【求助】抓狂 !!! 有日志!!!猫叔 !!! 各位达人!!!帮忙!!! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】抓狂 !!! 有日志!!!猫叔 !!! 各位达人!!!帮忙!!!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

【求助】抓狂 !!! 有日志!!!猫叔 !!! 各位达人!!!帮忙!!!

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-07-14 15:08 \| 只看楼主短消息资料字号：小中大 1楼【求助】抓狂 !!! 有日志!!!猫叔 !!! 各位达人!!!帮忙!!! [CODE] 2007-07-14,14:51:23 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <ravshell><C:\Progra~1\Eset\1explore.exe> [] <svc><C:\DOCUME~1\new\LOCALS~1\Temp\byetmr.exe> [Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <ATIModeChange><Ati2mdxx.exe> [(Verified)Microsoft Windows Publisher] <Windows木马防火墙><C:\Program Files\Windows木马清道夫\Trojanwall.exe> [风云谷] <StatusClient 2.6><C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto> [Hewlett-Packard] <TomcatStartup 2.5><C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe> [Hewlett-Packard] <OrderReminder><C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe> [Hewlett-Packard] <HP Software Update><"C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"> [Hewlett-Packard] <wosa><C:\DOCUME~1\new\LOCALS~1\Temp\woso.exe> [N/A] <ztsa><C:\DOCUME~1\new\LOCALS~1\Temp\ztso.exe> [] <mhsa><C:\DOCUME~1\new\LOCALS~1\Temp\mhso.exe> [] <qjsa><C:\DOCUME~1\new\LOCALS~1\Temp\qjso.exe> [] <tlsa><C:\DOCUME~1\new\LOCALS~1\Temp\tlso.exe> [] <wdsa><C:\DOCUME~1\new\LOCALS~1\Temp\wdso.exe> [N/A] <cmdbcs><C:\WINDOWS\cmdbcs.exe> [] <wmsa><C:\DOCUME~1\new\LOCALS~1\Temp\wmso.exe> [] <wlsa><C:\DOCUME~1\new\LOCALS~1\Temp\wlso.exe> [] <fysa><C:\DOCUME~1\new\LOCALS~1\Temp\fyso.exe> [N/A] <wgsa><C:\DOCUME~1\new\LOCALS~1\Temp\wgso.exe> [] <rxsa><C:\DOCUME~1\new\LOCALS~1\Temp\rxso.exe> [] <jtsa><C:\DOCUME~1\new\LOCALS~1\Temp\jtso.exe> [N/A] <CSMContext><C:\WINDOWS\system32\CSMContext.exe> [中文之星] <upxdnd><C:\WINDOWS\upxdnd.exe> [] <AVPSrv><C:\WINDOWS\AVPSrv.exe> [] <dasa><C:\DOCUME~1\new\LOCALS~1\Temp\daso.exe> [] <YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [(Verified)"beijing yahoo consulting and service co., ltd."] <yassistse><c:\progra~1\yahoo!\assistant\yassistse.exe> [(Verified)"beijing yahoo consulting and service co., ltd."] <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <KAV7NEEDREBOOT><> [N/A] <yokUninstall><cmd /c rd /s /q C:\PROGRA~1\yok> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] <visin><C:\WINDOWS\system32\visin.exe> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)"beijing yahoo consulting and service co., ltd."] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\System64.Sys> [] <{06A68AD9-FF56-6E73-937B-B893E72F6226}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] <WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B202102-FE38-11cf-64CD-21FF5FE1CF20}] <N/A><C:\WINDOWS\system32\ztinetzt.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{63202121-F04D-11cf-64CD-33FF5FE1CF20}] <N/A><C:\WINDOWS\system32\Ravasktao.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6A202101-A04D-21cf-65CD-31FF5FE1CF20}] <N/A><C:\WINDOWS\system32\mydata.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_CURRENT_USER\Control Panel\Desktop] <SCRNSAVE.EXE><C:\WINDOWS\system32\BLISS.SCR> [Microsoft] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [N/A] <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [N/A] <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [] 2007-07-14 15:36:29
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	分享到：

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-07-14 15:09 \| 只看楼主短消息资料字号：小中大 2楼 ================================== 启动文件夹 N/A ================================== 服务 [Asynchronous UPnP Support Services / Asynchronous UPnP Support Services][Running/Auto Start] <C:\WINDOWS\system32\upnpsvc.exe><Microsoft Corporatio> [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] <C:\WINDOWS\system32\Ati2evxx.exe><> [Windows csus RunThem / csus][Running/Auto Start] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\xnpn\hxzx.dll>< > [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [Vsn lyay Service / lyay][Running/Auto Start] <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\rege\vlnl.dll,Service><Microsoft Corporation> [Navoct / Navoct][Running/Auto Start] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< > [Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Manual Start] <C:\WINDOWS\system32\hpzipm12.exe><HP> [Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start] <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A> [Windows Ins / WindowsDown][Stopped/Auto Start] <C:\WINDOWS\system32\servet.exe><N/A> ================================== 驱动程序 [a320raid / a320raid][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.> [AAC / AAC][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AAC.SYS><Adaptec, Inc.> [aar1210 / aar1210][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.> [abp480n5 / abp480n5][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation> [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] <system32\drivers\ac97intc.sys><Intel Corporation> [adpu160m / adpu160m][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation> [adpu320 / adpu320][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.> [ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.> [ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.> [aec6280 / aec6280][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.> [AEC6290 / AEC6290][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC6290.SYS><ACARD Technology Corp.> [AEC67160 / AEC67160][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC67160.SYS><ACARD Technology Corp.> [AEC671X / AEC671X][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC671X.SYS><ACARD Technology Corp.> [AEC6880 / AEC6880][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC6880.SYS><ACARD Technology Corp.> [AEC6890 / AEC6890][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.> [aec68x5 / aec68x5][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.> [Aha154x / Aha154x][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation> [aic78u2 / aic78u2][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation> [aic78xx / aic78xx][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation> [AliIde / AliIde][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.> [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] <System32\DRIVERS\amdk8.sys><Microsoft Corporation> [arc / arc][Stopped/Boot Start] <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.> [asc / asc][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.> [asc3550 / asc3550][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.> [ati2mtag / ati2mtag][Running/Manual Start] <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.> [CmdIde / CmdIde][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.> [dac2w2k / dac2w2k][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation> [dpti2o / dpti2o][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation> [Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start] <system32\DRIVERS\e100b325.sys><Intel Corporation> [elxstor / elxstor][Stopped/Boot Start] <\SystemRoot\system32\drivers\elxstor.sys><Emulex> [FASTSX / FASTSX][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\FASTSX.SYS><Promise Technology, Inc.> [fasttrak / fasttrak][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.> [fasttx2k / fasttx2k][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.> [fasttx2k2 / fasttx2k2][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.> [fdsstkid / fdsstkid][Running/Boot Start] <\SystemRoot\System32\DRIVERS\fdsstkid.sys><Yahoo! China Corporation> [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.> [HpCISSs / HpCISSs][Stopped/Boot Start] <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company> [Hpt366 / Hpt366][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation> [HPT371 / HPT371][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.> [hpt374 / hpt374][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.> [hpt3xx / hpt3xx][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.> [hptmv / hptmv][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.> [hptpro / hptpro][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.> [HSFHWICH / HSFHWICH][Running/Manual Start] <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.> [HSF_DP / HSF_DP][Running/Manual Start] <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.> [Intel Integrated RAID / iaStor][Stopped/Boot Start] <\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation> [iirsp / iirsp][Stopped/Boot Start] <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH> [ini910u / ini910u][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation> [ITERAID_Service_Install / iteraid][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.> [KNetWch / KNetWch][Running/Manual Start] <2 - 系统找不到指定的文件。 ><N/A>
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-07-14 15:10 \| 只看楼主短消息资料字号：小中大 3楼 [KWatch3 / KWatch3][Running/System Start] <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation> [LSI_SAS / LSI_SAS][Stopped/Boot Start] <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic> [LSI_SCSI / LSI_SCSI][Stopped/Boot Start] <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic> [m5228 / m5228][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.> [m5281 / m5281][Stopped/Boot Start] <\SystemRoot\system32\drivers\m5281.sys><ALi Corporation> [mdmxsdk / mdmxsdk][Running/Auto Start] <system32\DRIVERS\mdmxsdk.sys><Conexant> [MegaIDE / MegaIDE][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.> [megasas / megasas][Stopped/Boot Start] <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation> [mraid2k / mraid2k][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.> [mraid35x / mraid35x][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.> [nfrd960 / nfrd960][Stopped/Boot Start] <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation> [Netgroup Packet Filter / NPF][Running/Manual Start] <system32\DRIVERS\npf.sys><NetGroup - Politecnico di Torino> [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A> [nv / nv][Stopped/Manual Start] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [Intel SCSI Controller / NvAtaBus][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation> [NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation> [PNP649R / PNP649R][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\PNP649R.SYS><CMD Technology, Inc.> [SiI 680 ATA Controller / Pnp680][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.> [Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [ql1080 / ql1080][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation> [Ql10wnt / Ql10wnt][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation> [ql12160 / ql12160][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation> [ql1280 / ql1280][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation> [QLogic Fibre Channel SCSI Miniport Driver / ql2300][Stopped/Boot Start] <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation> [RAIDSRC / RAIDSRC][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\RAIDSRC.SYS><Intel/ICP> [S150SX8 / S150SX8][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\S150SX8.SYS><Promise Technology, Inc.> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><N/A> [SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.> [Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start] <\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc> [SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.> [SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc> [SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.> [SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc> [SATALink driver accelerator / SiFilter][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.> [SISIDE / SISIDE][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SISIDE.SYS><Silicon Integrated Systems Corp.> [SiSRaid / SiSRaid][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems> [SiSRaid1 / SiSRaid1][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems> [SISRAIDS / SISRAIDS][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SISRAIDS.SYS><Silicon Integrated Systems Corp> [Sony Notebook Control Device / SNC][Running/Manual Start] <system32\DRIVERS\SonyNC.sys><Sony Corporation> [Sparrow / Sparrow][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.> [Sony Programmable I/O Control Device / SPI][Running/Manual Start] <system32\DRIVERS\SonyPI.sys><Sony Corporation> [sptrak / sptrak][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.> [symc810 / symc810][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.> [symc8xx / symc8xx][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic> [SYMMPI / SYMMPI][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SYMMPI.SYS><LSI Logic> [sym_hi / sym_hi][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic> [sym_u3 / sym_u3][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic> [TosIde / TosIde][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation> [TYKeeper / TYKeeper][Running/] <2 - 系统找不到指定的文件。 ><N/A> [UlSata / UlSata][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.> [ULSATAS / ULSATAS][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ULSATAS.SYS><Promise Technology, Inc.> [ultra / ultra][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.> [ViaIde / ViaIde][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation> [viamraid / viamraid][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd> [VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.> [viaraid / viaraid][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd> [viasraid / viasraid][Stopped/Boot Start] <\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd> [vmscsi / vmscsi][Stopped/Boot Start] <\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.> [YAMAHA AC-XG Audio Device / WDM_YAMAHAAC97][Running/Manual Start] <system32\drivers\yacxgc.sys><YAMAHA CORPORATION> [winachsf / winachsf][Running/Manual Start] <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.> [yaskp / yaskp][Running/Boot Start] <\SystemRoot\system32\drivers\yaskp.sys><Copyright (C) yahoo Corporation.> [npkcrypt / npkcrypt][Running/Auto Start] <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-07-14 15:10 \| 只看楼主短消息资料字号：小中大 4楼 ================================== 浏览器加载项 [Yahoo!Photo] {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China> [AntiFish Class] {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china> [ivxv] {53B54557-ED84-4560-8104-7F88E47448A5} <C:\PROGRA~1\rege\viki.dll, > [DragSearch BHO] {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china> [] {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\rege\.dll, N/A> [KPBHO Class] {7C7DE9B8-CAA6-4B31-BC09-45AFC6B90FDE} <C:\WINDOWS\system32\iesense.dll, 天索网> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD> [assist] {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China> [雅虎助手] {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew, N/A> [微软] {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A> [雅虎助手] {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china> [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation> [Web Browser Applet Control] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation> [PeerDraw Class] {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation> [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A> [Yahoo!Photo] {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China> [AntiFish Class] {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china> [雅虎助手] {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china> [ivxv] {53B54557-ED84-4560-8104-7F88E47448A5} <C:\PROGRA~1\rege\viki.dll, > [DragSearch BHO] {62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china> [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation> [] {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\rege\.dll, N/A> [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [KPBHO Class] {7C7DE9B8-CAA6-4B31-BC09-45AFC6B90FDE} <C:\WINDOWS\system32\iesense.dll, 天索网> [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD> [相关搜索] {A29F7F71-DCDB-412D-B19A-2002DC966E33} <C:\PROGRA~1\yok\relband.dll, N/A> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.> [assist] {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China> [ >> 彩信发送 <<] <res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm, N/A> [使用影音传送带下载] <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A> [使用影音传送带下载全部链接] <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A> [使用迅雷下载] <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A> [使用迅雷下载全部链接] <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A> [导出到 Microsoft Office Excel(&X)] <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> [添加到雅虎订阅(&Y)] <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A> [珊瑚虫搜索] <C:\Program Files\YOK.com\SuperSearch\yoksch.htm, N/A> [雅虎搜索] <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203, N/A>
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-07-14 15:14 \| 只看楼主短消息资料字号：小中大 5楼 ================================== 正在运行的进程 [PID: 636 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 688 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 716 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.5] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 760 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 772 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 928 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 996 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1144 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\iesnap\navoct.dll] [ , 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)] [PID: 1224 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1348 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1544 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\hppcappm.dll] [Hewlett-Packard, 1, 0, 11, 100] [C:\WINDOWS\system32\LTKRN11n.dll] [LEAD Technologies, Inc., 11.5.0.012] [C:\WINDOWS\system32\LTFIL11n.DLL] [LEAD Technologies, Inc., 11.5.0.012] [C:\WINDOWS\system32\HPBMMON.DLL] [Hewlett-Packard, 10.00.16] [C:\WINDOWS\system32\hpdomon.dll] [Hewlett-Packard, 03.42.00] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HPPRN05.DLL] [Hewlett-Packard Corporation, 60.5.36.2] [C:\WINDOWS\system32\hpbmmjno.dll] [Hewlett-Packard, 00.01.00] [PID: 1812 / new][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\CSMPYIme.dll] [N/A, ] [C:\WINDOWS\system32\CSConvert.dll] [北京中文之星数码科技有限公司, 3, 0, 0, 0] [C:\WINDOWS\system32\CSMPYEng.dll] [N/A, ] [C:\WINDOWS\system32\CSMPinyin.dll] [N/A, ] [C:\WINDOWS\system32\CSMConfig.dll] [, 1, 0, 0, 1] [C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\WINDOWS\system32\cmdbcs.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\Program Files\yok\yok.dll] [YOK.Com, 3, 0, 0, 1005] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\WINDOWS\system32\AVPSrv.dll] [N/A, ] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011] [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll] [Yahoo! China, 3, 0, 5, 1009] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 8, 1010] [C:\PROGRA~1\rege\viki.dll] [, 1, 2, 0, 8] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [yahoo! china, 3, 0, 7, 1009] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll] [Yahoo! China, 3, 1, 8, 1023] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [PID: 1908 / new][C:\WINDOWS\system32\CSMContext.exe] [中文之星, 1, 0, 0, 1] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 164 / new][C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe] [Hewlett-Packard, 00 .00 .14] [C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\hpptui0.dll] [Hewlett-Packard, 01.00.56] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 196 / new][C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe] [Hewlett-Packard, 1, 0, 0, 24] [PID: 208 / new][C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe] [Hewlett-Packard, 2, 0, 37, 0] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4]
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-07-14 15:15 \| 只看楼主短消息资料字号：小中大 6楼 [PID: 544 / new][C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe] [N/A, ] [C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\hotspot\jvm.dll] [N/A, ] [C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\hpi.dll] [N/A, ] [C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\verify.dll] [N/A, ] [C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\java.dll] [N/A, ] [C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\zip.dll] [N/A, ] [C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\net.dll] [N/A, ] [C:\WINDOWS\system32\jst.dll] [N/A, ] [C:\WINDOWS\system32\d4channel.dll] [Hewlett-Packard, 02.07.50] [C:\WINDOWS\system32\HPZidr12.dll] [HP, 7, 0, 5, 0] [PID: 992 / new][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] [Yahoo! China, 3, 1, 9, 1025] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\CSMPYIme.dll] [N/A, ] [C:\WINDOWS\system32\CSConvert.dll] [北京中文之星数码科技有限公司, 3, 0, 0, 0] [C:\WINDOWS\system32\CSMPYEng.dll] [N/A, ] [C:\WINDOWS\system32\CSMPinyin.dll] [N/A, ] [C:\WINDOWS\system32\CSMConfig.dll] [, 1, 0, 0, 1] [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll] [yahoo! china, 3, 0, 2, 1002] [PID: 284 / new][C:\progra~1\yahoo!\assistant\yassistse.exe] [Yahoo! China, 3, 0, 7, 1010] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\progra~1\yahoo!\assistant\shell\yAssecblk.dll] [Yahoo! China, 3, 1, 9, 1027] [C:\progra~1\yahoo!\assistant\shell\yMenuInfo.dll] [Yahoo! China, 3, 0, 1, 1001] [C:\progra~1\yahoo!\assistant\shell\yIEAngel.dll] [Yahoo! China, 3, 0, 3, 1004] [C:\progra~1\yahoo!\assistant\shell\yAsMenu.dll] [Yahoo! China, 3, 0, 2, 1003] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [PID: 304 / new][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3427] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [PID: 536 / new][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [PID: 892 / new][C:\Progra~1\Eset\1explore.exe] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [PID: 896 / new][C:\DOCUME~1\new\LOCALS~1\Temp\byetmr.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\DOCUME~1\new\LOCALS~1\Temp\packet.dll] [CACE Technologies, 3, 1, 0, 27] [C:\DOCUME~1\new\LOCALS~1\Temp\WanPacket.dll] [CACE Technologies, 3, 1, 0, 27] [C:\DOCUME~1\new\LOCALS~1\Temp\NPPTools.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ]
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-07-14 15:15 \| 只看楼主短消息资料字号：小中大 7楼 [PID: 1116 / new][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [PID: 276 / SYSTEM][C:\WINDOWS\system32\upnpsvc.exe] [Microsoft Corporatio, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 396 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [PID: 1968 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\progra~1\xnpn\hxzx.dll] [ , 5, 0, 0, 4] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [c:\progra~1\xnpn\mcec.dll] [ , 5, 0, 0, 4] [c:\progra~1\xnpn\dtvt.dll] [, 5, 0, 0, 2] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [PID: 2504 / SYSTEM][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\PROGRA~1\rege\vlnl.dll] [, 1, 2, 0, 8] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [PID: 2700 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hpgwiamd.dll] [Hewlett-Packard, 3.2.2.553] [C:\WINDOWS\system32\hpptpml.dll] [Hewlett-Packard, 1.0.0.1] [PID: 2716 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 2956 / SYSTEM][C:\WINDOWS\system32\mstsc.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\CSMPYIme.dll] [N/A, ] [C:\WINDOWS\system32\CSConvert.dll] [北京中文之星数码科技有限公司, 3, 0, 0, 0] [C:\WINDOWS\system32\CSMPYEng.dll] [N/A, ] [C:\WINDOWS\system32\CSMPinyin.dll] [N/A, ] [C:\WINDOWS\system32\CSMConfig.dll] [, 1, 0, 0, 1] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [PID: 3056 / SYSTEM][C:\WINDOWS\system32\cmd.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2496 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1876 / new][C:\WINDOWS\system32\WgaTray.exe] [Microsoft Corporation, 1.7.0018.5] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\WINDOWS\system32\CSMPYIme.dll] [N/A, ] [C:\WINDOWS\system32\CSConvert.dll] [北京中文之星数码科技有限公司, 3, 0, 0, 0] [C:\WINDOWS\system32\CSMPYEng.dll] [N/A, ] [C:\WINDOWS\system32\CSMPinyin.dll] [N/A, ] [C:\WINDOWS\system32\CSMConfig.dll] [, 1, 0, 0, 1] [C:\WINDOWS\system32\AVPSrv.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\WINDOWS\system32\cmdbcs.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ] [PID: 2156 / new][c:\PROGRA~1\iesnap\navplay.exe] [, 1, 0, 1, 4] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 3332 / new][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 920 / new][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo! China, 3, 0, 3, 1004] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\CSMPYIme.dll] [N/A, ] [C:\WINDOWS\system32\CSConvert.dll] [北京中文之星数码科技有限公司, 3, 0, 0, 0] [C:\WINDOWS\system32\CSMPYEng.dll] [N/A, ] [C:\WINDOWS\system32\CSMPinyin.dll] [N/A, ] [C:\WINDOWS\system32\CSMConfig.dll] [, 1, 0, 0, 1] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 8, 1010] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [yahoo! china, 3, 0, 5, 1007] [C:\PROGRA~1\rege\viki.dll] [, 1, 2, 0, 8] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [yahoo! china, 3, 0, 7, 1009] [C:\WINDOWS\system32\iesense.dll] [天索网, 1.0.0.1] [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll] [Yahoo! China, 3, 1, 8, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [yahoo! china, 3, 3, 1, 1092] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ysearch.dll] [Yahoo! China, 3, 2, 0, 1021] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] [yahoo! china, 3, 0, 3, 1005] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] [Yahoo! China, 3, 0, 2, 1003] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] [Yahoo! China, 3, 0, 5, 1006] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] [Yahoo! China, 3, 0, 6, 1006] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] [Yahoo! China, 3, 0, 7, 1009] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YSETTI~1.DLL] [yahoo! china, 3, 2, 1, 1035] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ymailp.dll] [Yahoo! China, 3, 0, 6, 1012] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\WINDOWS\system32\AVPSrv.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\WINDOWS\system32\cmdbcs.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ] [c:\PROGRA~1\iesnap\navpref.dll] [, 1, 0, 1, 4] [c:\PROGRA~1\iesnap\navseg.dll] [, 1, 0, 1, 4] [c:\PROGRA~1\iesnap\navneg.dll] [, 1, 0, 1, 4] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\WINDOWS\system32\macromed\flash\Flash85.ocx] [Macromedia, Inc., 8,5,0,133] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yeheocx.dll] [Yahoo! China, 9, 0, 4, 1015] [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_003.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:

第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:	发表于： 2007-07-14 15:16 \| 只看楼主短消息资料字号：小中大 8楼 [PID: 316 / new][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 2408 / new][C:\Documents and Settings\new\桌面\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023] [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025] [c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 4] [c:\progra~1\xnpn\kaca.dll] [, 5, 0, 0, 4] [c:\progra~1\xnpn\pfhf.dll] [ , 5, 0, 0, 4] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\CSMPYIII.IME] [中文之星, 6, 6, 6, 1] [C:\WINDOWS\system32\CSMPYIme.dll] [N/A, ] [C:\WINDOWS\system32\CSConvert.dll] [北京中文之星数码科技有限公司, 3, 0, 0, 0] [C:\WINDOWS\system32\CSMPYEng.dll] [N/A, ] [C:\WINDOWS\system32\CSMPinyin.dll] [N/A, ] [C:\WINDOWS\system32\CSMConfig.dll] [, 1, 0, 0, 1] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\WINDOWS\system32\AVPSrv.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\WINDOWS\system32\cmdbcs.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ] [C:\Documents and Settings\new\桌面\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP Error. [winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf [E:\] [AutoRun] open=SysAuto.exe shellexecute=SysAuto.exe shell\打开(&O)\command=SysAuto.exe ================================== HOSTS 文件 127.0.0.1 localhost ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 1908, C:\WINDOWS\SYSTEM32\CSMCONTEXT.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 164, C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX\STATUSCLIENT\STATUSCLIENT.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 196, C:\PROGRAM FILES\HEWLETT-PACKARD\ORDERREMINDER\ORDERREMINDER\ORDERREMINDER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 208, C:\PROGRAM FILES\HEWLETT-PACKARD\HP SOFTWARE UPDATE\HPWUSCHD2.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 544, C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX\JRE\BIN\JAVAW.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 304, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 892, C:\PROGRA~1\ESET\1EXPLORE.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 896, C:\DOCUME~1\NEW\LOCALS~1\TEMP\BYETMR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2156, C:\PROGRA~1\IESNAP\NAVPLAY.EXE] ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]
第三支烟初生襁褓狮帖子:110 注册: 2006-08-28 来自:

泡泡牛牛初生襁褓狮帖子:225 注册: 2005-02-01 来自:	发表于： 2007-07-14 15:40 \| 短消息资料字号：小中大 9楼 <ravshell><C:\Progra~1\Eset\1explore.exe> [] <wosa><C:\DOCUME~1\new\LOCALS~1\Temp\woso.exe> [N/A] <ztsa><C:\DOCUME~1\new\LOCALS~1\Temp\ztso.exe> [] <mhsa><C:\DOCUME~1\new\LOCALS~1\Temp\mhso.exe> [] <qjsa><C:\DOCUME~1\new\LOCALS~1\Temp\qjso.exe> [] <tlsa><C:\DOCUME~1\new\LOCALS~1\Temp\tlso.exe> [] <wdsa><C:\DOCUME~1\new\LOCALS~1\Temp\wdso.exe> [N/A] <cmdbcs><C:\WINDOWS\cmdbcs.exe> [] <wmsa><C:\DOCUME~1\new\LOCALS~1\Temp\wmso.exe> [] <wlsa><C:\DOCUME~1\new\LOCALS~1\Temp\wlso.exe> [] <fysa><C:\DOCUME~1\new\LOCALS~1\Temp\fyso.exe> [N/A] <wgsa><C:\DOCUME~1\new\LOCALS~1\Temp\wgso.exe> [] <rxsa><C:\DOCUME~1\new\LOCALS~1\Temp\rxso.exe> [] <jtsa><C:\DOCUME~1\new\LOCALS~1\Temp\jtso.exe> [N/A] <upxdnd><C:\WINDOWS\upxdnd.exe> [] <AVPSrv><C:\WINDOWS\AVPSrv.exe> [] <dasa><C:\DOCUME~1\new\LOCALS~1\Temp\daso.exe> [] .....................................未完待续
泡泡牛牛初生襁褓狮帖子:225 注册: 2005-02-01 来自:

baohe 大版主帖子:72578 注册: 2003-04-10 来自:	发表于： 2007-07-14 15:46 \| 短消息资料字号：小中大 10楼【回复“第三支烟”的帖子】 1、用IceSword禁止进程创建。强制卸除下列进程中的病毒模块： [PID: 928 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 1812 / new][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\WINDOWS\system32\cmdbcs.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\Program Files\yok\yok.dll] [YOK.Com, 3, 0, 0, 1005] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\WINDOWS\system32\AVPSrv.dll] [N/A, ] [PID: 1908 / new][C:\WINDOWS\system32\CSMContext.exe] [中文之星, 1, 0, 0, 1] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 164 / new][C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe] [Hewlett-Packard, 00 .00 .14] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 208 / new][C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe] [Hewlett-Packard, 2, 0, 37, 0] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 544 / new][C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe] [N/A, ] [C:\WINDOWS\system32\jst.dll] [N/A, ] [PID: 992 / new][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] [Yahoo! China, 3, 1, 9, 1025] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 284 / new][C:\progra~1\yahoo!\assistant\yassistse.exe] [Yahoo! China, 3, 0, 7, 1010] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 304 / new][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3427] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 536 / new][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 892 / new][C:\Progra~1\Eset\1explore.exe] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [PID: 896 / new][C:\DOCUME~1\new\LOCALS~1\Temp\byetmr.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\packet.dll] [CACE Technologies, 3, 1, 0, 27] [C:\DOCUME~1\new\LOCALS~1\Temp\WanPacket.dll] [CACE Technologies, 3, 1, 0, 27] [C:\DOCUME~1\new\LOCALS~1\Temp\NPPTools.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 1876 / new][C:\WINDOWS\system32\WgaTray.exe] [Microsoft Corporation, 1.7.0018.5] [C:\WINDOWS\system32\AVPSrv.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\WINDOWS\system32\cmdbcs.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ] [PID: 2156 / new][c:\PROGRA~1\iesnap\navplay.exe] [, 1, 0, 1, 4] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 3332 / new][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 920 / new][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\WINDOWS\system32\AVPSrv.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\WINDOWS\system32\cmdbcs.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ] [PID: 316 / new][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)] [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys] [N/A, ] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [PID: 2408 / new][C:\Documents and Settings\new\桌面\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\upxdnd.dll] [N/A, ] [C:\WINDOWS\system32\AVPSrv.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\WINDOWS\system32\cmdbcs.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ] 2、用IceSword删除下列文件： E盘根目录下的Autorun.inf和SysAuto.exe 上述进程中的病毒模块程序以及下列注册表启动项、服务项、驱动项指向的程序：启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ravshell><C:\Progra~1\Eset\1explore.exe> [] <svc><C:\DOCUME~1\new\LOCALS~1\Temp\byetmr.exe> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <wosa><C:\DOCUME~1\new\LOCALS~1\Temp\woso.exe> [N/A] <ztsa><C:\DOCUME~1\new\LOCALS~1\Temp\ztso.exe> [] <mhsa><C:\DOCUME~1\new\LOCALS~1\Temp\mhso.exe> [] <qjsa><C:\DOCUME~1\new\LOCALS~1\Temp\qjso.exe> [] <tlsa><C:\DOCUME~1\new\LOCALS~1\Temp\tlso.exe> [] <wdsa><C:\DOCUME~1\new\LOCALS~1\Temp\wdso.exe> [N/A] <cmdbcs><C:\WINDOWS\cmdbcs.exe> [] <wmsa><C:\DOCUME~1\new\LOCALS~1\Temp\wmso.exe> [] <wlsa><C:\DOCUME~1\new\LOCALS~1\Temp\wlso.exe> [] <fysa><C:\DOCUME~1\new\LOCALS~1\Temp\fyso.exe> [N/A] <wgsa><C:\DOCUME~1\new\LOCALS~1\Temp\wgso.exe> [] <rxsa><C:\DOCUME~1\new\LOCALS~1\Temp\rxso.exe> [] <jtsa><C:\DOCUME~1\new\LOCALS~1\Temp\jtso.exe> [N/A] <upxdnd><C:\WINDOWS\upxdnd.exe> [] <AVPSrv><C:\WINDOWS\AVPSrv.exe> [] <dasa><C:\DOCUME~1\new\LOCALS~1\Temp\daso.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <KAV7NEEDREBOOT><> [N/A] <yokUninstall><cmd /c rd /s /q C:\PROGRA~1\yok> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] <visin><C:\WINDOWS\system32\visin.exe> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\System64.Sys> [] <{06A68AD9-FF56-6E73-937B-B893E72F6226}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B202102-FE38-11cf-64CD-21FF5FE1CF20}] <N/A><C:\WINDOWS\system32\ztinetzt.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{63202121-F04D-11cf-64CD-33FF5FE1CF20}] <N/A><C:\WINDOWS\system32\Ravasktao.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6A202101-A04D-21cf-65CD-31FF5FE1CF20}] <N/A><C:\WINDOWS\system32\mydata.exe> [] 服务 [Windows csus RunThem / csus][Running/Auto Start] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\xnpn\hxzx.dll>< > [Vsn lyay Service / lyay][Running/Auto Start] <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\rege\vlnl.dll,Service><Microsoft Corporation> [Navoct / Navoct][Running/Auto Start] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< > [Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start] <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A> [Windows Ins / WindowsDown][Stopped/Auto Start] <C:\WINDOWS\system32\servet.exe><N/A> [KNetWch / KNetWch][Running/Manual Start] <2 - 系统找不到指定的文件。 ><N/A> [Netgroup Packet Filter / NPF][Running/Manual Start] <system32\DRIVERS\npf.sys><NetGroup - Politecnico di Torino> [TYKeeper / TYKeeper][Running/] <2 - 系统找不到指定的文件。 ><N/A> 3、用IceSword删除上述注册表内容。 4、取消禁止进程创建。 5、用sreng修复文件关联。另：你那个“中文之星”————卸了吧（流氓一个！）
baohe 大版主帖子:72578 注册: 2003-04-10 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT