瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 一直搞不定的病毒,高手请帮我,加SRE日志了

1   1  /  1  页   跳转

一直搞不定的病毒,高手请帮我,加SRE日志了

收藏
小菜来了
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-03-06
  • 来自:
发表于: 2007-03-06 12:22 | 显示全部 短消息 资料
字号: 1楼

一直搞不定的病毒,高手请帮我,加SRE日志了

1。这个网站一直攻击我:2007/03/06 11:36:55    Malicious HTTP object <http://www.pkgame8.com/c/2.exe>: access denied.
2。打开摆渡就会访问到其他网站。在temp下加载一些exe
3。windows下开机多出几个进程
iexpl0re.exe
servera.exe
iexpl0ra.exe
servere.exe
rundl132.exe
rundl13a.exe


[CODE]

2007-03-06,12:31:07

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <JyvePro><; C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\C528FFB1B9EC473792CF67849E25EDB6\JyvePro.exe>  [N/A]
    <Skype><; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized>  [(Verified)Skype Technologies S.A.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <Persistence><C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Intel Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <IMJPMIG9.0><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32>  [(Verified)Microsoft Corporation]
    <kav><"D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
    <!ewido><"D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized>  [N/A]
    <!AVG Anti-Spyware><"D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [Anti-Malware Development a.s.]
    <Acrobat Assistant 7.0><; "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe">  [Adobe Systems Inc.]
    <StormCodec_Helper><; "D:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]

==================================
Startup Folders
N/A

==================================
Services
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
[Kaspersky Anti-Virus 6.0 / AVP][Running/Auto Start]
  <"D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\\rundll32.exe windhcp.ocx,input><Microsoft Corporation>

==================================
Drivers
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
  <system32\drivers\cmuda.sys><C-Media Inc>
[dtscsi / dtscsi][Running/Manual Start]
  <\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TCP/IP プロトコル ドライバ / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[WinDriver6 / WinDriver6][Running/Manual Start]
  <system32\drivers\windrvr6.sys><Jungo>
[XilinxPC4Driver / XilinxPC4Driver][Running/Auto Start]
  <\SystemRoot\System32\drivers\XPC4DRVR.SYS><Xilinx, Inc.>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[DLMgr Class]
  {4FA955E8-C73C-4D72-BDCC-EA12227B45D9} <D:\Program Files\Dianlei\Plugins\DLManager.dll, ?雷超?下?>
[AcroIEToolbarHelper Class]
  {AE7CD045-E861-484f-8273-0445EE161910} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[??迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <d:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Web Anti-Virus]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[儕?乕?(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[?雷超?下?]
  {A6A84943-17AB-4363-A518-8D750FDF57C3} <"D:\Program Files\Dianlei\dianlei.exe", N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Office Genuine Advantage Validation Tool]
  {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.DLL, N/A>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, MicrosoftR Corporation>
[UploadControl Control]
  {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} <C:\WINDOWS\system32\UPLOAD~1.OCX, 广州网易互???有限公司>
[Office Update Installation Engine]
  {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[PhotoUploadCtrlMini Control]
  {D9306BD1-2325-4C28-8632-B02330C1BB02} <C:\WINDOWS\system32\PHOTOU~1.OCX, 广州网易互???有限公司>
[金山毒霸在??品升?]
  {E847C78C-C210-4195-8799-FBF3BF89797D} <C:\PROGRA~1\KOS\KOSInit.OCX, 金山?件股?有限公司>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[DLMgr Class]
  {4FA955E8-C73C-4D72-BDCC-EA12227B45D9} <D:\Program Files\Dianlei\Plugins\DLManager.dll, ?雷超?下?>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[AcroIEToolbarHelper Class]
  {AE7CD045-E861-484F-8273-0445EE161910} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&使用?雷下?]
  <ECAE7-0A37-4506-8A7D-3CC9A04D2CA8}, N/A>
[&使用迅雷下?]
  <, N/A>
[&使用迅雷下?全部?接]
  <, N/A>
[Convert link target to Adobe PDF]
  <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert link target to existing PDF]
  <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert selected links to Adobe PDF]
  <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[Convert selected links to existing PDF]
  <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[Convert selection to Adobe PDF]
  <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert selection to existing PDF]
  <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert to Adobe PDF]
  <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert to existing PDF]
  <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Microsoft Excel にエクスポート(&X)]
  <res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[雅虎搜索]
  <res://C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll/203, N/A>
PLEASE  HELP!................
最后编辑2007-03-06 18:38:21
分享到:
gototop
 
小菜来了
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-03-06
  • 来自:
发表于: 2007-03-06 12:47 | 显示全部 短消息 资料
字号: 2楼

==================================
Running Processes
[PID: 528][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 592][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 616][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\ImpsSensor.dll]  [China Mobile, 2, 0, 0, 0]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.4299]
[PID: 664][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 676][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 824][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 868][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 980][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1092][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1236][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AdobePDF.dll]  [Adobe Systems Incorporated., 7.0.0.00]
    [D:\Program Files\Adobe\Acrobat 7.0\Distillr\adistres.dll]  [Adobe Systems Incorporated., 7.0.0.2004121400]
    [C:\WINDOWS\system32\HPTcpMon.dll]  [Hewlett Packard, 2.50.01.006]
    [C:\WINDOWS\system32\HPZJSN01.dll]  [Hewlett Packard Company, 1, 0, 0, 3]
    [C:\WINDOWS\system32\hpzjfw01.dll]  [Hewlett-Packard, 4.02.009.0]
    [C:\WINDOWS\system32\HPTcpMUI.dll]  [Microsoft Corporation, 2.50.01.006]
    [C:\WINDOWS\system32\hptcpmib.dll]  [Hewlett Packard, 2.50.01.006]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp3Y0.DLL]  [Hewlett-Packard Corporation, 60.051.1241.00]
[PID: 1476][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4299]
    [d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [Anti-Malware Development a.s., 7, 5, 0, 47]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [D:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll]  [Adobe Systems Inc., 7.0.0.2004121400\0]
    [D:\Program Files\Adobe\Acrobat 7.0\Distillr\ADIST32.dll]  [Adobe Systems Incorporated., 7.0.0.0]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [D:\Program Files\IDM Computer Solutions\UltraEdit-32\ue32ctmn.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll]  [Kaspersky Lab, 6.0.0.299]
    [d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll]  [Anti-Malware Development a.s., 7, 5, 0, 49]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
[PID: 1652][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
[PID: 1660][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
[PID: 1668][C:\WINDOWS\system32\igfxpers.exe]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
[PID: 1676][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3510]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
[PID: 1784][D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.0]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\AVPGS.PPL]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\tm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\bl.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\wmihlpr.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\ndetect.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\crpthlpr.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\schedule.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\timer.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\lic60.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\report.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\hashmd5.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\avs.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\avpmgr.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\wdiskio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\avlib.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\avspm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp3info.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\og.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\pdm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\updater2005.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\sc.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\httpscan.ppl]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klaveng.dll]  [N/A, N/A]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\mc.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\oas.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\procmon.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\dtreg.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\sfdb.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\prutil.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp1.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\l_llio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\productinfo.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\updater.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\ichk2.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\diff.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\icheckersa.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\base64p.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\smtpprotocoller.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\updateinfo.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\httpanlz.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\pop3protocoller.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\trafficmonitor2.ppl]  [N/A, N/A]
gototop
 
小菜来了
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-03-06
  • 来自:
发表于: 2007-03-06 12:48 | 显示全部 短消息 资料
字号: 3楼

[D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\CKAHUM.dll]  [Kaspersky Lab, 6.0.0.1]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\CKAHComm.dll]  [Kaspersky Lab, 6.0.0.1]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ckahrule.dll]  [Kaspersky Lab, 6.0.0.1]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\imapprotocoller.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\netsession.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\nntpprotocoller.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\socket.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\httpsession.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\ntlm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\hashcont.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\hccmp.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\iwgen.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\updateobjectinfo.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\base64.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\updatecategory.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\updateinstaller.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\baseinstaller.ppl]  [Kaspersky Lab, 6.0.0.304]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\execinstaller.ppl]  [Kaspersky Lab, 6.0.0.304]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\qb.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\ods.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\buffer.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\memscan.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\memmodsc.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\uniarc.ppl]  [Kaspersky Lab, 6.0.0.16]
gototop
 
小菜来了
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-03-06
  • 来自:
发表于: 2007-03-06 13:06 | 显示全部 短消息 资料
字号: 4楼

[d:\program files\kaspersky lab\kaspersky anti-virus 6.0\minizip.ppl]  [Kaspersky Lab, 6.0.0.16]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\cab.ppl]  [Kaspersky Lab, 6.0.0.16]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\arj.ppl]  [Kaspersky Lab, 6.0.0.16]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\rar.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\lha.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\ntfsstrm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\msoe.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\mdb.ppl]  [Kaspersky Lab, 6.0.0.300]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\startupenum2.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\inifile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\prseqio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\unlzx.ppl]  [Kaspersky Lab, 6.0.0.16]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\mdmap.ppl]  [Kaspersky Lab, 6.0.0.16]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\btimages.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\inflate.ppl]  [Kaspersky Lab, 6.0.0.16]
[PID: 1804][D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.0]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\AVPGS.PPL]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\avpgui.ppl]  [Kaspersky Lab, 6.0.0.300]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\basegui.dll]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\qb.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\inflate.ppl]  [Kaspersky Lab, 6.0.0.16]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\report.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\prutil.ppl]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 1824][D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe]  [Anti-Malware Development a.s., 7, 5, 0, 50]
    [D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll]  [Anti-Malware Development a.s., 4, 2, 0, 15]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
[PID: 1832][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
[PID: 1900][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
[PID: 2076][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2772][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2808][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 2908][C:\WINDOWS\system32\rdpclip.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys]  [N/A, N/A]
[PID: 3144][C:\WINDOWS\system32\igfxsrvc.exe]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.4299]
[PID: 3396][D:\PROGRA~1\MICROS~1\OFFICE11\OUTLOOK.EXE]  [Microsoft Corporation, 11.0.8118]
    [D:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Mail\Outlook\PDFMOutlook.dll]  [Adobe Systems Incorporated, 7.0.0.0]
    [D:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.dll]  [N/A, N/A]
[PID: 3596][D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE]  [Microsoft Corporation, 11.0.8125]
    [D:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Office\PDFMOfficeAddin.dll]  [Adobe Systems Incorporated, 7, 0, 0, 0]
    [D:\Program Files\Adobe\Acrobat 7.0\Distillr\adist32.dll]  [Adobe Systems Incorporated., 7.0.0.0]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\offguard.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\AD2KReGP.DLL]  [Adobe Systems Inc., 7, 0, 0, 0]
[PID: 3504][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1980][D:\Software\System\processexplorernt@yuan\procexp.exe]  [Sysinternals, 9.23]
[PID: 3524][D:\Software\System\Hijackthis\HijackThis.exe]  [Soeperman Enterprises Ltd., 1.99.0001]
[PID: 3132][D:\Program Files\Dianlei\dianlei.exe]  [Dianlei, 1, 0, 0, 0]
    [D:\Program Files\Dianlei\CrashRpt.dll]  [N/A, N/A]
    [D:\Program Files\Dianlei\zlibwapi.dll]  [N/A, 1.2.3.0]
    [D:\Program Files\Dianlei\Plugins\GFLImageServices.dll]  [N/A, 1, 0, 0, 6]
    [D:\Program Files\Dianlei\libgfl254.dll]  [XnView, 2.40]
    [D:\Program Files\Dianlei\Plugins\ImageViewer.dll]  [Shareaza Development Team, 1, 2, 1, 5]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [d:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
[PID: 3888][D:\Software\System\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1      localhost
60.169.1.178      hyap98.com
60.169.1.178      www.hyap98.com
60.169.1.178      www.82087871.com
202.101.42.85      47555.cn
202.101.42.85      nc.47555.cn
202.101.42.85      cn.47555.cn
202.101.42.85      crsky.47555.cn
202.101.42.85      www.47555.cn
60.169.1.178      baibu.com
60.169.1.178      www.baidu.com
60.169.1.178      dgufida.com.cn
60.169.1.178      88.our2000.com
60.169.1.178      new.eyliao.com
60.169.1.178      sybaby.a78.zgsj.com

==================================
API HOOK
Warning! System Repair Engineer
remind you that following
functions have modified to
abnormal values by unknown
reasons:
RVA Error:  LoadLibraryA
RVA Error:  LoadLibraryExA
RVA Error:  LoadLibraryExW
RVA Error:  LoadLibraryW

==================================


[/CODE]
gototop
 
小菜来了
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-03-06
  • 来自:
发表于: 2007-03-06 18:47 | 显示全部 短消息 资料
字号: 5楼

JyvePro.exe 是skype一个插件啊?怎么会有毒啊?
从哪里看出一直在下2.exe
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT