瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】这是最新的日志。99我的电脑吧!!

1   1  /  1  页   跳转

【求助】这是最新的日志。99我的电脑吧!!

收藏
叹息之影
头像
初生襁褓狮
  • 帖子:52
  • 注册: 2007-03-31
  • 来自:
发表于: 2008-03-26 23:06 | 只看楼主 短消息 资料
字号: 1楼

【求助】这是最新的日志。99我的电脑吧!!


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [1]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <HDCSP RegCertTool><C:\Program Files\95599 Certificate Tools\CIDC\RegCertTool.exe>  [CIDC]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <MsPrint32D><C:\WINDOWS\MsPrint32D.exe>  [N/A]
    <PTSShell><C:\WINDOWS\PTSShell.exe>  []
    <WINSvr32><C:\WINDOWS\WINSvr32.exE>  []
    <WSockDrv32><C:\WINDOWS\WSockDrv32.exe>  []
    <MsIMMs32><C:\WINDOWS\MsIMMs32.exE>  []
    <mppds><C:\WINDOWS\mppds.exe>  []
    <AVPSrv><C:\WINDOWS\AVPSrv.exE>  []
    <upxdnd><C:\WINDOWS\upxdnd.exe>  []
    <tciocp32><C:\WINDOWS\tciocp32.exe>  []
    <msccrt><C:\WINDOWS\msccrt.exe>  []
    <DbgHlp32><C:\WINDOWS\DbgHlp32.exe>  []
    <cmdbcs><C:\WINDOWS\cmdbcs.exe>  []
    <kjokaebq><C:\WINDOWS\jkeqrleo.exe>  []
    <LotusHlp><C:\WINDOWS\LotusHlp.exe>  []
    <SHAProc><C:\WINDOWS\SHAProc.exe>  []
    <Kvsc3><C:\WINDOWS\Kvsc3.exE>  []

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
最后编辑2008-03-27 14:40:26
分享到:
gototop
 
叹息之影
头像
初生襁褓狮
  • 帖子:52
  • 注册: 2007-03-31
  • 来自:
发表于: 2008-03-26 23:07 | 只看楼主 短消息 资料
字号: 2楼

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <MSDCG32    ><LYLeador.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><mrjhtjd.dll,qrhhb.dll,xdfntt.dll,hgfhk.dll,hjaiq.dll,kduy.dll,frntrn.dll,dnteh.dll,chmfcmh.dll,jwlah.dll,crugd.dll,lariytrz.dll,thurh.dll,mgmgmm.dll,oqrthc.dll,ydgn.dll,dbfb.dll,fjnbv.dll,wmsat.dll,gmnait.dll,hfjg.dll,xdndn.dll,rgfjj.dll,dscef.dll,xfng.dll,njritc.dll,setrhes.dll,cdxbfxdb.dll,xfgnxfn.dll,gjkhj.dll,fxnfnh.dll,bjrvm.dll,ektvm.dll,fehom.dll,jyjlt.dll,ijatnaw.dll,sehhter.dll,fhjfg.dll,zdbdb.dll,rhs.dll,atehhz.dll,gjjte.dll,xgnfn.dll,xfgnhcgfm.dll,serger.dll,bnxnb.dll,fxgnfx.dll,jzijj.dll,xfgnfx.dll,serghjm.dll,thsddh.dll,xbcvxb.dll,zfdzb.dll,hkfgh.dll,drghszd.dll,fngn.dll,xdhdg.dll,zdbfbd.dll,fjyjy.dll,,msosmhfp00.dll,msosfmsq00.dll,msoscqit00.dll,msosdohs00.dll,msosdrop00.dll,msosjtio00.dll>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{50632D5C-B71B-4ba0-B012-3DC6F15C011B}><C:\WINDOWS\system32\msosiocp.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Loader.exe]
    <IFEO[360Loader.exe]><svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe]
    <IFEO[ctfmon.exe]><SoundMan.exe>  [1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword]
    <IFEO[IceSword]><svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ras]
    <IFEO[ras]><svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep]
    <IFEO[runiep]><svchost.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\Tencent\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
gototop
 
叹息之影
头像
初生襁褓狮
  • 帖子:52
  • 注册: 2007-03-31
  • 来自:
发表于: 2008-03-26 23:08 | 只看楼主 短消息 资料
字号: 3楼

服务
[Help and Support / helpsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\interne.exe-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><Microsoft Corporation>
[Kerberos Key Distribution Centers / kkdc][Stopped/Auto Start]
  <C:\WINDOWS\lsass.exe -netsvcs><N/A>
[Qvod Terminal / Qvod Terminal][Running/Auto Start]
  <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
[Rising Proxy  Service / RfwProxySrv][Stopped/Auto Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Atixeve2250 / Atixeve2250][Stopped/Manual Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.31.tmp><N/A>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[BdGuard / BdGuard][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\BDGuard.SYS><N/A>
[cdspacex / cdspacex][Running/Manual Start]
  <system32\DRIVERS\CDSPACEX.sys><SPACE INT'L, Inc.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dohs / dohs][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp19.tmp><N/A>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HSFHWBS2 / HSFHWBS2][Running/Manual Start]
  <system32\DRIVERS\HSFBS2S2.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Running/Manual Start]
  <system32\DRIVERS\HSFDPSP2.sys><Conexant Systems, Inc.>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[mhfp / mhfp][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp24.tmp><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkcusb / npkcusb][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcusb.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Technology Co., Ltd.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SIS AGP Bus Filter / sisagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[Two Rabbits Live Bus / TwoRabts][Running/Manual Start]
  <system32\DRIVERS\TwoRabts.sys><Two Rabbits, Inc.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSFCXTS2.sys><Conexant Systems, Inc.>
[XSPACEWG / XSPACEWG][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\XSpaceWg.sys><SPACE INT'L, Inc.>
[fpids32 / fpids32][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\msosfpids32.sys><N/A>
[mnsf / mnsf][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp3E.tmp><N/A>
[jtio / jtio][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp58.tmp><N/A>
[RsFwDrv / RsFwDrv][Running/System Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[HookUrl / HookUrl][Stopped/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
gototop
 
叹息之影
头像
初生襁褓狮
  • 帖子:52
  • 注册: 2007-03-31
  • 来自:
发表于: 2008-03-26 23:08 | 只看楼主 短消息 资料
字号: 4楼

浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, N/A>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[JUJU猫]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.jujumao.net, N/A>
[启动WEB迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, N/A>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[CEnroll Class]
  {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[ctl4RA Class]
  {27984DB8-C851-439E-B625-81740482BE7C} <C:\WINDOWS\system32\PRINTC~1.DLL, INFOSEC Tech. corp>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[WebThunder DapPlayer]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.41.65.551.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\system32\NetSign.dll, Infosec Technologies Co., Ltd.>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CCtInf Class]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\WebThunder\InMedia\MediaAddin13.dll, Thunder Networking Technologies,LTD>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\system32\TSOBase\TSOBase.ocx, Tencent Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[TencentVmpCtl Class]
  {D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[Thunder DapCtrl]
  {EF1EA76E-5428-4e40-85A1-D4DD2893183A} <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapCtrl1.2.13.16.551.dll, ShenZhen Thunder Networking Technologies Ltd.>
[QvodCtrl Class]
  {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
gototop
 
叹息之影
头像
初生襁褓狮
  • 帖子:52
  • 注册: 2007-03-31
  • 来自:
发表于: 2008-03-26 23:10 | 只看楼主 短消息 资料
字号: 5楼

正在运行的进程
[PID: 440 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 500 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 568 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 580 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 728 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 776 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 880 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\ijougiemnaw.dll]  [N/A, ]
[PID: 956 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 1060 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 1244 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosiocp.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\tciocp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\sofelvtl.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\WINSvr32.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\mgmgmm.dll]  [N/A, ]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 161]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 52]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 1384 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 1620 / SYSTEM][C:\WINDOWS\SoundMan.exe]  [1, 1.00]
    [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 1668 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe]  [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 1744 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
[PID: 224 / Administrator][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3512]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
[PID: 308 / Administrator][C:\Program Files\95599 Certificate Tools\CIDC\RegCertTool.exe]  [CIDC, 1, 0, 0, 10]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
[PID: 372 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
[PID: 392 / Administrator][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3000]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
[PID: 1808 / Administrator][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\mgmgmm.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
[PID: 1568 / Administrator][C:\Program Files\Rising\Rav\RavMon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.05]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\mgmgmm.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 32]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 21]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.24]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 79]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
gototop
 
叹息之影
头像
初生襁褓狮
  • 帖子:52
  • 注册: 2007-03-31
  • 来自:
发表于: 2008-03-26 23:11 | 只看楼主 短消息 资料
字号: 6楼

[PID: 4460 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe]  [Tencent, 1, 0, 170, 0]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\mgmgmm.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
[PID: 5060 / Administrator][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 7,1,644,1777]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,1,644,1777]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [TENCENT, 7,1,644,1777]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [TENCENT, 7,1,638,1773]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\mgmgmm.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [TENCENT, 7,1,638,1773]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [TENCENT, 7,1,644,1777]
    [C:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [TENCENT, 7,1,638,1773]
    [C:\WINDOWS\system32\WINSvr32.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\sofelvtl.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\tciocp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [TENCENT, 7,1,644,1777]
    [C:\Program Files\Tencent\QQ\QQDoctor\TSELoder.DAT]  [Tencent, 2008, 1, 28, 13]
    [C:\Program Files\Tencent\QQ\QQDoctor\TSEngine.DAT]  [Tencent, 2008, 3, 10, 23]
    [C:\Program Files\Tencent\QQ\QQDoctor\TSEPB.DAT]  [Tencent, 2008, 3, 12, 8]
    [C:\Program Files\Tencent\QQ\QQDoctor\TSECD.DAT]  [tencent, 2007, 2, 1, 3]
    [C:\Program Files\Tencent\QQ\QQDoctor\TSESC.DAT]  [Tencent, 2007, 4, 11, 2]
    [C:\Program Files\Tencent\QQ\QQDoctor\TSVulMdw.DAT]  [TENCENT, 2007, 4, 26, 2]
    [C:\WINDOWS\system32\msosiocp.dll]  [N/A, ]
[PID: 1280 / Administrator][D:\风暴播放器\扫描工具第二代\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\mgmgmm.dll]  [N/A, ]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\vaipdjpdj.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys]  [N/A, ]
    [C:\WINDOWS\system32\SHAProc.dat]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\WINSvr32.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\sofelvtl.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\tciocp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [D:\风暴播放器\扫描工具第二代\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
gototop
 
叹息之影
头像
初生襁褓狮
  • 帖子:52
  • 注册: 2007-03-31
  • 来自:
发表于: 2008-03-26 23:11 | 只看楼主 短消息 资料
字号: 7楼

文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
进程特权扫描
特殊特权被允许: SeSystemtimePrivilege [PID = 1620, C:\WINDOWS\SOUNDMAN.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 224, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 224, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 308, C:\PROGRAM FILES\95599 CERTIFICATE TOOLS\CIDC\REGCERTTOOL.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 308, C:\PROGRAM FILES\95599 CERTIFICATE TOOLS\CIDC\REGCERTTOOL.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
叹息之悠悠
头像
初生襁褓狮
  • 帖子:1
  • 注册: 2008-03-27
  • 来自:
发表于: 2008-03-27 11:53 | 短消息 资料
字号: 8楼

【回复“叹息之影”的帖子】
5555怎么没有人看我的贴子,我都快急死了
gototop
 
流星陨落
头像
初生襁褓狮
  • 帖子:1
  • 注册: 2008-04-17
  • 来自:
发表于: 2008-03-27 14:52 | 短消息 资料
字号: 9楼

用机器狗专杀杀毒
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT