收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 软件区 解疑答难区 前几天QB被盗,大大们帮帮忙看下有没异常
返回列表 发新帖
查看: 1880|回复: 8
收起左侧

[已解决] 前几天QB被盗,大大们帮帮忙看下有没异常

 关闭 [复制链接]
喜欢清淡
头像被屏蔽
发表于 2007-8-14 20:22:52 | 显示全部楼层 |阅读模式
[CODE]

2007-08-14,20:19:02

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <DAEMON Tools><"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033>  [(Verified)DAEMON Tools Code Signing Services]
    <ctfmon.exe><C:\windows\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <壁纸雷达><E:\实用软件\Wallpaper Radar\wallrada.exe>  [Free Wallpapar Radar]
    <NvCplDaemon><RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation]
    <FY_FireWall><C:\Program Files\FengYun\FYFireWall.exe>  [www.218.cc]
    <avgnt><"C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" /min>  [Avira GmbH]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><C:\windows\Resources\Themes\Login\logonui-3.1.exe>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\windows\INF\wmp11.inf,PerUserStub>  [(Verified)Tencent Technology(Shenzhen) Company Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\windows\system32\Rundll32.exe C:\windows\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[AntiVir PersonalEdition Premium MailGuard / AntiVirMailService][Running/Auto Start]
  <"C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe"><Avira GmbH>
[AntiVir PersonalEdition Premium Scheduler / AntiVirScheduler][Running/Auto Start]
  <"C:\Program Files\AntiVir PersonalEdition Premium\sched.exe"><Avira GmbH>
[AntiVir PersonalEdition Premium Guard / AntiVirService][Running/Auto Start]
  <"C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe"><Avira GmbH>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[AntiVir PersonalEdition Premium MailGuard helper service / AVEService][Running/Auto Start]
  <"C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe"><Avira GmbH>
[mysee2_Runtime / mysee2_Runtime][Stopped/Manual Start]
  <C:\windows\System32\svchost.exe -k mysee2-->C:\Program Files\GAOV\Mysee2\runtime.dll><北京高维视讯科技有限公司>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\windows\system32\nvsvc32.exe><NVIDIA Corporation>
[VMware DHCP Service / VMnetDHCP][Stopped/Disabled]
  <C:\windows\system32\vmnetdhcp.exe><VMware, Inc.>
[VMware NAT Service / VMware NAT Service][Stopped/Disabled]
  <C:\windows\system32\vmnat.exe><VMware, Inc.>

==================================
驱动程序
[Aspi32 / Aspi32][Running/System Start]
  <\SystemRoot\system32\drivers\Aspi32.sys><Adaptec>
[avgio / avgio][Running/System Start]
  <\??\C:\Program Files\AntiVir PersonalEdition Premium\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
  <\??\C:\Program Files\AntiVir PersonalEdition Premium\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
  <system32\DRIVERS\avipbb.sys><Avira GmbH>
[Closed Caption Decoder / CCDECODE][Stopped/Manual Start]
  <system32\DRIVERS\CCDECODE.sys><N/A>
[CDGscsi / CDGscsi][Running/Boot Start]
  <\SystemRoot\System32\Drivers\cdgscsi.sys><Savage Company>
[d347bus / d347bus][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[EQSysSecure / EQSysSecure][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EQSysSecure.sys><EQSecure>
[FYTdifltDrv / FYTdifltDrv][Running/System Start]
  <\??\C:\Program Files\FengYun\FYTdiDrv.sys><N/A>
[KAVBootC / KAVBootC][Stopped/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[macho Bus / machobus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\machobus.sys><N/A>
[NABTS/FEC VBI Codec / NABTSFEC][Stopped/Manual Start]
  <system32\DRIVERS\NABTSFEC.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PnpWmkDrv / PnpWmkDrv][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A>
[StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
  <\SystemRoot\System32\drivers\prodrv06.sys><Protection Technology>
[StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\prohlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
  <\SystemRoot\System32\drivers\prosync1.sys><Protection Technology>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 2.x) / sfsync02][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfsync02.sys><Protection Technology>
[BDA Slip De-Framer / SLIP][Stopped/Manual Start]
  <system32\DRIVERS\SLIP.sys><N/A>
[USB PC Camera (SNPSTD3) / SNPSTD3][Running/Manual Start]
  <system32\DRIVERS\snpstd3.sys><>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[ssmdrv / ssmdrv][Running/System Start]
  <system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[TVICHW32 / TVICHW32][Stopped/Manual Start]
  <\??\C:\windows\system32\DRIVERS\TVICHW32.SYS><N/A>
[Vinyl AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
  <system32\drivers\vinyl97.sys><VIA Technologies, Inc.>
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Stopped/Manual Start]
  <system32\DRIVERS\vmnetadapter.sys><VMware, Inc.>
[VMware Network Application Interface / VMnetuserif][Running/Auto Start]
  <\??\C:\windows\system32\drivers\vmnetuserif.sys><VMware, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><N/A>
回复

举报

喜欢清淡
头像被屏蔽
 楼主| 发表于 2007-8-14 20:23:20 | 显示全部楼层
==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[163Uploader Control]
  {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\windows\system32\163UPL~1.OCX, 广州网易互动娱乐有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\windows\system32\wmpdxm.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\windows\system32\LegitCheckControl.DLL, Microsoft Corporation>
[ThunderServer.WebThunder]
  {1DE5794D-B609-4A3E-9E40-22594D5BEAAC} <D:\Thunder\ComDlls\Faker.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\windows\system32\wmpdxm.dll, Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\windows\system32\msxml3.dll, Microsoft Corporation>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\windows\system32\tdc.ocx, Microsoft Corporation>
[Microsoft Office Control]
  {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\windows\system32\hhctrl.ocx, Microsoft Corporation>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\DOCUME~1\GOOD\APPLIC~1\ppStream\201~1.382\POWERP~1.DLL, PPStream Inc.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\windows\system32\wuweb.dll, Microsoft Corporation>
[JetCar.Netscape]
  {69C7BEA7-0A70-4291-81ED-405D19AEE270} <D:\Thunder\ComDlls\Faker.dll, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\windows\system32\wmp.dll, Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\windows\system32\muweb.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[163Uploader Control]
  {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\windows\system32\163UPL~1.OCX, 广州网易互动娱乐有限公司>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360safe.com>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[XML DOM 文档 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\windows\system32\wmp.dll, Microsoft Corporation>
[Msxml]
  {CFC399AF-D876-11D0-9C10-00C04FC99C8E} <C:\windows\system32\msxml3.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\windows\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[RevealTrans]
  {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\WINDOWS\system32\Dxtmsft.dll, Microsoft Corporation>
[QQIEHelper.QQRightClick]
  {E654770F-10E4-47BC-A309-4CAD96A096E6} <D:\Thunder\ComDlls\Faker.dll, >
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\windows\system32\qqedit.dll, 腾讯科技(深圳)有限公司>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\windows\system32\msxml3.dll, Microsoft Corporation>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\windows\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\windows\system32\msxml3.dll, Microsoft Corporation>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\windows\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\windows\system32\msxml3.dll, Microsoft Corporation>
[使用迅雷下载]
  <D:\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 508 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580 / SYSTEM][\??\C:\windows\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 604 / SYSTEM][\??\C:\windows\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 648 / SYSTEM][C:\windows\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 660 / SYSTEM][C:\windows\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 816 / SYSTEM][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876 / NETWORK SERVICE][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 936 / SYSTEM][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 976 / NETWORK SERVICE][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 1024 / LOCAL SERVICE][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[PID: 1236 / GOOD][C:\windows\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\windows\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.1.51.0]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, Inc., 17.1.51.0]
    [C:\windows\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\windows\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [C:\Program Files\AntiVir PersonalEdition Premium\shlext.dll]  [Avira GmbH, 7.00.00.10]
    [C:\Program Files\AntiVir PersonalEdition Premium\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Tencent\qq\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\Tencent\qq\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [D:\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [D:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll]  [Autodesk, 17.1.51.0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.1.0.0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 8.0.0.0]
    [C:\windows\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.7124]
    [C:\windows\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.7124]
    [C:\windows\system32\nvshell.dll]  [NVIDIA Corporation, 6.14.10.10025]
    [C:\windows\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\windows\system32\dfshim.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\windows\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
    [C:\windows\system32\SOGOUPY.IME]  [Sohu.com Inc., 3, 0, 0, 0]
    [C:\windows\system32\dllMergeDict.dll]  [Sogou.com Inc., 3, 0, 0, 0]
    [C:\Program Files\SogouInput\Plugin\SgImeWord.dll]  [, 1, 0, 0, 31]
    [C:\windows\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\windows\Microsoft.NET\Framework\v2.0.50727\Fusion.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\windows\Microsoft.NET\Framework\v2.0.50727\culture.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\windows\Microsoft.NET\Framework\v2.0.50727\zh-CHS\ShFusRes.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 1252 / SYSTEM][C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe]  [Avira GmbH, 7.00.00.52]
    [C:\Program Files\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 7.00.00.18]
    [C:\Program Files\AntiVir PersonalEdition Premium\guardmsg.dll]  [Avira GmbH, 7.00.10.01]
    [C:\Program Files\AntiVir PersonalEdition Premium\sqlite3.dll]  [, 3, 3, 10, 0]
    [C:\Program Files\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\AntiVir PersonalEdition Premium\AVPREF.DLL]  [Avira GmbH, 7.00.02.01]
    [C:\Program Files\AntiVir PersonalEdition Premium\SMTPLIB.DLL]  [Avira GmbH, 1.2.0.13]
    [C:\Program Files\AntiVir PersonalEdition Premium\AVEWIN32.DLL]  [Avira GmbH, 7.4.0.60]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 1504 / GOOD][E:\实用软件\Wallpaper Radar\wallrada.exe]  [Free Wallpapar Radar, 1.0.0.598]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 1524 / GOOD][C:\Program Files\FengYun\FYFireWall.exe]  [www.218.cc, 1.2.5.1912]
    [C:\Program Files\FengYun\arpinfo.dll]  [N/A, ]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [C:\windows\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.1.51.0]
[PID: 1532 / GOOD][C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe]  [Avira GmbH, 7.00.04.05]
    [C:\Program Files\AntiVir PersonalEdition Premium\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\AntiVir PersonalEdition Premium\avgcmxp.dll]  [Avira GmbH, 7.00.04.00]
    [C:\Program Files\AntiVir PersonalEdition Premium\AVWINLL.DLL]  [Avira GmbH, 1.0.0.7]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[PID: 1552 / GOOD][C:\Program Files\DAEMON Tools\daemon.exe]  [DT Soft Ltd., 4.09.0.0]
    [C:\Program Files\DAEMON Tools\daemon.dll]  [DT Soft Ltd., 4.09.1.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll]  [, 1.1.3.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\bwtmount.dll]  [DT Soft Ltd., 1.00.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll]  [DT Soft Ltd., 1.10.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\cuemount.dll]  [DT Soft Ltd., 1.02.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\iszmount.dll]  [DT Soft Ltd., 1.02.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll]  [DT Soft Ltd., 1.22.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll]  [DT Soft Ltd., 1.12.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll]  [DT Soft Ltd., 1.01.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\pfcmount.dll]  [DT Soft Ltd., 1.00.0.0]
    [C:\Program Files\DAEMON Tools\pfctoc.dll]  [Padus(R), Inc., 1, 0, 0, 12]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[PID: 1564 / GOOD][C:\windows\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[PID: 1768 / SYSTEM][C:\Program Files\AntiVir PersonalEdition Premium\sched.exe]  [Avira GmbH, 7.00.00.46]
    [C:\Program Files\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\AntiVir PersonalEdition Premium\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\AntiVir PersonalEdition Premium\schedr.dll]  [Avira GmbH, 7.00.22.00]
    [C:\Program Files\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 7.00.00.18]
    [C:\Program Files\AntiVir PersonalEdition Premium\sqlite3.dll]  [, 3, 3, 10, 0]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 1784 / SYSTEM][C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe]  [Avira GmbH, 7.0.0.26]
    [C:\Program Files\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\AntiVir PersonalEdition Premium\AVESVCR.DLL]  [Avira GmbH, 7.0.10.0]
    [C:\Program Files\AntiVir PersonalEdition Premium\avpack32.dll]  [Avira GmbH, 7.03.00.15]
    [C:\Program Files\AntiVir PersonalEdition Premium\unacev2.dll]  [N/A, ]
    [C:\Program Files\AntiVir PersonalEdition Premium\AVEWIN32.DLL]  [Avira GmbH, 7.4.0.60]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 1820 / SYSTEM][C:\windows\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.7124]
    [C:\windows\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.7124]
[PID: 1848 / SYSTEM][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2008 / SYSTEM][C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe]  [Avira GmbH, 7.00.01.44]
    [C:\Program Files\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\AntiVir PersonalEdition Premium\avmailcr.dll]  [Avira GmbH, 7.01.08.01]
    [C:\Program Files\AntiVir PersonalEdition Premium\AVPREF.DLL]  [Avira GmbH, 7.00.02.01]
    [C:\Program Files\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 7.00.00.18]
    [C:\Program Files\AntiVir PersonalEdition Premium\sqlite3.dll]  [, 3, 3, 10, 0]
    [C:\Program Files\AntiVir PersonalEdition Premium\mgrs.dll]  [Avira GmbH, 7.00.01.84]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 568 / LOCAL SERVICE][C:\windows\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\windows\System32\avsda.dll]  [Avira GmbH, 7.0.0.5]
[PID: 3376 / GOOD][C:\dzh\internet\hypwise.exe]  [大智慧, 1, 0, 0, 1]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\dzh\internet\MFC42.DLL]  [Microsoft Corporation, 6.00.8447.0]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
回复

举报

喜欢清淡
头像被屏蔽
 楼主| 发表于 2007-8-14 20:25:02 | 显示全部楼层
[PID: 2752 / GOOD][E:\实用软件\uusee\UUSeePlayer.exe]  [, 3, 0, 1, 6]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [E:\实用软件\uusee\UUPlayer.DLL]  [, 3, 0, 1, 4]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
    [C:\windows\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [E:\实用软件\uusee\UUPlayer.ocx]  [, 1, 0, 0, 1]
    [E:\实用软件\uusee\ARMP.ocx]  [UUSEE, 7, 8, 2, 0]
    [C:\windows\system32\MFPlat.DLL]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [E:\实用软件\uusee\MultiVMR9.dll]  [uusee, 9.00]
    [C:\windows\system32\rmoc3260.dll]  [RealNetworks, Inc., 6.0.9.2568]
    [C:\windows\system32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [C:\Program Files\Common Files\Real\Common\pngu3267.dll]  [RealNetworks, Inc., 6.7.0.2962]
    [C:\windows\system32\msdmo.dll]  [, ]
    [C:\windows\system32\WMVDECOD.dll]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\windows\system32\ffdshow.ax]  [, 1.0.2.2028]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\StormII\Codec\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
    [C:\windows\system32\wmpeffects.dll]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\Program Files\Common Files\Real\rpplugins\embd3260.dll]  [RealNetworks, Inc., 6.0.12.1739]
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  [RealNetworks, Inc., 6.0.9.4317]
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  [RealNetworks, Inc., 0.1.0.6726]
    [C:\Program Files\Common Files\Real\rpplugins\rpcl3260.dll]  [RealNetworks, Inc., 6.0.9.3362]
    [C:\Program Files\Common Files\Real\rpplugins\rput3260.dll]  [RealNetworks, Inc., 6.0.9.3338]
    [C:\Program Files\Common Files\Real\Common\pnen3260.dll]  [RealNetworks, Inc., 10.0.0.1283]
    [C:\Program Files\Common Files\Real\Plugins\vidsite.dll]  [RealNetworks, Inc., 10.0.0.1253]
    [C:\Program Files\Common Files\Real\Plugins\zipf3260.dll]  [RealNetworks, Inc., 6.0.8.2799]
    [C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll]  [RealNetworks, Inc., 10.1.0.1180]
    [C:\Program Files\Common Files\Real\Plugins\clntxres.dll]  [RealNetworks, Inc., 10.0.0.4181]
    [C:\Program Files\Common Files\Real\Plugins\memfsys.dll]  [RealNetworks, Inc., 10.0.0.1219]
    [E:\实用软件\uusee\in_psp.dll]  [www.uusee.com, 1.0.7.727]
    [E:\实用软件\uusee\out_mmshttp.dll]  [uusee.com, 2.2.0.15]
[PID: 3180 / GOOD][C:\Program Files\Tencent\qq\QQ.exe]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
    [C:\Program Files\Tencent\qq\CoralQQ.dll]  [Coral Team, 5.0.1a Build 20070620]
    [C:\Program Files\Tencent\qq\kql.dll]  [Coral Team, 5.0.1a build 20070620]
    [C:\Program Files\Tencent\qq\mfc42.dll]  [Microsoft Corporation, 6.00.8665.0]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\Program Files\Tencent\qq\ipsearcher.dll]  [, 1.0.0.3]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\Program Files\Tencent\qq\QQBaseClassInDll.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\QQHelperDll.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\BasicCtrlDll.dll]  [TENCENT, 7, 0, 225, 1651]
    [C:\Program Files\Tencent\qq\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Tencent\qq\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [C:\Program Files\Tencent\qq\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\qq\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\Program Files\Tencent\qq\QQAPI.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\qq\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [C:\Program Files\Tencent\qq\LoginCtrl.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\LoginCtrlRes.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\QQRes.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\MailSummary.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\QQMainFrame.dll]  [N/A, ]
    [C:\Program Files\Tencent\qq\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\qq\CQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\qq\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\qq\NewSkin.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\HostingMgr.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\CameraDll.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\CoralHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Tencent\qq\QQKnowledgeSearch.dll]  [TENCENT, 7,0,313,1681]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
    [C:\Program Files\Tencent\qq\QQAllInOne.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [C:\Program Files\Tencent\qq\QQSpace.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\windows\system32\msdmo.dll]  [, ]
    [C:\Program Files\Tencent\qq\QQGroupMng.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\UserDefinedHead.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\QQPlugin.dll]  [N/A, ]
    [C:\Program Files\Tencent\qq\QQConfigPlugin.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\QQCustomFace.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\Program Files\Tencent\qq\QQAvatar.dll]  [N/A, ]
    [C:\Program Files\Tencent\qq\QRingMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\qq\LongConnection.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\QQPet.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\QQSysMsgMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\qq\BQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\qq\CommercesMng.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\PersonalDesktop.dll]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\Tencent\qq\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 310]
    [C:\Program Files\Tencent\qq\QQSceneMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\qq\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 1, 9, 95]
    [C:\windows\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Tencent\qq\QQSettingCtrl.dll]  [TENCENT, 7,0,313,1681]
[PID: 2952 / GOOD][C:\Program Files\Tencent\qq\TIMPlatform.exe]  [TENCENT, 7,0,313,1681]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [C:\Program Files\Tencent\qq\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 3020 / GOOD][E:\实用软件\uusee\UUSeePlayer.exe]  [, 3, 0, 1, 6]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [E:\实用软件\uusee\UUPlayer.DLL]  [, 3, 0, 1, 4]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
    [C:\windows\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [E:\实用软件\uusee\UUPlayer.ocx]  [, 1, 0, 0, 1]
    [E:\实用软件\uusee\ARMP.ocx]  [UUSEE, 7, 8, 2, 0]
    [C:\windows\system32\MFPlat.DLL]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [E:\实用软件\uusee\MultiVMR9.dll]  [uusee, 9.00]
    [C:\windows\system32\rmoc3260.dll]  [RealNetworks, Inc., 6.0.9.2568]
    [C:\windows\system32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [C:\windows\system32\msdmo.dll]  [, ]
    [C:\windows\system32\WMVDECOD.dll]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\windows\system32\ffdshow.ax]  [, 1.0.2.2028]
    [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\StormII\Codec\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
    [C:\windows\system32\wmpeffects.dll]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\Program Files\Common Files\Real\rpplugins\embd3260.dll]  [RealNetworks, Inc., 6.0.12.1739]
    [C:\Program Files\Common Files\Real\Common\pngu3267.dll]  [RealNetworks, Inc., 6.7.0.2962]
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  [RealNetworks, Inc., 6.0.9.4317]
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  [RealNetworks, Inc., 0.1.0.6726]
    [C:\Program Files\Common Files\Real\rpplugins\rpcl3260.dll]  [RealNetworks, Inc., 6.0.9.3362]
    [C:\Program Files\Common Files\Real\rpplugins\rput3260.dll]  [RealNetworks, Inc., 6.0.9.3338]
    [C:\Program Files\Common Files\Real\Common\pnen3260.dll]  [RealNetworks, Inc., 10.0.0.1283]
    [C:\Program Files\Common Files\Real\Plugins\vidsite.dll]  [RealNetworks, Inc., 10.0.0.1253]
    [C:\Program Files\Common Files\Real\Plugins\zipf3260.dll]  [RealNetworks, Inc., 6.0.8.2799]
    [C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll]  [RealNetworks, Inc., 10.1.0.1180]
    [C:\Program Files\Common Files\Real\Plugins\clntxres.dll]  [RealNetworks, Inc., 10.0.0.4181]
    [C:\Program Files\Common Files\Real\Plugins\memfsys.dll]  [RealNetworks, Inc., 10.0.0.1219]
    [E:\实用软件\uusee\in_psp.dll]  [www.uusee.com, 1.0.7.727]
    [E:\实用软件\uusee\out_mmshttp.dll]  [uusee.com, 2.2.0.15]
[PID: 2136 / GOOD][C:\opera.v9.228807fx\opera\opera.exe]  [Opera Software, 8807]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\opera.v9.228807fx\opera\Opera.dll]  [Opera Software, 8807]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]
    [C:\windows\system32\SOGOUPY.IME]  [Sohu.com Inc., 3, 0, 0, 0]
    [C:\windows\system32\dllMergeDict.dll]  [Sogou.com Inc., 3, 0, 0, 0]
    [C:\Program Files\SogouInput\Plugin\SgImeWord.dll]  [, 1, 0, 0, 31]
[PID: 3168 / GOOD][D:\download\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\windows\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\windows\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
    [D:\download\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\windows\system32\avsda.dll]  [Avira GmbH, 7.0.0.5]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  Error. [AutoCADScriptFile]
.CHM  OK. ["C:\windows\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
AVSDA over [MSAFD Tcpip [TCP/IP]]
    avsda.dll(Avira GmbH, AntiVir layered service provider)
AVSDA over [MSAFD Tcpip [UDP/IP]]
    avsda.dll(Avira GmbH, AntiVir layered service provider)
AVSDA
    avsda.dll(Avira GmbH, AntiVir layered service provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1252, C:\PROGRAM FILES\ANTIVIR PERSONALEDITION PREMIUM\AVGUARD.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1504, E:\实用软件\WALLPAPER RADAR\WALLRADA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1504, E:\实用软件\WALLPAPER RADAR\WALLRADA.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1524, C:\PROGRAM FILES\FENGYUN\FYFIREWALL.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1524, C:\PROGRAM FILES\FENGYUN\FYFIREWALL.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1532, C:\PROGRAM FILES\ANTIVIR PERSONALEDITION PREMIUM\AVGNT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1532, C:\PROGRAM FILES\ANTIVIR PERSONALEDITION PREMIUM\AVGNT.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3376, C:\DZH\INTERNET\HYPWISE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3376, C:\DZH\INTERNET\HYPWISE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2136, C:\OPERA.V9.228807FX\OPERA\OPERA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2136, C:\OPERA.V9.228807FX\OPERA\OPERA.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
回复

举报

柳残阳
发表于 2007-8-14 21:40:57 | 显示全部楼层
发错地方了
回复

举报

喜欢清淡
头像被屏蔽
 楼主| 发表于 2007-8-14 23:04:02 | 显示全部楼层
没发错呀
回复

举报

喜欢清淡
头像被屏蔽
 楼主| 发表于 2007-8-15 12:46:43 | 显示全部楼层
没人懂吗?
回复

举报

287669789
发表于 2007-8-15 15:17:01 | 显示全部楼层
1.全盘查杀
2.用防火墙的以后,注意哪些进程注入qq.exe
3.关掉所有上网的软件,用防火墙看看联网的ip和文件
4.尽量使用官方qq,
5.打好补丁
回复

举报

喜欢清淡
头像被屏蔽
 楼主| 发表于 2007-8-15 21:44:20 | 显示全部楼层
原帖由 <i>287669789</i> 于 2007-8-15 15:17 发表 <a href="http://bbs.kafan.cn/redirect.php?goto=findpost&pid=1530883&ptid=118518" target="_blank"><img src="http://bbs.kafan.cn/images/common/back.gif" border="0" onload="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open(this.src);}" onmousewheel="return imgzoom(this);" alt="" /></a><br />
1.全盘查杀<br />
2.用防火墙的以后,注意哪些进程注入qq.exe<br />
3.关掉所有上网的软件,用防火墙看看联网的ip和文件<br />
4.尽量使用官方qq,<br />
5.打好补丁
<br />


1.经常做
2.风云防火墙带hips,大概知道
3.防火墙显示的很清楚
4.飘云版不知道是不是这个缘故
5。补丁打的很全的说

估计是去了趟网吧的缘故,建议大家别在网吧登录qq
回复

举报

毒来啦
发表于 2007-8-16 09:17:42 | 显示全部楼层
原帖由 喜欢清淡 于 2007-8-15 21:44 发表



1.经常做
2.风云防火墙带hips,大概知道
3.防火墙显示的很清楚
4.飘云版不知道是不是这个缘故
5。补丁打的很全的说

估计是去了趟网吧的缘故,建议大家别在网吧登录qq

PP也有过因为在网吧登录而被盗QB
~~~~
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-21 08:27 , Processed in 0.147209 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表