1   1  /  1  页   跳转

[求助] 我中毒了吗?

我中毒了吗?

刚才无意点开一个叫龙虎网的网站,卡巴斯基立刻报木马,先提示说:"已拒绝"最后又提示:"无法删除木马,找不到文件"

附上才扫描出来的SReng日志,麻烦高手帮看看,不胜感激~~~我的HOST文件里用超级兔子屏蔽了一些木马病毒网址,呵呵


  2010-01-25,20:01:07
System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <H/PC Connection Agent><"C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE">  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Super Rabbit SRRestore><D:\Program Files\Super Rabbit\MagicSet\srrest.exe /autosave>  [Super Rabbit Soft]
    <Adobe Reader Speed Launcher><"D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe">  [(Verified)Adobe Systems, Incorporated]
    <AVP><"E:\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe">  [(Verified)Kaspersky Lab]
    <360Safetray><"D:\Program Files\360\360safe\safemon\360tray.exe" /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><E:\KASPER~1\KASPER~1\mzvkbd.dll,E:\KASPER~1\KASPER~1\mzvkbd3.dll,E:\KASPER~1\KASPER~1\adialhk.dll,E:\KASPER~1\KASPER~1\kloehk.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
    <UPnPMonitor><C:\WINDOWS\system32\upnpui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\aetsprov]
    <N/A><C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\aetsprov.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\日本之~1.SCR>  [Acme Photo Software]
==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\Tencent\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Kaspersky Internet Security / AVP][Running/Auto Start]
  <"E:\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r><Kaspersky Lab>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[C-DillaSrv / C-DillaSrv][Running/Auto Start]
  <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[HID Input Service / HidServ][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ICBC Daemon Service / ICBC Daemon Service][Stopped/Auto Start]
  <D:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe><N/A>
[Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start]
  <d:\Program Files\Maxthon2\Modules\MxKWS\KSWebShield.exe><Kingsoft Corporation>
[主动防御 / ZhuDongFangYu][Running/Auto Start]
  <"D:\Program Files\360\360safe\deepscan\zhudongfangyu.exe"><360.cn>
==================================
驱动程序
[360AntiARP / 360AntiARP][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\360AntiARP.sys><360安全中心>
[360SelfProtection / 360SelfProtection][Running/System Start]
  <system32\drivers\360SelfProtection.sys><360安全中心>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Adaptec USB2-Xchange Firmware Installer / ADPUSBLD][Stopped/Manual Start]
  <System32\Drivers\Adpusbld.sys><Adaptec, Inc.>
[Adaptec USB2-Xchange Mass Storage Driver / ADPUSBMS][Stopped/Manual Start]
  <System32\Drivers\Adpusbst.sys><Adaptec, Inc.>
[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
  <System32\drivers\amdk8.sys><Advanced Micro Devices>
[BFSDRV / BFSDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\bfsdrv.sys><360安全中心>
[BREGDRV / BREGDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\bregdrv.sys><360安全中心>
[CdaC15BA / CdaC15BA][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[corega FEtherII PCC-TXD LAN Card / CO2DPCX5][Stopped/Manual Start]
  <system32\DRIVERS\CO2DPCX5.sys><corega K.K.>
[d347bus / d347bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt][Running/Boot Start]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
  <system32\DRIVERS\DKbFltr.sys><Dritek System Inc.>
[Yamaha DS1 Audio Driver (WDM) / ds1][Running/Manual Start]
  <system32\drivers\ds1wdm.sys><Yamaha Corp.>
[EfiSystemMon / EfiMon][Running/System Start]
  <System32\Drivers\Efimon.sys><奇虎网>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FExxxIS][Stopped/Manual Start]
  <system32\DRIVERS\fexxx5.sys><VIA Technologies, Inc.>
[%FLASHREADER.SvcDesc% / FLASHREADER][Stopped/Manual Start]
  <System32\Drivers\causb.sys><>
[usb Card Device / ft2kEnum][Running/Manual Start]
  <system32\DRIVERS\ic2kenum.sys><OEM Corporation>
[USB Chip Holder Service / GDBaseSmc][Running/Manual Start]
  <system32\DRIVERS\Chip_smc.sys><OEM>
[HookPort / HookPort][Running/Boot Start]
  <\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[Kaspersky Lab Boot Guard Driver / klbg][Running/Boot Start]
  <\SystemRoot\system32\drivers\klbg.sys><Kaspersky Lab>
[Kaspersky Lab KLFltDev / KLFLTDEV][Running/Manual Start]
  <system32\DRIVERS\klfltdev.sys><Kaspersky Lab>
[Kaspersky Lab Driver / KLIF][Running/System Start]
  <system32\DRIVERS\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Toshiba FIR Port Type-DO / OBOE][Running/Manual Start]
  <system32\DRIVERS\tos4mo.sys><TOSHIBA Corporation>
[DDK PACKET Protocol / Packet][Running/System Start]
  <system32\DRIVERS\ProtoDrv.sys><360安全中心>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Quantum DeepScanner Servers / quxxxserv][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\quxxxrv.sys><360.cn>
[qutmipc / qutmipc][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\qutmipc.sys><360安全中心>
[SmartCard Reader Device  / Reader_Device][Running/Manual Start]
  <system32\DRIVERS\usbic2k.sys><OEM>
[Feitian ROCKEY4 Device Service / ROCKEYNT][Running/Manual Start]
  <system32\DRIVERS\Rockey4.sys><Feitian Technologies Co., Ltd.>
[Gigabyte RT2500 Wireless Driver / RT2500][Running/Manual Start]
  <system32\DRIVERS\RT2500.sys><Ralink Technology Inc.>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys><360安全中心>
[%SAUSBHW.SvcDesc% / SAUSBHW][Stopped/Auto Start]
  <System32\Drivers\sausb.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[sparrow / sparrow][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Tridkb / Tridkb][Running/Manual Start]
  <system32\DRIVERS\tridkbm.sys><Trident Microsystems Inc.>
==================================


用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
分享到:
gototop
 

回复:我中毒了吗?

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\Program Files\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[IE to GetRight Helper]
  {31FF080D-12A3-439A-A2EF-4BA95A3148E8} <d:\Program Files\GetRight\xx2gr.dll, (Signed) Headlight Software, Inc.>
[IEVkbdBHO Class]
  {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <E:\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll, (Signed) Kaspersky Lab>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360\360safe\safemon\safemon.dll, (Signed) 360.CN>
[ICBC Anti-Phishing class]
  {BB4491A2-D11A-4c6b-91C0-B53246A3122B} <D:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <d:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[Web 流量保护状态]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <E:\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll, (Signed) Kaspersky Lab>
[@xpsp3res.dll,-20001]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[]
  {F2C63239-A5DB-487B-B283-4132351E7AB6} <, >
[]
  {00000055-9980-0010-8000-00AA00389B71} <, >
[Office Genuine Advantage Validation Tool]
  {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.DLL, (Signed) >
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[Microsoft Genuine Advantage Self Support Tool]
  {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} <C:\WINDOWS\system32\SelfHelpControl.DLL, (Signed) Microsoft Corporation>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[Office Update Installation Engine]
  {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Office Genuine Advantage Validation Tool]
  {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.DLL, (Signed) >
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\Program Files\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[InfosecCertInstall Class]
  {0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\WINDOWS\system32\certInStall.dll, >
[IFlashGetNetscapeEx Class]
  {116BA71C-8187-4F15-9A1F-C9D6289155D1} <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\FlashGetHook.dll, (Signed) Trend Media Group>
[Fade]
  {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <E:\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[Microsoft Genuine Advantage Self Support Tool]
  {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} <C:\WINDOWS\system32\SelfHelpControl.DLL, (Signed) Microsoft Corporation>
[]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[PowerPlr Control]
  {2354A44B-3CEB-4829-9940-545B03103538} <d:\PROGRA~1\Powerise\REAL2A~1\PowerPlr.ocx, (Signed) 创智数码科技股份有限公司>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[JetCarNetscape Class]
  {2974c985-8151-4de5-b23c-b875f0a8522f} <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\FlashGetHook.dll, (Signed) Trend Media Group>
[]
  {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <, >
[]
  {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <, >
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[IE to GetRight Helper]
  {31FF080D-12A3-439A-A2EF-4BA95A3148E8} <d:\Program Files\GetRight\xx2gr.dll, (Signed) Headlight Software, Inc.>
[GDGetTokenInfo Class]
  {3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\system32\GDREAD~1.DLL, >
[]
  {4063BE15-3B08-470D-A0D5-B37161CFFD69} <, >
[Microsoft Office Control]
  {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <D:\PROGRA~1\MICROS~1\OFFICE11\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[IE2EMUrlTaker Class]
  {48618374-565F-4CA0-B8CD-6F496C997FAF} <D:\Program Files\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[IEVkbdBHO Class]
  {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <E:\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll, (Signed) Kaspersky Lab>
[CAntiVersion Object]
  {5EFE0AA6-B28B-41BD-9B3C-02AA3F79EA9A} <D:\Program Files\ICBCEbankTools\ICBCAntiPhishing\AntiPhishingVer.dll, (Signed) 中国工商银行>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, ShenZhen Thunder Networking Technologies,LTD>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <d:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[]
  {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[]
  {83B80A9C-D91A-4F22-8DCF-EA7204039F79} <, >
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\Program Files\360\360safe\Safelive.dll, (Signed) >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[SSOForPTLogin Class]
  {8FC1EE75-72B3-4A23-B987-2B1C4C8A611B} <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll, (Signed) Tencent>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[OFrameObject Class]
  {9701758C-4373-482E-B13C-776C048EC890} <, >
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>
[]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, >
[FlashGetBHO]
  {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0} <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\FlashGetBHO3.dll, (Signed) Trend Media Group>
[InfoSecICBCNetSign Class]
  {B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\system32\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <, >
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360\360safe\safemon\safemon.dll, (Signed) 360.CN>
[ICBC Anti-Phishing class]
  {BB4491A2-D11A-4C6B-91C0-B53246A3122B} <D:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[OWSClientMiscApis Class]
  {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <D:\PROGRA~1\MICROS~1\OFFICE11\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OWSBrowserUI Class]
  {BDEADE43-C265-11D0-BCED-00A0C90AB50F} <D:\PROGRA~1\MICROS~1\OFFICE11\OWSCLT.DLL, (Signed) Microsoft Corporation>
[]
  {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} <, >
[Office Update Installation Engine]
  {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx, (Signed) Adobe Systems, Inc.>
[]
  {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <, >
[Microsoft Silverlight]
  {DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll, (Signed)  Microsoft Corporation>
[]
  {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC1~1.DLL, (Signed) Microsoft Corporation>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[RevealTrans]
  {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[AxUSBKey Class]
  {E4BFF825-2E50-4BCC-8497-6EFDFB6C9B3D} <C:\WINDOWS\system32\ICBCUS~1.DLL, 北京信安世纪公司>
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <E:\Tencent\QQ\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Scripting.Dictionary]
  {EE09B103-97E0-11CF-978F-00A02463E06F} <C:\WINDOWS\system32\scrrun.dll, (Signed) Microsoft Corporation>
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, >
["添加到卡巴斯基反广告"]
  <E:\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm, N/A>
[Download with GetRight Pro]
  <d:\Program Files\GetRight\GRdownload.htm, N/A>
[Open with GetRight Pro Browser]
  <d:\Program Files\GetRight\GRbrowse.htm, N/A>
[使用快车3下载]
  <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\GetUrl.htm, N/A>
[使用快车3下载全部链接]
  <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\GetAllUrl.htm, N/A>
[使用电驴下载]
  <D:\Program Files\easyMule\IE2EM.htm, N/A>
[使用迅雷下载]
  <D:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
gototop
 

回复:我中毒了吗?

==================================
正在运行的进程
[PID: 748 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 808 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 832 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 876 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 888 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 1036 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 1132 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 1188 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 1320 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 1360 / SYSTEM][D:\Program Files\360\360safe\deepscan\zhudongfangyu.exe]  [360.cn, 3, 2, 0, 1001]
    [D:\Program Files\360\360safe\deepscan\CloudCom2.dll]  [360.cn, 3, 2, 0, 2001]
    [D:\Program Files\360\360safe\SoftMgr\360SoftMgrS.dll]  [奇虎网, 2, 1, 5, 1010]
    [D:\Program Files\360\360safe\deepscan\heavygate.dll]  [360安全中心, 3, 6, 11, 0]
    [D:\Program Files\360\360safe\deepscan\qutmload.dll]  [360.cn, 6, 2, 0, 1006]
[PID: 1644 / SYSTEM][d:\Program Files\Maxthon2\Modules\MxKWS\KSWebShield.exe]  [Kingsoft Corporation, 2010,01,19,849]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kwssp.dll]  [Kingsoft Corporation, 2010,01,19,849]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kwsui.dll]  [Kingsoft Corporation, 2010,01,19,849]
[PID: 1656 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 1720 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 216 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 268 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.020]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 288 / SYSTEM][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE]  [C-Dilla Ltd, 3.25.010]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 2040 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 3372 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kwsui.dll]  [Kingsoft Corporation, 2010,01,19,849]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kswebshield.dll]  [Kingsoft Corporation, 2010,01,19,849]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [D:\Program Files\360\360safe\safemon\safemon.dll]  [360.CN, 5, 1, 0, 1003]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [d:\Program Files\GetRight\xx2gr.dll]  [Headlight Software, Inc., 6.3a]
    [D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 9.1.0.2009022700]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [, ]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  [WinZip Computing, S.L., 4.1 (32-bit)]
    [d:\Program Files\WinRAR\rarext.dll]  [, ]
    [E:\Kaspersky Lab\Kaspersky Internet Security 2009\ShellEx.dll]  [Kaspersky Lab, 8.0.0.454]
    [d:\program files\real\converter\RCAPlugins\rpshellextension.dll]  [RealConverter, 1.0.0.982]
    [d:\Program Files\IDM Computer Solutions\UltraEdit-32\ue32ctmn.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Real\rpshell.dll]  [RealNetworks, Inc., 1.0.2.446]
    [D:\Program Files\Real\lang\rpext_cn.dll]  [RealNetworks, Inc., 12.0.0.0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 1616 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kwsui.dll]  [Kingsoft Corporation, 2010,01,19,849]
    [D:\Program Files\360\360safe\safemon\safemon.dll]  [360.CN, 5, 1, 0, 1003]
[PID: 1884 / Administrator][C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE]  [Microsoft Corporation, 3.8.0.5004]
    [C:\WINDOWS\system32\CEUTIL.dll]  [Microsoft Corporation, 3.8.0.5004]
    [C:\WINDOWS\system32\RAPI.dll]  [Microsoft Corporation, 3.8.0.5004]
    [C:\Program Files\Microsoft ActiveSync\TCP2UDP.dll]  [Microsoft Corporation, 3.8.0.5004]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kwsui.dll]  [Kingsoft Corporation, 2010,01,19,849]
[PID: 1576 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
[PID: 3808 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16981 (vista_gdr.091215-2244)]
    [E:\KASPER~1\KASPER~1\mzvkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\mzvkbd3.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\KASPER~1\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.454]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\360\360safe\safemon\safemon.dll]  [360.CN, 5, 1, 0, 1003]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kwsui.dll]  [Kingsoft Corporation, 2010,01,19,849]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kswebshield.dll]  [Kingsoft Corporation, 2010,01,19,849]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kswbc.dll]  [Kingsoft Corporation, 2010,01,19,849]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\easyMule\modules\IE2EM.dll]  [VeryCD.com, 1.0.0.1]
    [d:\Program Files\GetRight\xx2gr.dll]  [Headlight Software, Inc., 6.3a]
    [E:\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll]  [Kaspersky Lab, 8.0.0.454]
    [D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [D:\Program Files\360\360safe\safemon\websafeui.dll]  [, 1, 0, 0, 1001]
    [D:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll]  [中国工商银行, 1.0.6.29]
    [C:\WINDOWS\system32\aetsprov.dll]  [A.E.T. Europe B.V., 2.3.0.9]
    [D:\Program Files\360\360safe\safemon\urlproc.dll]  [360.CN, 1, 0, 0, 1006]
    [E:\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll]  [Kaspersky Lab, 8.0.0.454]
    [E:\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl]  [Kaspersky Lab, 8.0.0.454]
    [e:\kaspersky lab\kaspersky internet security 2009\params.ppl]  [Kaspersky Lab, 8.0.0.454]
    [e:\kaspersky lab\kaspersky internet security 2009\pxstub.ppl]  [Kaspersky Lab, 8.0.0.454]
    [e:\kaspersky lab\kaspersky internet security 2009\tempfile.ppl]  [Kaspersky Lab, 8.0.0.454]
    [D:\Program Files\ICBCEbankTools\ICBCAntiPhishing\KeyMonitor.dll]  [N/A, ]
    [e:\kaspersky lab\kaspersky internet security 2009\nfio.ppl]  [Kaspersky Lab, 8.0.0.476]
    [e:\kaspersky lab\kaspersky internet security 2009\fsdrvplg.ppl]  [Kaspersky Lab, 8.0.0.454]
    [e:\kaspersky lab\kaspersky internet security 2009\fssync.dll]  [Kaspersky Lab, 8.0.5.476]
    [e:\kaspersky lab\kaspersky internet security 2009\basegui.ppl]  [Kaspersky Lab, 8.0.0.454]
    [e:\kaspersky lab\kaspersky internet security 2009\thpimpl.ppl]  [Kaspersky Lab, 8.0.0.454]
    [e:\kaspersky lab\kaspersky internet security 2009\winreg.ppl]  [Kaspersky Lab, 8.0.0.454]
    [C:\WINDOWS\system32\GEIME.IME]  [GE-SOFT, 1, 0, 0, 18]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [, ]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 9.1.0.2009022700]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 2896 / Administrator][D:\Program Files\System Repair Engineer日志专业扫描\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
[PID: 2948 / Administrator][D:\Program Files\System Repair Engineer日志专业扫描\SRE5adef2a7.EXE]  [Smallfrogs Studio, 2.8.2.1321]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\360\360safe\safemon\safemon.dll]  [360.CN, 5, 1, 0, 1003]
    [d:\Program Files\Maxthon2\Modules\MxKWS\kwsui.dll]  [Kingsoft Corporation, 2010,01,19,849]
    [D:\Program Files\System Repair Engineer日志专业扫描\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\aetsprov.dll]  [A.E.T. Europe B.V., 2.3.0.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
gototop
 

回复:我中毒了吗?

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1                    localhost
127.0.0.1                    008.cn
127.0.0.1                    ultimate-best-hgh.0my.net
127.0.0.1                    www.139500.com
127.0.0.1                    www.1yin.net
127.0.0.1                    2qq.cn
127.0.0.1                    www.37021.com
127.0.0.1                    www.47555.net
127.0.0.1                    www.511ring.com
127.0.0.1                    me.5e163.com
127.0.0.1                    www.777888.com
127.0.0.1                    www.77ttt.com
127.0.0.1                    www.9p.cn
127.0.0.1                    abcdesign.ru
127.0.0.1                    gutemine.wu-wien.ac.at
127.0.0.1                    math.kobe-u.ac.jp
127.0.0.1                    www.aifind.info
127.0.0.1                    www.allyes.com
127.0.0.1                    www.aogo.net
127.0.0.1                    baltnet.ru
127.0.0.1                    quotes.barchart.com
127.0.0.1                    free.bestialityhost.com
127.0.0.1                    cctv1.net
127.0.0.1                    cctv8.net
127.0.0.1                    www.cctv8.net
127.0.0.1                    ciachoo.pl
127.0.0.1                    www.play.cn.gs
127.0.0.1                    www.cnqb.net
127.0.0.1                    www.feixue.net
127.0.0.1                    www.xiliao.com.cn
127.0.0.1                    alexey.pioneers.com.ru
127.0.0.1                    www.coolcdrom.com
127.0.0.1                    www.coolseach.com
127.0.0.1                    puldk490gj.da.ru
127.0.0.1                    dicto.ru
127.0.0.1                    www.dj3344.com
127.0.0.1                    www.donttrip.org
127.0.0.1                    www.ehomeday.com
127.0.0.1                    elemental.ru
127.0.0.1                    errorguard.com
127.0.0.1                    friendlygreeting.com
127.0.0.1                    zhp.gdynia.pl
127.0.0.1                    www.gg888.net
127.0.0.1                    gin.ru
127.0.0.1                    www.girlchinese.com
127.0.0.1                    glass-master.ru
127.0.0.1                    photo.gornet.ru
127.0.0.1                    relay.great.ru
127.0.0.1                    hack-gegen-rechts.com
127.0.0.1                    hgrstrailer.com
127.0.0.1                    www.homepage.com
127.0.0.1                    hotbar.com
127.0.0.1                    intellect.lvc
127.0.0.1                    interfoodtd.ru
127.0.0.1                    jewishgen.org
127.0.0.1                    www.jixian.net
127.0.0.1                    k2kapital.com
127.0.0.1                    security.kolla.de
127.0.0.1                    www.kuliao.com
127.0.0.1                    laugh-mail.net
127.0.0.1                    7b.com.cn
127.0.0.1                    9505.com
127.0.0.1                    www.piaoxue.com
127.0.0.1                    marketscore.com
127.0.0.1                    www.mir0.com
127.0.0.1                    momentum.ru
127.0.0.1                    www.mtv51.com
127.0.0.1                    www.mydj2005.com
127.0.0.1                    nefkom.net
127.0.0.1                    no-abi2003.de
127.0.0.1                    tdi-router.opola.pl
127.0.0.1                    packages.debian.or.jp
127.0.0.1                    perfectgirls.net
127.0.0.1                    peterstar.ru
127.0.0.1                    pgipearls.com
127.0.0.1                    phg.pl
127.0.0.1                    vip.pnet.pl
127.0.0.1                    sec.polbox.pl
127.0.0.1                    polobeer.de
127.0.0.1                    xxxo-mania.net
127.0.0.1                    home.profootball.ru
127.0.0.1                    qianbai.com
127.0.0.1                    ad.qingyule.com
127.0.0.1                    www.qq168.net
127.0.0.1                    www.qq3344.com
127.0.0.1                    www.qq92.com
127.0.0.1                    www.qqwz.com
127.0.0.1                    www.qu123.com
127.0.0.1                    republika.pl
127.0.0.1                    www.richfind.com
127.0.0.1                    rollenspielzirkel.de
127.0.0.1                    safer-networking.org
127.0.0.1                    sdsauto.ru
127.0.0.1                    www.searchpage.cc
127.0.0.1                    www.seekeasysoft.net
127.0.0.1                    shadkhan.ru
127.0.0.1                    slavarik.ru
127.0.0.1                    sovea.de
127.0.0.1                    spybot.info
127.0.0.1                    www.start-page.info
127.0.0.1                    lars-s.privat.t-online.de
127.0.0.1                    u.t2cn.com
127.0.0.1                    www.7939.com
127.0.0.1                    www.4199.com
127.0.0.1                    www.3448.com
127.0.0.1                    www.6781.com
127.0.0.1                    it.trendmicro-europe.com
127.0.0.1                    trendmicro.it
127.0.0.1                    truefriends.net
127.0.0.1                    www.tthao.com
127.0.0.1                    www.ttrx.net
127.0.0.1                    tuhart.net
127.0.0.1                    www.unionsky.cn
127.0.0.1                    www.unionsky.com
127.0.0.1                    www.unionsky.net
127.0.0.1                    vconsole.net
127.0.0.1                    virtumonde.com
127.0.0.1                    gamma.vyborg.ru
127.0.0.1                    financial.washingtonpost.com
127.0.0.1                    webpark.pl
127.0.0.1                    wishken.com
127.0.0.1                    www.yeapple.com
127.0.0.1                    www.yibinren.com
127.0.0.1                    www.youmiss.com
127.0.0.1                    www.yysky.net
127.0.0.1                    zelnet.ru
127.0.0.1                    www.zhengdian.com
127.0.0.1                    abc.265.com
127.0.0.1                    555.265.com
127.0.0.1                    www.baidu345.com
127.0.0.1                    www.37ss.com
127.0.0.1                    my123.com

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 832, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1884, C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\WCESCOMM.EXE]

==================================
计划任务
N/A

==================================
Windows 安全更新检查
KB940157,  用于 Windows XP 的 Windows 搜索 4.0 (KB940157)
KB949810,  Office 正版增值计划通知 (KB949810)-CHS
KB905474,  Windows Genuine Advantage 通知 (KB905474)
KB909520,  Microsoft 基本智能卡加密服务提供程序包: x86 (KB909520)
KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 和 .NET Framework 3.5 Family Update (KB951847) x86
KB971657,  Windows XP 安全更新程序 (KB971657) MS09-041
KB947319,  Microsoft Office Web Components 安全更新 (KB947319) MS09-043
KB944036,  用于 Windows XP 的 Internet Explorer 8
KB953297,  用于 Windows 2000、Windows XP、Windows Vista、Windows Server 2008、Windows 7 和 Windows Server 2008 R2 的 Microsoft .NET Framework 1.1 Service Pack 1 安全更新程序 (KB953297) MS09-061
KB974554,  Microsoft Office 2003 安全更新 (KB974554) MS09-060
KB973705,  Microsoft Office Outlook 2003 安全更新 (KB973705) MS09-060
KB973687,  Windows XP 更新程序 (KB973687)
KB976098,  Windows XP 更新程序 (KB976098)
KB931125,  根证书更新 [2009 年 11 月] (KB931125)
KB970430,  Windows XP 更新程序 (KB970430)
KB971737,  Windows XP 更新程序 (KB971737)
KB955759,  Windows XP 更新程序 (KB955759)
KB973904,  Windows XP 安全更新程序 (KB973904) MS09-073
KB977840,  Outlook 2003 垃圾邮件筛选器更新 (KB977840)
KB978551,  Microsoft Office 2003 更新 (KB978551)
KB973688,  Microsoft XML Core Services 4.0 Service Pack 2 更新程序 (KB973688)
KB971513,  Windows XP 更新程序 (KB971513)
KB890830,  Windows 恶意软件删除工具 - 2010 年 1 月 (KB890830)
KB979202,  Microsoft Silverlight 更新 (KB979202)

==================================
API HOOK
N/A

==================================
隐藏进程
gototop
 

回复:我中毒了吗?

c:\windows\system32\drivers\cdac11ba.exe
c:\windows\system32\drivers\cdantsrv.exe
用卡巴检查下这两个文件,没事就没事
日志没毛病

建议清理下浏览器加载项

    系统修复-- HOSTS文件--重置
HOSTS防毒..基本不靠谱


有了卡巴的主防,360的可以关了,机子不卡?
gototop
 

回复: 我中毒了吗?



引用:
原帖由 夲號ヱ被ジ盜 于 2010-1-25 22:43:00 发表
c:\windows\system32\drivers\cdac11ba.exe
c:\windows\system32\drivers\cdantsrv.exe
用卡巴检查下这两个文件,没事就没事
日志没毛病

建议清理下浏览器加载项

    系统修复-- HOSTS文件--重置
HOST......


  刚才我用卡巴查了那两个文件,没毒哦~~~我卡巴和360同时都开,感觉还行,呵呵
gototop
 

回复:我中毒了吗?

可能是误报
gototop
 

回复:我中毒了吗?

因该是,杀毒软件应该没错~~~~~~
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT