收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 软件区 解疑答难区 求助MSSKYE怎么杀啊?
12下一页
返回列表 发新帖
查看: 4394|回复: 18
收起左侧

[已解决] 求助MSSKYE怎么杀啊?

 关闭 [复制链接]
mgl409
发表于 2008-3-1 22:00:24 | 显示全部楼层 |阅读模式
用超级兔子时发现有一个恶意软件-msskye但是用兔子卸不掉
我用kis7.0和AVG在安全模式和正常模式下杀了都杀不掉
百度上说是机器狗 要用WINDOWNS清理助手和机器狗专杀就行
但是我用了360机器狗免疫和金山的专杀狗还有超级巡警机器狗杀了都不行
实在没办法我就重装了系统
刚装完是没有但是过了一会用兔子看就有了
QQ被别人强行登陆了 看样子是马
头大死了
请教高手该怎么解决啊?

下面是我用SRENG扫描的报告
麻烦给看下
小生万分感谢了


[CODE]
2008-03-01,21:48:04
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Vistadrv><C:\Program Files\Vista\systool\Vistadrive\vsdrv.exe>  []
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe">  [(Verified)Kaspersky Lab]
    <!AVG Anti-Spyware><"C:\Program Files\AVG Anti-Spyware\avgas.exe" /minimized>  [(Verified)GRISOFT LTD]
    <Thunder><"D:\Program Files\Thunder\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\夜光时~1.SCR>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Alcmtr><; ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <AlcWzrd><; ALCWZRD.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><; nwiz.exe /install>  []
    <RTHDCPL><; RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SkyTel><; SkyTel.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
==================================
启动文件夹
N/A
==================================
服务
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <C:\Program Files\AVG Anti-Spyware\guard.exe><GRISOFT s.r.o.>
[Kaspersky Internet Security 7.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <D:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
==================================
驱动程序
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\C:\Program Files\AVG Anti-Spyware\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[ViBus / ViBus][Stopped/Manual Start]
  <system32\drivers\ViBus.sys><VIA Technologies, Inc.>
==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[网络反病毒统计]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll, Kaspersky Lab>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[使用迅雷下载]
  <D:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Program Files\Thunder\Program\getallurl.htm, N/A>
[添加到反广告横幅]
  <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm, N/A>
回复

举报

mgl409
 楼主| 发表于 2008-3-1 22:01:58 | 显示全部楼层
==================================
正在运行的进程
[PID: 956 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1016 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1040 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 7.0.1.321]
[PID: 1084 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
[PID: 1096 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
[PID: 1236 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
[PID: 1384 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
[PID: 1516 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
[PID: 1564 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
[PID: 1980 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ShellEx.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
[PID: 316 / Administrator][C:\Program Files\AVG Anti-Spyware\avgas.exe]  [GRISOFT s.r.o., 7, 5, 1, 43]
    [C:\Program Files\AVG Anti-Spyware\engine.dll]  [GRISOFT s.r.o., 4, 2, 0, 19]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
[PID: 324 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
[PID: 356 / SYSTEM][C:\Program Files\AVG Anti-Spyware\guard.exe]  [GRISOFT s.r.o., 7, 5, 1, 22]
    [C:\Program Files\AVG Anti-Spyware\engine.dll]  [GRISOFT s.r.o., 4, 2, 0, 19]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
[PID: 492 / SYSTEM][D:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 3, 1]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
[PID: 656 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9136]
[PID: 548 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
[PID: 1172 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
[PID: 1744 / Administrator][D:\Program Files\Super Rabbit\MagicSet\DS.EXE]  [Super Rabbit Software, 1.50]
    [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9782]
[PID: 3076 / Administrator][D:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.7.441]
    [D:\Program Files\Thunder\Program\BugReport.dll]  [迅雷网络, 1, 0, 1, 4]
    [D:\Program Files\Thunder\Program\ThunderEx.dll]  [, 1, 2, 3, 20]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [D:\Program Files\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [D:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [D:\Program Files\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [D:\Program Files\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [D:\Program Files\Thunder\Program\streammedialib.dll]  [, 1, 3, 2, 118]
    [D:\Program Files\Thunder\Program\al.dll]  [, 1, 0, 1, 3]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [D:\Program Files\Thunder\Program\xldc.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
    [D:\Program Files\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [D:\Program Files\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [D:\Program Files\Thunder\Program\iTargetAD.dll]  [N/A, ]
    [D:\Program Files\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [D:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 8, 26]
    [D:\Program Files\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 5, 0, 16]
    [D:\Program Files\Thunder\Program\XLCommunityEx.dll]  [N/A, ]
    [D:\Program Files\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [D:\Program Files\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [D:\Program Files\Thunder\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
    [D:\Program Files\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Thunder\Components\Security\XLSafeUI.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
    [D:\Program Files\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 6, 20]
    [D:\Program Files\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 2, 22]
    [D:\Program Files\Thunder\Plugins\XLSafeHost\XLSafeHost.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 57]
    [D:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 16]
回复

举报

mgl409
 楼主| 发表于 2008-3-1 22:02:58 | 显示全部楼层
[D:\Program Files\Thunder\Components\DownloadStat\DownloadStat.dll]  [深圳市迅雷网络技术有限公司, 1, 3, 1, 4]
    [D:\Program Files\Thunder\Program\FloatBar.dll]  [Giganology Inc., 1, 0, 0, 2]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.321]
[PID: 2164 / Administrator][d:\Program Files\AresQQ\QQ\QQ.exe]  [TENCENT, 7,0,365,1701]
    [D:\Program Files\AresQQ\QQ\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
    [D:\Program Files\AresQQ\QQ\CoralQQ.dll]  [Coral Team, 5.0.2 Build 20070716]
    [d:\Program Files\AresQQ\QQ\kql.dll]  [Coral Team, 5.0.2 build 20070703]
    [d:\Program Files\AresQQ\QQ\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\ipsearcher.dll]  [, 1.0.0.5]
    [d:\Program Files\AresQQ\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQHelperDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\BasicCtrlDll.dll]  [TENCENT, 7,0,365,1701]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [D:\Program Files\AresQQ\QQ\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [D:\Program Files\AresQQ\QQ\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\LoginCtrl.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\LoginCtrlRes.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQRes.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQMainFrame.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\CQQApplication.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [d:\Program Files\AresQQ\QQ\NewSkin.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\HostingMgr.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\CameraDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\MailSummary.dll]  [TENCENT, 7,0,365,1701]
    [D:\Program Files\AresQQ\QQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [D:\Program Files\AresQQ\QQ\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [d:\Program Files\AresQQ\QQ\QQAllInOne.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [d:\Program Files\AresQQ\QQ\QQSpace.dll]  [TENCENT, 7,0,365,1701]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [d:\Program Files\AresQQ\QQ\QQGroupMng.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQAvatar.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\UserDefinedHead.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQPlugin.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\QQCustomFace.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\QQConfigPlugin.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.321]
    [d:\Program Files\AresQQ\QQ\ImageOle.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\LongConnection.dll]  [TENCENT, 7,0,365,1701]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 3.2.0.0]
    [C:\Program Files\SogouInput\Plugin\SgImeWord.dll]  [Sogou.com Inc., 3.2.0.0]
    [d:\Program Files\AresQQ\QQ\GroupConnection.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 2, 1, 13]
    [d:\Program Files\AresQQ\QQ\QQSysMsgMng.dll]  [N/A, ]
[PID: 3832 / Administrator][d:\Program Files\AresQQ\QQ\QQ.exe]  [TENCENT, 7,0,365,1701]
    [D:\Program Files\AresQQ\QQ\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
    [D:\Program Files\AresQQ\QQ\CoralQQ.dll]  [Coral Team, 5.0.2 Build 20070716]
    [d:\Program Files\AresQQ\QQ\kql.dll]  [Coral Team, 5.0.2 build 20070703]
    [d:\Program Files\AresQQ\QQ\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\ipsearcher.dll]  [, 1.0.0.5]
    [d:\Program Files\AresQQ\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQHelperDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\BasicCtrlDll.dll]  [TENCENT, 7,0,365,1701]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [D:\Program Files\AresQQ\QQ\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [D:\Program Files\AresQQ\QQ\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\LoginCtrl.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\LoginCtrlRes.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQRes.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQMainFrame.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\CQQApplication.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [d:\Program Files\AresQQ\QQ\NewSkin.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\HostingMgr.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\CameraDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\MailSummary.dll]  [TENCENT, 7,0,365,1701]
    [D:\Program Files\AresQQ\QQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [D:\Program Files\AresQQ\QQ\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [d:\Program Files\AresQQ\QQ\QQAllInOne.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [d:\Program Files\AresQQ\QQ\QQSpace.dll]  [TENCENT, 7,0,365,1701]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [d:\Program Files\AresQQ\QQ\QQGroupMng.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\UserDefinedHead.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQPlugin.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\QQConfigPlugin.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQAvatar.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.321]
    [d:\Program Files\AresQQ\QQ\QQSysMsgMng.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\LongConnection.dll]  [TENCENT, 7,0,365,1701]
[PID: 2500 / Administrator][d:\Program Files\AresQQ\QQ\QQ.exe]  [TENCENT, 7,0,365,1701]
    [D:\Program Files\AresQQ\QQ\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
    [D:\Program Files\AresQQ\QQ\CoralQQ.dll]  [Coral Team, 5.0.2 Build 20070716]
    [d:\Program Files\AresQQ\QQ\kql.dll]  [Coral Team, 5.0.2 build 20070703]
    [d:\Program Files\AresQQ\QQ\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\ipsearcher.dll]  [, 1.0.0.5]
    [d:\Program Files\AresQQ\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQHelperDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\BasicCtrlDll.dll]  [TENCENT, 7,0,365,1701]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [D:\Program Files\AresQQ\QQ\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [D:\Program Files\AresQQ\QQ\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [d:\Program Files\AresQQ\QQ\LoginCtrl.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\LoginCtrlRes.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQRes.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQMainFrame.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\CQQApplication.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [d:\Program Files\AresQQ\QQ\NewSkin.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\HostingMgr.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\CameraDll.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\MailSummary.dll]  [TENCENT, 7,0,365,1701]
    [D:\Program Files\AresQQ\QQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [d:\Program Files\AresQQ\QQ\QQAllInOne.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [D:\Program Files\AresQQ\QQ\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [d:\Program Files\AresQQ\QQ\QQSpace.dll]  [TENCENT, 7,0,365,1701]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [d:\Program Files\AresQQ\QQ\QQGroupMng.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\UserDefinedHead.dll]  [TENCENT, 7,0,365,1701]
回复

举报

mgl409
 楼主| 发表于 2008-3-1 22:03:14 | 显示全部楼层
[d:\Program Files\AresQQ\QQ\QQPlugin.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\QQConfigPlugin.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQAvatar.dll]  [N/A, ]
    [d:\Program Files\AresQQ\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.321]
    [d:\Program Files\AresQQ\QQ\LongConnection.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\GroupConnection.dll]  [TENCENT, 7,0,365,1701]
    [d:\Program Files\AresQQ\QQ\QQSysMsgMng.dll]  [N/A, ]
[PID: 3760 / Administrator][D:\Program Files\Shutter\Shutter.exe]  [N/A, ]
    [D:\Program Files\Shutter\audio.dll]  [Koncept, 1.0.0.1]
    [D:\Program Files\Shutter\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Shutter\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Shutter\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.321]
[PID: 3540 / Administrator][D:\Program Files\Super Rabbit\MagicSet\srdshow.exe]  [Super Rabbit, 3.0.0.0]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [D:\Program Files\Super Rabbit\MagicSet\Widget\Calendar.dll]  [Super Rabbit, 3.0.0.0]
    [D:\Program Files\Super Rabbit\MagicSet\Widget\Clock.dll]  [Super Rabbit, 3.0.0.0]
    [D:\Program Files\Super Rabbit\MagicSet\Widget\CountDown.dll]  [Super Rabbit, 3.0.0.0]
    [D:\Program Files\Super Rabbit\MagicSet\Widget\RSS.dll]  [Super Rabbit, 3.0.0.0]
    [D:\Program Files\Super Rabbit\MagicSet\Widget\SlideShow.dll]  [Super Rabbit, 3.0.0.0]
    [D:\Program Files\Super Rabbit\MagicSet\Widget\SRDP.dll]  [Super Rabbit, 3.0.0.0]
    [D:\Program Files\Super Rabbit\MagicSet\Widget\SysWatch.dll]  [Super Rabbit, 3.0.0.0]
    [D:\Program Files\Super Rabbit\MagicSet\Widget\Weather.dll]  [Super Rabbit, 3.0.0.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
[PID: 2356 / Administrator][D:\Program Files\TheWorld 2.0\TheWorld.exe]  [Phoenix Studio, 2, 1, 2, 0]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.1.321]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.1.321]
    [D:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
[PID: 820 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2.5\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Documents and Settings\Administrator\桌面\sreng2.5\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.321]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.323]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.321]
    [C:\Documents and Settings\Administrator\桌面\sreng2.5\sreng2\Plugins\NTFSTREAM.SRE]  [Smallfrogs Studio, 1, 0, 0, 5]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  3.joppnqq.com
127.0.0.1  www.868wg.com
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com


==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 492, D:\PROGRAM FILES\STORMII\STORMLIV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1744, D:\PROGRAM FILES\SUPER RABBIT\MAGICSET\DS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3076, D:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3760, D:\PROGRAM FILES\SHUTTER\SHUTTER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3540, D:\PROGRAM FILES\SUPER RABBIT\MAGICSET\SRDSHOW.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2356, D:\PROGRAM FILES\THEWORLD 2.0\THEWORLD.EXE]

==================================
API HOOK
RVA  错误: LoadLibraryA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: GetProcAddress (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)

==================================
隐藏进程
N/A

==================================


[/CODE]
回复

举报

llj4862
发表于 2008-3-1 22:37:12 | 显示全部楼层
木马程序

清理方法:
复制整理恶意程序文件路径,例如:
C:\WINDOWS\atllxrsee.exe
C:\WINDOWS\system32\niluw.dll
C:\WINDOWS\system32\SHICompress.dll
C:\WINDOWS\system32\drivers\msacpe.sys
C:\WINDOWS\system32\drivers\msaclue.sys
然后复制上面整个路径,使用360文件粉碎机(不是360安全卫士里面集成的,是单独的版本)的“导入文件列表”的“粘贴文件列表”,然后“全选”“删除”就OK了。
回复

举报

mgl409
 楼主| 发表于 2008-3-1 23:24:47 | 显示全部楼层
楼上的兄弟 按你说的做了
可是还不行啊
还是在的
还有高招吗?
怎么杀啊
回复

举报

magicx
发表于 2008-3-1 23:28:45 | 显示全部楼层
下个AVG 反间谍,更新病毒库后在安全模式下全盘扫描查杀~~~~~try~~
回复

举报

mgl409
 楼主| 发表于 2008-3-1 23:44:39 | 显示全部楼层
AVG还不行吗?
不过先谢谢楼上的
我先去TRY下
回复

举报

mgl409
 楼主| 发表于 2008-3-1 23:51:36 | 显示全部楼层
AVG反间谍就是AVG吧
我用了还是不行啊
怎么办啊
难道非要全部格盘??
回复

举报

llj4862
发表于 2008-3-2 00:12:50 | 显示全部楼层
原帖由 mgl409 于 2008-3-1 23:24 发表
楼上的兄弟 按你说的做了
可是还不行啊
还是在的
还有高招吗?
怎么杀啊


我倒。。。那是例如。。。。

还有一些东西,你自己要再加上的。。。
LOG搞这么长,还不如贴附件!
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-7-13 16:37 , Processed in 0.138247 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表