瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 请帮我看下电脑是不是种毒了.[已解决]

1   1  /  1  页   跳转

[求助] 请帮我看下电脑是不是种毒了.[已解决]

请帮我看下电脑是不是种毒了.[已解决]

CODE]
2009-09-13,16:30:15
System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <KavPFW><"C:\Program Files\Kingsoft\Kingsoft Internet Security\kpfw32.exe" -startup>  [(Verified)"Zhuhai  Kingsoft Software Co.,Ltd"]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Component Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <LiveUpdate_uiServier><C:\Program Files\Lenovo\LiveUpdate\UiServer.exe>  []
    <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HP Software Update><D:\Program Files\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co.]
    <SkDaemond><C:\Program Files\联想\联想标准键盘驱动\SkDaemond.exe>  []
    <360Safebox><"C:\Program Files\360\360safebox\safeboxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security\KAVStart.exe" -startup>  [(Verified)"Zhuhai  Kingsoft Software Co.,Ltd"]
    <SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )
最后编辑特攻队2 最后编辑于 2009-09-15 07:50:04
分享到:
gototop
 

回复:请帮我看下电脑是不是种毒了.

<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <C:\Program Files\Ringz Studio\Storm Codec\stormliv.exe /asservice><北京暴风网际科技有限公司>
[HD_CertService / HD_CertService][Running/Auto Start]
  <C:\Program Files\95599 Certificate Tools\CIDC\HD_CertService.exe><>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
  <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Kingsoft Basic Service / kaccore][Running/Manual Start]
  <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"><Kingsoft Corporation>
[Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start]
  <C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\KSWebShield.exe><Kingsoft Corporation>
[Kingsoft Internet Security Common Service / KISSvc][Running/Auto Start]
  <C:\Program Files\Kingsoft\Kingsoft Internet Security\KISSvc.EXE><Kingsoft Corporation>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
  <"C:\Program Files\Kingsoft\Kingsoft Internet Security\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <"C:\Program Files\Kingsoft\Kingsoft Internet Security\KWatch.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus XEngine Service / KxEServ][Running/Auto Start]
  <C:\Program Files\Common Files\Kingsoft\CommonService\kxeserv.exe><Kingsoft Corporation>
[lenovo live update / Lenovo Upgrade Service.bis.release][Running/Auto Start]
  <C:\Program Files\lenovo\LiveUpdate\liveupdate.exe><新思软件技术有限公司>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[system privilege agent / sysagent][Running/Auto Start]
  <C:\WINDOWS\system32\sysagent.exe><lenovo>
gototop
 

回复:请帮我看下电脑是不是种毒了.

驱动程序
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
  <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AE Audio Service / AEAudio][Running/Manual Start]
  <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[CdaC15BA / CdaC15BA][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[SEMC USB Flash Driver Filter / ggflt][Stopped/Manual Start]
  <system32\DRIVERS\ggflt.sys><Sony Ericsson Mobile Communications>
[SEMC USB Flash Driver / ggsemc][Stopped/Manual Start]
  <system32\DRIVERS\ggsemc.sys><Sony Ericsson Mobile Communications>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[KAVAPIM / KAVAPIM][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\kavapim.sys><Kingsoft Corporation>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVFM / KAVFM][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\kavfm.sys><Kingsoft Corporation>
[KAVPM / KAVPM][Running/Boot Start]
  <\SystemRoot\system32\drivers\kavpm.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[KAVUTY / KAVUTY][Running/Boot Start]
  <\SystemRoot\system32\drivers\kavuty.sys><Kingsoft Corporation>
[KNetWch / KNetWch][Running/System Start]
  <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KWatch3.sys><Kingsoft Corporation>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Protector / Protector][Running/System Start]
  <system32\drivers\Protector.sys><N/A>
[ProtectorA / ProtectorA][Running/System Start]
  <system32\drivers\ProtectorA.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心>
[sc / sc][Stopped/Manual Start]
  <\??\C:\Documents and Settings\Owner\Local Settings\Temp\sc.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SenFilt Service / SenFiltService][Running/Manual Start]
  <system32\drivers\Senfilt.sys><Sensaura>
[播放机恢复设备控制驱动程序 / StMp3Rec][Stopped/Manual Start]
  <System32\Drivers\StMp3Rec.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[videX32 / videX32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\videX32.sys><VIA Technologies, Inc.>
[VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
gototop
 

回复:请帮我看下电脑是不是种毒了.

浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[BOC ProcessProtect Class]
  {776B71E2-B4CC-4C94-BC7C-09103AA690B6} <ProcessProtection.dll, www.ISRA.org.cn>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Java Plug-in 1.6.0_15]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[联想]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[Uploader Control]
  {654921BB-4DEA-41C7-BA97-9A1A5CDA9C72} <C:\WINDOWS\system32\Uploader.ocx, 网易(杭州)网络有限公司>
[IE Class]
  {8819C261-5B61-4628-908C-9BE795EABEC3} <C:\WINDOWS\DOWNLO~1\NewProc.dll, >
[Java Plug-in 1.6.0_15]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[PicUploadCtrl Class]
  {BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} <C:\WINDOWS\Downloaded Program Files\PPUpload.dll, (Signed) PP.Sohu.com Inc.>
[Java Plug-in 1.6.0_03]
  {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_15]
  {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_15]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_15.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[PhotoUploadCtrlMini Control]
  {D9306BD1-2325-4C28-8632-B02330C1BB02} <C:\WINDOWS\system32\PHOTOU~1.OCX, 广州网易互动娱乐有限公司>
[QPicControl Control]
  {E4CF9B52-A94E-4A27-AD90-904A81D0643A} <C:\WINDOWS\system32\QPic\qpic.ocx, tencent>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <, >
[]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <, >
[]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[]
  {55302805-482E-470E-8A57-6795A1487F90} <, >
[WangWangX Class]
  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <D:\Program Files\Alisoft\WangWang\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, >
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\system32\NetSign.dll, Infosec Technologies Co., Ltd.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[BOC ProcessProtect Class]
  {776B71E2-B4CC-4C94-BC7C-09103AA690B6} <ProcessProtection.dll, www.ISRA.org.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\qq\Bin\AddEmotion.htm, N/A>
gototop
 

回复:请帮我看下电脑是不是种毒了.

正在运行的进程
[PID: 440 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)]
[PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 956 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1460 / Owner][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\ktaskbar.dll]  [Kingsoft Corporation, 2009,08,03,993]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9381]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9381]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,06,15,929]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
[PID: 1556 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\hpzll3xu.dll]  [Hewlett-Packard Company, 60.051.641.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp3xu.dll]  [Hewlett-Packard Corporation, 60.051.641.00]
[PID: 1820 / Owner][C:\Program Files\Lenovo\LiveUpdate\UiServer.exe]  [N/A, ]
    [C:\Program Files\Lenovo\LiveUpdate\GdiImage.dll]  [N/A, ]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 1828 / Owner][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 6,0,6000,81]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 6, 0, 6000, 002]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 1836 / Owner][D:\Program Files\HP Software Update\HPWuSchd2.exe]  [Hewlett-Packard Co., 53.0.13.000]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 1844 / Owner][C:\Program Files\联想\联想标准键盘驱动\SkDaemond.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\联想\联想标准键盘驱动\SKHooks.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\联想\联想标准键盘驱动\SKUtil.DLL]  [Silitek Corp., 1, 0, 8, 0]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 1920 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1940 / Owner][C:\Program Files\Java\jre6\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.150.3]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 1952 / Owner][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 136 / SYSTEM][C:\WINDOWS\system32\netdde.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 464 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.020]
[PID: 484 / SYSTEM][C:\Program Files\Ringz Studio\Storm Codec\stormliv.exe]  [北京暴风网际科技有限公司, 3, 9, 3, 28]
    [C:\Program Files\Ringz Studio\Storm Codec\bfoptdll.dll]  [北京暴风网际科技有限公司, 3, 8, 7, 16]
    [C:\Program Files\Ringz Studio\Storm Codec\config.dll]  [北京暴风网际科技有限公司, 3, 9, 5, 18]
[PID: 500 / SYSTEM][C:\Program Files\95599 Certificate Tools\CIDC\HD_CertService.exe]  [, 1, 0, 0, 4]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 580 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe]  [Sun Microsystems, Inc., 6.0.150.3]
    [C:\Program Files\Java\jre6\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 748 / Owner][C:\Program Files\95599 Certificate Tools\CIDC\RegCertTool.exe]  [CIDC, 1, 0, 0, 12]
    [C:\WINDOWS\system32\HDIFD20B.dll]  [CIDC., 1, 0, 17, 29]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,06,15,929]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 868 / SYSTEM][C:\Program Files\lenovo\LiveUpdate\liveupdate.exe]  [新思软件技术有限公司, 3, 2, 5, 21]
    [C:\Program Files\lenovo\LiveUpdate\HttpLink.dll]  [新思软件技术有限公司, 3, 2, 4, 7]
    [C:\Program Files\lenovo\LiveUpdate\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\lenovo\LiveUpdate\GdiImage.dll]  [N/A, ]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 996 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9381]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 1192 / SYSTEM][C:\WINDOWS\system32\sysagent.exe]  [lenovo, 1, 1, 0, 0]
[PID: 2484 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2960 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2284 / Owner][C:\WINDOWS\system32\conime.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,06,15,929]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
[PID: 3336 / Owner][D:\Program Files\Alisoft\WangWang\AliIM.exe]  [Alibaba software (Shanghai) Corporation., 1, 0, 0, 1]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [D:\Program Files\Alisoft\WangWang\RvCore.DLL]  [Alisoft (Shanghai) Co., Ltd., 1.0.0.73]
    [D:\Program Files\Alisoft\WangWang\alilog.dll]  [Copyright 2009 阿里软件(上海)有限公司., 1, 0, 0,44]
    [D:\Program Files\Alisoft\WangWang\log4cpp.dll]  [Bastiaan Bakker, LifeLine Networks bv. 阿里软件(上海)有限公司., 0, 3, 2,41]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,06,15,929]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
    [D:\Program Files\Alisoft\WangWang\uicontrols\UiBrowser.dll]  [TODO: <公司名>, 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\GUIBase.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,73]
    [D:\Program Files\Alisoft\WangWang\wwutils.DLL]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\pcre.dll]  [N/A, ]
    [D:\Program Files\Alisoft\WangWang\LIBEAY32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]
    [D:\Program Files\Alisoft\WangWang\wwparams.dll]  [N/A, ]
    [D:\Program Files\Alisoft\WangWang\uicontrols\WWUIUnits.dll]  [N/A, ]
    [D:\Program Files\Alisoft\WangWang\uicontrols\rvnw.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,73]
    [D:\Program Files\Alisoft\WangWang\uicontrols\rvwindow.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,71]
    [D:\Program Files\Alisoft\WangWang\UpdateAssist.dll]  [N/A, ]
    [D:\Program Files\Alisoft\WangWang\xparam.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,73]
    [D:\Program Files\Alisoft\WangWang\imbiz.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\protocol.dll]  [N/A, ]
    [D:\Program Files\Alisoft\WangWang\imnet.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\GUICore.dll]  [Alisoft (Shanghai) Co., Ltd., 1.0.0.73]
    [D:\Program Files\Alisoft\WangWang\WWApplication.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\wwsdk.dll]  [Alibaba software (Shanghai) Corporation., 3.1.0.0]
    [D:\Program Files\Alisoft\WangWang\imdb.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\rvcomlib.dll]  [Alisoft (Shanghai) Co., Ltd., 1.0.0.73]
    [D:\Program Files\Alisoft\WangWang\wwsdkcom.dll]  [Alibaba software (Shanghai) Corporation., 3.1.0.0]
    [D:\Program Files\Alisoft\WangWang\SDKDB.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [C:\WINDOWS\system32\aliedit\aliedit.dll]  [, 2, 2, 0, 1]
    [D:\Program Files\Alisoft\WangWang\SysNotify.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\alinet.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,73]
    [D:\Program Files\Alisoft\WangWang\Useful_services.dll]  [TODO: <公司名>, 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\P2S_service.dll]  [TODO: <公司名>, 1.0.0.1]
    [D:\Program Files\Alisoft\WangWang\ww_network2.dll]  [Alibaba software (Shanghai)
gototop
 

回复:请帮我看下电脑是不是种毒了.

Corporation., 2, 1, 0, 7]
    [D:\Program Files\Alisoft\WangWang\filetransbiz.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.4]
    [D:\Program Files\Alisoft\WangWang\P2PBiz.dll]  [Alibaba software (Shanghai) Corporation., 1, 0, 0, 1]
    [D:\Program Files\Alisoft\WangWang\plugins\8001\YahooEmail.dll]  [N/A, ]
    [D:\Program Files\Alisoft\WangWang\plugins\8003\GraffitiGUI.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.0]
    [D:\Program Files\Alisoft\WangWang\zlibwapi.dll]  [, 1.2.1.0]
    [D:\Program Files\Alisoft\WangWang\plugins\17411\WWKWPlugin.dll]  [酷我科技, 1.0.0.1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
[PID: 3424 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)]
[PID: 544 / Owner][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,06,15,929]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\KSWBC.dll]  [Kingsoft Corporation, 2009,07,01,132]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kwsui.dll]  [Kingsoft Corporation, 2009,07,29,138]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [C:\WINDOWS\system32\ProcessProtection.dll]  [www.ISRA.org.cn, 1, 2, 2, 5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
[PID: 2844 / Owner][C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.063\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
[PID: 2912 / Owner][C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.063\SREd31ba1b5.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL]  [Kingsoft Corporation, 2009,02,13,759]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll]  [Kingsoft Corporation, 2009,06,15,929]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll]  [Kingsoft Corporation, 2009,08,24,140]
    [C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.063\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A
gototop
 

回复:请帮我看下电脑是不是种毒了.

你就不能把它当附件传上来吗
gototop
 

回复:请帮我看下电脑是不是种毒了.

正常吧
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT