boost_thread-vc6-mt-1_31.dll]  <N/A><N/A>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 1428][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 1368][C:\Program Files\VnetClient1.6\VnetClient.exe]  <><1, 0, 0, 1>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 780][C:\猎人\NewsBar3.1\NewsBar3.1.exe]  <star><1.00>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\WINNT\system32\devenum.dll]  <N/A><N/A>
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\OGGSplt.ax]  <Gabest><1, 0, 0, 0>
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\RMSplt.ax]  <Gabest><1, 0, 1, 0>
    [C:\WINNT\system32\ffdshow.ax]  <N/A><1.0.2.9>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
[PID: 1484][C:\WINNT\explorer.exe]  <Microsoft Corporation><5.00.3502.5321>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\Program Files\3721\Assist\asbar.dll]  <3721><1, 0, 0, 8>
    [C:\PROGRA~1\3721\Assist\ieaUI.dll]  <yahoo!china><1, 0, 1, 1005>
    [C:\PROGRA~1\3721\Assist\TbWrap.dll]  <3721><1, 0, 0, 2>
    [C:\PROGRA~1\3721\Assist\asnoad.dll]  <><1, 0, 0, 9>
    [C:\PROGRA~1\3721\Assist\aswiper.dll]  <3721><1, 0, 0, 3>
    [C:\PROGRA~1\3721\Assist\asiesec.dll]  <yahoo><1, 0, 0, 9>
    [C:\WINNT\system32\xunleibho_v5.dll]  <><4, 3, 3, 30>
    [C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX]  <N/A><N/A>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
    [c:\progra~1\3721\assist\adfilter.dll]  < ><1, 0, 1, 6>
    [C:\PROGRA~1\3721\Assist\assecblk.dll]  <3721><1, 0, 0, 9>
    [C:\PROGRA~1\3721\Assist\optimum.dll]  <N/A><N/A>
    [C:\PROGRA~1\3721\Assist\repair.dll]  <北京三七二一科技有限公司><1, 0, 2, 4>
    [C:\PROGRA~1\3721\Assist\asfsks.dll]  <3721.com><2, 1, 1, 87>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll]  <3721.com><2, 1, 1, 87>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yprockg.dll]  <Yahoo!><1, 0, 6, 1007>
    [C:\WINNT\system32\sscli.dll]  <><5, 0, 2195, 6696>
[PID: 1500][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.5433>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
[PID: 4944][C:\WINNT\System32\SCardSvr.exe]  <Microsoft Corporation><5.00.2195.3649>
[PID: 3828][C:\Documents and Settings\Administrator\桌面\VPTray.exe]  <Symantec Corporation><8.1.0.821>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Cliscan.dll]  <Symantec Corporation><8.1.0.821>
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
[PID: 1836][C:\Program Files\BitComet\BitComet.exe]  <www.BitComet.com><0.62.>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 4228][C:\KuGoo\20066121353032646\SREng\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>
[PID: 1096][C:\KuGoo\20066121353032646\SREng\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINNT\system32\JPWB.IME]  <常诚研制><4.00.950>
    [C:\WINNT\system32\KVWspXP_1.dll]  <JiangMin Ltd.><8.0.0.312>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT