各位大哥大姐帮小弟看下是怎么回事。。。！（附日记） - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛各位大哥大姐帮小弟看下是怎么回事。。。！（附日记）

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

[求助] 各位大哥大姐帮小弟看下是怎么回事。。。！（附日记）

肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	发表于： 2010-09-15 12:16 \| 只看楼主短消息资料字号：小中大 1楼各位大哥大姐帮小弟看下是怎么回事。。。！（附日记） [CODE] 2010-09-15,12:09:39 System Repair Engineer 2.8.2.1321 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描计划任务 Windows 安全更新检查 API HOOK 隐藏进程启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher] <PPS Accelerator><E:\pps\ppsap.exe> [(Verified)SHANGHAI ZHONGYUAN NETWORKS LIMITED] <swg><"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"> [(Verified)Google Inc] <360sd><"C:\Program Files\360\360sd\360sd.exe" /autorun> [(Verified)Qizhi Software (beijing) Co. Ltd] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <nwiz><nwiz.exe /install> [NVIDIA Corporation] <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R> [(Verified)Tencent Technology(Shenzhen) Company Limited] <KAV><C:\WINDOWS\system32\kav.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Infected) Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher] <SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] <WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] <WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] <WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] <WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] <WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] <WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] <WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] <WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] <WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB6.5; TencentTraveler 4.0)
肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	分享到：

肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	发表于： 2010-09-15 12:17 \| 只看楼主短消息资料字号：小中大 2楼回复：各位大哥大姐帮小弟看下是怎么回事。。。！（附日记） [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360delays.exe] <IFEO[360delays.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360realpro.exe] <IFEO[360realpro.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rp.exe] <IFEO[360rp.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safe.exe] <IFEO[360safe.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safebox.exe] <IFEO[360Safebox.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360sd.exe] <IFEO[360sd.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360SoftMgrSvc.exe] <IFEO[360SoftMgrSvc.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe] <IFEO[360tray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe] <IFEO[AgentSvr.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alg.exe] <IFEO[alg.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antiarp.exe] <IFEO[antiarp.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe] <IFEO[avp.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe] <IFEO[bdagent.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe] <IFEO[ccapp.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe] <IFEO[CCenter.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccEvtMgr.exe] <IFEO[ccEvtMgr.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSetMgr.exe] <IFEO[ccSetMgr.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe] <IFEO[ccSvcHst.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defwatch.exe] <IFEO[defwatch.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrUpdate.exe] <IFEO[DrUpdate.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe] <IFEO[DrvAnti.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DSMain.exe] <IFEO[DSMain.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe] <IFEO[egui.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe] <IFEO[ekrn.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\engineserver.exe] <IFEO[engineserver.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FrameworkService.exe] <IFEO[FrameworkService.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KABackReport.exe] <IFEO[KABackReport.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kaccore.exe] <IFEO[kaccore.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KavStart.exe] <IFEO[KavStart.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISSvc.exe] <IFEO[KISSvc.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kmailmon.exe] <IFEO[kmailmon.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe] <IFEO[KPFW32.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPfwSvc.exe] <IFEO[KPfwSvc.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kppserv.exe] <IFEO[kppserv.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPPTray.exe] <IFEO[KPPTray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KSafeSvc.exe] <IFEO[KSafeSvc.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KSafeTray.exe] <IFEO[KSafeTray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KSWebShield.exe] <IFEO[KSWebShield.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe] <IFEO[KVSrvXP.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe] <IFEO[KWatch.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kwstray.exe] <IFEO[kwstray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kxedefend.exe] <IFEO[kxedefend.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kxesapp.exe] <IFEO[kxesapp.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kxescore.exe] <IFEO[kxescore.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kxeserv.exe] <IFEO[kxeserv.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kxetray.exe] <IFEO[kxetray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe] <IFEO[livesrv.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LiveUpdate360.exe] <IFEO[LiveUpdate360.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe] <IFEO[mcagent.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcinsupd.exe] <IFEO[mcinsupd.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmscsvc.exe] <IFEO[mcmscsvc.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcnasvc.exe] <IFEO[mcnasvc.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McProxy.exe] <IFEO[McProxy.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshell.exe] <IFEO[mcshell.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe] <IFEO[mcshield.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe] <IFEO[mcsysmon.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McTray.exe] <IFEO[McTray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcupdmgr.exe] <IFEO[mcupdmgr.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfeann.exe] <IFEO[mfeann.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfevtps.exe] <IFEO[mfevtps.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpfSrv.exe] <IFEO[MpfSrv.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPMon.exe] <IFEO[MPMon.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPSVC.exe] <IFEO[MPSVC.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPSVC1.exe] <IFEO[MPSVC1.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPSVC2.exe] <IFEO[MPSVC2.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naPrdMgr.exe] <IFEO[naPrdMgr.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nbmanti.exe] <IFEO[nbmanti.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe] <IFEO[QQDoctor.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctorRtp.exe] <IFEO[QQDoctorRtp.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDrNetMon.exe] <IFEO[QQDrNetMon.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qutmserv.exe] <IFEO[qutmserv.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe]
肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:

肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	发表于： 2010-09-15 12:17 \| 只看楼主短消息资料字号：小中大 3楼回复：各位大哥大姐帮小弟看下是怎么回事。。。！（附日记） <IFEO[Rav.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe] <IFEO[RavMon.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe] <IFEO[RavMonD.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe] <IFEO[RavStub.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe] <IFEO[RavTask.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegGuide.exe] <IFEO[RegGuide.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe] <IFEO[rfwsrv.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe] <IFEO[RsAgent.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsnetsvr.exe] <IFEO[rsnetsvr.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rssafety.exe] <IFEO[rssafety.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsTray.exe] <IFEO[RsTray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscan.exe] <IFEO[rtvscan.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe] <IFEO[safeboxTray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ScanFrm.exe] <IFEO[ScanFrm.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SHSTAT.exe] <IFEO[SHSTAT.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\udaterui.exe] <IFEO[udaterui.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Uplive.exe] <IFEO[Uplive.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upsvc.exe] <IFEO[upsvc.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vptray.exe] <IFEO[vptray.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe] <IFEO[vsserv.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vstskmgr.exe] <IFEO[vstskmgr.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xcommsvr.exe] <IFEO[xcommsvr.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\XsClient.exe] <IFEO[XsClient.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zhudongfangyu.exe] <IFEO[zhudongfangyu.exe]><svchost.exe> [(Verified)Microsoft Windows Component Publisher] ================================== 启动文件夹 [QQ游戏启动加速程序] <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\qq\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N> ================================== 服务 [Contrl Center of Storm Media / ccosm][Running/Auto Start] <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司> [Google 更新服务 (gupdate) / gupdate][Stopped/Auto Start] <"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.> [Google Software Updater / gusvc][Stopped/Manual Start] <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google> [HID Input Service / HidServ][Stopped/Auto Start] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [ICBC Daemon Service / ICBC Daemon Service][Stopped/Auto Start] <E:\QQPinyin\IcbcDaemon.exe><N/A> [Microsoft .NET Framework v4.2.58373_x86 / MnetFream][Stopped/Auto Start] <C:\WINDOWS\system32\mrinet.exe><Beijing Rising Information Technology Co., Ltd.> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation> [360 杀毒全盘扫描辅助服务 / scan][Stopped/Manual Start] <C:\WINDOWS\System32\svchost.exe -k bdx-->C:\Program Files\360\360sd\Scan.dll><S.C. BitDefender S.R.L> [Tencent Software Update Service / TSUSVC][Stopped/Auto Start] <"C:\Program Files\Tencent\QQSoftMgr\1.0.338.203\TencentUpdateSvc.exe" -run><Tencent> ================================== 驱动程序 [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.> [AMD AGP Bus Filter Driver / amdagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.> [AMD Processor Driver / AmdK8][Running/System Start] <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices> [Driver for ApsX85 Device / ApsX85][Running/Manual Start] <system32\DRIVERS\ApsX85.sys><Lenovo.> [ati2mtag / ati2mtag][Stopped/Manual Start] <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.> [BAPIDRV / BAPIDRV][Running/System Start] <\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS><360.cn> [bdfsfltr / bdfsfltr][Running/System Start] <system32\DRIVERS\bdfsfltr.sys><BitDefender S.R.L. Bucharest, ROMANIA> [VIA Rhine-Family Fast-Ethernet Adapter Driver Service / FET5X86V][Running/Manual Start] <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.> [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.> [hptpro / hptpro][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.> [nv / nv][Running/Manual Start] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys><360安全中心> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.> [SATALink driver accelerator / SiFilter][Running/Boot Start] <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.> [SATALink External Device Filter / SiRemFil][Running/Boot Start] <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.> [TCP/IP Protocol Driver / Tcpip][Running/System Start] <system32\DRIVERS\tcpip.sys><Microsoft Corporation> [VIA AGP Filter / viaagp1][Running/Boot Start] <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.> [ViBus / ViBus][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ViBus.sys><VIA Technologies, Inc.> [videX32 / videX32][Running/Boot Start] <\SystemRoot\system32\DRIVERS\videX32.sys><VIA Technologies, Inc.> [VIA SATA IDE Device Driver / ViPrt][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ViPrt.sys><VIA Technologies, Inc.> [DogKiller / DogKiller][Running/System Start] <2 - 系统找不到指定的文件。 ><N/A>
肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:

肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	发表于： 2010-09-15 12:17 \| 只看楼主短消息资料字号：小中大 4楼回复：各位大哥大姐帮小弟看下是怎么回事。。。！（附日记） ================================== 浏览器加载项 [IEHlprObj Class] {CE7C3CF0-4B15-11D1-ABED-709549C10000} <C:\WINDOWS\system32\baidu32.dll, Microsoft Corporation> [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <d:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) ShenZhen Thunder Networking Technologies,LTD> [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A> [百度一下] {D943E3D8-B612-4F92-A0B6-992EA997B7B3} <http://www.baidu.com/index.php?tn=sayh_1_dg, N/A> [QQ工具栏] {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, (Signed) TENCENT> [Google Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, N/A> [GDGetTokenInfo Class] {3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\system32\GDREAD~1.DLL, > [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) > [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\InputControl.dll, (Signed) > [GDGetVer Class] {7CCE07A5-A590-4554-B5C3-082840D7012E} <C:\WINDOWS\DOWNLO~1\ICBC_G~1.DLL, (Signed) > [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\Downloaded Program Files\SubmitControl.dll, (Signed) > [InfoSecICBCNetSign Class] {B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\DOWNLO~1\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.> [Google Script Object] {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, N/A> [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD> [PhotoDrawEx Class] {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} <E:\qq\Plugin\Com.Tencent.Qzone\bin\QQPhotoDrawEx\QQPhotoDrawEx.dll, (Signed) Tencent> [] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, > [Tencent Browser Helper] {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr1.dll, N/A> [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation> [Google Toolbar] {2318C2B1-4965-11D4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, N/A> [QQ工具栏] {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, (Signed) TENCENT> [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation> [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation> [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <d:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD> [QQPYChecker Class] {5052B4D0-9DF7-45ef-88EF-F42C0EA33A43} <E:\QQPinyin\3.2.805.201\QQImeChecker.dll, (Signed) Tencent> [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, (Signed) Microsoft Corporation> [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [PowerPlayer Control] {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <E:\pps\POWERP~1.DLL, (Signed) PPStream Inc.> [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, ShenZhen Thunder Networking Technologies,LTD> [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation> [Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A> [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} <, > [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD> [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5810.141.(257).dll, (Signed) ShenZhen Thunder Networking Technologies,LTD> [Google Toolbar Helper] {AA58ED58-01DD-4D91-8333-CF10577473F7} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, N/A> [CCTVUpdateInstall] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} <C:\Documents and Settings\Administrator\Application Data\CCTV\tv\CCTVUpdateInstall.dll, (Signed) CCTV International Networks Co.,Ltd> [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5810.141.(257).dll, (Signed) ShenZhen Thunder Networking Technologies,LTD> [Google Toolbar Notifier BHO] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll, (Signed) Google Inc.> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [] {B84FBAEF-9539-4244-B096-D6EC142B464D} <, > [ICBC Anti-Phishing class] {BB4491A2-D11A-4C6B-91C0-B53246A3122B} <E:\QQPinyin\Icbc_AntiPhishing.dll, (Signed) 中国工商银行> [KooPlayer Control] {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\DOCUME~1\ADMINI~1\APPLIC~1\CCTV\tv\CCTVPL~1.OCX, (Signed) CCTV.COM> [VIDEO__X_MS_ASF Moniker Class] {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation> [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation> [IEHlprObj Class] {CE7C3CF0-4B15-11D1-ABED-709549C10000} <C:\WINDOWS\system32\baidu32.dll, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.> [] {D943E3D8-B612-4F92-A0B6-992EA997B7B3} <, > [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\传美QQ\qq2009\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent> [] {E2E2DD38-D088-4134-82B7-F2BA38496583} <, > [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.58110.250.(258).dll, ShenZhen Thunder Networking Technologies,LTD> [] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, > [Google 边栏评注...] <res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html, N/A> [使用迅雷下载] <d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A> [使用迅雷下载全部链接] <d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A> [导出到 Microsoft Office Excel(&X)] <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:

肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	发表于： 2010-09-15 12:18 \| 只看楼主短消息资料字号：小中大 5楼回复：各位大哥大姐帮小弟看下是怎么回事。。。！（附日记） ================================== 正在运行的进程 [PID: 612 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 676 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 700 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 744 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 756 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 920 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 984 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\2010915114042.dll] [N/A, ] [PID: 1092 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\windows\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [C:\WINDOWS\system32\2010915114042.dll] [N/A, ] [PID: 1212 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1312 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1488 / Administrator][C:\WINDOWS\system32\userinit.exe] [(Infected) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\2010915114042.dll] [N/A, ] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\WINDOWS\system32\2010915115434.dll] [N/A, ] [PID: 1568 / Administrator][C:\WINDOWS\explorer.exe] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\58531m13.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\baidu32.dll] [Microsoft Corporation, 5.1.2600.2622] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\360\360sd\MenuEx.dll] [360.cn, 1, 1, 0, 1080] [E:\快播\QvodBand.dll] [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] [PID: 1600 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1880 / Administrator][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [PID: 1888 / Administrator][C:\WINDOWS\system32\kav.exe] [N/A, ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\progra~1\ATI\ApsX85.dll] [N/A, ] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kavaa.idx] [N/A, ] [PID: 1900 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [PID: 1908 / Administrator][E:\pps\ppsap.exe] [PPStream Inc, 1, 0, 11, 296] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [E:\pps\Vodnet.dll] [PPStream Inc., 1, 0, 11, 332] [E:\pps\Vodres.dll] [PPStream Inc., 1, 0, 11, 332] [E:\pps\fds.dll] [PPStream Inc., 1, 0, 0, 105] [C:\WINDOWS\system32\2010915115434.dll] [N/A, ] [PID: 1936 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 4, 1, 509, 1944] [C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\gtn.dll] [Google Inc., 5, 5, 5126, 1836] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll] [Google Inc., 5, 5, 5126, 1836] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [PID: 228 / SYSTEM][C:\Program Files\StormII\stormliv.exe] [北京暴风网际科技有限公司, 3, 8, 3, 15] [C:\Program Files\StormII\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\2010915114042.dll] [N/A, ] [PID: 652 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.7189] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.7189] [PID: 668 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\2010915114042.dll] [N/A, ] [C:\WINDOWS\system32\2010915115434.dll] [N/A, ] [PID: 1228 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 1736 / Administrator][C:\WINDOWS\system32\conime.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [PID: 2860 / Administrator][C:\WINDOWS\system32\conime.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\baidu32.dll] [Microsoft Corporation, 5.1.2600.2622] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [C:\WINDOWS\system32\2010915115434.dll] [N/A, ] [PID: 1744 / Administrator][D:\qq\bin\TTraveler.exe] [Tencent, 4, 8, 0, 760] [D:\qq\bin\TTUtilWidget.dll] [Tencent, 4, 8, 0, 760] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [D:\qq\bin\PlatformWidget.dll] [Tencent, 4, 8, 0, 760] [D:\qq\bin\TTMainFrame.dll] [Tencent, 4, 8, 0, 760] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [D:\qq\bin\TTMBrowser.dll] [Tencent, 4, 8, 0, 760] [D:\qq\bin\TTabMgr.dll] [Tencent, 4, 8, 0, 760] [D:\qq\bin\TTStore.dll] [Tencent, 4, 8, 0, 760] [D:\qq\bin\TTSkin.dll] [Tencent, 4, 8, 0, 760] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [D:\qq\bin\TTFilter.dll] [Tencent, 4, 8, 0, 760] [D:\qq\bin\TTNetwork.dll] [Tencent, 4, 8, 0, 760] [D:\qq\bin\sqlite3.dll] [N/A, ] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\2010915115434.dll] [N/A, ] [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87] [D:\qq\bin\TTPluginMng.dll] [Tencent, 4, 8, 0, 760] [D:\qq\Plugins\3TTWeather\TTWeather.dll] [Tencent, 1.0.0.1] [D:\qq\bin\FavoriteLogical.dll] [Tencent, 4, 8, 0, 760] [d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120] [PID: 868 / Administrator][d:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe] [ShenZhen Thunder Networking Technologies,LTD, 5.8.12.689] [d:\Program Files\Thunder Network\Thunder\Program\BugReport.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 4, 1, 20] [d:\Program Files\Thunder Network\Thunder\Program\HookEx.dll] [N/A, ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [d:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 3, 10, 74] [d:\Program Files\Thunder Network\Thunder\Program\download_interface.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 4, 2, 333] [d:\Program Files\Thunder Network\Thunder\Program\mp.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 5] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [d:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 3, 2, 32] [d:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [d:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 5, 2, 25] [d:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 1, 1, 13] [d:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 12, 30] [C:\WINDOWS\system32\2010915115434.dll] [N/A, ]
肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:

肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	发表于： 2010-09-15 12:18 \| 只看楼主短消息资料字号：小中大 6楼回复：各位大哥大姐帮小弟看下是怎么回事。。。！（附日记） [d:\Program Files\Thunder Network\Thunder\Program\backend_agent.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 1, 2, 27] [d:\Program Files\Thunder Network\Thunder\Program\zlib1.dll] [, 1.2.3] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [d:\Program Files\Thunder Network\Thunder\Program\p2sp.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 1, 2, 59] [d:\Program Files\Thunder Network\Thunder\Program\fs.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 1, 2, 17] [d:\Program Files\Thunder Network\Thunder\Program\down_dispatcher.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 44] [d:\Program Files\Thunder Network\Thunder\Program\ptl.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 2, 2, 55] [d:\Program Files\Thunder Network\Thunder\Program\dl_peer_id.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 1, 2, 4] [d:\Program Files\Thunder Network\Thunder\Program\xl_stat.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 7] [d:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll] [N/A, ] [d:\Program Files\Thunder Network\Thunder\Program\p2p_upload.dll] [ShenZhen Thunder Networking Technologies,LTD, 1,1,2,13] [d:\Program Files\Thunder Network\Thunder\Program\p2p.dll] [ShenZhen Thunder Networking Technologies,LTD, 1,1,2,48] [d:\Program Files\Thunder Network\Thunder\Program\xldc.dll] [ShenZhen Thunder Networking Technologies,LTD, 4, 0, 2, 27] [d:\Program Files\Thunder Network\Thunder\Program\stream.dll] [ShenZhen Thunder Networking Technologies,LTD, 2, 1, 2, 1039] [d:\Program Files\Thunder Network\Thunder\Program\p2p_local_res.dll] [ShenZhen Thunder Networking Technologies,LTD, 1,1,2,18] [d:\Program Files\Thunder Network\Thunder\Program\al.dll] [ShenZhen Thunder Networking Technologies,LTD, 1,1,2,31] [d:\Program Files\Thunder Network\Thunder\Program\media_data.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 7] [d:\Program Files\Thunder Network\Thunder\Program\sl.dll] [ShenZhen Thunder Networking Technologies,LTD, 1.0.2.2] [d:\Program Files\Thunder Network\Thunder\Program\p2sp_pd.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 5] [d:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1, 5, 0, 16] [d:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll] [ShenZhen Thunder Networking Technologies,LTD, 2, 17, 0, 67] [d:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [d:\Program Files\Thunder Network\Thunder\Program\xldcsubtask.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 5] [d:\Program Files\Thunder Network\Thunder\Plugins\KanKanTop\KanKanTop.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 18] [d:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 4, 26] [d:\Program Files\Thunder Network\Thunder\Components\DownloadStat\DownloadStat.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 4, 1, 6] [d:\Program Files\Thunder Network\Thunder\Program\bd.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 20] [d:\Program Files\Thunder Network\Thunder\Program\emule_id.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 12] [PID: 2632 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.406\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321] [PID: 3564 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.406\SRE23035940.EXE] [Smallfrogs Studio, 2.8.2.1321] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [腾讯, 5, 0, 4, 15] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\e752t23.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll] [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.406\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\WINDOWS\system32\2010915115434.dll] [N/A, ] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 MSAFD Tcpip [TCP/IP] C:\WINDOWS\system32\2010915115434.dll(, N/A) MSAFD Tcpip [UDP/IP] C:\WINDOWS\system32\2010915115434.dll(, N/A) ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 dl.youbak.com 127.0.0.1 update.9384.com 127.0.0.1 recommend-zip.kuwo.cn 127.0.0.1 down.koowo.com 127.0.0.1 242375.4440.info 127.0.0.1 202421.4440.info 127.0.0.1 go.90b8.com 127.0.0.1 cq.wwdnsdns.com 127.0.0.1 vv.vv49.com 127.0.0.1 ak01.jf987.com 127.0.0.1 che.kutime.info 127.0.0.1 update.360safe.com 127.0.0.1 dl.360safe.com 127.0.0.1 qd.code.360.cn 127.0.0.1 stat.360safe.com 127.0.0.1 stat.sd.360.cn 127.0.0.1 msginfo.rising.com.cn 127.0.0.1 h.qup.f.360.cn 127.0.0.1 softm.update.360safe.com 127.0.0.1 boxinst.360safe.com 127.0.0.1 center.rising.com.cn 127.0.0.1 rsup10.rising.com.cn 127.0.0.1 register.rising.com.cn 127.0.0.1 d.360safe.com 127.0.0.2 cnzz.1075.info 127.0.0.2 msn.1075.info 127.0.0.1 AdWords.haoom.com 127.0.0.1 Visuals.haoom.com 127.0.0.1 VMwares.haoom.com 127.0.0.1 Studios.haoom.com 127.0.0.1 Manages.haoom.com ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 700, C:\WINDOWS\SYSTEM32\WINLOGON.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 1488, C:\WINDOWS\SYSTEM32\USERINIT.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1488, C:\WINDOWS\SYSTEM32\USERINIT.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 1888, C:\WINDOWS\SYSTEM32\KAV.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1888, C:\WINDOWS\SYSTEM32\KAV.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 868, D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 868, D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE] ================================== 计划任务 [已启用] GoogleUpdateTaskMachineUA.job C:\Program Files\Google\Update\GoogleUpdate.exe [已启用] GoogleUpdateTaskMachineCore.job C:\Program Files\Google\Update\GoogleUpdate.exe [已启用] SogouImeMgr.job C:\PROGRA~1\SOGOUI~1\501~1.418\SGTool.exe ================================== Windows 安全更新检查 N/A ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]
肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:

肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	发表于： 2010-09-15 12:19 \| 只看楼主短消息资料字号：小中大 7楼回复：各位大哥大姐帮小弟看下是怎么回事。。。！（附日记）杀毒软件打开不了，IE主页被篡改了`````
肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:

肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:	发表于： 2010-09-15 12:32 \| 只看楼主短消息资料字号：小中大 8楼回复：各位大哥大姐帮小弟看下是怎么回事。。。！（附日记）没人帮看看吗?
肥肥阿初生襁褓狮帖子:8 注册: 2010-09-15 来自:

networkedition 社区嘉宾帖子:36698 注册: 2008-02-28 来自:	发表于： 2010-09-15 12:49 \| 短消息资料字号：小中大 9楼回复：各位大哥大姐帮小弟看下是怎么回事。。。！（附日记）将日志已附件形式发送上来。
networkedition 社区嘉宾帖子:36698 注册: 2008-02-28 来自:

超级游戏迷卡卡技术团队帖子:25779 注册: 2007-01-14 来自:	发表于： 2010-09-15 13:19 \| 短消息资料字号：小中大 10楼回复: 各位大哥大姐帮小弟看下是怎么回事。。。！（附日记）比较麻烦了，先看看日志中问题项目所在，以及问题的解决总体思路（附件）。个人认为最重要的病毒文件有两个，一个是c:\windows\system32\kav.exe，一个是被感染的系统文件c:\windows\system32\userinit.exe，注意用WINRAR压缩打包，保存样本并上传，以便加入病毒库…… 附件: 文件名:文档.rar 下载次数:322 文件类型:application/octet-stream 文件大小: 上传时间:2010-9-15 13:18:39 描述:rar 超级游戏迷最后编辑于 2010-09-15 13:23:33 打酱油的……
超级游戏迷卡卡技术团队帖子:25779 注册: 2007-01-14 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT