求助，被7333.5009.cn劫持 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛求助，被7333.5009.cn劫持

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

求助，被7333.5009.cn劫持

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:19 \| 显示全部短消息资料字号：小中大 1楼求助，被7333.5009.cn劫持下了瑞星卡卡上网安全助手，查不出来，每次开机启动之后，主页都被自动修改成7333.5009.cn,上的网是www.9505.com网络导航，下了专杀工具，重新启动之后主页还是被修改，该怎么办呢，除了重新安装系统外，多谢了 2006-12-06 19:54:41
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	分享到：

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:38 \| 显示全部短消息资料字号：小中大 2楼 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <KAV50><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kwsprod.exe" -run -n Workstation -v 5.0.0.0 -chkss> [Kaspersky Lab] <SKYNET Personal FireWall><C:\PROGRA~1\SKYNET\FIREWALL\pfw.exe> [天网] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Corporation] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Corporation]
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:39 \| 显示全部短消息资料字号：小中大 3楼 ================================== 启动文件夹 N/A ================================== 服务 [Ati HotKey Poller / Ati HotKey Poller] <C:\WINDOWS\system32\Ati2evxx.exe><N/A> [Human Interface Device Access / HidServ] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [IBM PM Service / IBMPMSVC] <C:\WINDOWS\system32\ibmpmsvc.exe><N/A> [KLBLMain / KLBLMain] <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kavmm.exe" -run bl -n Workstation -v 5.0.0.0 -ttsr 10000000><Kaspersky Lab> [Medie Sariel Number Service / Medie Sariel Number Service] <C:\WINDOWS\system32\moviemk.exe><N/A> [Medie Sariel Number Services / Medie Sariel Number Services] <C:\WINDOWS\system32\notaped.exe><N/A> [Remote Procedure Call System(RPCS) / RpcS] <C:\WINDOWS\system32\RpcS.exe><Microsoft Corporation> [RPCS2 / RPCS2] <C:\WINDOWS\system32\RPCS2><N/A> [Windows Management Controllor / WinMgct] <><N/A> ==================================
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:39 \| 显示全部短消息资料字号：小中大 4楼 ================================== 驱动程序 [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc] <system32\drivers\ac97intc.sys><Intel Corporation> [ati2mtag / ati2mtag] <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.> [d347bus / d347bus] <\SystemRoot\system32\DRIVERS\d347bus.sys><> [d347prt / d347prt] <\SystemRoot\System32\Drivers\d347prt.sys><> [Intel(R) PRO Adapter Driver / E100B] <system32\DRIVERS\e100b325.sys><Intel Corporation> [ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver] <\??\C:\Program Files\ewido anti-spyware 4.0\guard.sys><N/A> [flukwrtb / flukwrtb] <\SystemRoot\system32\drivers\flukwrtb.sys><N/A> [IBMPMDRV / IBMPMDRV] <system32\DRIVERS\ibmpmdrv.sys><N/A> [Klif / Klif] <\??\C:\WINDOWS\system32\Drivers\klif.sys><Kaspersky Labs> [Klmc / Klmc] <\SystemRoot\system32\Drivers\klmc.sys><Kaspersky Lab> [kmsinput / kmsinput] <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A> [LT Modem Driver / ltmodem5] <system32\DRIVERS\ltmdmnt.sys><LT> [Netgroup Packet Filter / NPF] <system32\DRIVERS\npf.sys><CACE Technologies> [npkcrypt / npkcrypt] <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A> [NSC Infrared Device Driver / NSCIRDA] <system32\DRIVERS\nscirda.sys><National Semiconductor Corporation> [Padus ASPI Shell / pfc] <system32\drivers\pfc.sys><Padus, Inc.> [Direct Parallel Link Driver / Ptilink] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [RsAntiSpyware / RsAntiSpyware] <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising> [Secdrv / Secdrv] <system32\DRIVERS\secdrv.sys><N/A> [SKNFW / SKNFW] <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A> [Smapint / Smapint] <System32\drivers\Smapint.sys><Microsoft Corporation> [Sony USB Filter Driver (SONYPVU1) / SONYPVU1] <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation> [TDSMAPI / TDSMAPI] <System32\Drivers\TDSMAPI.SYS><N/A> [IBM PS/2 TrackPoint Driver / Tp4Track] <system32\DRIVERS\tp4track.sys><IBM Corporation> [TPPWR / TPPWR] <System32\drivers\Tppwr.sys><IBM Corp.> [TSP / TSP] <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Labs> [IBM PS/2 TrackPoint Filter Driver / TwoTrack] <system32\DRIVERS\TwoTrack.sys><IBM Corporation> ==================================
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:40 \| 显示全部短消息资料字号：小中大 5楼 ================================== 浏览器加载项 [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [IeCatch2 Class] {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft> [QQ] {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, N/A> [FlashGet] {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation> [FlashGet Bar] {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft> [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.> [Edit Class] {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, > [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.> [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [IeCatch2 Class] {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft> [卡卡上网安全助手] {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.> [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.> [FlashGet Bar] {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft> [上传到QQ网络硬盘] <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A> [使用网际快车下载] <C:\Program Files\FlashGet\jc_link.htm, N/A> [使用网际快车下载全部链接] <C:\Program Files\FlashGet\jc_all.htm, N/A> [导出当前页到超星阅览器(&A)] <C:\Program Files\SSREADER36\ss_all.htm, N/A> [导出选中部分到超星阅览器(&S)] <C:\Program Files\SSREADER36\ss_select.htm, N/A> [添加到QQ自定义面板] <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A> [添加到QQ表情] <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A> [用QQ彩信发送该图片] <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A> ==================================
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:42 \| 显示全部短消息资料字号：小中大 6楼 ================================== 正在运行的进程 [PID: 740][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 812][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 836][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] [PID: 880][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 892][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1048][C:\WINDOWS\system32\ibmpmsvc.exe] [N/A, N/A] [PID: 1064][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1128][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1224][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1304][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1516][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1932][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1968][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] [C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172] [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300] [C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0] [C:\Program Files\WinRAR\rarext.dll] [N/A, N/A] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\ShellEx.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\ewido anti-spyware 4.0\context.dll] [Anti-Malware Development a.s., 4, 0, 0, 172] [C:\WINDOWS\system32\msdmo.dll] [N/A, N/A] [PID: 2044][C:\Program Files\JJOL\IME\JJSvr.EXE] [加加在线, 3.11.0.1] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] [PID: 308][C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kwsprod.exe] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\KCAStub.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kltrace.dll] [Kaspersky Lab, 5.0.177.0] [C:\WINDOWS\system32\MSVCP61.dll] [Sample Corporation, 6.00.0000] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\klcsc.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\FSSync.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\qbstorage.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\pr_remote.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\prloader.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\prkernel.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\prstring.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\report.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\nfio.ppl] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kwsploc.dll] [Kaspersky Labs, 5.0.177.0] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\klsecur.dll] [Kaspersky Lab, 5.0.177.0] [PID: 316][C:\PROGRA~1\SKYNET\FIREWALL\pfw.exe] [天网, 2.7.1.1101] [C:\PROGRA~1\SKYNET\FIREWALL\IMSEC.DLL] [N/A, N/A] [C:\PROGRA~1\SKYNET\FIREWALL\SKYMISC.DLL] [N/A, N/A] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] [PID: 324][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0]
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:43 \| 显示全部短消息资料字号：小中大 7楼 [PID: 624][C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kavmm.exe] [Kaspersky Lab, 5.0.177.0] [C:\WINDOWS\system32\MSVCP61.dll] [Sample Corporation, 6.00.0000] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kltrace.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\FSSync.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\klcsc.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\klcsa.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\klsecur.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kwsbl.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\pr_remote.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\prloader.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\prkernel.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\xorio_ex.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\startups.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\prstring.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\pr_server.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\pr_client.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\l_llio.ppl] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\avp_iont.dll] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\avpmgr.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\wdiskio.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\avlib.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\arj.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\arjpack.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\avp1.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\avpgs.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\btdisk.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\buffer.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\cab.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\deflate.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\dmap.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\dtreg.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\explode.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\hashcont.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\hashmd5.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\hccmp.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\ichk2.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\ichstrms.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\inflate.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\klonacci.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\klondemi.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\mailmsg.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\mdb.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\mdmap.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\memmodsc.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\memscan.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\minizip.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\msoe.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\nfio.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\ntfsstrm.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\passdmap.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\prseqio.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\prutil.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\rar.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\report.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\sfdb.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\stdcomp.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\stored.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\superio.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\tempfile.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\unarj.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\uniarc.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\unlzx.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\unreduce.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\unshrink.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\unstored.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\winreg.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\xorio.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\zcompare.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\mchk.ppl] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\AVS.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\CheckTool.DLL] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\xmlparse.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\xmltok.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kwsbloc.dll] [Kaspersky Labs, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\OnDemand.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kwsblp.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\QBackup.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\qbstorage.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\OnAccess.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\scrch_ag.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\mcproxy.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\mailapplayer.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\MchkBL.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\SubjPlugin.dll] [Kaspersky Lab, 5.0.177.0]
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:43 \| 显示全部短消息资料字号：小中大 8楼 [PID: 1500][C:\WINDOWS\system32\RpcS.exe] [Microsoft Corporation, 5.2.3790.1830] [C:\WINDOWS\system32\RPCS2] [N/A, N/A] [PID: 1692][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] [C:\WINDOWS\system32\kakatool.dll] [Beijing Rising Technology Co., Ltd., 2, 0, 2, 4] [C:\WINDOWS\system32\RpcS.dll] [N/A, N/A] [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300] [C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0] [PID: 548][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2360][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2008][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] [C:\WINDOWS\system32\kakatool.dll] [Beijing Rising Technology Co., Ltd., 2, 0, 2, 4] [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300] [C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\scr_ch_pg.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\scrch_ag.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\kltrace.dll] [Kaspersky Lab, 5.0.177.0] [C:\WINDOWS\system32\MSVCP61.dll] [Sample Corporation, 6.00.0000] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\klcsc.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\FSSync.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\pr_remote.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\prloader.dll] [Kaspersky Lab, 5.0.177.0] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation 5\prkernel.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\prstring.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\pr_server.ppl] [Kaspersky Lab, 5.0.177.0] [c:\program files\kaspersky lab\kaspersky anti-virus for workstation 5\tempfile.ppl] [Kaspersky Lab, 5.0.177.0] [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0] [PID: 4028][C:\Program Files\WinRAR\WinRAR.exe] [N/A, N/A] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] [PID: 3636][C:\DOCUME~1\IBM\LOCALS~1\Temp\Rar$EX00.415\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605] [C:\WINDOWS\system32\JJN.IME] [加加在线, 3.11.0.0] ==================================
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 16:43 \| 显示全部短消息资料字号：小中大 9楼 ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 219.139.58.97 127.0.0.1 ads.520fantong.com 127.0.0.1 www.520fantong.com 127.0.0.1 w2.520fantong.com 127.0.0.1 125.91.1.20 127.0.0.1 61.162.230.31 127.0.0.1 61.141.31.11 127.0.0.1 bd.jacai.com 127.0.0.1 www.9505.com 127.0.0.1 www.4199.com 127.0.0.1 update.ssdlh.com 127.0.0.1 down.ssdlh.com 127.0.0.1 file.checkthisdoor.com 127.0.0.1 count.checkthisdoor.com ==================================
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:	发表于： 2006-12-03 18:06 \| 显示全部短消息资料字号：小中大 10楼好了，删除了，多谢了，谢谢啊，还有一个问题，在进程里老出现notepad.exe这个进程是干嘛的呢？
一剑飞天下初生襁褓狮帖子:10 注册: 2006-12-03 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT