请教，这个咋处理？

彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	发表于： 2007-06-12 14:01 \| 只看楼主短消息资料字号：小中大 1楼请教，这个咋处理？ c:\winnt\KB926909.log 病毒Adware.cockoo.a 生成的KB926909.log这个东西，怎么删也删不掉，在SYSTEM32下还有同样名字是.DLL的 2007-06-12 15:43:03
彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	分享到：

沧海一菜初生襁褓狮帖子:320 注册: 2005-01-31 来自:	发表于： 2007-06-12 14:07 \| 短消息资料字号：小中大 2楼安全模式可以吗？
沧海一菜初生襁褓狮帖子:320 注册: 2005-01-31 来自:

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-06-12 14:13 \| 短消息资料字号：小中大 3楼互相保护的？
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:

彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	发表于： 2007-06-12 14:14 \| 只看楼主短消息资料字号：小中大 4楼可以，除了感觉系统比以前慢了很多很多（开机需要3分钟以上了）同时又查出了附带好多木马或病毒 c:\winnt\KB926909.log这个是感染Explorer.exe的 catclogd.dll jesftg53.sys jesftg53.dll synkmx95.dll SysTdSvr.dll 头都大了
彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:

卡卡技术团队

帖子:25779
注册: 2007-01-14
来自:

发表于： 2007-06-12 14:24 | 短消息资料

字号：小中大 5楼

引用:

【彻底怕了的贴子】可以，除了感觉系统比以前慢了很多很多（开机需要3分钟以上了）
同时又查出了附带好多木马或病毒
c:\winnt\KB926909.log这个是感染Explorer.exe的
catclogd.dll
jesftg53.sys
jesftg53.dll
synkmx95.dll
SysTdSvr.dll

头都大了
………………

下载 System Repair Engineer系统扫描工具软件，下载地址如下：
http://www.kztechs.com/sreng/download.html
扫描和上传日志的方法：
1、解压缩所下载的sreng2.zip压缩包；
2、打开已经解压缩的SRENG文件夹，双击运行其中的SREng.exe（如果不能运行，请将SRENG文件夹名改为111，把SREng.exe改名为111.bat、111.scr、111.com或111.pif，或者改为111.exe，然后再双击运行）；
3、依次按“智能扫描”、“扫描”、“保存报告”，将日志保存到硬盘上；
4、找到并打开日志，把日志中的内容用“复制”--“粘贴”命令拷贝到帖子上，不要修改地传上来（日志很长，一个帖子搞不完，请手动将全部内容分多个回复帖子传上来）。

彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	发表于： 2007-06-12 14:29 \| 只看楼主短消息资料字号：小中大 6楼这些都用冰刀删过，但都删不掉，删完自己恢复，扫描日志如下：启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <internat.exe><internat.exe> [Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] <run><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <AVP><"D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\avp.exe"> [Kaspersky Lab] <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.] <Synchronization Manager><mobsync.exe /logon> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [Microsoft Corporation] <Userinit><C:\WINNT\system32\userinit.exe,> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] <WinlogonNotify: klogon><C:\WINNT\system32\klogon.dll> [Kaspersky Lab] ================================== 启动文件夹 N/A ================================== 服务 [7C35CFD2 / 7C35CFD2][Stopped/Auto Start] <C:\WINNT\system32\53CED7B0.EXE -g><N/A> [Adobe LM Service / Adobe LM Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems> [卡巴斯基反病毒软件 6.0 / AVP][Running/Auto Start] <"D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\avp.exe" -r><Kaspersky Lab> [Background Intelligent Transfer Service / BITS][Stopped/Manual Start] <C:\WINNT\System32\svchost.exe -k BITSgroup-->%SystemRoot%\System32\qmgr.dll><Microsoft Corporation> [Indexing Service / cisvc][Stopped/Disabled] <C:\WINNT\System32\cisvc.exe><Microsoft Corporation> [ClipBook / ClipSrv][Stopped/Manual Start] <C:\WINNT\system32\clipsrv.exe><Microsoft Corporation> [DefWatch / DefWatch][Stopped/Disabled] <><N/A> [Windows dlqo RunThem / dlqo][Others/Auto Start] <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\yglj\iqvt.dll><N/A> [Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start] <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.> [Fax Service / Fax][Stopped/Manual Start] <C:\WINNT\system32\faxsvc.exe><Microsoft Corporation> [ks8j3jsisd / ks8j3jsisd][Stopped/Auto Start] <C:\WINNT\system32\ks8j3jsisd.exe -j><N/A> [Servers / Lanmanservers][Stopped/Auto Start] <C:\WINNT\system32\winsyss.exe -service><Microsoft Corporation> [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start] <C:\WINNT\System32\mnmsrvc.exe><Microsoft Corporation> [Distributed Transaction Coordinator / MSDTC][Stopped/Manual Start] <C:\WINNT\System32\msdtc.exe><Microsoft Corporation> [Windows Installer / MSIServer][Stopped/Manual Start] <C:\WINNT\system32\msiexec.exe /V><Microsoft Corporation> [Removable Storage / NtmsSvc][Running/Auto Start] <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\NtmsSvc.dll><Microsoft Corporation> [Remote Access Auto Connection Manager / RasAuto][Stopped/Manual Start] <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation> [Routing and Remote Access / RemoteAccess][Stopped/Disabled] <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation> [Remote Registry Service / RemoteRegistry][Running/Auto Start] <C:\WINNT\system32\regsvc.exe><Microsoft Corporation> [Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start] <C:\WINNT\System32\locator.exe><Microsoft Corporation> [QoS RSVP / RSVP][Stopped/Manual Start] <C:\WINNT\System32\rsvp.exe -s><Microsoft Corporation> [Remote Administrator Service / r_server][Stopped/Auto Start] <"C:\WINNT\system32\r_server.exe" /service><N/A> [Smart Card Helper / SCardDrv][Stopped/Manual Start] <C:\WINNT\System32\SCardSvr.exe><Microsoft Corporation> [Smart Card / SCardSvr][Stopped/Manual Start] <C:\WINNT\System32\SCardSvr.exe><Microsoft Corporation> [System Event Notification / SENS][Running/Auto Start] <C:\WINNT\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation> [ServiceLayer / ServiceLayer][Stopped/Manual Start] <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.> [Still Image Service / StiSvc][Running/Auto Start] <C:\WINNT\system32\stisvc.exe><Microsoft Corporation> [Performance Logs and Alerts / SysmonLog][Stopped/Manual Start] <C:\WINNT\system32\smlogsvc.exe><Microsoft Corporation> [Telnet / TlntSvr][Stopped/Manual Start] <C:\WINNT\system32\tlntsvr.exe><Microsoft Corporation> [Uninterruptible Power Supply / UPS][Stopped/Manual Start] <C:\WINNT\System32\ups.exe><Microsoft Corporation> [Utility Manager / UtilMan][Stopped/Manual Start] <C:\WINNT\System32\UtilMan.exe><Microsoft Corporation> [Windows Management Instrumentation / WinMgmt][Running/Auto Start] <C:\WINNT\System32\WBEM\WinMgmt.exe><Microsoft Corporation> [Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start] <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation> [Automatic Updates / wuauserv][Running/Auto Start] <C:\WINNT\system32\svchost.exe -k wugroup-->C:\WINNT\system32\wuauserv.dll><Microsoft Corporation> [Wireless Configuration / WZCSVC][Stopped/Manual Start] <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wzcsvc.dll><Microsoft Corporation>
彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:

彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	发表于： 2007-06-12 14:34 \| 只看楼主短消息资料字号：小中大 7楼驱动程序 [Microsoft ACPI Driver / ACPI][Running/Boot Start] <\SystemRoot\System32\DRIVERS\ACPI.sys><Microsoft Corporation> [RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start] <System32\DRIVERS\asyncmac.sys><Microsoft Corporation> [Standard IDE/ESDI Hard Disk Controller / atapi][Running/Boot Start] <\SystemRoot\System32\DRIVERS\atapi.sys><Microsoft Corporation> [ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start] <System32\DRIVERS\atmarpc.sys><Microsoft Corporation> [Audio Stub Driver / audstub][Running/Manual Start] <System32\DRIVERS\audstub.sys><Microsoft Corporation> [Bluetooth Audio Service / BlueletAudio][Stopped/Manual Start] <system32\DRIVERS\blueletaudio.sys><IVT Corporation> [HelloNet PPPoE 虚拟网卡 / BRPPPOE][Running/Manual Start] <system32\DRIVERS\brpppoe.sys><N/A> [Bluetooth PAN Network Adapter / BT][Stopped/Manual Start] <system32\DRIVERS\btnetdrv.sys><IVT Corporation> [Bluetooth HID Enumerator / BTHidEnum][Stopped/Manual Start] <system32\DRIVERS\vbtenum.sys><N/A> [Bluetooth HID Manager Service / BTHidMgr][Running/Boot Start] <\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation> [Closed Caption Decoder / ccdecode][Stopped/Manual Start] <system32\drivers\ccdecode.sys><Microsoft Corporation> [CD-ROM Driver / Cdrom][Running/System Start] <System32\DRIVERS\cdrom.sys><Microsoft Corporation> [chdcefgc / chdcefgc][Stopped/Boot Start] <\SystemRoot\system32\drivers\chdcefgc.sys><N/A> [Disk Driver / Disk][Running/Boot Start] <\SystemRoot\System32\DRIVERS\disk.sys><Microsoft Corporation> [dmboot / dmboot][Stopped/Disabled] <System32\drivers\dmboot.sys><VERITAS Software Corp.> [Logical Disk Manager Driver / dmio][Running/Boot Start] <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.> [dmload / dmload][Running/Boot Start] <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.> [Microsoft DirectMusic SW Synth (WDM) / DMusic][Stopped/Manual Start] <system32\drivers\DMusic.sys><Microsoft Corporation> [dtscsi / dtscsi][Running/Manual Start] <\SystemRoot\System32\Drivers\dtscsi.sys><N/A> [Intel(R) PRO/1000 Adapter Driver / E1000][Running/Manual Start] <System32\DRIVERS\e1000nt5.sys><Intel Corporation> [Floppy Disk Controller Driver / Fdc][Running/Manual Start] <System32\DRIVERS\fdc.sys><Microsoft Corporation> [Floppy Disk Driver / Flpydisk][Running/Manual Start] <System32\DRIVERS\flpydisk.sys><Microsoft Corporation> [FsVga / FsVga][Running/System Start] <System32\DRIVERS\fsvga.sys><Microsoft Corporation> [Generic Packet Classifier / Gpc][Running/Manual Start] <System32\DRIVERS\msgpc.sys><Microsoft Corporation> [GWIOPM / GWIOPM][Stopped/Manual Start] <\??\D:\Program Files\Wopti\GWIOPM.sys><N/A> [i8042 Keyboard and PS/2 Mouse Port Driver / i8042prt][Running/System Start] <System32\DRIVERS\i8042prt.sys><Microsoft Corporation> [ialm / ialm][Running/Manual Start] <System32\DRIVERS\ialmnt5.sys><Intel Corporation> [ipdbldr / ipdbldrv][Running/Boot Start] <\SystemRoot\System32\DRIVERS\ipdbldrv.sys><N/A> [IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start] <System32\DRIVERS\ipfltdrv.sys><Microsoft Corporation> [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] <System32\DRIVERS\ipinip.sys><Microsoft Corporation> [IR Enumerator Service / IRENUM][Stopped/Manual Start] <System32\DRIVERS\irenum.sys><Microsoft Corporation> [PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start] <\SystemRoot\System32\DRIVERS\isapnp.sys><Microsoft Corporation> [jseftg5 / jseftg53][Running/Boot Start] <\SystemRoot\System32\DRIVERS\jseftg53.sys><Microsoft Corporation> [Keyboard Class Driver / Kbdclass][Running/System Start] <System32\DRIVERS\kbdclass.sys><Microsoft Corporation> [kl1 / kl1][Running/Boot Start] <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab> [klif / klif][Running/System Start] <\??\C:\WINNT\system32\drivers\klif.sys><Kaspersky Lab> [Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start] <system32\drivers\kmixer.sys><Microsoft Corporation> [Mouse Class Driver / Mouclass][Running/System Start] <System32\DRIVERS\mouclass.sys><Microsoft Corporation> [Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start] <system32\drivers\MSKSSRV.sys><Microsoft Corporation> [Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start] <system32\drivers\MSPCLOCK.sys><Microsoft Corporation> [Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start] <system32\drivers\MSPQM.sys><Microsoft Corporation> [Microsoft Streaming Tee/Sink-to-Sink Converter / MSTEE][Stopped/Manual Start] <system32\drivers\MSTEE.sys><Microsoft Corporation> [Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start] <System32\DRIVERS\ndistapi.sys><Microsoft Corporation> [NDIS 用户模式 I/O 协议 / Ndisuio][Stopped/Manual Start] <System32\DRIVERS\ndisuio.sys><Microsoft Corporation> [Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start] <System32\DRIVERS\ndiswan.sys><Microsoft Corporation> [NetBIOS Interface / NetBIOS][Running/System Start] <System32\DRIVERS\netbios.sys><Microsoft Corporation> [NetDetect / NetDetect][Stopped/Manual Start] <\SystemRoot\system32\drivers\netdtect.sys><Microsoft Corporation> [Nokia USB Generic / Nokia USB Generic][Stopped/Manual Start] <system32\drivers\nmwcdc.sys><Nokia> [Nokia USB Modem / Nokia USB Modem][Stopped/Manual Start] <system32\drivers\nmwcdcm.sys><Nokia> [Nokia USB Phone Parent / Nokia USB Phone Parent][Stopped/Manual Start]
彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:

彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	发表于： 2007-06-12 14:34 \| 只看楼主短消息资料字号：小中大 8楼 <system32\drivers\nmwcd.sys><Nokia> [Nokia USB Port / Nokia USB Port][Stopped/Manual Start] <system32\drivers\nmwcdcj.sys><Nokia> [Netgroup Packet Filter / NPF][Stopped/Manual Start] <system32\drivers\npf.sys><Politecnico di Torino> [npkcrypt / npkcrypt][Running/Auto Start] <\??\D:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.> [IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start] <System32\DRIVERS\nwlnkflt.sys><Microsoft Corporation> [IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start] <System32\DRIVERS\nwlnkfwd.sys><Microsoft Corporation> [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol / NwlnkIpx][Running/Auto Start] <System32\DRIVERS\nwlnkipx.sys><Microsoft Corporation> [NWLink NetBIOS / NwlnkNb][Running/Auto Start] <System32\DRIVERS\nwlnknb.sys><Microsoft Corporation> [NWLink SPX/SPXII Protocol / NwlnkSpx][Running/Auto Start] <System32\DRIVERS\nwlnkspx.sys><Microsoft Corporation> [OMCI / OMCI][Running/System Start] <\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS><Dell Computer Corporation> [Parallel class driver / Parallel][Running/Manual Start] <System32\DRIVERS\parallel.sys><Microsoft Corporation> [Parallel port driver / Parport][Running/System Start] <System32\DRIVERS\parport.sys><Microsoft Corporation> [PCI Bus Driver / PCI][Running/Boot Start] <\SystemRoot\System32\DRIVERS\pci.sys><Microsoft Corporation> [PCIIde / PCIIde][Running/Boot Start] <\SystemRoot\System32\DRIVERS\pciide.sys><Microsoft Corporation> [PnpWmkDrv / PnpWmkDrv][Running/System Start] <\??\C:\WINNT\system32\drivers\PnpWmkDrv.sys><N/A> [WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start] <System32\DRIVERS\raspptp.sys><Microsoft Corporation> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [Remote Access Auto Connection Driver / RasAcd][Running/System Start] <System32\DRIVERS\rasacd.sys><Microsoft Corporation> [WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start] <System32\DRIVERS\rasl2tp.sys><Microsoft Corporation> [Direct Parallel / Raspti][Running/Manual Start] <System32\DRIVERS\raspti.sys><Microsoft Corporation> [Microsoft Streaming Network Raw Channel Access / RCA][Stopped/Manual Start] <system32\drivers\RCA.sys><Microsoft Corporation> [Digital CD Audio Playback Filter Driver / redbook][Stopped/System Start] <System32\DRIVERS\redbook.sys><Microsoft Corporation> [Microsoft Legacy Modem Driver / ROOTMODEM][Stopped/Manual Start] <System32\Drivers\RootMdm.sys><Microsoft Corporation> [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising> [SecDrv / SecDrv][Running/Auto Start] <\??\C:\WINNT\system32\drivers\SECDRV.SYS><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.> [Serenum Filter Driver / serenum][Running/Manual Start] <System32\DRIVERS\serenum.sys><Microsoft Corporation> [Serial port driver / Serial][Running/System Start] <System32\DRIVERS\serial.sys><Microsoft Corporation> [smwdm / smwdm][Running/Manual Start] <system32\drivers\smwdm.sys><Analog Devices, Inc.> [sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys><N/A> [Software Bus Driver / swenum][Running/Manual Start] <System32\DRIVERS\swenum.sys><Microsoft Corporation> [Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Manual Start] <system32\drivers\swmidi.sys><Microsoft Corporation> [synkmx9 / synkmx95][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\synkmx95.sys><N/A> [Microsoft System Audio Device / sysaudio][Running/Manual Start] <system32\drivers\sysaudio.sys><Microsoft Corporation> [SysTdSvr / SysTdSvr][Stopped/Boot Start] <\SystemRoot\system32\\drivers\\SysTdSvr.sys><N/A> [TSP / TSP][Stopped/Manual Start] <\??\C:\WINNT\system32\drivers\klif.sys><Kaspersky Lab> [Microsoft USB Universal Host Controller Driver / uhcd][Running/Manual Start] <System32\DRIVERS\uhcd.sys><Microsoft Corporation> [Microcode Update Driver / Update][Running/Manual Start] <System32\DRIVERS\update.sys><Microsoft Corporation> [uqgisz6 / uqgisz68][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\uqgisz68.sys><N/A> [Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Manual Start] <System32\DRIVERS\usbehci.sys><Microsoft Corporation> [Microsoft USB Standard Hub Driver / usbhub][Running/Manual Start] <System32\DRIVERS\usbhub.sys><Microsoft Corporation> [USB 2.0 Root Hub Support / usbhub20][Running/Manual Start] <System32\DRIVERS\usbhub20.sys><Microsoft Corporation> [USB Mass Storage Driver / USBSTOR][Stopped/Manual Start] <System32\DRIVERS\USBSTOR.SYS><Microsoft Corporation> [Virtual Serial port driver / VComm][Stopped/Manual Start] <system32\DRIVERS\VComm.sys><IVT Corporation> [Bluetooth VComm Manager Service / VcommMgr][Stopped/Manual Start] <System32\Drivers\VcommMgr.sys><IVT Corporation> [VgaSave / VgaSave][Running/System Start] <\SystemRoot\System32\drivers\vga.sys><Microsoft Corporation> [Remote Access IP ARP Driver / Wanarp][Running/Manual Start] <System32\DRIVERS\wanarp.sys><Microsoft Corporation> [Microsoft WDM Virtual Wave Driver (WDM) / wdmaud][Running/Manual Start] <system32\drivers\wdmaud.sys><Microsoft Corporation> [yyalxu8 / yyalxu81][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\yyalxu81.sys><N/A> [XR E-View Camera / ZSMC0305][Running/Manual Start] <System32\Drivers\usbVM305.sys><Vimicro Corporation> [Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Stopped/System Start] <system32\drivers\ialmsbw.sys><Intel Corporation> [Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Stopped/Manual Start] <system32\drivers\ialmkchw.sys><Intel Corporation>
彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:

彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	发表于： 2007-06-12 14:35 \| 只看楼主短消息资料字号：小中大 9楼浏览器加载项 [LpkHlpr Class] {00C104F7-0F5C-470C-ABCF-A5B2E70752F1} <C:\WINNT\system32\wtlhlp.dll, Microsoft Corporation> [腾讯QQ] {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\WINNT\QQIEHelper.dll, N/A> [Web反病毒保护统计] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\scieplugin.dll, Kaspersky Lab> [@shdoclc.dll,-866] {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A> [QQ] {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\Program Files\Tencent\QQ\QQ.EXE, TENCENT> [QQIEFloatBarCfgCmd Class] {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司> [@msdxmLC.dll,-1@2052,电台(&R)] {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation> [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.> [工具栏(T)] {42A2F05F-E171-4CEF-852F-02475F698C24} <C:\Program Files\搜索栏(S)\sobar.dll, N/A> [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.> [Rising Web Scan Object] {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINNT\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.> [&使用迅雷下载] <E:\tools\Thunder V5.5.2.252\Thunder\Program\geturl.htm, N/A> [&使用迅雷下载全部链接] <E:\tools\Thunder V5.5.2.252\Thunder\Program\getallurl.htm, N/A> [上传到QQ网络硬盘] <D:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A> [添加到QQ自定义面板] <D:\Program Files\Tencent\QQ\AddPanel.htm, N/A> [添加到QQ表情] <D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A> [用QQ彩信发送该图片] <D:\Program Files\Tencent\QQ\SendMMS.htm, N/A> ================================== 正在运行的进程 [PID: 236][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601] [PID: 272][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601] [PID: 292][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997] [C:\WINNT\system32\klogon.dll] [Kaspersky Lab, 6.0.2.615] [PID: 324][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035] [C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3] [PID: 336][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011] [PID: 508][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1] [PID: 548][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.7059] [PID: 600][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1] [PID: 616][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1] [PID: 736][C:\WINNT\system32\regsvc.exe] [Microsoft Corporation, 5.00.2195.6701] [PID: 752][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972] [PID: 792][C:\WINNT\system32\stisvc.exe] [Microsoft Corporation, 5.00.2195.6656] [C:\WINNT\system32\VM305STI.dll] [VM, 4.2.510.21] [PID: 848][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100] [PID: 868][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1] [PID: 1224][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6] [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 1256][C:\WINNT\system32\internat.exe] [Microsoft Corporation, 5.00.2920.0000] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 840][D:\Program Files\ADSL拨号王\HNMainUI.exe] [N/A, 2, 3, 0, 1] [D:\Program Files\ADSL拨号王\HNKernel.dll] [HelloNet, 2.2.0.1] [D:\Program Files\ADSL拨号王\HNUtils.dll] [N/A, 2, 2, 0, 1] [D:\Program Files\ADSL拨号王\HNRes_0804.dll] [N/A, 2, 2, 0, 1] [D:\Program Files\ADSL拨号王\plugins\Diagnose.dll] [HelloNet, 2.2.0.1] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 1496][D:\new_zszq\TdxW.exe] [, ] [D:\new_zszq\TCalc.dll] [, 1, 0, 0, 1] [D:\new_zszq\Viewthem.dll] [, 1, 0, 0, 1] [D:\new_zszq\invest.dll] [, 1.15] [D:\new_zszq\Dbf.dll] [N/A, N/A] [D:\new_zszq\Secure.dll] [通达信, 1.00.00] [D:\new_zszq\TTools.dll] [, 1.00] [D:\new_zszq\TList.dll] [, 1.00] [d:\new_zszq\calcer.dll] [, 1, 0, 0, 1] [d:\new_zszq\Advhq.dll] [, 1, 0, 0, 1] [d:\new_zszq\res_zszq.dll] [N/A, N/A] [d:\new_zszq\tc.dll] [通达信, 1.00] [D:\new_zszq\WTCommLib.dll] [N/A, N/A] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.615] [PID: 1576][C:\WINNT\explorer.exe] [Microsoft Corporation, 5.00.3700.6690] [D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.615] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\klscav.dll] [Kaspersky Lab, 6.0.2.615] [D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\prremote.dll] [Kaspersky Lab, 6.0.2.615] [D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\prloader.dll] [Kaspersky Lab, 6.0.2.615] [D:\Program Files\Kaspersky Lab\卡巴斯基反病毒软件 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.2.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\params.ppl] [Kaspersky Lab, 6.0.2.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.2.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.2.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\nfio.ppl] [Kaspersky Lab, 6.0.2.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.2.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\basegui.ppl] [Kaspersky Lab, 6.0.2.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\thpimpl.ppl] [Kaspersky Lab, 6.0.2.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\FSSync.dll] [Kaspersky Lab, 6.0.5.615] [d:\program files\kaspersky lab\卡巴斯基反病毒软件 6.0\winreg.ppl] [Kaspersky Lab, 6.0.2.615] [C:\WINNT\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0] [PID: 1600][F:\sreng2\SREng.EXE] [Smallfrogs Studio, 2.3.13.690] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:

rj600700 初生襁褓狮帖子:40 注册: 2007-06-04 来自:	发表于： 2007-06-12 14:51 \| 短消息资料字号：小中大 10楼怎么高手还不出现啊！我也在等着看怎么解决呢！学了几天都还不是很会看哦！！
rj600700 初生襁褓狮帖子:40 注册: 2007-06-04 来自:

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	发表于： 2007-06-12 14:01 \| 只看楼主短消息资料字号：小中大 1楼请教，这个咋处理？ c:\winnt\KB926909.log 病毒Adware.cockoo.a 生成的KB926909.log这个东西，怎么删也删不掉，在SYSTEM32下还有同样名字是.DLL的 2007-06-12 15:43:03
彻底怕了初生襁褓狮帖子:46 注册: 2007-01-28 来自:	分享到：

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 请教，这个咋处理？

请教，这个咋处理？

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛请教，这个咋处理？