SREng报告,请大家帮忙看看. - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 SREng报告,请大家帮忙看看.

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

[求助] SREng报告,请大家帮忙看看.

边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:	发表于： 2008-06-27 17:02 \| 只看楼主短消息资料字号：小中大 1楼 SREng报告,请大家帮忙看看. 最近发现机子上瑞星小绿伞以及360安全卫士等,都无法双击启动.都为开机自启动项,却无法在系统托栏显示,求助各位卡友. 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TheWorld) 附件: 文件名:SREngLOG-打印室.log 下载次数:128 文件类型:application/octet-stream 文件大小: 上传时间:2008-6-27 17:01:52 描述:log
边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:	分享到：

边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:	发表于： 2008-06-27 17:07 \| 只看楼主短消息资料字号：小中大 2楼回复: SREng报告,请大家帮忙看看. [CODE] 2008-06-25,16:35:26 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <SetDefPrt><C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe> [Brother Industories, Ltd.] <ControlCenter2.0><C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun> [Brother Industries, Ltd.] <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and Technology Corporation Limited] <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A] <hefcndy><C:\WINDOWS\hefcndy.exe> [] <ytewcxzsw><C:\WINDOWS\ytewcxzsw.exe> [N/A] <igzwzslm><C:\WINDOWS\gwsmhxuq.exe> [] <juejwcx><C:\WINDOWS\juejwcx.exe> [] <anittio><C:\WINDOWS\anittio.exE> [] <yuibbct><C:\WINDOWS\yuibbct.exe> [] <hgeazpkc><C:\WINDOWS\hgeazpkc.exe> [] <wipxcdec><C:\WINDOWS\wipxcdec.exe> [] <isndctio><C:\WINDOWS\isndctio.exe> [] <nbnwewd><C:\WINDOWS\nbnwewd.exe> [] <dndsioc><C:\WINDOWS\dndsioc.exe> [] <wrew2ds><C:\WINDOWS\wrew2ds.exe> [] <stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R> [(Verified)Tencent Technology(Shenzhen) Company Limited] <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><SysDaJcHv.dll,msosdohs01.dll,msosmnsf01.dll,wipicdec.dll,dylddm.dll,azuntv.dll,wzyiwy.dll,msosmhfp01.dll,msoscqit00.dll,msosjtio01.dll,nicozftp01.dll,msosdrop00.dll,zfsweq.dll,fmsiocps.dll,twawbc.dll,msosmhap01.dll,ytewcxzsw.dll,msoscqet00.dll,msosfasq00.dll,oqlvie.dll,msosjtfo01.dll,hhhhhh.dll,doftrm.dll,bbbbbb.dll,ijtqzc.dll,zzzzzz.dll,lecdjj.dll,wipxcdec.dll,msostuic01.dll,tttttt.dll,dddddd.dll,tisqatyu.dll,vvvvvv.dll,rrrrrr.dll,akjsckaq.dll,skqncbib.dll,nnnnnn.dll,llllll.dll,yzztkmsn.dll,arjreler.dll,akjsdkaq.dll,pppppp.dll,eeeeee.dll,ffffff.dll,oooooo.dll> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [(Verified)Beijing Rising Science and Technology Corporation Limited] <{C3D16072-2E1B-450B-B843-50EADDC8EB63}><C:\WINDOWS\system32\xcvaver1.dll> [] <{189F087F-4378-405F-85FA-37D955AD7A8C}><C:\WINDOWS\system32\mtewdh.dll> [] <{6629FF4F-ACDB-5C90-A098-FACB3456A266}><C:\WINDOWS\system32\mpmyfapi.dll> [] <{28EB3777-3E23-4E72-8449-A992D09D24C3}><C:\WINDOWS\system32\zefdst.dll> [] <{6C648541-1025-9650-9057-6541258720C6}><C:\WINDOWS\system32\mndhfdwd.dll> [] <{528DF602-9541-A985-210A-984A698C6F25}><C:\WINDOWS\system32\ptjhehlp.dll> [] <{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\system32\hhrdxd.dll> [] <{2D698451-2015-6358-9871-2015987452D2}><C:\WINDOWS\system32\apzhbtde.dll> [] <{18093456-9012-4568-9076-908765467181}><C:\WINDOWS\system32\tisqatyu.dll> [] <{3D698451-2015-6358-9871-2015987452D3}><C:\WINDOWS\system32\apzhctde.dll> [] <{E8A3B193-77E3-4FB3-986D-F4FA4828BAFC}><C:\WINDOWS\system32\wklsdd.dll> [] <{DC3D30AE-0380-4151-8934-EE98A34B0370}><C:\WINDOWS\system32\mfdesy.dll> [] <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\system32\sgrefg.dll> [] <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\system32\zgrjdx.dll> [] <{35671234-7890-ABCD-CDEF-567801237653}><C:\WINDOWS\system32\yxcschlp.dll> [] <{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}><C:\WINDOWS\system32\jggtsr.dll> [] <{B29583D8-033A-4B9F-8553-7C5458F3FB8E}><C:\WINDOWS\system32\jdsaex.dll> [] <{43512378-9874-5641-1025-985420368734}><C:\WINDOWS\system32\oswxdttb.dll> [] <{5A069845-2036-6084-9054-6087502480A5}><C:\WINDOWS\system32\ozfyebyt.dll> [] <{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}><C:\WINDOWS\system32\fsrgeb.dll> [] <{25FD6584-698F-BCD2-602C-698745210352}><C:\WINDOWS\system32\rijxbkin.dll> [] <{3A908760-8000-4000-A000-9000322145A3}><C:\WINDOWS\system32\akjsckaq.dll> [] <{4D165A2A-4BC1-4CA8-8299-08E05AAAB5A4}><C:\WINDOWS\system32\tdggrz.dll> [] <{031B7024-4FC5-49B3-98EF-6B810FF12678}><C:\WINDOWS\system32\sjhrdh.dll> [] <{20909876-4567-3908-4056-909834565102}><C:\WINDOWS\system32\erxybloe.dll> [] <{32023698-6984-8541-9654-698745012523}><C:\WINDOWS\system32\skqncbib.dll> [] <{55694105-5108-9405-3695-954187462155}><C:\WINDOWS\system32\mpwdeapi.dll> [] <{B629FF4F-ACDB-5C90-A098-FACB3456A26B}><C:\WINDOWS\system32\hdf453d.dll> [] <{B490415F-65F8-B5C5-D8BA-9405FB12054B}><C:\WINDOWS\system32\yzztkmsn.dll> [] <{7FD45A54-9875-698F-E56E-65102358FDF7}><C:\WINDOWS\system32\apsggjba.dll> [] <{7C69034A-F45F-D34D-A33A-C33C4D324FC7}><C:\WINDOWS\system32\arjreler.dll> [] <{4A908760-8000-4000-A000-9000322145A4}><C:\WINDOWS\system32\akjsdkaq.dll> [] <{2B69874A-C58C-458D-69F0-698F874E41B2}><C:\WINDOWS\system32\lassaplo.dll> [] <{5D098345-6785-1098-5413-678067AE03D5}><C:\WINDOWS\system32\tysqbkol.dll> [] <{60A345CD-ABCD-EFAB-CDEF-ABCD01020306}><C:\WINDOWS\system32\pqzfajke.dll> [] <{50940F85-F015-14F1-A05F-F69858AC6D05}><C:\WINDOWS\system32\zptlcsys.dll> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe] <IFEO[adam.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe] <IFEO[AgentSvr.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe] <IFEO[AppSvc32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ati2evxx.exe] <IFEO[ati2evxx.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe] <IFEO[autoruns.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe] <IFEO[avconsol.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe] <IFEO[avgrssvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe] <IFEO[AvMonitor.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com] <IFEO[avp.com]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe] <IFEO[avp.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe] <IFEO[ccSvcHst.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe] <IFEO[egui.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\esafe.exe] <IFEO[esafe.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe] <IFEO[FileDsty.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe] <IFEO[FTCleanerShell.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe] <IFEO[HijackThis.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe] <IFEO[IceSword.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\idag.exe] <IFEO[idag.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe] <IFEO[Iparmor.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe] <IFEO[isPwdSvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe] <IFEO[kabaload.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kaccore.exe] <IFEO[kaccore.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR] <IFEO[KaScrScn.SCR]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe] <IFEO[KASMain.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe] <IFEO[KASTask.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe] <IFEO[KAV32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe] <IFEO[KAVDX.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe] <IFEO[KAVPF.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe] <IFEO[KAVPFW.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe] <IFEO[KAVSetup.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavsvc.exe] <IFEO[kavsvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVsvcUI.exe] <IFEO[KAVsvcUI.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe] <IFEO[KISLnchr.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe] <IFEO[KMailMon.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe] <IFEO[KMFilter.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe] <IFEO[KPFW32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kpfwsvc.exe] <IFEO[kpfwsvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe] <IFEO[KRegEx.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.com] <IFEO[KRepair.com]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe] <IFEO[KsLoader.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher]
边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:

边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:	发表于： 2008-06-27 17:07 \| 只看楼主短消息资料字号：小中大 3楼回复: SREng报告,请大家帮忙看看. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp] <IFEO[KVCenter.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe] <IFEO[KvDetect.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVFW.EXE] <IFEO[KVFW.EXE]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe] <IFEO[KvfwMcl.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp] <IFEO[KVMonXP_1.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe] <IFEO[kvol.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe] <IFEO[kvolself.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp] <IFEO[KvReport.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp] <IFEO[KVScan.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp] <IFEO[KVStub.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe] <IFEO[kvupload.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVwsc.exe] <IFEO[KVwsc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe] <IFEO[KWatch9x.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe] <IFEO[KWatchX.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe] <IFEO[MagicSet.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe] <IFEO[mcconsol.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe] <IFEO[mmqczj.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe] <IFEO[mmsk.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe] <IFEO[navapsvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe] <IFEO[Navapw32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe] <IFEO[nod32krn.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPFMntor.exe] <IFEO[NPFMntor.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OllyDBG.EXE] <IFEO[OllyDBG.EXE]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OllyICE.EXE] <IFEO[OllyICE.EXE]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe] <IFEO[PFW.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe] <IFEO[PFWLiveUpdate.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe] <IFEO[procexp.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe] <IFEO[QHSET.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqsc.exe] <IFEO[qqsc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe] <IFEO[Ras.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav.exe] <IFEO[rav.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravstub.exe] <IFEO[ravstub.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtimer.exe] <IFEO[ravtimer.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtool.exe] <IFEO[ravtool.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe] <IFEO[RegClean.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regtool.exe] <IFEO[regtool.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe] <IFEO[rfwmain.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwproxy.exeFYFireWall.exe] <IFEO[rfwproxy.exeFYFireWall.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe] <IFEO[rfwsrv.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.exe] <IFEO[rfwstub.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rising.exe] <IFEO[rising.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe] <IFEO[Rsaupd.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe] <IFEO[runiep.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe] <IFEO[safelive.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe] <IFEO[scan32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe] <IFEO[shcfg32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe] <IFEO[SmartUp.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE] <IFEO[SREng.EXE]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe] <IFEO[symlcsvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe] <IFEO[SysSafe.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe] <IFEO[TrojanDetector.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe] <IFEO[Trojanwall.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp] <IFEO[TrojDie.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe] <IFEO[UIHost.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe] <IFEO[UmxAgent.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe] <IFEO[UmxAttachment.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe] <IFEO[UmxCfg.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe] <IFEO[UmxFwHlp.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe] <IFEO[UmxPol.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe] <IFEO[UpLive.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe] <IFEO[vsstat.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe] <IFEO[webscanx.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WinDbg.exe] <IFEO[WinDbg.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe] <IFEO[WoptiClean.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <KernelFailCheck><; C:\WINDOWS\syscheck.exe> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <QQDownload><; "D:\Program Files\QQDownload\QQDownload.exe" autostart> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <runeip><; "C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.] <SoundMan><; SOUNDMAN.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <stup.exe><; Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R> [(Verified)Tencent Technology(Shenzhen) Company Limited] <VModes><; VModes AttachToDesktop> [N/A] <VTTimer><; VTTimer.exe> [S3 Graphics, Inc.] <VTTrayp><; VTtrayp.exe> [S3 Graphics Co., Ltd.]
边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:

边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:	发表于： 2008-06-27 17:11 \| 只看楼主短消息资料字号：小中大 4楼回复: SREng报告,请大家帮忙看看. ================================== 启动文件夹 [服务管理器] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N> ================================== 服务 [Microsoft Audio Manager / 6to4][Running/Auto Start] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\6to4ex.dll><Microsoft Corporation> [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [MSSQL$CFIT808 / MSSQL$CFIT808][Running/Auto Start] <C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\sqlservr.exe -sCFIT808><Microsoft Corporation> [MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start] <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation> [Rising Process Communication Center / RsCCenter][Stopped/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.> [SQLAgent$CFIT808 / SQLAgent$CFIT808][Stopped/Manual Start] <C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\sqlagent.EXE -i CFIT808><Microsoft Corporation> ================================== 驱动程序 [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] <system32\drivers\ac97intc.sys><Intel Corporation> [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.> [AliIde / AliIde][Running/Boot Start] <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.> [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] <System32\DRIVERS\amdk8.sys><Advanced Micro Devices> [Atixeve2203 / Atixeve2203][Stopped/Manual Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.46.tmp><N/A> [Atixeve2531 / Atixeve2531][Stopped/Manual Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.390.tmp><N/A> [Atixeve2906 / Atixeve2906][Stopped/Manual Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.625.tmp><N/A> [Brother USB Still Image driver / BrScnUsb][Stopped/Manual Start] <System32\Drivers\BrScnUsb.sys><Brother Industries Ltd.> [CmdIde / CmdIde][Running/Boot Start] <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.> [cqet / cqet][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp35.tmp><N/A> [cqit / cqit][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp9.tmp><N/A> [dohs / dohs][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp9.tmp><N/A> [drop / drop][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpD.tmp><N/A> [dump_wmimmc / dump_wmimmc][Stopped/Manual Start] <\??\D:\Downloads\M01\GameGuard\dump_wmimmc.sys><N/A> [fasq / fasq][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp38.tmp><N/A> [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.> [fmsq / fmsq][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp7.tmp><N/A> [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd> [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd> [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd> [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd> [jtfo / jtfo][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp3C.tmp><N/A> [jtio / jtio][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpF.tmp><N/A> [mhap / mhap][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp1.tmp><N/A> [mhfp / mhfp][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp1.tmp><N/A> [mnsf / mnsf][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB.tmp><N/A> [msfpfis64 / msfpfis64][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\msosmsfpfis64.sys><N/A> [msp2p32 / msp2p32][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\msosmsp2p32.sys><N/A> [Netgroup Packet Filter / NPF][Stopped/Manual Start] <system32\drivers\npf.sys><CACE Technologies> [npkcrypt / npkcrypt][Running/Auto Start] <\??\D:\Program Files\QQ2007\npkcrypt.sys><INCA Internet Co., Ltd.> [NPPTNT2 / NPPTNT2][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.> [nv / nv][Stopped/Manual Start] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [ptfs / ptfs][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp21.tmp><N/A> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.> [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start] <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><N/A> [tuic / tuic][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp40.tmp><N/A> [VIA AGP Filter / viaagp1][Running/Boot Start] <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.> [viagfx / viagfx][Running/Manual Start] <system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.> [ViaIde / ViaIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation> [VIAMRAID / VIAMRAID][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd> [zftp / zftp][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp3.tmp><N/A> ================================== 浏览器加载项 [QQCycloneHelper Class] {00000000-12C5-4305-82F9-43058F20E8D2} <D:\Program Files\QQDownload\QQIEHelper01.dll, 腾讯公司> [Thunder Browser Helper] {00000000-12C6-4305-82F9-43058F20E8D2} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD> [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD> [Tencent Browser Helper] {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent> [] {18093456-9012-4568-9076-908765467181} <C:\WINDOWS\system32\tisqatyu.dll, N/A> [] {20909876-4567-3908-4056-909834565102} <C:\WINDOWS\system32\erxybloe.dll, N/A> [] {25FD6584-698F-BCD2-602C-698745210352} <C:\WINDOWS\system32\rijxbkin.dll, N/A> [] {2B69874A-C58C-458D-69F0-698F874E41B2} <C:\WINDOWS\system32\lassaplo.dll, N/A> [] {2D698451-2015-6358-9871-2015987452D2} <C:\WINDOWS\system32\apzhbtde.dll, N/A> [] {32023698-6984-8541-9654-698745012523} <C:\WINDOWS\system32\skqncbib.dll, N/A> [] {35671234-7890-ABCD-CDEF-567801237653} <C:\WINDOWS\system32\yxcschlp.dll, N/A> [] {3A908760-8000-4000-A000-9000322145A3} <C:\WINDOWS\system32\akjsckaq.dll, N/A> [] {3D698451-2015-6358-9871-2015987452D3} <C:\WINDOWS\system32\apzhctde.dll, N/A> [] {43512378-9874-5641-1025-985420368734} <C:\WINDOWS\system32\oswxdttb.dll, N/A> [] {4A908760-8000-4000-A000-9000322145A4} <C:\WINDOWS\system32\akjsdkaq.dll, N/A> [] {50940F85-F015-14F1-A05F-F69858AC6D05} <C:\WINDOWS\system32\zptlcsys.dll, N/A> [] {528DF602-9541-A985-210A-984A698C6F25} <C:\WINDOWS\system32\ptjhehlp.dll, N/A> [] {55694105-5108-9405-3695-954187462155} <C:\WINDOWS\system32\mpwdeapi.dll, N/A> [] {5A069845-2036-6084-9054-6087502480A5} <C:\WINDOWS\system32\ozfyebyt.dll, N/A> [] {5D098345-6785-1098-5413-678067AE03D5} <C:\WINDOWS\system32\tysqbkol.dll, N/A> [] {60A345CD-ABCD-EFAB-CDEF-ABCD01020306} <C:\WINDOWS\system32\pqzfajke.dll, N/A> [] {6629FF4F-ACDB-5C90-A098-FACB3456A266} <C:\WINDOWS\system32\mpmyfapi.dll, N/A> [] {6C648541-1025-9650-9057-6541258720C6} <C:\WINDOWS\system32\mndhfdwd.dll, N/A> [] {7C69034A-F45F-D34D-A33A-C33C4D324FC7} <C:\WINDOWS\system32\arjreler.dll, N/A> [] {7FD45A54-9875-698F-E56E-65102358FDF7} <C:\WINDOWS\system32\apsggjba.dll, N/A> [] {B490415F-65F8-B5C5-D8BA-9405FB12054B} <C:\WINDOWS\system32\yzztkmsn.dll, N/A> [] {B629FF4F-ACDB-5C90-A098-FACB3456A26B} <C:\WINDOWS\system32\hdf453d.dll, N/A> [快捷工具条3.2] {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A> [QQCycloneHelper Class] {00000000-12C5-4305-82F9-43058F20E8D2} <D:\Program Files\QQDownload\QQIEHelper01.dll, 腾讯公司> [Thunder Browser Helper] {00000000-12C6-4305-82F9-43058F20E8D2} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD> [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD> [Tencent Browser Helper] {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent> [] {18093456-9012-4568-9076-908765467181} <C:\WINDOWS\system32\tisqatyu.dll, N/A> [] {20909876-4567-3908-4056-909834565102} <C:\WINDOWS\system32\erxybloe.dll, N/A> [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation> [] {25FD6584-698F-BCD2-602C-698745210352} <C:\WINDOWS\system32\rijxbkin.dll, N/A> [] {2B69874A-C58C-458D-69F0-698F874E41B2} <C:\WINDOWS\system32\lassaplo.dll, N/A> [] {2D698451-2015-6358-9871-2015987452D2} <C:\WINDOWS\system32\apzhbtde.dll, N/A> [RealPlayer RAM Download Handler] {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.> [] {32023698-6984-8541-9654-698745012523} <C:\WINDOWS\system32\skqncbib.dll, N/A> [] {35671234-7890-ABCD-CDEF-567801237653} <C:\WINDOWS\system32\yxcschlp.dll, N/A> [] {3A908760-8000-4000-A000-9000322145A3} <C:\WINDOWS\system32\akjsckaq.dll, N/A> [] {3D698451-2015-6358-9871-2015987452D3} <C:\WINDOWS\system32\apzhctde.dll, N/A> [] {43512378-9874-5641-1025-985420368734} <C:\WINDOWS\system32\oswxdttb.dll, N/A> [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD> [] {4A908760-8000-4000-A000-9000322145A4} <C:\WINDOWS\system32\akjsdkaq.dll, N/A> [] {50940F85-F015-14F1-A05F-F69858AC6D05} <C:\WINDOWS\system32\zptlcsys.dll, N/A> [] {528DF602-9541-A985-210A-984A698C6F25} <C:\WINDOWS\system32\ptjhehlp.dll, N/A> [] {55694105-5108-9405-3695-954187462155} <C:\WINDOWS\system32\mpwdeapi.dll, N/A> [] {5A069845-2036-6084-9054-6087502480A5} <C:\WINDOWS\system32\ozfyebyt.dll, N/A> [] {5D098345-6785-1098-5413-678067AE03D5} <C:\WINDOWS\system32\tysqbkol.dll, N/A> [] {60A345CD-ABCD-EFAB-CDEF-ABCD01020306} <C:\WINDOWS\system32\pqzfajke.dll, N/A> [] {6629FF4F-ACDB-5C90-A098-FACB3456A266} <C:\WINDOWS\system32\mpmyfapi.dll, N/A> [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [] {6C648541-1025-9650-9057-6541258720C6} <C:\WINDOWS\system32\mndhfdwd.dll, N/A> [] {7C69034A-F45F-D34D-A33A-C33C4D324FC7} <C:\WINDOWS\system32\arjreler.dll, N/A> [] {7FD45A54-9875-698F-E56E-65102358FDF7} <C:\WINDOWS\system32\apsggjba.dll, N/A> [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD> [] {B490415F-65F8-B5C5-D8BA-9405FB12054B} <C:\WINDOWS\system32\yzztkmsn.dll, N/A> [] {B629FF4F-ACDB-5C90-A098-FACB3456A26B} <C:\WINDOWS\system32\hdf453d.dll, N/A> [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation> [快捷工具条3.2] {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A> [Tencent Safety Online Base Module] {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\system32\TSOBase\TSOBase.ocx, Tencent Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.> [&使用超级旋风下载] <D:\Program Files\QQDownload\geturl.htm, N/A> [&使用超级旋风下载全部链接] <D:\Program Files\QQDownload\getAllurl.htm, N/A> [使用迅雷下载] <C:\Program Files\Thunder\Program\geturl.htm, N/A> [使用迅雷下载全部链接] <C:\Program Files\Thunder\Program\getallurl.htm, N/A> [导出到 Microsoft Office Excel(&X)] <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> [添加到QQ表情] <D:\Program Files\QQ2007\AddEmotion.htm, N/A>
边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:

边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:	发表于： 2008-06-27 17:13 \| 只看楼主短消息资料字号：小中大 5楼回复: SREng报告,请大家帮忙看看. ================================== 正在运行的进程 [PID: 452 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 516 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [PID: 540 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\akjsckaq.dll] [N/A, ] [C:\WINDOWS\system32\skqncbib.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\yzztkmsn.dll] [N/A, ] [C:\WINDOWS\system32\arjreler.dll] [N/A, ] [C:\WINDOWS\system32\akjsdkaq.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 756 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)] [PID: 768 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mfc40u.dll] [N/A, ] [PID: 928 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 972 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1072 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\6to4ex.dll] [Microsoft Corporation, 3, 6, 0, 0] [PID: 1268 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1388 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1752 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\akjsckaq.dll] [N/A, ] [C:\WINDOWS\system32\skqncbib.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\yzztkmsn.dll] [N/A, ] [C:\WINDOWS\system32\arjreler.dll] [N/A, ] [C:\WINDOWS\system32\akjsdkaq.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\HPBMMON.DLL] [Hewlett-Packard, 10.00.16] [C:\WINDOWS\system32\hpdomon.dll] [Hewlett-Packard, 03.42.00] [C:\WINDOWS\system32\HPBHealr.dll] [N/A, ] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint.DLL] [Zenographics, Inc., 5, 54, 330, 0] [C:\WINDOWS\system32\Imf32.dll] [Zenographics, Inc., 5, 60, 1204, 0] [C:\WINDOWS\system32\ZTAG32.dll] [Zenographics, Inc., 5, 60, 1210, 0] [C:\WINDOWS\system32\ZSPOOL.dll] [Zenographics, Inc., 5, 51, 709, 0] [PID: 1804 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\akjsckaq.dll] [N/A, ] [C:\WINDOWS\system32\skqncbib.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\yzztkmsn.dll] [N/A, ] [C:\WINDOWS\system32\arjreler.dll] [N/A, ] [C:\WINDOWS\system32\akjsdkaq.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\xcvaver0.dll] [N/A, ] [C:\WINDOWS\system32\mtewdh.dll] [N/A, ] [C:\WINDOWS\system32\mpmyfapi.dll] [N/A, ] [C:\WINDOWS\system32\zefdst.dll] [N/A, ] [C:\WINDOWS\system32\mndhfdwd.dll] [N/A, ] [C:\WINDOWS\system32\ptjhehlp.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\apzhbtde.dll] [N/A, ] [C:\WINDOWS\system32\apzhctde.dll] [N/A, ] [C:\WINDOWS\system32\wklsdd.dll] [N/A, ] [C:\WINDOWS\system32\mfdesy.dll] [N/A, ] [C:\WINDOWS\system32\sgrefg.dll] [N/A, ] [C:\WINDOWS\system32\zgrjdx.dll] [N/A, ] [C:\WINDOWS\system32\yxcschlp.dll] [N/A, ] [C:\WINDOWS\system32\jggtsr.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\oswxdttb.dll] [N/A, ] [C:\WINDOWS\system32\ozfyebyt.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\rijxbkin.dll] [N/A, ] [C:\WINDOWS\system32\tdggrz.dll] [N/A, ] [C:\WINDOWS\system32\sjhrdh.dll] [N/A, ] [C:\WINDOWS\system32\erxybloe.dll] [N/A, ] [C:\WINDOWS\system32\mpwdeapi.dll] [N/A, ] [C:\WINDOWS\system32\hdf453d.dll] [N/A, ] [C:\WINDOWS\system32\apsggjba.dll] [N/A, ] [C:\WINDOWS\system32\lassaplo.dll] [N/A, ] [C:\WINDOWS\system32\tysqbkol.dll] [N/A, ] [C:\WINDOWS\system32\pqzfajke.dll] [N/A, ] [C:\WINDOWS\system32\zptlcsys.dll] [N/A, ] [C:\WINDOWS\system32\hefcndy.dll] [N/A, ] [C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\rzysdhbx.dll] [N/A, ] [C:\WINDOWS\system32\juejwcx.dll] [N/A, ] [C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\anittio.dll] [N/A, ] [C:\WINDOWS\system32\yuibbct.dll] [N/A, ] [C:\WINDOWS\system32\hgeazpkc.dll] [N/A, ] [C:\WINDOWS\system32\oooooo.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\isndctio.dll] [N/A, ] [C:\WINDOWS\system32\nbnwewd.dll] [N/A, ] [C:\WINDOWS\system32\dndsioc.dll] [N/A, ] [C:\WINDOWS\system32\wrew2ds.dll] [N/A, ] [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll] [TENCENT, 5, 0, 3, 19] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17] [C:\WINDOWS\system32\xcvaver1.dll] [N/A, ] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [C:\Program Files\TENCENT\SSPlus\SAddr1.dll] [Tencent, 5, 0, 6, 26] [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 11] [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.2.9] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [PID: 2908 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\System32\wipicdec.dll] [N/A, ] [C:\WINDOWS\System32\dylddm.dll] [N/A, ] [C:\WINDOWS\System32\azuntv.dll] [N/A, ] [C:\WINDOWS\System32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\System32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\System32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\System32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\System32\zfsweq.dll] [N/A, ] [C:\WINDOWS\System32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\System32\twawbc.dll] [N/A, ] [C:\WINDOWS\System32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\System32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\System32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\System32\oqlvie.dll] [N/A, ] [C:\WINDOWS\System32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\System32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\System32\doftrm.dll] [N/A, ] [C:\WINDOWS\System32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\System32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\System32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\System32\lecdjj.dll] [N/A, ] [C:\WINDOWS\System32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\System32\tttttt.dll] [N/A, ] [C:\WINDOWS\System32\dddddd.dll] [N/A, ] [C:\WINDOWS\System32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\System32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\System32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\System32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\System32\llllll.dll] [N/A, ] [C:\WINDOWS\System32\pppppp.dll] [N/A, ] [C:\WINDOWS\System32\eeeeee.dll] [N/A, ] [C:\WINDOWS\System32\ffffff.dll] [N/A, ] [PID: 3664 / Administrator][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\oooooo.dll] [N/A, ] [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll] [TENCENT, 5, 0, 3, 19] [C:\WINDOWS\system32\mfdesy.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\mtewdh.dll] [N/A, ] [C:\WINDOWS\system32\sjhrdh.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\jggtsr.dll] [N/A, ] [C:\WINDOWS\system32\zgrjdx.dll] [N/A, ] [C:\WINDOWS\system32\sgrefg.dll] [N/A, ] [C:\WINDOWS\system32\wklsdd.dll] [N/A, ] [C:\WINDOWS\system32\zefdst.dll] [N/A, ] [C:\WINDOWS\system32\tdggrz.dll] [N/A, ]
边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:

边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:	发表于： 2008-06-27 17:14 \| 只看楼主短消息资料字号：小中大 6楼回复: SREng报告,请大家帮忙看看. [C:\WINDOWS\system32\xcvaver1.dll] [N/A, ] [PID: 3712 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\akjsckaq.dll] [N/A, ] [C:\WINDOWS\system32\skqncbib.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\yzztkmsn.dll] [N/A, ] [C:\WINDOWS\system32\arjreler.dll] [N/A, ] [C:\WINDOWS\system32\akjsdkaq.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\oooooo.dll] [N/A, ] [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll] [TENCENT, 5, 0, 3, 19] [C:\WINDOWS\system32\tdggrz.dll] [N/A, ] [C:\WINDOWS\system32\mfdesy.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\mtewdh.dll] [N/A, ] [C:\WINDOWS\system32\sjhrdh.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\jggtsr.dll] [N/A, ] [C:\WINDOWS\system32\zgrjdx.dll] [N/A, ] [C:\WINDOWS\system32\sgrefg.dll] [N/A, ] [C:\WINDOWS\system32\wklsdd.dll] [N/A, ] [C:\WINDOWS\system32\zefdst.dll] [N/A, ] [C:\WINDOWS\system32\xcvaver1.dll] [N/A, ] [PID: 3744 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\sqlservr.exe] [Microsoft Corporation, 2000.080.0760.00] [C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\OPENDS60.DLL] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\UMS.DLL] [Microsoft Corporation, 2000.080.0760.00] [C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\SQLSORT.DLL] [Microsoft Corporation, 2000.080.0760.00] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\akjsckaq.dll] [N/A, ] [C:\WINDOWS\system32\skqncbib.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\yzztkmsn.dll] [N/A, ] [C:\WINDOWS\system32\arjreler.dll] [N/A, ] [C:\WINDOWS\system32\akjsdkaq.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\oooooo.dll] [N/A, ] [C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\Resources\2052\sqlevn70.RLL] [Microsoft Corporation, 2000.080.0760.00] [C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\SSNETLIB.dll] [Microsoft Corporation, 2000.080.0766.00] [C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\SSNMPN70.dll] [Microsoft Corporation, 2000.080.0534.00] [C:\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\SSmsLPCn.dll] [Microsoft Corporation, 2000.080.0760.00] [PID: 4044 / Administrator][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe] [Microsoft Corporation, 2000.080.0760.00] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll] [Microsoft Corporation, 2000.080.0760.00] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll] [Microsoft Corporation, 2000.080.0760.00] [C:\WINDOWS\system32\odbcbcp.dll] [Microsoft Corporation, 2000.085.1117.00 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll] [Microsoft Corporation, 2000.080.0382.00] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\oooooo.dll] [N/A, ] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll] [TENCENT, 5, 0, 3, 19] [C:\WINDOWS\system32\mfdesy.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\mtewdh.dll] [N/A, ] [C:\WINDOWS\system32\tdggrz.dll] [N/A, ] [C:\WINDOWS\system32\sjhrdh.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\jggtsr.dll] [N/A, ] [C:\WINDOWS\system32\zgrjdx.dll] [N/A, ] [C:\WINDOWS\system32\sgrefg.dll] [N/A, ] [C:\WINDOWS\system32\wklsdd.dll] [N/A, ] [C:\WINDOWS\system32\zefdst.dll] [N/A, ] [C:\WINDOWS\system32\xcvaver1.dll] [N/A, ] [PID: 2752 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\akjsckaq.dll] [N/A, ] [C:\WINDOWS\system32\skqncbib.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\yzztkmsn.dll] [N/A, ] [C:\WINDOWS\system32\arjreler.dll] [N/A, ] [C:\WINDOWS\system32\akjsdkaq.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\oooooo.dll] [N/A, ] [PID: 5076 / Administrator][C:\QQDownload\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\SysDaJcHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wipicdec.dll] [N/A, ] [C:\WINDOWS\system32\dylddm.dll] [N/A, ] [C:\WINDOWS\system32\azuntv.dll] [N/A, ] [C:\WINDOWS\system32\wzyiwy.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio01.dll] [N/A, ] [C:\WINDOWS\system32\msosdrop00.dll] [N/A, ] [C:\WINDOWS\system32\zfsweq.dll] [N/A, ] [C:\WINDOWS\system32\fmsiocps.dll] [N/A, ] [C:\WINDOWS\system32\twawbc.dll] [N/A, ] [C:\WINDOWS\system32\ytewcxzsw.dll] [N/A, ] [C:\WINDOWS\system32\msoscqet00.dll] [N/A, ] [C:\WINDOWS\system32\msosfasq00.dll] [N/A, ] [C:\WINDOWS\system32\oqlvie.dll] [N/A, ] [C:\WINDOWS\system32\msosjtfo01.dll] [N/A, ] [C:\WINDOWS\system32\hhhhhh.dll] [N/A, ] [C:\WINDOWS\system32\doftrm.dll] [N/A, ] [C:\WINDOWS\system32\bbbbbb.dll] [N/A, ] [C:\WINDOWS\system32\ijtqzc.dll] [N/A, ] [C:\WINDOWS\system32\zzzzzz.dll] [N/A, ] [C:\WINDOWS\system32\lecdjj.dll] [N/A, ] [C:\WINDOWS\system32\wipxcdec.dll] [N/A, ] [C:\WINDOWS\system32\tttttt.dll] [N/A, ] [C:\WINDOWS\system32\dddddd.dll] [N/A, ] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\vvvvvv.dll] [N/A, ] [C:\WINDOWS\system32\rrrrrr.dll] [N/A, ] [C:\WINDOWS\system32\akjsckaq.dll] [N/A, ] [C:\WINDOWS\system32\skqncbib.dll] [N/A, ] [C:\WINDOWS\system32\nnnnnn.dll] [N/A, ] [C:\WINDOWS\system32\llllll.dll] [N/A, ] [C:\WINDOWS\system32\yzztkmsn.dll] [N/A, ] [C:\WINDOWS\system32\arjreler.dll] [N/A, ] [C:\WINDOWS\system32\akjsdkaq.dll] [N/A, ] [C:\WINDOWS\system32\pppppp.dll] [N/A, ] [C:\WINDOWS\system32\eeeeee.dll] [N/A, ] [C:\WINDOWS\system32\ffffff.dll] [N/A, ] [C:\WINDOWS\system32\oooooo.dll] [N/A, ] [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll] [TENCENT, 5, 0, 3, 19] [C:\WINDOWS\system32\xcvaver1.dll] [N/A, ] [C:\WINDOWS\system32\mfdesy.dll] [N/A, ] [C:\WINDOWS\system32\tdggrz.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\mtewdh.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\sgrefg.dll] [N/A, ] [C:\WINDOWS\system32\wklsdd.dll] [N/A, ] [C:\WINDOWS\system32\jggtsr.dll] [N/A, ] [C:\WINDOWS\system32\sjhrdh.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\zefdst.dll] [N/A, ] [C:\WINDOWS\system32\zgrjdx.dll] [N/A, ] [C:\QQDownload\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\WINDOWS\system32\wrew2ds.dll] [N/A, ] [C:\WINDOWS\system32\dndsioc.dll] [N/A, ] [C:\WINDOWS\system32\nbnwewd.dll] [N/A, ] [C:\WINDOWS\system32\isndctio.dll] [N/A, ] [C:\WINDOWS\system32\hgeazpkc.dll] [N/A, ] [C:\WINDOWS\system32\yuibbct.dll] [N/A, ] [C:\WINDOWS\system32\anittio.dll] [N/A, ] [C:\WINDOWS\system32\juejwcx.dll] [N/A, ] [C:\WINDOWS\system32\rzysdhbx.dll] [N/A, ] [C:\WINDOWS\system32\hefcndy.dll] [N/A, ] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 540, C:\WINDOWS\SYSTEM32\WINLOGON.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 4044, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 4044, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 1700, D:\PROGRAM FILES\QQDOWNLOAD\QQDOWNLOAD.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1700, D:\PROGRAM FILES\QQDOWNLOAD\QQDOWNLOAD.EXE] ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]
边城剑侠特邀体验者帖子:2127 注册: 2004-11-02 来自:

小九的寒飘泊而立狮帖子:556 注册: 2007-12-26 来自:安徽九城监狱	发表于： 2008-06-27 17:30 \| 短消息资料字号：小中大 7楼回复: SREng报告,请大家帮忙看看. 引用: 原帖由边城剑侠于 2008-6-27 17:14:00 发表 [C:\WINDOWS\system32\xcvaver1.dll] [N/A, ] [PID: 3712 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Sy...... 1.建议使用XDelBox删除以下文件(XDelBox1.7支持奥运版下载) 下载地址:www.dodudou.com) 使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。 c:\windows\system32\zptlcsys.dll c:\windows\system32\pqzfajke.dll c:\windows\system32\tysqbkol.dll c:\windows\system32\lassaplo.dll c:\windows\system32\akjsdkaq.dll c:\windows\system32\arjreler.dll c:\windows\system32\apsggjba.dll c:\windows\system32\yzztkmsn.dll c:\windows\system32\hdf453d.dll c:\windows\system32\mpwdeapi.dll c:\windows\system32\skqncbib.dll c:\windows\system32\erxybloe.dll c:\windows\system32\sjhrdh.dll c:\windows\system32\tdggrz.dll c:\windows\system32\akjsckaq.dll c:\windows\system32\rijxbkin.dll c:\windows\system32\fsrgeb.dll c:\windows\system32\ozfyebyt.dll c:\windows\system32\oswxdttb.dll c:\windows\system32\jdsaex.dll c:\windows\system32\jggtsr.dll c:\windows\system32\yxcschlp.dll c:\windows\system32\zgrjdx.dll c:\windows\system32\sgrefg.dll c:\windows\system32\mfdesy.dll c:\windows\system32\wklsdd.dll c:\windows\system32\apzhctde.dll c:\windows\system32\tisqatyu.dll c:\windows\system32\apzhbtde.dll c:\windows\system32\hhrdxd.dll c:\windows\system32\ptjhehlp.dll c:\windows\system32\mndhfdwd.dll c:\windows\system32\zefdst.dll c:\windows\system32\mpmyfapi.dll c:\windows\system32\mtewdh.dll c:\windows\system32\xcvaver1.dll c:\windows\wrew2ds.exe c:\windows\dndsioc.exe c:\windows\nbnwewd.exe c:\windows\isndctio.exe c:\windows\wipxcdec.exe c:\windows\hgeazpkc.exe c:\windows\yuibbct.exe c:\windows\anittio.exe c:\windows\juejwcx.exe c:\windows\gwsmhxuq.exe c:\windows\ytewcxzsw.exe c:\docume~1\admini~1\locals~1\temp\tmp3.tmp c:\docume~1\admini~1\locals~1\temp\tmp40.tmp c:\docume~1\admini~1\locals~1\temp\tmp21.tmp c:\docume~1\admini~1\locals~1\temp\tmpb.tmp c:\docume~1\admini~1\locals~1\temp\tmp1.tmp c:\docume~1\admini~1\locals~1\temp\tmp1.tmp c:\docume~1\admini~1\locals~1\temp\tmpf.tmp c:\docume~1\admini~1\locals~1\temp\tmp3c.tmp c:\docume~1\admini~1\locals~1\temp\tmp7.tmp c:\docume~1\admini~1\locals~1\temp\tmp38.tmp c:\docume~1\admini~1\locals~1\temp\tmpd.tmp c:\docume~1\admini~1\locals~1\temp\tmp9.tmp c:\docume~1\admini~1\locals~1\temp\tmp9.tmp c:\docume~1\admini~1\locals~1\temp\tmp35.tmp c:\docume~1\admini~1\locals~1\temp\~wxp2ins.625.tmp c:\docume~1\admini~1\locals~1\temp\~wxp2ins.390.tmp c:\docume~1\admini~1\locals~1\temp\~wxp2ins.46.tmp 2.删除重启后使用SREng修复下面各项：启动项目－－注册表之如下项删除： [{50940F85-F015-14F1-A05F-F69858AC6D05}] <C:\WINDOWS\system32\zptlcsys.dll> [{60A345CD-ABCD-EFAB-CDEF-ABCD01020306}] <C:\WINDOWS\system32\pqzfajke.dll> [{5D098345-6785-1098-5413-678067AE03D5}] <C:\WINDOWS\system32\tysqbkol.dll> [{2B69874A-C58C-458D-69F0-698F874E41B2}] <C:\WINDOWS\system32\lassaplo.dll> [{4A908760-8000-4000-A000-9000322145A4}] <C:\WINDOWS\system32\akjsdkaq.dll> [{7C69034A-F45F-D34D-A33A-C33C4D324FC7}] <C:\WINDOWS\system32\arjreler.dll> [{7FD45A54-9875-698F-E56E-65102358FDF7}] <C:\WINDOWS\system32\apsggjba.dll> [{B490415F-65F8-B5C5-D8BA-9405FB12054B}] <C:\WINDOWS\system32\yzztkmsn.dll> [{B629FF4F-ACDB-5C90-A098-FACB3456A26B}] <C:\WINDOWS\system32\hdf453d.dll> [{55694105-5108-9405-3695-954187462155}] <C:\WINDOWS\system32\mpwdeapi.dll> [{32023698-6984-8541-9654-698745012523}] <C:\WINDOWS\system32\skqncbib.dll> [{20909876-4567-3908-4056-909834565102}] <C:\WINDOWS\system32\erxybloe.dll> [{031B7024-4FC5-49B3-98EF-6B810FF12678}] <C:\WINDOWS\system32\sjhrdh.dll> [{4D165A2A-4BC1-4CA8-8299-08E05AAAB5A4}] <C:\WINDOWS\system32\tdggrz.dll> [{3A908760-8000-4000-A000-9000322145A3}] <C:\WINDOWS\system32\akjsckaq.dll> [{25FD6584-698F-BCD2-602C-698745210352}] <C:\WINDOWS\system32\rijxbkin.dll> [{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}] <C:\WINDOWS\system32\fsrgeb.dll> [{5A069845-2036-6084-9054-6087502480A5}] <C:\WINDOWS\system32\ozfyebyt.dll> [{43512378-9874-5641-1025-985420368734}] <C:\WINDOWS\system32\oswxdttb.dll> [{B29583D8-033A-4B9F-8553-7C5458F3FB8E}] <C:\WINDOWS\system32\jdsaex.dll> [{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}] <C:\WINDOWS\system32\jggtsr.dll> [{35671234-7890-ABCD-CDEF-567801237653}] <C:\WINDOWS\system32\yxcschlp.dll> [{45AADFAA-DD36-42AB-83AD-0521BBF58C24}] <C:\WINDOWS\system32\zgrjdx.dll> [{8C41B7F7-3168-400D-A702-0E7EFE0BA304}] <C:\WINDOWS\system32\sgrefg.dll> [{DC3D30AE-0380-4151-8934-EE98A34B0370}] <C:\WINDOWS\system32\mfdesy.dll> [{E8A3B193-77E3-4FB3-986D-F4FA4828BAFC}] <C:\WINDOWS\system32\wklsdd.dll> [{3D698451-2015-6358-9871-2015987452D3}] <C:\WINDOWS\system32\apzhctde.dll> [{18093456-9012-4568-9076-908765467181}] <C:\WINDOWS\system32\tisqatyu.dll> [{2D698451-2015-6358-9871-2015987452D2}] <C:\WINDOWS\system32\apzhbtde.dll> [{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}] <C:\WINDOWS\system32\hhrdxd.dll> [{528DF602-9541-A985-210A-984A698C6F25}] <C:\WINDOWS\system32\ptjhehlp.dll> [{6C648541-1025-9650-9057-6541258720C6}] <C:\WINDOWS\system32\mndhfdwd.dll> [{28EB3777-3E23-4E72-8449-A992D09D24C3}] <C:\WINDOWS\system32\zefdst.dll> [{6629FF4F-ACDB-5C90-A098-FACB3456A266}] <C:\WINDOWS\system32\mpmyfapi.dll> [{189F087F-4378-405F-85FA-37D955AD7A8C}] <C:\WINDOWS\system32\mtewdh.dll> [{C3D16072-2E1B-450B-B843-50EADDC8EB63}] <C:\WINDOWS\system32\xcvaver1.dll> [wrew2ds] <C:\WINDOWS\wrew2ds.exe> [dndsioc] <C:\WINDOWS\dndsioc.exe> [nbnwewd] <C:\WINDOWS\nbnwewd.exe> [isndctio] <C:\WINDOWS\isndctio.exe> [wipxcdec] <C:\WINDOWS\wipxcdec.exe> [hgeazpkc] <C:\WINDOWS\hgeazpkc.exe> [yuibbct] <C:\WINDOWS\yuibbct.exe> [anittio] <C:\WINDOWS\anittio.exE> [juejwcx] <C:\WINDOWS\juejwcx.exe> [igzwzslm] <C:\WINDOWS\gwsmhxuq.exe> [ytewcxzsw] <C:\WINDOWS\ytewcxzsw.exe> [hefcndy] <C:\WINDOWS\hefcndy.exe> [IFEO[adam.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[AgentSvr.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[AppSvc32.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[ati2evxx.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[autoruns.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[avconsol.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[avgrssvc.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[AvMonitor.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[avp.com]] <C:\WINDOWS\system32\svchost.exe> [IFEO[avp.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[ccSvcHst.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[egui.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[esafe.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[FileDsty.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[FTCleanerShell.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[HijackThis.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[IceSword.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[idag.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[Iparmor.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[isPwdSvc.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[kabaload.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[kaccore.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KaScrScn.SCR]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KASMain.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KASTask.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KAV32.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KAVDX.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KAVPF.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KAVPFW.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KAVSetup.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[kavsvc.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KAVsvcUI.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KISLnchr.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KMailMon.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KMFilter.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KPFW32.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[kpfwsvc.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KRegEx.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KRepair.com]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KsLoader.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KVCenter.kxp]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KvDetect.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KVFW.EXE]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KvfwMcl.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KVMonXP_1.kxp]] <C:\WINDOWS\system32\svchost.exe> [IFEO[kvol.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[kvolself.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KvReport.kxp]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KVScan.kxp]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KVStub.kxp]] <C:\WINDOWS\system32\svchost.exe> [IFEO[kvupload.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KVwsc.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KWatch9x.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[KWatchX.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[MagicSet.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[mcconsol.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[mmqczj.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[mmsk.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[navapsvc.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[Navapw32.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[nod32krn.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[NPFMntor.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[OllyDBG.EXE]] <C:\WINDOWS\system32\svchost.exe> [IFEO[OllyICE.EXE]] <C:\WINDOWS\system32\svchost.exe> [IFEO[PFW.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[PFWLiveUpdate.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[procexp.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[QHSET.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[qqsc.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[Ras.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[rav.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[ravstub.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[ravtimer.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[ravtool.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[RegClean.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[regtool.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[rfwmain.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[rfwproxy.exeFYFireWall.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[rfwsrv.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[rfwstub.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[rising.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[Rsaupd.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[runiep.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[safelive.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[scan32.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[shcfg32.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[SmartUp.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[SREng.EXE]] <C:\WINDOWS\system32\svchost.exe> [IFEO[symlcsvc.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[SysSafe.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[TrojanDetector.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[Trojanwall.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[TrojDie.kxp]] <C:\WINDOWS\system32\svchost.exe> [IFEO[UIHost.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[UmxAgent.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[UmxAttachment.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[UmxCfg.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[UmxFwHlp.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[UmxPol.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[UpLive.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[vsstat.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[webscanx.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[WinDbg.exe]] <C:\WINDOWS\system32\svchost.exe> [IFEO[WoptiClean.exe]] <C:\WINDOWS\system32\svchost.exe> 注意该项[AppInit_DLLs]修改：把<SysDaJcHv.dll,msosdohs01.dll,msosmnsf01.dll,wipicdec.dll,dylddm.dll,azuntv.dll,wzyiwy.dll,msosmhfp01.dll,msoscqit00.dll,msosjtio01.dll,nicozftp01.dll,msosdrop00.dll,zfsweq.dll,fmsiocps.dll,twawbc.dll,msosmhap01.dll,ytewcxzsw.dll,msoscqet00.dll,msosfasq00.dll,oqlvie.dll,msosjtfo01.dll,hhhhhh.dll,doftrm.dll,bbbbbb.dll,ijtqzc.dll,zzzzzz.dll,lecdjj.dll,wipxcdec.dll,msostuic01.dll,tttttt.dll,dddddd.dll,tisqatyu.dll,vvvvvv.dll,rrrrrr.dll,akjsckaq.dll,skqncbib.dll,nnnnnn.dll,llllll.dll,yzztkmsn.dll,arjreler.dll,akjsdkaq.dll,pppppp.dll,eeeeee.dll,ffffff.dll,oooooo.dll>修改为<>即清空启动项目－－服务－－ Win32服务应用程序之如下项删除： [Microsoft Audio Manager / 6to4] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\6to4ex.dll> 启动项目－－服务－－驱动程序之如下项删除： [zftp / zftp] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp3.tmp> [tuic / tuic] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp40.tmp> [ptfs / ptfs] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp21.tmp> [mnsf / mnsf] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB.tmp> [mhfp / mhfp] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp1.tmp> [mhap / mhap] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp1.tmp> [jtio / jtio] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpF.tmp> [jtfo / jtfo] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp3C.tmp> [fmsq / fmsq] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp7.tmp> [fasq / fasq] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp38.tmp> [drop / drop] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpD.tmp> [dohs / dohs] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp9.tmp> [cqit / cqit] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp9.tmp> [cqet / cqet] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp35.tmp> [Atixeve2906 / Atixeve2906] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.625.tmp> [Atixeve2531 / Atixeve2531] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.390.tmp> [Atixeve2203 / Atixeve2203] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.46.tmp> 系统修复－－　浏览器加载项之如下项删除： [] <C:\WINDOWS\system32\hdf453d.dll> [] <C:\WINDOWS\system32\yzztkmsn.dll> [] <C:\WINDOWS\system32\apsggjba.dll> [] <C:\WINDOWS\system32\arjreler.dll> [] <C:\WINDOWS\system32\mndhfdwd.dll> [] <C:\WINDOWS\system32\mpmyfapi.dll> [] <C:\WINDOWS\system32\pqzfajke.dll> [] <C:\WINDOWS\system32\tysqbkol.dll> [] <C:\WINDOWS\system32\ozfyebyt.dll> [] <C:\WINDOWS\system32\mpwdeapi.dll> [] <C:\WINDOWS\system32\ptjhehlp.dll> [] <C:\WINDOWS\system32\zptlcsys.dll> [] <C:\WINDOWS\system32\akjsdkaq.dll> [] <C:\WINDOWS\system32\oswxdttb.dll> [] <C:\WINDOWS\system32\apzhctde.dll> [] <C:\WINDOWS\system32\akjsckaq.dll> [] <C:\WINDOWS\system32\yxcschlp.dll> [] <C:\WINDOWS\system32\skqncbib.dll> [] <C:\WINDOWS\system32\apzhbtde.dll> [] <C:\WINDOWS\system32\lassaplo.dll> [] <C:\WINDOWS\system32\rijxbkin.dll> [] <C:\WINDOWS\system32\erxybloe.dll> [] <C:\WINDOWS\system32\tisqatyu.dll> [] <C:\WINDOWS\system32\hdf453d.dll> [] <C:\WINDOWS\system32\yzztkmsn.dll> [] <C:\WINDOWS\system32\apsggjba.dll> [] <C:\WINDOWS\system32\arjreler.dll> [] <C:\WINDOWS\system32\mndhfdwd.dll> [] <C:\WINDOWS\system32\mpmyfapi.dll> [] <C:\WINDOWS\system32\pqzfajke.dll> [] <C:\WINDOWS\system32\tysqbkol.dll> [] <C:\WINDOWS\system32\ozfyebyt.dll> [] <C:\WINDOWS\system32\mpwdeapi.dll> [] <C:\WINDOWS\system32\ptjhehlp.dll> [] <C:\WINDOWS\system32\zptlcsys.dll> [] <C:\WINDOWS\system32\akjsdkaq.dll> [] <C:\WINDOWS\system32\oswxdttb.dll> [] <C:\WINDOWS\system32\apzhctde.dll> [] <C:\WINDOWS\system32\akjsckaq.dll> [] <C:\WINDOWS\system32\yxcschlp.dll> [] <C:\WINDOWS\system32\skqncbib.dll> [] <C:\WINDOWS\system32\apzhbtde.dll> [] <C:\WINDOWS\system32\lassaplo.dll> [] <C:\WINDOWS\system32\rijxbkin.dll> [] <C:\WINDOWS\system32\erxybloe.dll> [] <C:\WINDOWS\system32\tisqatyu.dll> 注：为保证病毒被清理干净在使用这些工具之前务必要把网线给拨掉。再使用这些工具。一：QQkav病毒查杀小工具,这个工具可以查杀很多的病毒和木马，如果双击无法打开建议改名打开：例：123.exe. 123.com 打开QQkav工具点屏蔽清理/立即清理系统垃圾文件打开修复/系统修复/IFEO映像劫持重置hosts文件并保存修改下载地址： http://www.qqkav.com/qqkav/ 1：建议用windows清理助手清理一下系统。 windows清理助手下载页面：http://www.arswp.com/download.html 小九的寒最后编辑于 2008-06-27 17:31:10
小九的寒飘泊而立狮帖子:556 注册: 2007-12-26 来自:安徽九城监狱

DoctorLc 特邀体验者帖子:2994 注册: 2007-06-02 来自:	发表于： 2008-06-27 17:31 \| 短消息资料字号：小中大 8楼回复: SREng报告,请大家帮忙看看. 建议使用XDelBox删除以下文件复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入,重启删除 c:\windows\system32\msoscqet00.dll c:\windows\system32\msoscqit00.dll c:\windows\system32\msosdrop00.dll c:\windows\system32\msosfasq00.dll c:\windows\system32\msosjtfo01.dll c:\windows\system32\msosjtio01.dll c:\windows\system32\akjsckaq.dll c:\windows\system32\akjsdkaq.dll c:\windows\system32\arjreler.dll c:\windows\system32\azuntv.dll c:\windows\system32\bbbbbb.dll c:\windows\system32\dddddd.dll c:\windows\system32\doftrm.dll c:\windows\system32\dylddm.dll c:\windows\system32\eeeeee.dll c:\windows\system32\ffffff.dll c:\windows\system32\fmsiocps.dll c:\windows\system32\hhhhhh.dll c:\windows\system32\ijtqzc.dll c:\windows\system32\lecdjj.dll c:\windows\system32\llllll.dll c:\windows\system32\nnnnnn.dll c:\windows\system32\oqlvie.dll c:\windows\system32\pppppp.dll c:\windows\system32\rrrrrr.dll c:\windows\system32\skqncbib.dll c:\windows\system32\tisqatyu.dll c:\windows\system32\tttttt.dll c:\windows\system32\twawbc.dll c:\windows\system32\vvvvvv.dll c:\windows\system32\wipicdec.dll c:\windows\system32\wipxcdec.dll c:\windows\system32\wzyiwy.dll c:\windows\system32\ytewcxzsw.dll c:\windows\system32\yzztkmsn.dll c:\windows\system32\zfsweq.dll c:\windows\system32\zzzzzz.dll c:\windows\system32\anittio.dll c:\windows\system32\apsggjba.dll c:\windows\system32\apzhbtde.dll c:\windows\system32\apzhctde.dll c:\windows\system32\dndsioc.dll c:\windows\system32\erxybloe.dll c:\windows\system32\fsrgeb.dll c:\windows\system32\hdf453d.dll c:\windows\system32\hefcndy.dll c:\windows\system32\hgeazpkc.dll c:\windows\system32\hhrdxd.dll c:\windows\system32\isndctio.dll c:\windows\system32\jdsaex.dll c:\windows\system32\jggtsr.dll c:\windows\system32\juejwcx.dll c:\windows\system32\lassaplo.dll c:\windows\system32\mfdesy.dll c:\windows\system32\mndhfdwd.dll c:\windows\system32\mpmyfapi.dll c:\windows\system32\mpwdeapi.dll c:\windows\system32\mtewdh.dll c:\windows\system32\nbnwewd.dll c:\windows\system32\oooooo.dll c:\windows\system32\oswxdttb.dll c:\windows\system32\ozfyebyt.dll c:\windows\system32\pqzfajke.dll c:\windows\system32\ptjhehlp.dll c:\windows\system32\rijxbkin.dll c:\windows\system32\rzysdhbx.dll c:\windows\system32\sgrefg.dll c:\windows\system32\sjhrdh.dll c:\windows\system32\tdggrz.dll c:\windows\system32\tysqbkol.dll c:\windows\system32\wklsdd.dll c:\windows\system32\wrew2ds.dll c:\windows\system32\xcvaver0.dll c:\windows\system32\xcvaver1.dll c:\windows\system32\yuibbct.dll c:\windows\system32\yxcschlp.dll c:\windows\system32\zefdst.dll c:\windows\system32\zgrjdx.dll c:\windows\system32\zptlcsys.dll ; c:\windows\syscheck.exe c:\windows\wrew2ds.exe c:\windows\dndsioc.exe c:\windows\nbnwewd.exe c:\windows\isndctio.exe c:\windows\wipxcdec.exe c:\windows\hgeazpkc.exe c:\windows\yuibbct.exe c:\windows\anittio.exe c:\windows\juejwcx.exe c:\windows\gwsmhxuq.exe c:\windows\ytewcxzsw.exe c:\windows\hefcndy.exe %systemroot%\system32\dumprep 0 -k c:\docume~1\admini~1\locals~1\temp\tmp3.tmp c:\docume~1\admini~1\locals~1\temp\tmp40.tmp c:\windows\system32\drivers\secdrv.sys c:\docume~1\admini~1\locals~1\temp\tmp21.tmp c:\windows\system32\drivers\msosmsp2p32.sys c:\windows\system32\drivers\msosmsfpfis64.sys c:\docume~1\admini~1\locals~1\temp\tmpb.tmp c:\docume~1\admini~1\locals~1\temp\tmp1.tmp c:\docume~1\admini~1\locals~1\temp\tmp1.tmp c:\docume~1\admini~1\locals~1\temp\tmpf.tmp c:\docume~1\admini~1\locals~1\temp\tmp3c.tmp c:\docume~1\admini~1\locals~1\temp\tmp7.tmp c:\docume~1\admini~1\locals~1\temp\tmp38.tmp d:\downloads\m01\gameguard\dump_wmimmc.sys c:\docume~1\admini~1\locals~1\temp\tmpd.tmp c:\docume~1\admini~1\locals~1\temp\tmp9.tmp c:\docume~1\admini~1\locals~1\temp\tmp9.tmp c:\docume~1\admini~1\locals~1\temp\tmp35.tmp c:\docume~1\admini~1\locals~1\temp\~wxp2ins.625.tmp c:\docume~1\admini~1\locals~1\temp\~wxp2ins.390.tmp c:\docume~1\admini~1\locals~1\temp\~wxp2ins.46.tmp 2.删除重启后使用SREng修复下面各项：启动项目－－注册表之如下项删除： [KernelFailCheck] <; C:\WINDOWS\syscheck.exe> [{50940F85-F015-14F1-A05F-F69858AC6D05}] <C:\WINDOWS\system32\zptlcsys.dll> [{60A345CD-ABCD-EFAB-CDEF-ABCD01020306}] <C:\WINDOWS\system32\pqzfajke.dll> [{5D098345-6785-1098-5413-678067AE03D5}] <C:\WINDOWS\system32\tysqbkol.dll> [{2B69874A-C58C-458D-69F0-698F874E41B2}] <C:\WINDOWS\system32\lassaplo.dll> [{4A908760-8000-4000-A000-9000322145A4}] <C:\WINDOWS\system32\akjsdkaq.dll> [{7C69034A-F45F-D34D-A33A-C33C4D324FC7}] <C:\WINDOWS\system32\arjreler.dll> [{7FD45A54-9875-698F-E56E-65102358FDF7}] <C:\WINDOWS\system32\apsggjba.dll> [{B490415F-65F8-B5C5-D8BA-9405FB12054B}] <C:\WINDOWS\system32\yzztkmsn.dll> [{B629FF4F-ACDB-5C90-A098-FACB3456A26B}] <C:\WINDOWS\system32\hdf453d.dll> [{55694105-5108-9405-3695-954187462155}] <C:\WINDOWS\system32\mpwdeapi.dll> [{32023698-6984-8541-9654-698745012523}] <C:\WINDOWS\system32\skqncbib.dll> [{20909876-4567-3908-4056-909834565102}] <C:\WINDOWS\system32\erxybloe.dll> [{031B7024-4FC5-49B3-98EF-6B810FF12678}] <C:\WINDOWS\system32\sjhrdh.dll> [{4D165A2A-4BC1-4CA8-8299-08E05AAAB5A4}] <C:\WINDOWS\system32\tdggrz.dll> [{3A908760-8000-4000-A000-9000322145A3}] <C:\WINDOWS\system32\akjsckaq.dll> [{25FD6584-698F-BCD2-602C-698745210352}] <C:\WINDOWS\system32\rijxbkin.dll> [{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}] <C:\WINDOWS\system32\fsrgeb.dll> [{5A069845-2036-6084-9054-6087502480A5}] <C:\WINDOWS\system32\ozfyebyt.dll> [{43512378-9874-5641-1025-985420368734}] <C:\WINDOWS\system32\oswxdttb.dll> [{B29583D8-033A-4B9F-8553-7C5458F3FB8E}] <C:\WINDOWS\system32\jdsaex.dll> [{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}] <C:\WINDOWS\system32\jggtsr.dll> [{35671234-7890-ABCD-CDEF-567801237653}] <C:\WINDOWS\system32\yxcschlp.dll> [{45AADFAA-DD36-42AB-83AD-0521BBF58C24}] <C:\WINDOWS\system32\zgrjdx.dll> [{8C41B7F7-3168-400D-A702-0E7EFE0BA304}] <C:\WINDOWS\system32\sgrefg.dll> [{DC3D30AE-0380-4151-8934-EE98A34B0370}] <C:\WINDOWS\system32\mfdesy.dll> [{E8A3B193-77E3-4FB3-986D-F4FA4828BAFC}] <C:\WINDOWS\system32\wklsdd.dll> [{3D698451-2015-6358-9871-2015987452D3}] <C:\WINDOWS\system32\apzhctde.dll> [{18093456-9012-4568-9076-908765467181}] <C:\WINDOWS\system32\tisqatyu.dll> [{2D698451-2015-6358-9871-2015987452D2}] <C:\WINDOWS\system32\apzhbtde.dll> [{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}] <C:\WINDOWS\system32\hhrdxd.dll> [{528DF602-9541-A985-210A-984A698C6F25}] <C:\WINDOWS\system32\ptjhehlp.dll> [{6C648541-1025-9650-9057-6541258720C6}] <C:\WINDOWS\system32\mndhfdwd.dll> [{28EB3777-3E23-4E72-8449-A992D09D24C3}] <C:\WINDOWS\system32\zefdst.dll> [{6629FF4F-ACDB-5C90-A098-FACB3456A266}] <C:\WINDOWS\system32\mpmyfapi.dll> [{189F087F-4378-405F-85FA-37D955AD7A8C}] <C:\WINDOWS\system32\mtewdh.dll> [{C3D16072-2E1B-450B-B843-50EADDC8EB63}] <C:\WINDOWS\system32\xcvaver1.dll> [wrew2ds] <C:\WINDOWS\wrew2ds.exe> [dndsioc] <C:\WINDOWS\dndsioc.exe> [nbnwewd] <C:\WINDOWS\nbnwewd.exe> [isndctio] <C:\WINDOWS\isndctio.exe> [wipxcdec] <C:\WINDOWS\wipxcdec.exe> [hgeazpkc] <C:\WINDOWS\hgeazpkc.exe> [yuibbct] <C:\WINDOWS\yuibbct.exe> [anittio] <C:\WINDOWS\anittio.exE> [juejwcx] <C:\WINDOWS\juejwcx.exe> [igzwzslm] <C:\WINDOWS\gwsmhxuq.exe> [ytewcxzsw] <C:\WINDOWS\ytewcxzsw.exe> [hefcndy] <C:\WINDOWS\hefcndy.exe> [KernelFaultCheck] <%systemroot%\system32\dumprep 0 -k> 启动项目－－服务－－驱动程序之如下项删除： [zftp / zftp] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp3.tmp> [tuic / tuic] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp40.tmp> [Secdrv / Secdrv] <system32\DRIVERS\secdrv.sys> [ptfs / ptfs] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp21.tmp> [msp2p32 / msp2p32] <\??\C:\WINDOWS\system32\drivers\msosmsp2p32.sys> [msfpfis64 / msfpfis64] <\??\C:\WINDOWS\system32\drivers\msosmsfpfis64.sys> [mnsf / mnsf] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB.tmp> [mhfp / mhfp] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp1.tmp> [mhap / mhap] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp1.tmp> [jtio / jtio] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpF.tmp> [jtfo / jtfo] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp3C.tmp> [fmsq / fmsq] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp7.tmp> [fasq / fasq] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp38.tmp> [dump_wmimmc / dump_wmimmc] <\??\D:\Downloads\M01\GameGuard\dump_wmimmc.sys> [drop / drop] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpD.tmp> [dohs / dohs] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp9.tmp> [cqit / cqit] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp9.tmp> [cqet / cqet] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp35.tmp> [Atixeve2906 / Atixeve2906] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.625.tmp> [Atixeve2531 / Atixeve2531] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.390.tmp> [Atixeve2203 / Atixeve2203] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~wxp2ins.46.tmp> 系统修复－－　浏览器加载项之如下项删除： [] <C:\WINDOWS\system32\hdf453d.dll> [] <C:\WINDOWS\system32\yzztkmsn.dll> [] <C:\WINDOWS\system32\apsggjba.dll> [] <C:\WINDOWS\system32\arjreler.dll> [] <C:\WINDOWS\system32\mndhfdwd.dll> [] <C:\WINDOWS\system32\mpmyfapi.dll> [] <C:\WINDOWS\system32\pqzfajke.dll> [] <C:\WINDOWS\system32\tysqbkol.dll> [] <C:\WINDOWS\system32\ozfyebyt.dll> [] <C:\WINDOWS\system32\mpwdeapi.dll> [] <C:\WINDOWS\system32\ptjhehlp.dll> [] <C:\WINDOWS\system32\zptlcsys.dll> [] <C:\WINDOWS\system32\akjsdkaq.dll> [] <C:\WINDOWS\system32\oswxdttb.dll> [] <C:\WINDOWS\system32\apzhctde.dll> [] <C:\WINDOWS\system32\akjsckaq.dll> [] <C:\WINDOWS\system32\yxcschlp.dll> [] <C:\WINDOWS\system32\skqncbib.dll> [] <C:\WINDOWS\system32\apzhbtde.dll> [] <C:\WINDOWS\system32\lassaplo.dll> [] <C:\WINDOWS\system32\rijxbkin.dll> [] <C:\WINDOWS\system32\erxybloe.dll> [] <C:\WINDOWS\system32\tisqatyu.dll> [] <C:\WINDOWS\system32\hdf453d.dll> [] <C:\WINDOWS\system32\yzztkmsn.dll> [] <C:\WINDOWS\system32\apsggjba.dll> [] <C:\WINDOWS\system32\arjreler.dll> [] <C:\WINDOWS\system32\mndhfdwd.dll> [] <C:\WINDOWS\system32\mpmyfapi.dll> [] <C:\WINDOWS\system32\pqzfajke.dll> [] <C:\WINDOWS\system32\tysqbkol.dll> [] <C:\WINDOWS\system32\ozfyebyt.dll> [] <C:\WINDOWS\system32\mpwdeapi.dll> [] <C:\WINDOWS\system32\ptjhehlp.dll> [] <C:\WINDOWS\system32\zptlcsys.dll> [] <C:\WINDOWS\system32\akjsdkaq.dll> [] <C:\WINDOWS\system32\oswxdttb.dll> [] <C:\WINDOWS\system32\apzhctde.dll> [] <C:\WINDOWS\system32\akjsckaq.dll> [] <C:\WINDOWS\system32\yxcschlp.dll> [] <C:\WINDOWS\system32\skqncbib.dll> [] <C:\WINDOWS\system32\apzhbtde.dll> [] <C:\WINDOWS\system32\lassaplo.dll> [] <C:\WINDOWS\system32\rijxbkin.dll> [] <C:\WINDOWS\system32\erxybloe.dll> [] <C:\WINDOWS\system32\tisqatyu.dll>
DoctorLc 特邀体验者帖子:2994 注册: 2007-06-02 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT