帮忙看下日志

显示全部楼层 · 发表于 2009-12-31 09:16:50

本帖最后由 jon112233 于 2009-12-31 19:06 编辑

那位高人帮忙看下这个日志有什么问题？

Malwarebytes' Anti-Malware 1.43
数据库版本： 3460
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
2009-12-31 9:21:41
mbam-log-2009-12-31 (09-21-39).txt
扫描类型：快速扫描
被扫描对象数目： 101635
时间过去： 3 minute(s), 59 second(s)
被感染内存进程数目： 0
被感染内存模块数目： 0
被感染注册表项数目： 0
被感染注册表值数目： 1
被感染注册表数据项数目： 6
被感染文件夹数目： 0
被感染文件数目： 2
被感染内存进程数目：
（没有检测到有害项目）
被感染内存模块数目：
（没有检测到有害项目）
被感染注册表项数目：
（没有检测到有害项目）
被感染注册表值数目：
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\disableconfig (Windows.Tool.Disabled) -> No action taken.
被感染注册表数据项数目：
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
被感染文件夹数目：
（没有检测到有害项目）
被感染文件数目：
C:\WINDOWS\syste

显示全部楼层 · 发表于 2009-12-31 11:55:07

用sreng扫描个上来

显示全部楼层 · 发表于 2009-12-31 12:27:46

回复 2# tawny2008

2009-12-31,12:34:31
System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
API HOOK
隐藏进程
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<ACMON><C:\Program Files\ASUS\Splendid\ACMON.exe> [ATK]
<HControl><C:\WINDOWS\ATK0100\HControl.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Wireless Console 2><C:\Program Files\Wireless Console 2\wcourier.exe> []
<Power_Gear><C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1> [File is missing]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<nwiz><nwiz.exe /install> []
<avgnt><"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min> [Avira GmbH]
<Shadow Defender Daemon><"C:\Program Files\Shadow Defender\DefenderDaemon.exe" /auto> [shadowdefender.com]
<AntiLogger><"C:\Program Files\AntiLogger\AntiLogger.exe" /minimized> [(Verified)Zemana Information Technologies Industry Limited]
<AdobeCS4ServiceManager><"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin> [(Verified)Adobe Systems Incorporated]
<Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)Adobe Systems, Incorporated]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Component Publisher]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Component Publisher]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Component Publisher]
<SMSERIAL><; sm56hlpr.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<WebThunder><; > [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<{4F07DA45-8170-4859-9B5F-037EF2970034}><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\System32\logon.scr> [(Verified)Microsoft Windows Component Publisher]
==================================
启动文件夹
N/A
==================================
服务
[a-squared Free Service / a2free][Running/Auto Start]
<"E:\下载\A2USB\a2service.exe"><Emsi Software GmbH>
[Avira AntiVir MailGuard / AntiVirMailService][Stopped/Disabled]
<"C:\Program Files\Avira\AntiVir Desktop\avmailc.exe"><Avira GmbH>
[Avira AntiVir Scheduler / AntiVirSchedulerService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir Desktop\sched.exe"><Avira GmbH>
[Avira AntiVir Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir Desktop\avguard.exe"><Avira GmbH>
[Avira AntiVir WebGuard / AntiVirWebService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE"><Avira GmbH>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Acresso Software Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[iolo FileInfoList Service / ioloFileInfoList][Running/Auto Start]
<C:\Program Files\iolo\common\lib\ioloServiceManager.exe><>
[iolo System Service / ioloSystemService][Running/Auto Start]
<C:\Program Files\iolo\common\lib\ioloServiceManager.exe><>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[TuneUp Designerweiterung / UxTuneUp][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\uxtuneup.dll><TuneUp Software GmbH>
==================================
驱动程序
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
<system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AMD Processor Driver / AmdK8][Running/System Start]
<system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[AntiLog32 / AntiLog32][Running/System Start]
<\??\C:\Program Files\AntiLogger\AntiLog32.sys><Zemana Ltd.>
[Atheros Wireless Network Adapter Service / AR5211][Running/Manual Start]
<system32\DRIVERS\ar5211.sys><Atheros Communications, Inc.>
[ASNDIS5 Protocol Driver / ASNDIS5][Running/Manual Start]
<\??\C:\WINDOWS\ATK0100\ASNDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Auto Start]
<system32\DRIVERS\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><Avira GmbH>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[ISO DVD/CD-ROM Device Driver / ISODrive][Running/System Start]
<\??\C:\Program Files\UltraISO\drivers\ISODrive.sys><EZB Systems, Inc.>
[ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
<system32\DRIVERS\ATKACPI.sys><>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvsmu / nvsmu][Running/Manual Start]
<system32\DRIVERS\nvsmu.sys><NVIDIA Corporation>
[OADriver / OADevice][Stopped/System Start]
<\??\C:\WINDOWS\system32\drivers\OADriver.sys><N/A>
[OAmon / OAmon][Stopped/System Start]
<\??\C:\WINDOWS\system32\drivers\OAmon.sys><N/A>
[OAnet / OAnet][Stopped/System Start]
<\??\C:\WINDOWS\system32\drivers\OAnet.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rimmptsk / rimmptsk][Running/Manual Start]
<system32\DRIVERS\rimmptsk.sys><REDC>
[rimsptsk / rimsptsk][Running/Manual Start]
<system32\DRIVERS\rimsptsk.sys><REDC>
[Ricoh xD-Picture Card Driver / rismxdp][Running/Manual Start]
<system32\DRIVERS\rixdptsk.sys><REDC>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Stopped/Manual Start]
<system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SmartAVS / SmartAVS][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\SmartAVS.sys><All-In-Smart [CWJ]>
[SMSC IrCC Miniport Device Driver / SMCIRDA][Running/Manual Start]
<system32\DRIVERS\smcirda.sys><SMSC>
[smserial / smserial][Running/Manual Start]
<system32\DRIVERS\smserial.sys><Motorola Inc.>
[SRS Labs Premium Sound / SRS_PremiumSound_Service][Stopped/Manual Start]
<system32\drivers\srs_PremiumSound_i386.sys><>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[tmcomm / tmcomm][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\tmcomm.sys><Trend Micro Inc.>
[USB2.0 0.35M WebCam / usbvm321][Running/Manual Start]
<System32\Drivers\usbvm321.sys><Vimicro Corporation>
[WINIO / WINIO][Stopped/Manual Start]
<\??\C:\Program Files\DriveTheLife\winio.sys><N/A>
==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <, >
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, ShenZhen Thunder Networking Technologies,LTD>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} <, >
[]
{962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, >
[OFrameObject Class]
{9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5814.166.(49).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[VersionDetector Class]
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.15.(49).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>
[DapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5814.166.(49).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.58110.250.(410).dll, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 552][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 668][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 696][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\WgaLogon.dll] [, ]
[PID: 740][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 752][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 924][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 972][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
[PID: 1012][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.11]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
[C:\WINDOWS\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1100][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
[PID: 1384][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1504][C:\Program Files\Avira\AntiVir Desktop\sched.exe] [Avira GmbH, 9.00.00.09]
[C:\Program Files\Avira\AntiVir Desktop\schedr.dll] [Avira GmbH, 8.00.05.00]
[C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll] [Avira GmbH, 9.00.00.07]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll] [, 3.06.01.00]
[PID: 1512][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 20]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 16]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 8.0.0.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Shadow Defender\shellext.dll] [shadowdefender.com, 1.1.0.216]
[C:\Program Files\Avira\AntiVir Desktop\shlext.dll] [Avira GmbH, 9.00.00.04]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.8602]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.8602]
[C:\WINDOWS\system32\nvshell.dll] [, ]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\UltraISO\isoshell.dll] [EZB Systems, Inc., 1, 0, 0, 2]
[PID: 1524][C:\Program Files\Avira\AntiVir Desktop\avguard.exe] [Avira GmbH, 9.00.01.32]
[C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll] [Avira GmbH, 9.00.00.07]
[C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll] [Avira GmbH, 9.00.02.00]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll] [, 3.06.01.00]
[C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL] [Avira GmbH, 9.00.03.00]
[C:\Program Files\Avira\AntiVir Desktop\SMTPLIB.DLL] [Avira GmbH, 9.02.00.25]
[C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL] [Avira GmbH, 9.00.01.04]
[C:\Program Files\Avira\AntiVir Desktop\aecore.dll] [Avira GmbH, 8.1.9.1]
[C:\Program Files\Avira\AntiVir Desktop\aevdf.dll] [Avira GmbH, 8.1.1.2]
[C:\Program Files\Avira\AntiVir Desktop\aescript.dll] [Avira GmbH, 8.1.3.4]
[C:\Program Files\Avira\AntiVir Desktop\aescn.dll] [Avira GmbH, 8.1.3.0]
[C:\Program Files\Avira\AntiVir Desktop\aesbx.dll] [Avira GmbH, 8.1.1.1]
[C:\Program Files\Avira\AntiVir Desktop\aerdl.dll] [Avira GmbH, 8.1.3.4]
[C:\Program Files\Avira\AntiVir Desktop\aepack.dll] [Avira GmbH, 8.2.0.3]
[C:\Program Files\Avira\AntiVir Desktop\unacev2.dll] [ACE Compression Software, 2.6.0.2]
[C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll] [Avira GmbH, 8.1.0.38]
[C:\Program Files\Avira\AntiVir Desktop\aeheur.dll] [Avira GmbH, 8.1.0.189]
[C:\Program Files\Avira\AntiVir Desktop\aehelp.dll] [Avira GmbH, 8.1.9.0]
[C:\Program Files\Avira\AntiVir Desktop\aegen.dll] [Avira GmbH, 8.1.1.82]
[C:\Program Files\Avira\AntiVir Desktop\aeemu.dll] [Avira GmbH, 8.1.1.0]
[C:\Program Files\Avira\AntiVir Desktop\aebb.dll] [Avira GmbH, 8.1.0.3]
[C:\Program Files\Avira\AntiVir Desktop\avesvc.dll] [Avira GmbH, 9.00.02.07]
[C:\Program Files\Avira\AntiVir Desktop\avesvcr.dll] [Avira GmbH, 9.00.00.00]
[C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll] [Avira GmbH, 1.00.00.01]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll] [Avira GmbH, 1.1.3.4]
[C:\Program Files\Avira\AntiVir Desktop\webcat.dll] [Avira GmbH, 9.00.14.00]
[PID: 1640][C:\Program Files\ASUS\Splendid\ACMON.exe] [ATK, 1, 0, 4, 221]
[C:\Program Files\ASUS\Splendid\GLCDdll.dll] [, 1, 0, 0, 729]
[C:\Program Files\ASUS\Splendid\Chameleon.dll] [ASUSTeK, 1, 0, 0, 3]
[PID: 1648][C:\WINDOWS\ATK0100\HControl.exe] [, 1043, 2, 15, 58]
[C:\WINDOWS\ATK0100\CMSSC.dll] [N/A, ]
[C:\WINDOWS\ATK0100\inter_f2.dll] [ATK, 1043, 2, 15, 52]
[C:\WINDOWS\ATK0100\ATKWLIOC.DLL] [ACTIONTEC Electronics,Inc, 2.01.02]
[C:\WINDOWS\ATK0100\SiSPkt.dll] [Silicon Integrated Systems Corp., 1, 0, 0, 45]
[C:\WINDOWS\ATK0100\ASUSNET.dll] [, 1, 9, 9, 1]
[C:\WINDOWS\ATK0100\ASW32N50.dll] [Printing Communications Assoc., Inc. (PCAUSA), 5.00.13.50]
[PID: 1656][C:\Program Files\Wireless Console 2\wcourier.exe] [, 2, 0, 2, 0]
[C:\Program Files\Wireless Console 2\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1664][C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe] [ASUSTeK Computer Inc., 1043, 6, 15, 116]
[C:\Program Files\ASUS\Power4 Gear\ATKMETHOD.dll] [ASUSTeK Computer Inc., 1043, 6, 15, 116]
[PID: 1700][C:\WINDOWS\system32\ACEngSvr.exe] [ASUSTeK, 1, 0, 0, 4]
[C:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1776][C:\Program Files\Avira\AntiVir Desktop\avgnt.exe] [Avira GmbH, 9.00.00.12]
[C:\Program Files\Avira\AntiVir Desktop\cclib.dll] [Avira GmbH, 9.00.00.10]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[c:\program files\avira\antivir desktop\ccgen.dll] [Avira GmbH, 9.00.00.35]
[c:\program files\avira\antivir desktop\ccgenrc.dll] [Avira GmbH, 9.00.17.01]
[c:\program files\avira\antivir desktop\ccguard.dll] [Avira GmbH, 9.00.00.19]
[c:\program files\avira\antivir desktop\ccgrdrc.dll] [Avira GmbH, 9.00.06.02]
[c:\program files\avira\antivir desktop\avipc.dll] [Avira GmbH, 1.1.3.4]
[c:\program files\avira\antivir desktop\ccupdate.dll] [Avira GmbH, 9.00.00.16]
[c:\program files\avira\antivir desktop\ccupdrc.dll] [Avira GmbH, 9.00.06.01]
[c:\program files\avira\antivir desktop\cclic.dll] [Avira GmbH, 9.00.00.06]
[c:\program files\avira\antivir desktop\cclicrc.dll] [Avira GmbH, 9.00.01.00]
[c:\program files\avira\antivir desktop\ccwgrd.dll] [Avira GmbH, 9.00.00.17]
[c:\program files\avira\antivir desktop\ccwgrdrc.dll] [Avira GmbH, 9.00.07.00]
[c:\program files\avira\antivir desktop\ccmsg.dll] [Avira GmbH, 9.00.02.01]
[PID: 1784][C:\Program Files\Shadow Defender\DefenderDaemon.exe] [shadowdefender.com, 1, 1, 0, 216]
[PID: 1812][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 588][E:\下载\A2USB\a2service.exe] [Emsi Software GmbH, 4.5.0.31]
[PID: 604][C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE] [Avira GmbH, 9.0.5.0]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll] [Avira GmbH, 1.1.3.4]
[C:\Program Files\Avira\AntiVir Desktop\msgclient.dll] [Avira GmbH, 9.00.00.00]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
[PID: 176][C:\Program Files\iolo\common\lib\ioloServiceManager.exe] [, ]
[C:\Program Files\iolo\Common\Lib\fbembed.dll] [The Firebird Project, WI-V1.5.2.4731]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
[PID: 1040][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8602]
[PID: 1836][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2272][C:\WINDOWS\ATK0100\ATKOSD.exe] [, 1043, 2, 15, 57]
[PID: 2296][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
[PID: 1444][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll] [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
[PID: 508][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 20]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 16]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
[C:\WINDOWS\system32\macromed\flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0]
[C:\WINDOWS\system32\GOOGLEPINYIN2.IME] [Google Inc., 2.1.9.59]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll] [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
[PID: 3092][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3520][C:\Documents and Settings\yEL@ng\桌面\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321]
[PID: 3532][C:\Documents and Settings\yEL@ng\桌面\SREc34be30.EXE] [Smallfrogs Studio, 2.8.2.1321]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 3244][C:\Documents and Settings\yEL@ng\桌面\SREc34be30.EXE] [Smallfrogs Studio, 2.8.2.1321]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Documents and Settings\yEL@ng\桌面\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\Program Files\Avira\AntiVir Desktop\avsda.dll] [Avira GmbH, 9.00.01.01]
==================================
文件关联
.TXT Error. []
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [NOTEPAD.EXE %1]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS Error. [NOTEPAD.EXE %1]
.JS Error. []
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
AVSDA over [MSAFD Tcpip [TCP/IP]]
C:\Program Files\Avira\AntiVir Desktop\avsda.dll(Avira GmbH, AntiVir layered service provider)
AVSDA over [MSAFD Tcpip [UDP/IP]]
C:\Program Files\Avira\AntiVir Desktop\avsda.dll(Avira GmbH, AntiVir layered service provider)
AVSDA
C:\Program Files\Avira\AntiVir Desktop\avsda.dll(Avira GmbH, AntiVir layered service provider)
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 696, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1504, C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\SCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1524, C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\AVGUARD.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1640, C:\PROGRAM FILES\ASUS\SPLENDID\ACMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1656, C:\PROGRAM FILES\WIRELESS CONSOLE 2\WCOURIER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1664, C:\PROGRAM FILES\ASUS\POWER4 GEAR\BATTERYLIFE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1700, C:\WINDOWS\SYSTEM32\ACENGSVR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1776, C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\AVGNT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1784, C:\PROGRAM FILES\SHADOW DEFENDER\DEFENDERDAEMON.EXE]
==================================
计划任务
[已启用] AWC AutoSweep.job
C:\Program Files\IObit\Advanced SystemCare 3\AutoSweep.exe
[已启用] 12-27-2009_190200.job
C:\Program Files\Spyware Cease\SpywareCease.exe
==================================
Windows 安全更新检查
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

复制代码

显示全部楼层 · 发表于 2009-12-31 18:54:48

回复 3# jon112233

不知道你想问什么，日志没什么问题

显示全部楼层 · 发表于 2009-12-31 18:57:12

回复 4# tawny2008

其实我是问一楼的扫描出来的东西是什么？是不是误报

显示全部楼层 · 发表于 2009-12-31 19:01:07

本帖最后由 tawny2008 于 2009-12-31 19:02 编辑

回复 5# jon112233

一楼的日志是因为你自己改了一些文件关联，所以才报的，在sreng日志里面看出来了，另外一些是你的杀软改的，100%误报。

显示全部楼层 · 发表于 2009-12-31 19:04:45

本帖最后由 jon112233 于 2010-1-6 19:00 编辑

回复 6# tawny2008
很好，感谢你的解答[:27:]

[已解决] 帮忙看下日志

浏览过的版块