瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

1   1  /  1  页   跳转

[求助] 电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

收藏
简单方
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2009-06-19
  • 来自:
发表于: 2009-06-19 15:55 | 只看楼主 短消息 资料
字号: 1楼

电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

hj扫描结果
ogfile of HijackThis v1.99.1
Scan saved at 15:58:44, on 2009-6-19
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\锐捷网络\Ruijie Supplicant\SuService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Kingsoft\Kingsoft Internet Security\KPfwSvc.EXE
C:\Program Files\Kingsoft\Kingsoft Internet Security\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kingsoft\Kingsoft Internet Security\KISSvc.EXE
C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailMon.EXE
C:\WINDOWS\system32\conime.exe
C:\Program Files\TheWorld 3\TheWorld.exe
C:\Program Files\TheWorld 3\TheWorld.exe
C:\Program Files\锐捷网络\Ruijie Supplicant\8021x.exe
E:\TDDOWNLOAD\HijackThis.exe
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - E:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - E:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360\360Safe\safemon\safemon.dll
O2 - BHO: kingsoft browser shield - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} - C:\Program Files\Kingsoft\Kingsoft Internet Security\KASBrowserShield.DLL
O4 - HKLM\..\Run: [KavStart] "C:\Program Files\Kingsoft\Kingsoft Internet Security\KAVStart.exe" -startup
O4 - HKLM\..\Run: [360Safetray] C:\Program Files\360\360Safe\safemon\360tray.exe /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KavPFW] "C:\Program Files\Kingsoft\Kingsoft Internet Security\kpfw32.exe" -startup
O8 - Extra context menu item: 使用迅雷下载 - E:\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - E:\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\Bin\AddEmotion.htm
O9 - Extra button: 金山网页防挂马模块设置 - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} - C:\Program Files\Kingsoft\Kingsoft Internet Security\IEBuddyExt.DLL
O9 - Extra 'Tools' menuitem: 金山网页防挂马模块设置 - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} - C:\Program Files\Kingsoft\Kingsoft Internet Security\IEBuddyExt.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kingsoft Basic Service (kaccore) - Kingsoft Corporation - C:\Program Files\Kingsoft\KAC\Service\kaccore.exe
O23 - Service: Kingsoft Internet Security Common Service (KISSvc) - Kingsoft Corporation - C:\Program Files\Kingsoft\Kingsoft Internet Security\KISSvc.EXE
O23 - Service: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\Program Files\Kingsoft\Kingsoft Internet Security\KPfwSvc.EXE
O23 - Service: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - C:\Program Files\Kingsoft\Kingsoft Internet Security\KWatch.EXE
O23 - Service: Supplicant Service (SuService) - tendychen - C:\Program Files\锐捷网络\Ruijie Supplicant\SuService.exe

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TheWorld)
分享到:
gototop
 
新箱子
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2009-06-19
  • 来自:
发表于: 2009-06-19 16:44 | 短消息 资料
字号: 2楼

回复:电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

请楼主使用SREng扫描系统。
gototop
 
简单方
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2009-06-19
  • 来自:
发表于: 2009-06-19 19:49 | 只看楼主 短消息 资料
字号: 3楼

回复: 电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <KavPFW><"C:\Program Files\Kingsoft\Kingsoft Internet Security\KPFW32.EXE" -startup>  [(Verified)"Zhuhai  Kingsoft Software Co.,Ltd"]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <360Safetray><C:\Program Files\360\360Safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security\KAVStart.exe" -startup>  [(Verified)"Zhuhai  Kingsoft Software Co.,Ltd"]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><c:\windows\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr>  [(Verified)Microsoft Windows Component Publisher]
gototop
 
简单方
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2009-06-19
  • 来自:
发表于: 2009-06-19 19:53 | 只看楼主 短消息 资料
字号: 4楼

回复: 电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

启动文件夹
N/A

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Basic Service / kaccore][Running/Manual Start]
  <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"><Kingsoft Corporation>
[Kingsoft Internet Security Common Service / KISSvc][Running/Auto Start]
  <C:\Program Files\Kingsoft\Kingsoft Internet Security\KISSvc.EXE><Kingsoft Corporation>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
  <"C:\Program Files\Kingsoft\Kingsoft Internet Security\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <"C:\Program Files\Kingsoft\Kingsoft Internet Security\KWatch.EXE"><Kingsoft Corporation>
[Supplicant Service / SuService][Running/Auto Start]
  <C:\Program Files\锐捷网络\Ruijie Supplicant\SuService.exe><tendychen>

==================================
驱动程序
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start]
  <system32\drivers\es1371mp.sys><Creative Technology Ltd.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Intel AHCI Controller / iaStor7][Running/Boot Start]
  <\SystemRoot\system32\drivers\iastor7.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[KAVBase / KAVBase][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[KNetWch / KNetWch][Running/System Start]
  <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KWatch3.sys><Kingsoft Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[PCASp50 NDIS Protocol Driver / PCASp50][Running/Manual Start]
  <System32\Drivers\PCASp50.sys><Printing Communications Assoc., Inc. (PCAUSA)>
[AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start]
  <system32\DRIVERS\pcntpci5.sys><AMD Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SiS191/SiS190 Ethernet Device NDIS 5.1 Driver / SiSGbeXP][Running/Manual Start]
  <system32\DRIVERS\SiSGbeXP.sys><Silicon Integrated Systems Corp.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <E:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.CN>
[kingsoft browser shield]
  {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security\KASBrowserShield.DLL, (Signed) Kingsoft Corporation>
[IEBuddyExtControl Class]
  {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security\IEBuddyExt.DLL, (Signed) Kingsoft Corporation>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <E:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[IEBuddyExtControl Class]
  {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security\IEBuddyExt.DLL, (Signed) Kingsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <E:\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, 深圳市迅雷网络技术有限公司>
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <E:\Thunder Network\Thunder\Components\InMedia\MediaAddin.dll, (Signed) Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360\360Safe\live.dll, (Signed) 360.cn>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {95B3F550-91C4-4627-BCC4-521288C52977} <, >
[OFrameObject Class]
  {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5902.179.(102).dll, N/A>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>
[]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, >
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.CN>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[kingsoft browser shield]
  {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security\KASBrowserShield.DLL, (Signed) Kingsoft Corporation>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <, >
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[使用迅雷下载]
  <E:\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <E:\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\Bin\AddEmotion.htm, N/A>
gototop
 
简单方
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2009-06-19
  • 来自:
发表于: 2009-06-19 19:55 | 只看楼主 短消息 资料
字号: 5楼

回复: 电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

==================================
正在运行的进程
[PID: 688 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 752 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 784 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4176]
[PID: 828 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 840 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1012 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4188]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2513]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2527]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1028 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1100 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1132 / SYSTEM][C:\Program Files\锐捷网络\Ruijie Supplicant\SuService.exe]  [tendychen, 1, 0, 0, 1]
[PID: 1236 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1416 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1468 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1548 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4188]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2513]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2527]
    [C:\WINDOWS\system32\ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4176]
[PID: 1864 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1916 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1012]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\ktaskbar.dll]  [Kingsoft Corporation, 2009,03,11,790]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5.0.8.179]
    [E:\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 22]
    [E:\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
    [E:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.2.6.179]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.6041.0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KAVEXT.DLL]  [Kingsoft Corporation, 2008,07,09,459]
[PID: 740 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 664 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2980 / SYSTEM][C:\Program Files\锐捷网络\Ruijie Supplicant\8021x.exe]  [锐捷网络, 3, 50, 0, 0]
    [C:\Program Files\锐捷网络\Ruijie Supplicant\W32N55.dll]  [Printing Communications Assoc., Inc. (PCAUSA), 5.5.18.05]
    [C:\Program Files\锐捷网络\Ruijie Supplicant\ArpGuard.dll]  [锐捷网络, 1, 2, 0, 2]
    [C:\Program Files\锐捷网络\Ruijie Supplicant\Vz_API.dll]  [锐捷网络, 1, 2, 0, 2]
    [C:\Program Files\锐捷网络\Ruijie Supplicant\Vd_API.dll]  [锐捷网络, 1, 1, 0, 1]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\EXRGPA~1.OCX]  [锐捷网络, 1, 2, 1, 2]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\HIDetect.dll]  [锐捷网络, 1, 5, 0, 1]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\Vy_API.dll]  [锐捷网络, 1, 2, 0, 1]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\WuClientAPI.dll]  [锐捷网络, 1.2.0.2]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\Vx_API.dll]  [锐捷网络, 1, 1, 0, 2]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\VirusDefenderCheck.dll]  [, 1, 3, 0, 1]
    [C:\Program Files\锐捷网络\Ruijie Supplicant\GetKVInfo.dll]  [Jiangmin Co., Ltd., 1, 0, 8, 905]
[PID: 2212 / Administrator][C:\Program Files\TTPlayer\TTPlayer.exe]  [Alen Soft, 5, 1, 0, 0]
    [C:\Program Files\TTPlayer\ttpcomm.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1012]
    [C:\Program Files\TTPlayer\ttpres.dll]  [Alen Soft, 5, 1, 0, 0]
    [C:\Program Files\TTPlayer\msdmo.dll]  [Microsoft Corporation, 6.03.01.0400]
    [C:\Program Files\TTPlayer\AddIn\ttp_lrcsh.dll]  [N/A, ]
[PID: 3792 / Administrator][C:\Program Files\TheWorld 3\TheWorld.exe]  [Phoenix Studio, 3, 0, 2, 8]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1012]
    [C:\PROGRA~1\THEWOR~1\Extensions\ExtAddons\ExtAddons.dll]  [Phoenix Studio, 1, 0, 1, 1]
    [C:\PROGRA~1\THEWOR~1\Extensions\ExtAdfilter\ExtAdfilter.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\THEWOR~1\Extensions\ExtDownload\ExtDownload.dll]  [Phoenix Studio, 1, 0, 1, 0]
    [C:\PROGRA~1\THEWOR~1\Extensions\ExtMinibar\ExtMinibar.dll]  [Phoenix Studio, 1, 0, 0, 9]
    [C:\PROGRA~1\THEWOR~1\Extensions\ExtPages\ExtPages.dll]  [Phoenix Studio, 1, 0, 1, 0]
[PID: 3216 / Administrator][C:\Program Files\TheWorld 3\TheWorld.exe]  [Phoenix Studio, 3, 0, 2, 8]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1012]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KASBrowserShield.DLL]  [Kingsoft Corporation, 2009,04,13,824]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\IEBuddy.dll]  [Kingsoft Corporation, 2009,05,14,886]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\IEBuddyExt.DLL]  [Kingsoft Corporation, 2008,12,12,694]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KANTray.dll]  [Kingsoft Corporation, 2008,06,26,421]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KAVAFish.DLL]  [Kingsoft Corporation, 2008,06,26,421]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kisfree.dll]  [Kingsoft Corporation, 2009,05,26,901]
    [C:\PROGRA~1\THEWOR~1\Extensions\ExtAdfilter\ExtAdfilter.dll]  [, 1, 0, 0, 6]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx]  [Adobe Systems, Inc., 10,0,12,36]
[PID: 1256 / Administrator][E:\TDDOWNLOAD\srend\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 616 / Administrator][E:\TDDOWNLOAD\srend\SRE7f32c210.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1012]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [E:\TDDOWNLOAD\srend\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[PID: 2768 / NETWORK SERVICE][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
==================================
文件关联
.TXT  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [C:\WINDOWS\hh.exe %1]
.HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1                    3929.cn
127.0.0.1                    aaa.369678.cn
127.0.0.1                    about-blank.cc
127.0.0.1                    anjdyazj.cn
127.0.0.1                    caiyi8.com
127.0.0.1                    hao.allxun.com
127.0.0.1                    kzxf.com
127.0.0.1                    scvip.com
127.0.0.1                    vod.mmdy.org
127.0.0.1                    www.123wa.com
127.0.0.1                    www.369678.cn
127.0.0.1                    www.3929.cn
127.0.0.1                    www.4199.com
127.0.0.1                    www.71791.com
127.0.0.1                    www.7939.com
127.0.0.1                    www.9505.com
127.0.0.1                    www.anjdyazj.cn
127.0.0.1                    www.caiyi8.com
127.0.0.1                    www.feixue.net
127.0.0.1                    www.kzxf.com
127.0.0.1                    www.my123.com
127.0.0.1                    www.piaoxue.com
127.0.0.1                    www.scvip.com
127.0.0.1                    www.xfkz.com
127.0.0.1                    xfkz.com
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1012, C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1548, C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2980, C:\PROGRAM FILES\锐捷网络\RUIJIE SUPPLICANT\8021X.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2212, C:\PROGRAM FILES\TTPLAYER\TTPLAYER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1256, E:\TDDOWNLOAD\SREND\SRENGLDR.EXE]
==================================
计划任务
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

[/CODE]
gototop
 
快点猪悦
头像
初生襁褓狮
  • 帖子:21
  • 注册: 2009-06-18
  • 来自:
发表于: 2009-06-19 20:00 | 短消息 资料
字号: 6楼

回复: 电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

是绿色的广告么?电信的?
gototop
 
简单方
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2009-06-19
  • 来自:
发表于: 2009-06-20 08:44 | 只看楼主 短消息 资料
字号: 7楼

回复:电脑老是自动弹出广告 !360 kaka都查不出有什么病毒 怎么办?

不是 我用的是校园网啊
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT