收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 软件区 解疑答难区 求助
返回列表 发新帖
查看: 1688|回复: 1
收起左侧

[已解决] 求助

 关闭 [复制链接]
wook117
发表于 2007-4-4 18:49:15 | 显示全部楼层 |阅读模式
各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2007-04-04  18:43:47
诊断平台: Microsoft Windows XP  Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:511MB - 当前可用内存:17MB
100 - 未知 - Process: smss.exe [] - C:\WINDOWS\system32\ShellExt\smss.exe
100 - 未知 - Process: KASStart.exe [Kingsoft System Cleaner Security Center] - C:\Program Files\Kingsoft\KSysCleaner\KASStart.EXE
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.hao123.com/
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=
O2 - 未知 - BHO: (Thunder Browser Helper) - [XunLeiBHO] - {4E83D566-4697-4F7B-B1F0-A513B01DB89A} - E:\讯雷5\ComDlls\XunLeiBHO_007.dll
O4 - 未知 - HKCU\..\Run: [KASStart] [Kingsoft System Cleaner Security Center] "C:\Program Files\Kingsoft\KSysCleaner\KASStart.EXE" -Startup
O4 - 未知 - Startup folder: [eEye Windows Animated Cursor Patch Checker.lnk] [] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\eEye Windows Animated Cursor Patch Checker.lnk
O8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 - E:\QQ2007\AddToNetDisk.htm
O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 - E:\QQ2007\AddPanel.htm
O8 - 未知 - Extra context menu item: 添加到QQ表情 - E:\QQ2007\AddEmotion.htm
O8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 - E:\QQ2007\SendMMS.htm
O9 - 未知 - Extra button: 启动迅雷5(HKLM) - E:\讯雷5\Thunder.exe
O9 - 未知 - Extra button: 番茄花园(HKLM) - [url=http://www.tomatolei.comhttp://www.tomatolei.com[/color[/url]]
O18 - 未知 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - E:\PROGRA~1\KuGoo3\InExtend\KUGOO3~1.OCX
O28 - 未知 - IELINK: C:\DOCUME~1\ADMINI~1\「开始~1\程序\一键还~1\INTERN~1.LNK - [url=http://www.37021.netwww.37021.net[/color[/url]]
=======================================
100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: conime.exe [console ime ime输入法控制台软件。] - C:\WINDOWS\system32\conime.exe
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: 360tray.exe [360安全卫士实时监控程序。] - C:\Program Files\360safe\safemon\360tray.exe
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: VnetClient.exe [vnet虚拟拨号软件,用于adsl宽带拨号。] - C:\Program Files\ChinaNet\VnetClient.exe
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: nvsvc32.exe [nvidia driver helper service在nvida显卡驱动中被安装。] - C:\WINDOWS\system32\nvsvc32.exe
100 - 安全 - Process: wdfmgr.exe [windows media player播放器相关程序。] - C:\WINDOWS\system32\wdfmgr.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - C:\Program Files\360safe\360safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
O2 - 安全 - BHO: (VnetCookie Class) - [星空极速, 拨号软件。] - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O4 - 安全 - HKLM\..\Run: [NvCplDaemon] [是NVIDIA显示卡相关动态链接库文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 安全 - HKLM\..\Run: [kav] [卡巴斯基杀毒软件相关程序。] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] C:\Program Files\360safe\safemon\360tray.exe
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O4 - 安全 - Startup folder: [星空极速.lnk] [星空极速拨号客户端。] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\星空极速.lnk
O8 - 安全 - Extra context menu item: &使用迅雷下载 - E:\讯雷5\Program\geturl.htm
O8 - 安全 - Extra context menu item: &使用迅雷下载全部链接 - E:\讯雷5\Program\getallurl.htm
O9 - 安全 - Extra button: 卡巴斯基Web反病毒保护插件(HKLM) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O23 - 安全 - Service: AVP [卡巴斯基杀毒软件相关程序。] - "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r - (running)
O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe - (running)
=======================================
O40 - winlogon.exe - Kaspersky Lab - C:\WINDOWS\system32\klogon.dll - Logon Visualizer - 7072750eb5c0f0cd54b48f972855ca61
O40 - Explorer.EXE - Thunder Networking Technologies,LTD - E:\讯雷5\ComDlls\XunLeiBHO_007.dll - XunLeiBHO - f86be67dc96656afec3e74784f9546a9
O40 - Explorer.EXE -  - E:\QQ2007\qdshm.dll - QQDiskShellMenu Module - fcda465ddd728fc39c264380e9fb06c5
O40 - Explorer.EXE - Microsoft Corporation - E:\QQ2007\MFC42.DLL - MFCDLL Shared Library - Retail Version - 07a87ef9849e4f340fe7de2d8acda639
O40 - Explorer.EXE - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll - Windows Shell Extension - 62281a8da78c81f4f4695c3de52ba680
=======================================
O41 - kl1 - Kaspersky Unified Driver - C:\WINDOWS\system32\drivers\kl1.sys - (running) - Kaspersky Unified Driver - Kaspersky Lab - 5445b03cd42dedf5f85b9daf712fdd09
O41 - klif - spuper-ptor - C:\WINDOWS\system32\drivers\klif.sys - (running) - spuper-ptor - Kaspersky Lab - 2985985b39e13643f941b6396fb915dd
O41 - NPF - NPF Driver - TME extensions - C:\WINDOWS\system32\drivers\npf.sys - (running) - NPF Driver - TME extensions - Politecnico di Torino - f498c5c3399a60933196fc215ef074f9
O41 - npkcrypt - nProtect KeyCrypt Driver - E:\QQ2007\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - nvcap - NVIDIA WDM Video Capture (universal) - C:\WINDOWS\system32\drivers\NVCAP.SYS - (running) - NVIDIA WDM Video Capture (universal) - NVIDIA Corporation - 160c8b784f1ab7f7f14836ef507347cb
O41 - NVXBAR - NVIDIA WDM A/V Crossbar - C:\WINDOWS\system32\drivers\NVXBAR.SYS - (running) - NVIDIA WDM A/V Crossbar - NVIDIA Corporation - aab8a15ca89a1972904037ba583591f0
=======================================
360Shell.exe=1.0.1.2002
360Safe.exe=3.2.1.1001
AntiAdwa.dll=3.2.0.1001
AntiEng.dll=3.0.2.2000
AntiActi.dll=2.0.0.3000
CleanHis.dll=3.0.2.1000
safelive.exe=1.0.0.2007
live.dll=1.0.0.1011
=======================================
操作历史报告:
----------查杀恶意软件历史----------
2007-04-03 14:47
查杀恶意软件 - 灰鸽子变种0006 - 危险 - C:\WINDOWS\HACKER~1.EXE
2007-04-04 18:16
查杀恶意软件 - 灰鸽子变种残留 - 危险 - C:\WINDOWS\Delete.BAT

=======================================
360安全卫士,彻底查杀各种流氓软件,全面保护系统安全,并赠送正版卡巴斯基V6.0
最新免费下载:http://www.360safe.com
回复

举报

wook117
 楼主| 发表于 2007-4-4 18:49:48 | 显示全部楼层
不够 还有SRE扫描的



  3. 2007-04-04,18:28:31

  5. System Repair Engineer 2.4.12.806
  6. Smallfrogs ([url]http://www.KZTechs.com[/url])

  8. Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

  10. 以下内容被选中:
  11.     所有的启动项目(包括注册表、启动文件夹、服务等)
  12.     浏览器加载项
  13.     正在运行的进程(包括进程模块信息)
  14.     文件关联
  15.     Winsock 提供者
  16.     Autorun.inf
  17.     HOSTS 文件


  20. 启动项目
  21. 注册表
  22. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  23.     <KASStart><"C:\Program Files\Kingsoft\KSysCleaner\KASStart.EXE" -Startup>  [Kingsoft Corporation]
  24.     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
  25. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  26.     <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
  27.     <kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
  28.     <360Safetray><C:\Program Files\360safe\safemon\360tray.exe>  [奇虎网]
  29. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  30.     <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
  31.     <Userinit><c:\windows\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
  32.     <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
  33. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
  34.     <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]

  36. ==================================
  37. 启动文件夹
  38. [eEye Windows Animated Cursor Patch Checker]
  39.   <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\eEye Windows Animated Cursor Patch Checker.lnk --> C:\PROGRA~1\EEYEDI~1\WINDOW~1.ANI\ANIPAT~1.EXE [eEye Digital Security]><N>
  40. [星空极速]
  41.   <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\星空极速.lnk --> C:\PROGRA~1\ChinaNet\VNETCL~1.EXE []><N>

  43. ==================================
  44. 服务
  45. [ApplicationExperience / AeLookupSvc][Stopped/Auto Start]
  46.   <C:\WINDOWS\Help\April><N/A>
  47. [卡巴斯基反病毒6.0 / AVP][Running/Auto Start]
  48.   <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
  49. [Human Interface Device Access / HidServ][Stopped/Disabled]
  50.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  51. [NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  52.   <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

  54. ==================================
  55. 驱动程序
  56. [Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  57.   <system32\drivers\ALCXSENS.SYS><Sensaura>
  58. [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  59.   <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
  60. [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
  61.   <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
  62. [kl1 / kl1][Running/Boot Start]
  63.   <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
  64. [klif / klif][Running/System Start]
  65.   <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
  66. [Netgroup Packet Filter / NPF][Running/Manual Start]
  67.   <system32\drivers\npf.sys><Politecnico di Torino>
  68. [npkcrypt / npkcrypt][Running/Auto Start]
  69.   <\??\E:\QQ2007\npkcrypt.sys><INCA Internet Co., Ltd.>
  70. [nv / nv][Running/Manual Start]
  71.   <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
  72. [nVidia WDM Video Capture (universal) / nvcap][Running/Auto Start]
  73.   <system32\DRIVERS\nvcap.sys><NVIDIA Corporation>
  74. [nVidia WDM A/V Crossbar / NVXBAR][Running/Auto Start]
  75.   <system32\DRIVERS\NVxbar.sys><NVIDIA Corporation>
  76. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  77.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  78. [Secdrv / Secdrv][Stopped/Manual Start]
  79.   <system32\DRIVERS\secdrv.sys><N/A>
  80. [ViaIde / ViaIde][Running/Boot Start]
  81.   <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
  82. [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  83.   <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
  84. [555031 / 555031][Running/]
  85.   <2 - 系统找不到指定的文件。
  86. ><N/A>

  88. ==================================
  89. 浏览器加载项
  90. [Thunder Browser Helper]
  91.   {4E83D566-4697-4F7B-B1F0-A513B01DB89A} <E:\讯雷5\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
  92. [VnetCookie Class]
  93.   {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
  94. [NavigatMon Class]
  95.   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
  96. [启动迅雷5]
  97.   {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <E:\讯雷5\Thunder.exe, Thunder Networking Technologies,LTD>
  98. [Web反病毒保护]
  99.   {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
  100. [番茄花园]
  101.   {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <[url]http://www.tomatolei.com[/url], N/A>
  102. [PowerList Control]
  103.   {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\PROGRA~1\PPStream\POWERL~1.OCX, PPStream.com>
  104. [Windows Media Player]
  105.   {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
  106. [HTML Document]
  107.   {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
  108. [Thunder Browser Helper]
  109.   {4E83D566-4697-4F7B-B1F0-A513B01DB89A} <E:\讯雷5\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
  110. [VnetCookie Class]
  111.   {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
  112. [Shell Name Space]
  113.   {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
  114. [PowerPlayer Control]
  115.   {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\PROGRA~1\PPStream\POWERP~1.DLL, PPStream Inc.>
  116. [Microsoft Web 浏览器]
  117.   {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
  118. [Thunder Browser Helper]
  119.   {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\讯雷5\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
  120. [Microsoft Scriptlet Component]
  121.   {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
  122. [NavigatMon Class]
  123.   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
  124. [RDS.DataSpace]
  125.   {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
  126. [Shockwave Flash Object]
  127.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
  128. [&使用迅雷下载]
  129.   <E:\讯雷5\Program\geturl.htm, N/A>
  130. [&使用迅雷下载全部链接]
  131.   <E:\讯雷5\Program\getallurl.htm, N/A>
  132. [上传到QQ网络硬盘]
  133.   <E:\QQ2007\AddToNetDisk.htm, N/A>
  134. [添加到QQ自定义面板]
  135.   <E:\QQ2007\AddPanel.htm, N/A>
  136. [添加到QQ表情]
  137.   <E:\QQ2007\AddEmotion.htm, N/A>
  138. [用QQ彩信发送该图片]
  139.   <E:\QQ2007\SendMMS.htm, N/A>

  141. ==================================
  142. 正在运行的进程
  143. [PID: 612][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  144. [PID: 688][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  145. [PID: 712][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  146.     [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
  147.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  148. [PID: 756][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  149. [PID: 768][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  150. [PID: 928][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  151. [PID: 1008][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  152. [PID: 1120][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  153. [PID: 1476][C:\WINDOWS\system32\ShellExt\smss.exe]  [FREE, 1.00]
  154.     [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
  155. [PID: 1500][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  156.     [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  157.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  158.     [E:\讯雷5\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
  159. [PID: 1600][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  160. [PID: 1828][C:\Program Files\360safe\safemon\360tray.exe]  [奇虎网, 3, 2, 1, 1001]
  161.     [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  162.     [C:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 3, 2, 0, 1001]
  163.     [C:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 3, 2, 0, 1001]
  164. [PID: 1836][C:\Program Files\Kingsoft\KSysCleaner\KASStart.EXE]  [Kingsoft Corporation, 2006, 11, 22, 14]
  165.     [C:\Program Files\Kingsoft\KSysCleaner\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
  166.     [C:\Program Files\Kingsoft\KSysCleaner\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  167.     [C:\Program Files\Kingsoft\KSysCleaner\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
  168.     [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  169.     [C:\Program Files\Kingsoft\KSysCleaner\PopSprt3.dll]  [Kingsoft Corporation, 2006, 8, 7, 38]
  170. [PID: 1844][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  171. [PID: 1876][C:\Program Files\ChinaNet\VnetClient.exe]  [, 2006, 6, 30, 11]
  172.     [C:\Program Files\ChinaNet\Communicate.dll]  [GDCN, 2006, 2, 15, 1]
  173.     [C:\Program Files\ChinaNet\DialModule.dll]  [GDCN, 2006, 7, 25, 15]
  174.     [C:\Program Files\ChinaNet\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
  175.     [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  176.     [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]  [, 2004, 2, 28, 1]
  177.     [C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX]  [, 2006, 6, 2, 14]
  178.     [C:\PROGRA~1\ChinaNet\sign.dll]  [0, 2004, 12, 1, 1]
  179.     [C:\PROGRA~1\ChinaNet\PostPlug.dll]  [, 2004, 12, 16, 2]
  180.     [C:\PROGRA~1\ChinaNet\ADVERT~1.OCX]  [, 2006, 2, 20, 1]
  181.     [C:\PROGRA~1\ChinaNet\VnetBs.ocx]  [, 2004, 11, 18, 1]
  182.     [C:\PROGRA~1\ChinaNet\VnetSkin.ocx]  [GDDC, 2005, 12, 21, 1]
  183.     [C:\PROGRA~1\ChinaNet\DialogStyle.dll]  [, 1, 0, 0, 1]
  184.     [C:\PROGRA~1\ChinaNet\BDSearch.ocx]  [gdcn, 2005, 12, 22, 1]
  185.     [C:\PROGRA~1\ChinaNet\PageFram.ocx]  [Workgroup, 2006, 9, 21, 21]
  186.     [C:\PROGRA~1\ChinaNet\AccPage.ocx]  [, 6, 12, 6, 11]
  187.     [C:\PROGRA~1\ChinaNet\AccountMgr.dll]  [, 2006, 5, 26, 11]
  188.     [C:\PROGRA~1\ChinaNet\Timer.ocx]  [, 2006, 12, 5, 17]
  189.     [C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX]  [, 2006, 4, 4, 1]
  190.     [C:\PROGRA~1\ChinaNet\NEWMES~1.DLL]  [, 2006, 12, 5, 11]
  191.     [C:\PROGRA~1\ChinaNet\PassCtrl.dll]  [GDCN, 2006, 3, 1, 16]
  192.     [C:\WINDOWS\system32\wpcap.dll]  [Politecnico di Torino, 3, 0, 0, 18]
  193.     [C:\WINDOWS\system32\pthreadVC.dll]  [N/A, ]
  194.     [C:\WINDOWS\system32\packet.dll]  [Politecnico di Torino, 3, 0, 0, 18]
  195.     [C:\PROGRA~1\ChinaNet\PlugPush.dll]  [, 2004, 12, 21, 1]
  196.     [C:\PROGRA~1\ChinaNet\ALLINT~1.DLL]  [, 2006, 7, 19, 14]
  197.     [C:\PROGRA~1\ChinaNet\VNETLO~1.OCX]  [, 2006, 11, 19, 14]
  198.     [C:\PROGRA~1\ChinaNet\StatNum.dll]  [, 2006, 11, 10, 17]
  199.     [C:\PROGRA~1\ChinaNet\VNETON~1.OCX]  [, 2005, 3, 2, 1]
  200.     [C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL]  [GDCN, 2006, 8, 23, 16]
  201.     [C:\PROGRA~1\ChinaNet\VnetOptLog.dll]  [ , 2006, 5, 10, 14]
  202.     [C:\PROGRA~1\ChinaNet\DlgSkin.ocx]  [, 2005, 11, 14, 1]
  203.     [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
  204.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  205.     [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
  206.     [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
  207.     [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
  208.     [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
  209.     [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.304]
  210.     [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
  211.     [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
  212.     [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
  213.     [D:\杀软\SREng.com]  [Smallfrogs Studio, 2.4.12.806]
  214.     [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]

  216. ==================================
  217. 文件关联
  218. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  219. .EXE  OK. ["%1" %*]
  220. .COM  OK. ["%1" %*]
  221. .PIF  OK. ["%1" %*]
  222. .REG  OK. [regedit.exe "%1"]
  223. .BAT  OK. ["%1" %*]
  224. .SCR  OK. ["%1" /S]
  225. .CHM  OK. ["C:\WINDOWS\hh.exe" %1]
  226. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  227. .INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  228. .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  229. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  230. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  231. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]

  233. ==================================
  234. Winsock 提供者
  235. N/A

  237. ==================================
  238. Autorun.inf
  239. N/A

  241. ==================================
  242. HOSTS 文件
  243. 127.0.0.1       localhost

  245. ==================================
  246. API HOOK
  247. RVA  错误: LoadLibraryA (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF69C7B25)
  248. RVA  错误: LoadLibraryExA (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF69C7D67)
  249. RVA  错误: LoadLibraryExW (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF69C7F0B)
  250. RVA  错误: LoadLibraryW (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF69C7C49)
  251. 入口点错误:CreateProcessA (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\360safe\safemon\safemon.dll)
  252. 入口点错误:CreateProcessW (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\360safe\safemon\safemon.dll)
  253. RVA  错误: GetProcAddress (危险等级: 高,  被下面模块所HOOK: Dest Addr: 0xF69C7E8F)

  255. ==================================
  256. 隐藏进程
  257.     [468] C:\Program Files\Internet Explorer\IEXPLORE.EXE

  259. ==================================


复制代码








还有  我机子最近  重起都是非法关机的提示
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-24 23:59 , Processed in 0.133130 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表