不知道是不是新病毒，很难缠，高手帮帮忙，有日志 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛不知道是不是新病毒，很难缠，高手帮帮忙，有日志

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

不知道是不是新病毒，很难缠，高手帮帮忙，有日志

小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	发表于： 2007-06-16 20:35 \| 只看楼主短消息资料字号：小中大 1楼不知道是不是新病毒，很难缠，高手帮帮忙，有日志 [CODE] 2007-06-16,20:15:54 System Repair Engineer 2.4.12.806 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 1 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Windows XP Publisher] <ApabiAgent><; "C:\Program Files\Founder\Apabi Reader 1.8\ApabiAgent.exe"> [] <swg><; C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc] <sm><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\Rav.exe> [N/A] <6shrc9i0w><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexp1ore.exe> [N/A] <7zj4ei><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\crasos.exe> [N/A] <f2xfhc><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexp10re.exe> [N/A] <li4gm><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\c0nime.exe> [N/A] <6qwbjm4e8><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexpl0re.exe> [N/A] <z49><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\1explore.exe> [N/A] <822><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\exp10rer.exe> [N/A] <qs2c657w1ut58><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexplorer.exe> [N/A] <jx><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\explorei.exe> [N/A] <hcjid8bxskf8><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\winlog0n.exe> [N/A] <MS Reporter(dont disable)><; C:\WINDOWS\W1NL0GON.EXE> [] <Service Pack 1><; C:\WINDOWS\System32\vexg6ame4.exe> [] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows XP Publisher] <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows XP Publisher] <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows XP Publisher] <CdnCtr><; C:\Program Files\CNNIC\Cdn\cdnup.exe> [CNNIC] <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.] <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.] <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k> [N/A] <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.] <NeroCheck><; C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh] <InCD><; C:\Program Files\Ahead\InCD\InCD.exe> [N/A] <wlsa><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\wlso.exe> [N/A] <mhsa><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\mhso.exe> [N/A] <qjsa><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\qjso.exe> [N/A] <load><; C:\WINDOWS\uninstall\rundl132.exe> [] <upxdnd><; C:\WINDOWS\upxdnd.exe> [] <Microsoft Autorun5><; C:\WINDOWS\System32\mosou.exe> [] <dasa><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\daso.exe> [N/A] <Microsoft Autorun12><; C:\WINDOWS\System32\nwizzhuxians.exe> [] <Microsoft IME><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\Win15.exe> [N/A] <Microsoft Autorun4><; C:\WINDOWS\System32\mydata.exe> [] <wosa><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\woso.exe> [N/A] <rxsa><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\rxso.exe> [N/A] <tlsa><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\tlso.exe> [N/A] <wgsa><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\wgso.exe> [N/A] <System><; C:\Program Files\Common Files\system\Updaterun.exe> [] <thjcghi><; C:\Program Files\InstallShield Installation Information\thjcghi.exe> [] <TinTSentp><; C:\WINDOWS\system32\autoc0nv.exe> [] <runner1><; C:\WINDOWS\retadpu321.exe 61A847B5BBF72811309A284503996897C881250221C8670836AC4FA7C8833201749139> [N/A] <><; C:\Program Files\Common Files\Services\svchost.exe> [] <Mrxiaokan4><; C:\Program Files\Internet Explorer\SPLOUE.exe> [N/A] <spoolsvv><; C:\WINDOWS\System32\spoolsvv.exe> [] <wdynyi12><%systemroot%\system32\Rundll32.exe "%systemroot%\system32\wdynyi12.dll",Start> [] <nrbnve71><%systemroot%\system32\Rundll32.exe "%systemroot%\system32\nrbnve71.dll",Start> [] <hncsbe79><%systemroot%\system32\Rundll32.exe %systemroot%\system32\hncsbe79.dll,DllCanUnloadNow> [Microsoft Corporation] <Microsoft Autorun9><C:\WINDOWS\System32\Ravasktao.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <qqkwha><%systemroot%\system32\Rundll32.exe %systemroot%\system32\qqkwha.dll,DllUnregisterServer> [] <bthaq><%systemroot%\system32\Rundll32.exe %systemroot%\system32\bthaq.dll,DllUnregisterServer> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] <visin><; C:\WINDOWS\System32\visin.exe> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><EXPLORER.EXE> [(Verified)Microsoft Windows XP Publisher] <Userinit><C:\WINDOWS\System32\UserInit.exe,C:\WINDOWS\System32\wintemp.exe> [N/A] <UIHost><logonui.exe> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows XP Publisher] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.] <{0EA66AD2-CF26-2E23-532B-B292E22F3266}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewTemp.dll> [] <{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\System64.Sys> [] <{99F1D023-7CEB-4586-80F7-BB1A98DB7602}><C:\Program Files\Internet Explorer\IEXPLORE.Sys> [N/A] <{FEB94F5A-69F3-4645-8C2B-9E71D270AF2E}><C:\Program Files\Internet Explorer\IEXPLORE.Dat> [N/A] <{923509F1-45CB-4EC0-BDE0-1DED35B8FD60}><C:\Program Files\Internet Explorer\IEXPLORE.win> [N/A] <{1496D5ED-7A09-46D0-8C92-B8E71A4304DF}><C:\windows\System32\scandisk.dll> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows XP Publisher] <CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows XP Publisher] <WebCheck><%SystemRoot%\System32\webcheck.dll> [(Verified)Microsoft Windows XP Publisher] <SysTray><C:\WINDOWS\System32\stobject.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\botreg] <WinlogonNotify: botreg><C:\Documents and Settings\All Users\Documents\Settings\bot.dll> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] <WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] <WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] <WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] <WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] <WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] <WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] <WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] <WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] <WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\System32\browseui.dll> [(Verified)Microsoft Windows XP Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\System32\browseui.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows XP Publisher] ================================== 2007-06-17 16:36:10
小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	分享到：

小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	发表于： 2007-06-16 20:36 \| 只看楼主短消息资料字号：小中大 2楼 ================================== 启动文件夹 [AutoCAD 启动加速器] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk --> C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [Autodesk, Inc]><N> [Acrobat Assistant] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Acrobat Assistant.lnk --> D:\ACROBA~1.0\Distillr\AcroTray.exe [Adobe Systems Inc.]><N> [ykhijk] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ykhijk.lnk --> C:\Program Files\Microsoft.NET\ykhijkk.exe [N/A]><N> ================================== 服务 [4E98AB0C / 4E98AB0C][Stopped/Auto Start] <C:\windows\System32\744EB526.EXE -p><Microsoft Corporation> [6DCA4309 / 6DCA4309][Stopped/Auto Start] <C:\windows\System32\A8CCB330.EXE -6DCA4309><Microsoft Corporation> [840F1C4B / 840F1C4B][Stopped/Auto Start] <C:\windows\System32\1E954C5F.EXE -k><Microsoft Corporation> [Messenger Accelerator / Accelerator Tools][Stopped/Auto Start] <C:\WINDOWS\System32\mdn.exe><N/A> [ASP.NET State Service / aspnet_state][Stopped/Manual Start] <C:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation> [Asynchronous UPnP Support Services / Asynchronous UPnP Support Services][Stopped/Auto Start] <C:\WINDOWS\System32\upnpsvc.exe><Microsoft Corporatio> [at2.810810.org / at2.810810.org][Stopped/Auto Start] <C:\WINDOWS\System32\at2.810810.org.exe><N/A> [Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk, Inc.> [B76DD14A / B76DD14A][Stopped/Auto Start] <C:\windows\System32\39E6A229.EXE -g><Microsoft Corporation> [EJOTZFLPVAGLRWC / BGLQWCHMSXDINT][Stopped/Auto Start] <C:\windows\system32\svchost.exe -k YDJPUAFLQVBGM-->C:\WINDOWS\ANYjtB1001.DLL><N/A> [Windows Install Helper / BKMARKS][Stopped/Auto Start] <C:\WINDOWS\SYSTEM32\RUNDLLFOROUR.EXE C:\WINDOWS\SYSTEM32\WBEM\NJFQZ.DLL,DllRegisterServer 1087><Microsoft Corporation> [C#_NET_HowTo_TimeTrackerService / C#_NET_HowTo_TimeTrackerService][Stopped/Disabled] <c:\program files\clarity consulting\c#.net how-to windows service - time track\how-to windows service demo.exe><> [Client IP-IPX / Client IP-IPX][Stopped/Disabled] <"C:\WINDOWS\System32\svchosts.exe" -e te-110-12-0000321><N/A> [EA0A5D0B / EA0A5D0B][Stopped/Auto Start] <C:\windows\System32\2386EE1D.EXE -d><Microsoft Corporation> [Google Updater Service / gusvc][Stopped/Manual Start] <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><> [Remote Route Service / Hardware][Stopped/Auto Start] <C:\windows\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\njldc.dll><Microsoft Corporation> [System Local Kernel Service / kernel][Stopped/Auto Start] <"C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\8HoNjqgHmr.exe"><N/A> [kernl32 / kernl32][Stopped/Auto Start] <C:\WINDOWS\System32\kernl32.exe><N/A> [Fax 2Client / ms_2fax][Stopped/Auto Start] <C:\WINDOWS\System32\86aa1.exe><N/A> [Navoct / Navoct][Stopped/Disabled] <C:\windows\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll><N/A> [Net Login Helper / netlog][Stopped/Auto Start] <C:\windows\system32\SCardSer.exe ><N/A> [Windows pgsd RunThem / pgsd][Stopped/Auto Start] <C:\windows\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\kbny\ulxi.dll>< > [Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start] <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A> [Remote Procedure Call System(RPCS) / RpcS][Stopped/Auto Start] <C:\WINDOWS\System32\RpcS.exe><Microsoft Corporation> [Rising Process Communication Center / RsCCenter][Stopped/Auto Start] <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.> [svchost / svchost][Stopped/Auto Start] <C:\WINDOWS\svchost.exe><N/A> [Unigraphics Plot Server (ugiipqd) / ugiipqd][Stopped/Auto Start] <C:\WINDOWS\System32\spool\ugplot\ugiipqd.exe><Unigraphics Solutions, Inc> [Unigraphics License Server (uglmd) / Unigraphics License Server (uglmd)][Stopped/Auto Start] <D:\UGS\UGNXFLEXlm\lmgrd.exe><> [Telephonyl / WindowsDown][Stopped/Auto Start] <C:\WINDOWS\System32\servet.exe><N/A> [wljs0001.3322.org / wljs0001.3322.org][Stopped/Auto Start] <C:\WINDOWS\System32\wljs0001.3322.org.exe><N/A> [Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start] <C:\windows\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\mspmsnsv.dll><Microsoft Corporation> [WMI Performance API / WMIApiSrv][Stopped/Auto Start] <C:\WINDOWS\System32\rundll32.exe WMIApiSrv.dll,input><Microsoft Corporation> ==================================
小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:

小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	发表于： 2007-06-16 20:36 \| 只看楼主短消息资料字号：小中大 3楼驱动程序 [a347bus / a347bus][Running/Boot Start] <\SystemRoot\System32\DRIVERS\a347bus.sys><> [a347scsi / a347scsi][Running/Boot Start] <\SystemRoot\System32\Drivers\a347scsi.sys><> [acpidisk / acpidisk][Stopped/Auto Start] <\??\C:\WINDOWS\System32\drivers\acpidisk.sys><N/A> [Apaidi / Apaidi][Stopped/Manual Start] <\??\C:\WINDOWS\System32\drivers\Apaidi.sys><N/A> [标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start] <\SystemRoot\System32\DRIVERS\atapi.sys><N/A> [BaseTDI / BaseTDI][Stopped/Auto Start] <\??\C:\WINDOWS\System32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.> [InCD Storage Helper Driver / BsStor][Running/Boot Start] <\SystemRoot\System32\DRIVERS\bsstor.sys><B.H.A Co.,Ltd.> [CdaC15BA / CdaC15BA][Stopped/Auto Start] <\??\C:\WINDOWS\System32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd> [cdnprot / cdnprot][Stopped/Boot Start] <\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)> [Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start] <System32\DRIVERS\e100b325.sys><Intel Corporation> [Creative SB Live! (WDM) / emu10k][Stopped/Disabled] <system32\drivers\emu10k1m.sys><Creative Technology Ltd.> [Creative Interface Manager Driver (WDM) / emu10k1][Stopped/Manual Start] <system32\drivers\ctlfacem.sys><Creative Technology Ltd.> [ExpScaner / ExpScaner][Stopped/Auto Start] <\??\D:\Program Files\Rising\Rav\ExpScan.sys><> [hncsbe7 / hncsbe79][Running/Boot Start] <\SystemRoot\System32\DRIVERS\hncsbe79.sys><N/A> [HookCont / HookCont][Stopped/Auto Start] <\??\D:\Program Files\Rising\Rav\HOOKCONT.sys><Rising> [HookReg / HookReg][Stopped/Auto Start] <\??\D:\Program Files\Rising\Rav\HookReg.sys><> [HookSys / HookSys][Stopped/Auto Start] <\??\D:\Program Files\Rising\Rav\HookSys.sys><Rising> [lqfxxy2 / lqfxxy29][Stopped/Disabled] <\SystemRoot\System32\DRIVERS\lqfxxy29.sys><N/A> [MEMSCAN / MEMSCAN][Stopped/Auto Start] <\??\D:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司> [Netgroup Packet Filter / NPF][Stopped/Manual Start] <System32\DRIVERS\npf.sys><NetGroup - Politecnico di Torino> [nrbnve7 / nrbnve71][Running/Boot Start] <\SystemRoot\System32\DRIVERS\nrbnve71.sys><Microsoft Corporation> [nv / nv][Stopped/Manual Start] <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [ornu / ornux][Running/Boot Start] <\SystemRoot\System32\DRIVERS\ornux.sys><N/A> [PCANDIS5 NDIS Protocol Driver / PCANDIS5][Stopped/Manual Start] <\??\C:\WINDOWS\System32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)> [Direct Parallel Link Driver / Ptilink][Stopped/Manual Start] <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [qqkwh / qqkwha][Running/Boot Start] <\SystemRoot\System32\DRIVERS\qqkwha.sys><N/A> [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] <\SystemRoot\System32\drivers\RsBoot.sys><Beijing Rising> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.> [RSPPSYS / RSPPSYS][Stopped/Auto Start] <\??\D:\Program Files\Rising\Rav\RSPPSYS.sys><Rising> [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation> [rysqhe / rysqhe][Stopped/Disabled] <\SystemRoot\system32\drivers\rysqhe.sys><N/A> [Secdrv / Secdrv][Stopped/Manual Start] <System32\DRIVERS\secdrv.sys><N/A> [Sentinel / Sentinel][Stopped/Auto Start] <\SystemRoot\System32\Drivers\SENTINEL.SYS><Rainbow Technologies, Inc.> [Creative SoundFont Manager Driver (WDM) / sfman][Stopped/Manual Start] <system32\drivers\sfmanm.sys><Creative Technology Ltd.> [Audio Driver (WDM) - SigmaTel CODEC / STAC97][Stopped/Manual Start] <system32\drivers\STAC97.sys><SigmaTel, Inc.> [wdynyi1 / wdynyi12][Running/Boot Start] <\SystemRoot\System32\DRIVERS\wdynyi12.sys><Microsoft Corporation> [yaskp / yaskp][Stopped/Disabled] <???\C:\WINDOWS\SYSTEM32\DRIVERS\YASKP.SYS><N/A> [ygqijx4 / ygqijx43][Stopped/Disabled] <\SystemRoot\System32\DRIVERS\ygqijx43.sys><N/A> [zufupbxd / zufupbxd][Stopped/Disabled] <\SystemRoot\System32\DRIVERS\zufupbxd.sys><Yahoo! China Corporation> ================================== 浏览器加载项 [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <d:\WebThunder\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD> [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx, > [MyLoader Class] {09BA1AA9-CAD4-4C14-BDE6-922DFF5F6F38} <C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEMDATA\UNiD4qsxBg_2002.dll, > [CAdLogic Object] {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush.dll, > [Yahoo!Photo] {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, N/A> [AntiFish Class] {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, N/A> [腾讯QQ] {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\WINDOWS\QQIEHelper.dll, N/A> [IEInit Class] {5B02EBA1-EFDD-477D-A37F-05383165C9C0} <C:\WINDOWS\System32\drivers\usrinit.dll, N/A> [CdnForIE Class] {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC> [DragSearch BHO] {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A> [Google Toolbar Helper] {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.> [] {C74CDF30-68C2-49B4-9918-EBD66B8D9FBF} <C:\WINDOWS\system32\zrdxorfmncquq.dll, > [FavHook Class] {CD8BFE70-5809-4C73-9EEE-E5672C2B79D7} <C:\Program Files\Deepdo\DeepdoBar\Favorite\FavBlock.dll, Deepdo.com, Inc.> [ff Class] {FAAAC0F6-94BE-4466-934B-7C53666A2F41} <C:\WINDOWS\System32\c861.dll, TODO: <公司名>> [信息检索] {FC37E818-6FBF-42F7-8CDE-72B890F493D9} <C:\WINDOWS\system32\svchost.dll, N/A> [CdnForIE Class] {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC> [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation> [启动Web迅雷] {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A> [CaiFuCOM Class] {C1F0024B-8278-4999-B7E6-2718426D9FE6} <C:\Program Files\财富通\caif.dll, N/A> [电台(&R)] {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation> [实用搜索工具条2.0] {03465FF5-00AE-411a-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com> [&Google] {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.> [酷搜-搜索高级工具] {E6357A1D-8264-4B68-B3D2-1D4D0A5B1E61} <C:\PROGRA~1\KuSou\KuSou.DLL, N/A> [Update Class] {9F1C11AA-197B-4942-BA54-47A8489BB47F} <C:\WINDOWS\System32\iuctl.dll, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.> [WebThunder Class] {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A> [使用Web迅雷下载] <d:\WebThunder\GetUrl.htm, N/A> [使用Web迅雷下载全部链接] <d:\WebThunder\GetAllUrl.htm, N/A> [导出到 Microsoft Office Excel(&X)] <res://D:\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> [添加到雅虎订阅(&Y)] <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A> [雅虎搜索] <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll/203, N/A>
小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:

newcenturymoon 社区嘉宾帖子:15158 注册: 2005-08-03 来自:	发表于： 2007-06-16 20:41 \| 短消息资料字号：小中大 4楼病毒太多了加我QQ 帮你远程弄 q号通过悄悄话发给你
newcenturymoon 社区嘉宾帖子:15158 注册: 2005-08-03 来自:

小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	发表于： 2007-06-16 20:42 \| 只看楼主短消息资料字号：小中大 5楼 ================================== 正在运行的进程 [PID: 200][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\ntdll.dll] [Microsoft Corporation, 5.1.2600.1217 (xpsp2.030429-2131)] [PID: 264][\??\C:\windows\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\ntdll.dll] [Microsoft Corporation, 5.1.2600.1217 (xpsp2.030429-2131)] [C:\windows\system32\CSRSRV.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\basesrv.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\winsrv.dll] [Microsoft Corporation, 5.1.2600.1134 (xpsp2.020921-0842)] [C:\windows\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.1255 (xpsp2.030804-1745)] [C:\windows\system32\KERNEL32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.1254 (xpsp2.030801-1834)] [C:\windows\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\USP10.dll] [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\sxs.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [PID: 288][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\ntdll.dll] [Microsoft Corporation, 5.1.2600.1217 (xpsp2.030429-2131)] [C:\windows\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.1254 (xpsp2.030801-1834)] [C:\windows\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.1255 (xpsp2.030804-1745)] [C:\windows\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\NDdeApi.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.1123 (xpsp2.020921-0842)] [C:\windows\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)] [C:\windows\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\PROFMAP.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\REGAPI.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.1240 (xpsp2.030618-0119)] [C:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\USP10.dll] [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2800.1233 (xpsp2.030604-1804)] [C:\windows\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2800.1276] [C:\windows\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp1.020828-1920)] [C:\windows\System32\ODBC32.dll] [Microsoft Corporation, 3.520.9041.40] [C:\windows\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\odbcint.dll] [Microsoft Corporation, 3.520.7713.0] [C:\windows\System32\SHSVCS.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\system32\sfc.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.0 (xpclient.010817-1148)] [C:\windows\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.1263 (xpsp2.030819-2129)] [C:\windows\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\msctfime.ime] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\Documents and Settings\All Users\Documents\Settings\bot.dll] [N/A, ] [C:\WINDOWS\system32\cscdll.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\System32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.1029 (xpsp1.020426-1800)] [C:\WINDOWS\system32\WlNotify.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\WINMM.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\WinSCard.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.42] [C:\windows\system32\OLEAUT32.dll] [Microsoft Corporation, 3.50.5016.0] [C:\windows\System32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.42]
小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:

小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	发表于： 2007-06-16 20:51 \| 只看楼主短消息资料字号：小中大 6楼 PID: 3156][C:\windows\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\ntdll.dll] [Microsoft Corporation, 5.1.2600.1217 (xpsp2.030429-2131)] [C:\windows\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.1254 (xpsp2.030801-1834)] [C:\windows\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.1255 (xpsp2.030804-1745)] [C:\windows\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2800.1276] [C:\windows\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2800.1233 (xpsp2.030604-1804)] [C:\windows\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.1263 (xpsp2.030819-2129)] [C:\windows\system32\OLEAUT32.dll] [Microsoft Corporation, 3.50.5016.0] [C:\windows\System32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2800.1276] [C:\windows\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\USP10.dll] [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp1.020828-1920)] [C:\windows\System32\msctfime.ime] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.42] [C:\windows\System32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.42] [C:\windows\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\System32\AcSignIcon.dll] [Autodesk, 16.1.63.0] [C:\WINDOWS\System32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\WINDOWS\System32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)] [C:\WINDOWS\System32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\windows\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\CSCDLL.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\KB9279O2.log] [N/A, ] [C:\windows\System32\netapi32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\wsock32.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.1240 (xpsp2.030618-0119)] [C:\windows\System32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\themeui.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\Secur32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\WININET.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.1123 (xpsp2.020921-0842)] [C:\windows\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)] [C:\windows\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\Msimtf.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\WINDOWS\System32\msutb.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\LINKINFO.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\ATL.DLL] [Microsoft Corporation, 3.00.9435] [C:\windows\System32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.1.63.0] [C:\windows\System32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\WINDOWS\system32\NETSHELL.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.1240 (xpsp2.030618-0119)] [C:\windows\System32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\msi.dll] [Microsoft Corporation, 2.0.2600.1106] [C:\windows\System32\browselc.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2800.1282] [C:\windows\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\drprov.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\ntlanman.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\NETUI0.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\NETUI1.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\davclnt.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\mlang.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)] [C:\windows\System32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\ODBC32.dll] [Microsoft Corporation, 3.520.9041.40] [C:\windows\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\odbcint.dll] [Microsoft Corporation, 3.520.7713.0] [D:\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\windows\System32\shdoclc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)] [C:\windows\System32\zipfldr.dll] [Microsoft Corporation, 6.00.2800.1126 (xpsp2.020921-0842)] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewTemp.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\windows\System32\scandisk.dll] [N/A, ] [C:\windows\System32\checkfile.dll] [N/A, ] [C:\windows\System32\csv.dll] [N/A, ] [C:\windows\System32\weftl.dll] [N/A, ] [C:\windows\System32\wtfsm.dll] [N/A, ] [C:\windows\System32\htysx.dll] [N/A, ] [C:\windows\System32\wuhdd.dll] [N/A, ] [C:\windows\System32\zwgfx.dll] [N/A, ] [C:\windows\System32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\rasman.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\rtutils.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\WINMM.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [d:\WinRAR\rarext.dll] [N/A, ] [D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:

小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	发表于： 2007-06-16 20:53 \| 只看楼主短消息资料字号：小中大 7楼 [PID: 9952][C:\windows\System32\taskmgr.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\ntdll.dll] [Microsoft Corporation, 5.1.2600.1217 (xpsp2.030429-2131)] [C:\windows\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.1254 (xpsp2.030801-1834)] [C:\windows\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.1255 (xpsp2.030804-1745)] [C:\windows\System32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.1240 (xpsp2.030618-0119)] [C:\windows\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.1240 (xpsp2.030618-0119)] [C:\windows\System32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2800.1276] [C:\windows\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2800.1233 (xpsp2.030604-1804)] [C:\windows\System32\Secur32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\VDMDBG.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\USP10.dll] [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\windows\system32\oleaut32.dll] [Microsoft Corporation, 3.50.5016.0] [C:\windows\system32\OLE32.DLL] [Microsoft Corporation, 5.1.2600.1263 (xpsp2.030819-2129)] [C:\windows\system32\wininet.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.1123 (xpsp2.020921-0842)] [C:\windows\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)] [C:\windows\System32\msctfime.ime] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\Msimtf.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\zwgfx.dll] [N/A, ] [C:\windows\System32\WSOCK32.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\wuhdd.dll] [N/A, ] [C:\windows\System32\htysx.dll] [N/A, ] [C:\windows\System32\wtfsm.dll] [N/A, ] [C:\windows\System32\weftl.dll] [N/A, ] [C:\windows\System32\checkfile.dll] [N/A, ] [C:\windows\System32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\netapi32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [PID: 11888][J:\常用软件原文件\新的\扫描日志\g.EXE] [Smallfrogs Studio, 2.4.12.806] [C:\windows\System32\ntdll.dll] [Microsoft Corporation, 5.1.2600.1217 (xpsp2.030429-2131)] [C:\windows\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.1255 (xpsp2.030804-1745)] [C:\windows\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.1254 (xpsp2.030801-1834)] [C:\windows\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2800.1276] [C:\windows\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)] [C:\windows\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2800.1233 (xpsp2.030604-1804)] [C:\windows\System32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\oledlg.dll] [Microsoft Corporation, 1.0 (XPClient.010817-1148)] [C:\windows\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.1263 (xpsp2.030819-2129)] [C:\windows\system32\OLEAUT32.dll] [Microsoft Corporation, 3.50.5016.0] [C:\windows\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.1123 (xpsp2.020921-0842)] [C:\windows\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)] [C:\windows\System32\WINMM.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.1240 (xpsp2.030618-0119)] [C:\windows\System32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\WININET.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\USP10.dll] [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\RICHED20.DLL] [Microsoft Corporation, 5.30.23.1211] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\windows\System32\msctfime.ime] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [C:\windows\System32\Msimtf.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\zwgfx.dll] [N/A, ] [C:\windows\System32\WSOCK32.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\wuhdd.dll] [N/A, ] [C:\windows\System32\htysx.dll] [N/A, ] [C:\windows\System32\wtfsm.dll] [N/A, ] [C:\windows\System32\weftl.dll] [N/A, ] [C:\windows\System32\checkfile.dll] [N/A, ] [C:\windows\System32\sfc.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.0 (xpclient.010817-1148)] [C:\windows\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\Sensapi.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\Secur32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\WINDOWS\System32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.1029 (xpsp1.020426-1800)] [C:\windows\system32\userenv.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [C:\windows\System32\netapi32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] ==================================
小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:

小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	发表于： 2007-06-16 20:54 \| 只看楼主短消息资料字号：小中大 8楼 STS 文件 202.109.114.142 survey88.allyes.com 202.109.114.142 adtaobao.allyes.com 202.109.114.142 code.qihoo.com 202.109.114.142 union.mop.com 202.109.114.142 js.kkunion.com 202.109.114.142 v.kkunion.com 202.109.114.142 v.21cn.com 202.109.114.142 iplusms.allyes.com 202.109.114.142 mms.t2t2.com 202.109.114.142 ivr.dobig.net 202.109.114.142 www.u8u.com 202.109.114.142 u.u8u.com 202.109.114.142 img.zhangxiu.com 202.109.114.142 tl.linktone.com 202.109.114.142 channel.e78.com 202.109.114.142 u.7town.com 202.109.114.142 union.95ol.com.cn 202.109.114.142 mms1.95ol.com.cn 202.109.114.142 mfs.95ol.com.cn 202.109.114.142 tl.a8.com 202.109.114.142 ad01.a8.com 202.109.114.142 u2.caiku.com 202.109.114.142 mms.caiku.com 202.109.114.142 code1.caiku.com 202.109.114.142 pub.lele.com 202.109.114.142 u.lele.com 202.109.114.142 7town.com 202.109.114.142 tvsend.7town.com 202.109.114.142 ivrsend.7town.com 202.109.114.142 tlt.7town.com 202.109.114.142 gsend.7town.com 202.109.114.142 smssend.7town.com 202.109.114.142 mmssend.moyu.com 202.109.114.142 91ivr.com 202.109.114.142 myad.91ivr.com 202.109.114.142 u.91ivr.com 202.109.114.142 union.91ivr.com 202.109.114.142 cm.p4p.cn.yahoo.com 202.109.114.142 un.265.com 202.109.114.142 union.qq.com 202.109.114.142 view.aliunion.cn.yahoo.com 202.109.114.142 union.narrowad.com 202.109.114.142 ln.heima8.com 202.109.114.142 www.fboat.cn 202.109.114.142 cpro.baidu.com 202.109.114.142 unstat.baidu.com 202.109.114.142 y.cnxad.com 202.109.114.142 www.ewowo.com 202.109.114.142 template.union.163.com 202.109.114.142 new.is686.com 202.109.114.142 creative.unionsys.bolaa.com 202.109.114.142 www.qyule.com 202.109.114.142 99e.cc 202.109.114.142 www.91ivr.com 202.109.114.142 mg.ukaka.com 202.109.114.142 kooxoo2.ad4all.net 202.109.114.142 www.8fff.com 202.109.114.142 union.pomoho.com 202.109.114.142 202.107.233.211 202.109.114.142 www.end123.com 202.109.114.142 w1.7clink.com 202.109.114.142 w2.7clink.com 202.109.114.142 union01.com 202.109.114.142 click.8le8le.com 202.109.114.142 stbanner.allyes.com 202.109.114.142 mms1.moyu.com 202.109.114.142 u.moyu.com 202.109.114.142 mmsu.moyu.com 202.109.114.142 show.moyu.com 202.109.114.142 ivrsend.moyu.com 202.109.114.142 ivru.moyu.com 202.109.114.142 ivr1.moyu.com 203.191.146.205 corep.dmcast.com 203.191.146.205 m081.dmcast.com 203.191.146.205 dcww.dmcast.com 203.191.146.205 renren.dmcast.com 203.191.146.205 files.henbang.net 203.191.146.205 bannerbox.cn 203.191.146.205 www.bannerbox.cn 203.191.146.205 action.coopen.cn 203.191.146.205 u4.sky99.cn 203.191.146.205 u1.sky99.cn 203.191.146.205 u2.sky99.cn 203.191.146.205 u3.sky99.cn 203.191.146.205 sky99.cn 203.191.146.205 u.sky99.cn 203.191.146.205 u.ete.cn 203.191.146.205 ip.alexaanywhere.com 203.191.146.205 www.365tan.com 203.191.146.205 www.winopen.cn 203.191.146.205 www.tanip.com 203.191.146.205 alexaanywhere.com 203.191.146.205 jssb.alexaanywhere.com 203.191.146.205 ns250.alexaanywhere.com 203.191.146.205 sb.alexaanywhere.com 203.191.146.205 ip.alexaanywhere.com 203.191.146.205 pop.9v.cn 203.191.146.205 xuni.myad.cn 203.191.146.205 iebar.t2t2.com 203.191.146.205 error.newcell.cn 203.191.146.205 auto.search.msn.com 203.191.146.205 cns.3721.com 203.191.146.205 seek.3721.com 203.191.146.205 name.cnnic.cn 203.191.146.205 toolsbar.kuaiso.com 203.191.146.205 www.kuaiso.com 203.191.146.205 kuaiso.com 203.191.146.205 www.copyso.com 203.191.146.205 union.copyso.com 203.191.146.205 auto.search.msn.com 203.191.146.205 ok.mop-hz.com 203.191.146.205 www.ncast.cn 203.191.146.205 www.ads3721.com 203.191.146.205 360.ads3721.com 203.191.146.205 www.maohehe.com 203.191.146.205 www.5566.net 203.191.146.205 5566.net 203.191.146.205 www.gjj.cc 203.191.146.205 gjj.cc 203.191.146.205 www.9495.com 203.191.146.205 9495.com 203.191.146.205 my123.com 203.191.146.205 www.my123.com 203.191.146.205 7b.com.cn 203.191.146.205 www.7b.com.cn 203.191.146.205 www.3567.com 203.191.146.205 3567.com 203.191.146.205 www.37021.com 203.191.146.205 37021.com 203.191.146.205 k369.com 203.191.146.205 www.k369.com 203.191.146.205 www.haourl.com 203.191.146.205 haourl.com 203.191.146.205 www.37021.net 203.191.146.205 37021.net 203.191.146.205 www.4199.com 203.191.146.205 4199.com 203.191.146.205 www.9505.com 203.191.146.205 9505.com 203.191.146.205 7939.com 203.191.146.205 www.7939.com 203.191.146.205 www.3448.com 203.191.146.205 3448.com 203.191.146.205 8925.com 203.191.146.205 www.8925.com 203.191.146.205 www.ttmp3.com 203.191.146.205 ttmp3.com 203.191.146.205 www.3tg.cn 203.191.146.205 3tg.cn 203.191.146.205 www.ttjj.com 203.191.146.205 ttjj.com 203.191.146.205 www.59178.com 203.191.146.205 59178.com 203.191.146.205 www.987654.com 203.191.146.205 987654.com 203.191.146.205 www.zhao123.com 203.191.146.205 zhao123.com 203.191.146.205 123wa.com 203.191.146.205 www.123wa.com 203.191.146.205 www.159.com 203.191.146.205 soft.159.com 203.191.146.205 www.v111.com 203.191.146.205 v111.com 203.191.146.205 www.855.com 203.191.146.205 855.com 203.191.146.205 www.wu123.com 203.191.146.205 wu123.com 203.191.146.205 www.haodx.com 203.191.146.205 haodx.com 203.191.146.205 19ku.com 203.191.146.205 www.19ku.com 203.191.146.205 www.t2t2.com 203.191.146.205 t2t2.com 203.191.146.205 www.ku8.com 203.191.146.205 ku8.com 203.191.146.205 www.v23.com 203.191.146.205 v23.com 203.191.146.205 www.51115.com 203.191.146.205 www.52.com 203.191.146.205 52.com 203.191.146.205 www.qu123.com 203.191.146.205 qu123.com 203.191.146.205 www.haokan123.com 203.191.146.205 haokan123.com 203.191.146.205 www.kan123.com 203.191.146.205 kan123.com 203.191.146.205 hang123.com 203.191.146.205 www.hang123.com 203.191.146.205 3tom.com 203.191.146.205 www.3tom.com 203.191.146.205 www.anyso.com 203.191.146.205 anyso.com 203.191.146.205 59178.com 203.191.146.205 www.59178.com 203.191.146.205 t3j4.com 203.191.146.205 www.t3j4.com 203.191.146.205 www.zh130.com 203.191.146.205 zh130.com 203.191.146.205 www.8757.com 203.191.146.205 8757.com 203.191.146.205 www.7667.com 203.191.146.205 7667.com 203.191.146.205 ie.union123.com 203.191.146.205 www.daohangtu.com 203.191.146.205 daohangtu.com 203.191.146.205 www.ld123.com 203.191.146.205 ld123.com 203.191.146.205 www.369.com 203.191.146.205 369.com 203.191.146.205 91ni.com 203.191.146.205 www.91ni.com 203.191.146.205 www.17995.com 203.191.146.205 17995.com 203.191.146.205 www.sha123.com 203.191.146.205 sha123.com 203.191.146.205 www.lethot.com 203.191.146.205 lethot.com 203.191.146.205 www.8757.com 203.191.146.205 8757.com 203.191.146.205 4533.cn 203.191.146.205 6h.com.cn 203.191.146.205 www.6h.com.cn 203.191.146.205 www.jjol.cn 203.191.146.205 jjol.cn 203.191.146.205 wangzhiku.com 203.191.146.205 www.wangzhiku.com 203.191.146.205 www.1zhan.com 203.191.146.205 1zhan.com 203.191.146.205 www.262.com 203.191.146.205 262.com 203.191.146.205 www.365.com 203.191.146.205 365.com 203.191.146.205 www.4533.cn 203.191.146.205 4533.cn 203.191.146.205 31tg.com 203.191.146.205 www.31tg.com 203.191.146.205 tomatolei.com 203.191.146.205 www.tomatolei.com 203.191.146.205 999cha.com 203.191.146.205 www.999cha.com 127.0.0.1 mmsk.cn 127.0.0.1 ikaka.com 127.0.0.1 safe.qq.com 127.0.0.1 360safe.com 127.0.0.1 bbs.360safe.com 127.0.0.1 www.mmsk.cn 127.0.0.1 www.ikaka.com 127.0.0.1 tool.ikaka.com 127.0.0.1 www.360safe.com 127.0.0.1 zs.kingsoft.com 127.0.0.1 forum.ikaka.com 127.0.0.1 up.rising.com.cn 127.0.0.1 scan.kingsoft.com 127.0.0.1 kvup.jiangmin.com 127.0.0.1 reg.rising.com.cn 127.0.0.1 update.rising.com.cn 127.0.0.1 update7.jiangmin.com 127.0.0.1 download.rising.com.cn 127.0.0.1 dnl-us1.kaspersky-labs.com 127.0.0.1 dnl-us2.kaspersky-labs.com 127.0.0.1 dnl-us3.kaspersky-labs.com 127.0.0.1 dnl-us4.kaspersky-labs.com 127.0.0.1 dnl-us5.kaspersky-labs.com 127.0.0.1 dnl-us6.kaspersky-labs.com 127.0.0.1 dnl-us7.kaspersky-labs.com 127.0.0.1 dnl-us8.kaspersky-labs.com 127.0.0.1 dnl-us9.kaspersky-labs.com 127.0.0.1 dnl-us10.kaspersky-labs.com 127.0.0.1 dnl-eu1.kaspersky-labs.com 127.0.0.1 dnl-eu2.kaspersky-labs.com 127.0.0.1 dnl-eu3.kaspersky-labs.com 127.0.0.1 dnl-eu4.kaspersky-labs.com 127.0.0.1 dnl-eu5.kaspersky-labs.com 127.0.0.1 dnl-eu6.kaspersky-labs.com 127.0.0.1 dnl-eu7.kaspersky-labs.com 127.0.0.1 dnl-eu8.kaspersky-labs.com 127.0.0.1 dnl-eu9.kaspersky-labs.com 127.0.0.1 dnl-eu10.kaspersky-labs.com 203.191.146.205 www.ab365.com 203.191.146.205 ab365.com 203.191.146.205 www.5235.net 203.191.146.205 5235.net ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]
小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:

newcenturymoon 社区嘉宾帖子:15158 注册: 2005-08-03 来自:	发表于： 2007-06-16 23:06 \| 短消息资料字号：小中大 9楼安全模式下(开机后不断按F8键然后出来一个高级菜单选择第一项安全模式进入系统) 打开sreng （就是你扫日志的软件）启动项目注册表删除如下项目 (如果有哪项你认识或者确认不是病毒请不要删除) <sm><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\Rav.exe> [N/A] <6shrc9i0w><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexp1ore.exe> [N/A] <7zj4ei><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\crasos.exe> [N/A] <f2xfhc><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexp10re.exe> [N/A] <li4gm><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\c0nime.exe> [N/A] <6qwbjm4e8><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexpl0re.exe> [N/A] <z49><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\1explore.exe> [N/A] <822><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\exp10rer.exe> [N/A] <qs2c657w1ut58><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexplorer.exe> [N/A] <jx><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\explorei.exe> [N/A] <hcjid8bxskf8><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\winlog0n.exe> [N/A] <MS Reporter(dont disable)><; C:\WINDOWS\W1NL0GON.EXE> [] <Service Pack 1><; C:\WINDOWS\System32\vexg6ame4.exe> [] <sm><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\Rav.exe> [N/A] <6shrc9i0w><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexp1ore.exe> [N/A] <7zj4ei><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\crasos.exe> [N/A] <f2xfhc><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexp10re.exe> [N/A] <li4gm><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\c0nime.exe> [N/A] <6qwbjm4e8><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexpl0re.exe> [N/A] <z49><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\1explore.exe> [N/A] <822><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\exp10rer.exe> [N/A] <qs2c657w1ut58><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\iexplorer.exe> [N/A] <jx><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\explorei.exe> [N/A] <hcjid8bxskf8><; C:\DOCUME~1\Fantasy\LOCALS~1\Temp\winlog0n.exe> [N/A] <MS Reporter(dont disable)><; C:\WINDOWS\W1NL0GON.EXE> [] <Service Pack 1><; C:\WINDOWS\System32\vexg6ame4.exe> [] <qqkwha><%systemroot%\system32\Rundll32.exe %systemroot%\system32\qqkwha.dll,DllUnregisterServer> [] <bthaq><%systemroot%\system32\Rundll32.exe %systemroot%\system32\bthaq.dll,DllUnregisterServer> [] <visin><; C:\WINDOWS\System32\visin.exe> [Microsoft Corporation] 双击Userinit 把其键值改为空 <{0EA66AD2-CF26-2E23-532B-B292E22F3266}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewTemp.dll> [] <{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\System64.Sys> [] <{99F1D023-7CEB-4586-80F7-BB1A98DB7602}><C:\Program Files\Internet Explorer\IEXPLORE.Sys> [N/A] <{FEB94F5A-69F3-4645-8C2B-9E71D270AF2E}><C:\Program Files\Internet Explorer\IEXPLORE.Dat> [N/A] <{923509F1-45CB-4EC0-BDE0-1DED35B8FD60}><C:\Program Files\Internet Explorer\IEXPLORE.win> [N/A] <{1496D5ED-7A09-46D0-8C92-B8E71A4304DF}><C:\windows\System32\scandisk.dll> [] “启动项目”-“服务”-“Win32服务应用程序”中点“隐藏经认证的微软项目”，选中以下项目，点“删除服务”，再点“设置”，在弹出的框中点“否”： [4E98AB0C / 4E98AB0C][Stopped/Auto Start] [6DCA4309 / 6DCA4309][Stopped/Auto Start] [840F1C4B / 840F1C4B][Stopped/Auto Start] <C:\windows\System32\1E954C5F.EXE -k><Microsoft Corporation> [Messenger Accelerator / Accelerator Tools][Stopped/Auto Start] [Asynchronous UPnP Support Services / Asynchronous UPnP Support Services][Stopped/Auto Start] [at2.810810.org / at2.810810.org][Stopped/Auto Start] [B76DD14A / B76DD14A][Stopped/Auto Start] <C:\windows\System32\39E6A229.EXE -g><Microsoft Corporation> [EJOTZFLPVAGLRWC / BGLQWCHMSXDINT][Stopped/Auto Start] [Windows Install Helper / BKMARKS][Stopped/Auto Start] [Client IP-IPX / Client IP-IPX][Stopped/Disabled] [EA0A5D0B / EA0A5D0B][Stopped/Auto Start] [Remote Route Service / Hardware][Stopped/Auto Start] [System Local Kernel Service / kernel][Stopped/Auto Start] [kernl32 / kernl32][Stopped/Auto Start] [Fax 2Client / ms_2fax][Stopped/Auto Start] [Navoct / Navoct][Stopped/Disabled] [Net Login Helper / netlog][Stopped/Auto Start] [Windows pgsd RunThem / pgsd][Stopped/Auto Start] [Remote Procedure Call System(RPCS) / RpcS][Stopped/Auto Start] [svchost / svchost][Stopped/Auto Start] [Unigraphics License Server (uglmd) / Unigraphics License Server (uglmd)][Stopped/Auto Start] [Telephonyl / WindowsDown][Stopped/Auto Start] [wljs0001.3322.org / wljs0001.3322.org][Stopped/Auto Start] [Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start] [WMI Performance API / WMIApiSrv][Stopped/Auto Start] 双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹" 并清除"隐藏受保护的操作系统文件（推荐）"前面的钩。在提示确定更改时，单击“是” 然后确定然后删除 c:\documents and settings\all users\documents\settings\bot.dll c:\windows\system32\scandisk.dll c:\program files\internet explorer\iexplore.win c:\program files\internet explorer\iexplore.dat c:\program files\internet explorer\iexplore.sys c:\program files\internet explorer\plugins\system64.sys c:\program files\common files\microsoft shared\msinfo\newtemp.dll c:\windows\system32\userinit.exe,c:\windows\system32\wintemp.exe c:\windows\system32\bthaq.dll c:\windows\system32\qqkwha.dll c:\windows\system32\ravasktao.exe c:\windows\system32\nrbnve71.dll c:\windows\system32\wdynyi12.dll c:\windows\system32\spoolsvv.exe c:\program files\internet explorer\sploue.exe c:\program files\common files\services\svchost.exe c:\windows\retadpu321.exe c:\windows\system32\autoc0nv.exe c:\program files\installshield installation information\thjcghi.exe c:\program files\common files\system\updaterun.exe c:\docume~1\fantasy\locals~1\temp\wgso.exe c:\docume~1\fantasy\locals~1\temp\tlso.exe c:\docume~1\fantasy\locals~1\temp\rxso.exe c:\docume~1\fantasy\locals~1\temp\woso.exe c:\windows\system32\mydata.exe c:\docume~1\fantasy\locals~1\temp\win15.exe c:\windows\system32\nwizzhuxians.exe c:\docume~1\fantasy\locals~1\temp\daso.exe c:\windows\system32\mosou.exe c:\windows\upxdnd.exe c:\windows\uninstall\rundl132.exe c:\docume~1\fantasy\locals~1\temp\qjso.exe c:\docume~1\fantasy\locals~1\temp\mhso.exe c:\docume~1\fantasy\locals~1\temp\wlso.exe c:\windows\system32\vexg6ame4.exe c:\windows\w1nl0gon.exe c:\docume~1\fantasy\locals~1\temp\winlog0n.exe c:\docume~1\fantasy\locals~1\temp\explorei.exe c:\docume~1\fantasy\locals~1\temp\iexplorer.exe c:\docume~1\fantasy\locals~1\temp\exp10rer.exe c:\docume~1\fantasy\locals~1\temp\1explore.exe c:\docume~1\fantasy\locals~1\temp\iexpl0re.exe c:\docume~1\fantasy\locals~1\temp\c0nime.exe c:\docume~1\fantasy\locals~1\temp\iexp10re.exe c:\docume~1\fantasy\locals~1\temp\crasos.exe c:\docume~1\fantasy\locals~1\temp\iexp1ore.exe c:\docume~1\fantasy\locals~1\temp\rav.exe c:\windows\system32\visin.exe c:\windows\system32\hncsbe79.dll c:\windows\system32\744eb526.exe c:\windows\system32\a8ccb330.exe c:\windows\system32\1e954c5f.exe c:\windows\system32\mdn.exe c:\windows\system32\wmiapisrv.dll c:\windows\system32\wljs0001.3322.org.exe c:\windows\system32\servet.exe c:\windows\svchost.exe c:\windows\system32\rpcs.exe c:\program files\iesnap\navoct.dll c:\windows\system32\86aa1.exe c:\windows\system32\kernl32.exe c:\documents and settings\all users\application data\microsoft\office\system\8honjqghmr.exe c:\windows\system32\njldc.dll c:\windows\system32\2386ee1d.exe c:\windows\system32\svchosts.exe c:\windows\system32\rundllforour.exe c:\windows\system32\wbem\njfqz.dll c:\windows\anyjtb1001.dll c:\windows\system32\39e6a229.exe c:\windows\system32\at2.810810.org.exe c:\windows\system32\upnpsvc.exe c:\progra~1\kbny\ulxi.dll c:\windows\system32\drivers\ygqijx43.sys c:\windows\system32\drivers\rysqhe.sys c:\windows\system32\drivers\qqkwha.sys c:\windows\system32\drivers\ornux.sys c:\windows\system32\drivers\lqfxxy29.sys c:\windows\system32\drivers\hncsbe79.sys D:\rising.exe E:\rising.exe F:\rising.exe c:\windows\kb9279o2.log c:\windows\system32\zwgfx.dll c:\windows\system32\wuhdd.dll c:\windows\system32\wtfsm.dll
newcenturymoon 社区嘉宾帖子:15158 注册: 2005-08-03 来自:

小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:	发表于： 2007-06-17 12:20 \| 只看楼主短消息资料字号：小中大 10楼按照你说的我做了，发现即使显示隐藏文件和取消隐藏系统保护文件还是有一些文件没显示出来，我在删除文件的时候是用的搜索找的文件，才发现这个问题，在搜索文件的时候有机个文件不只在你列的目录有，在C盘下还有个名字一样的压缩包。我按照你的做了，机器现在启动速度明显快了，可是，输入密码回车后马上注销，安全模式也是这样。试过好多次了。这是怎么回事啊？
小小企鹅快乐黄口狮帖子:140 注册: 2007-01-26 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT