第一次用sreng扫描，求大家帮分析~

显示全部楼层 · 发表于 2010-10-14 10:41:55

本帖最后由 chn 于 2010.10.14 10:51 编辑

前几天，遨游浏览器开始疯狂弹出“114”之类的网站，查看进程后发现出现了一个叫“wuauclv.exe”的陌生进程，结束后不再弹窗，但开机重启后又开始自动弹窗，用红伞扫描未发现病毒，搜索文件手动无法删除。于是下载sreng扫描了日志，请大家帮我分析下，有没有办法解决这个问题，谢谢~

显示全部楼层 · 发表于 2010-10-14 10:45:05

先下载windows清理助手清理恶意软件和系统垃圾(注意升级后使用)

然后扫描日志上来:
注意方法:下载SREng
下载之后解压缩,运行SREngLdr.EXE,如果不能运行,可以尝试改名为123.com;
点击“智能扫描”,勾选所有扫描项,勾选“检查进程模块的数字签名”;
然后点击“扫描”;
等待扫描完成,点击“保存报告”;
将日志内容复制到帖子里即可

显示全部楼层 · 发表于 2010-10-14 10:58:02

上传了附件，居然添加不了

显示全部楼层 · 发表于 2010-10-14 11:05:03

本帖最后由 Markel.Scofield 于 2010.10.14 11:05 编辑

回复 3楼 chn 的帖子

直接复制到帖子里不就搞定了，这智商......

显示全部楼层 · 发表于 2010-10-14 11:20:43

回复 4楼 Markel.Scofield 的帖子

[:26:]刚开始一直在弄附件，没看到你的回复，刚去下载清理助手清理了，然后重新扫描了，日志如下：
[CODE]

2010-10-14,11:14:16

System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
<YY><; D:\Program Files\duowan\yy-2.0\Start.exe>  [(Verified)Duowan Entertainment Information Technology (Beijing) Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<nwiz><; C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet>  [(Verified)NVIDIA Corporation]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
< QQPCTray><"C:\Program Files\Tencent\QQPCMgr\QQPCTray.exe" /regrun>  [(Verified)Tencent Technology(Shenzhen) Company Limited]
<avgnt><"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min>  [(Verified)Avira GmbH]
<Beike Antiarp><"D:\Program Files\Beike\Antiarp\beikearpmain.exe" -startup>  [(Verified)Beike Internet Security Technology Co.,Ltd]
<MSConfig><C:\WINDOWS\system32\msconfig.exe /auto>  [(Verified)Microsoft Windows Component Publisher]
<KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [File is missing]
<amd_dc_opt><; C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe>  [AMD]
<RTHDCPL><; RTHDCPL.EXE>  [Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Avira AntiVir MailGuard / AntiVirMailService][Stopped/Disabled]
  <"C:\Program Files\Avira\AntiVir Desktop\avmailc.exe"><Avira GmbH>
[Avira AntiVir Scheduler / AntiVirSchedulerService][Running/Auto Start]
  <"C:\Program Files\Avira\AntiVir Desktop\sched.exe"><Avira GmbH>
[Avira AntiVir Guard / AntiVirService][Running/Auto Start]
  <"C:\Program Files\Avira\AntiVir Desktop\avguard.exe"><Avira GmbH>
[Avira AntiVir WebGuard / AntiVirWebService][Stopped/Disabled]
  <"C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE"><Avira GmbH>
[beikearpsvc / beikearpsvc][Running/Auto Start]
  <D:\Program Files\Beike\Antiarp\beikearpsvc.exe><贝壳网际（北京）安全技术有限公司>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <C:\Program Files\StormII\stormliv.exe /asservice><>
[Help and Support / helpsvc][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[ICBC Daemon Service / ICBC Daemon Service][Stopped/Auto Start]
  <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe><N/A>
[Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start]
  <d:\Program Files\kingsoft\kws\KSWebShield.exe><Kingsoft Corporation>
[Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start]
  <C:\Program Files\kingsoft\KSM3.0\ksmsvc.exe><>
[Kingsoft Antivirus KPP Service / KPPServ][Running/Auto Start]
  <C:\Program Files\kingsoft\kpp3\kppserv.exe><Kingsoft Corporation>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\mnmsrvc.exe><(File is missing)>
[NVIDIA Display Driver Service / nvsvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[QQPCMgr RTP Service / QQPCRTP][Running/Auto Start]
  <C:\Program Files\Tencent\QQPCMgr\QQPCRTP.exe -r><Tencent>
[System Restore Service / srservice][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><N/A>
[Portable Media Serial Number Service / WmdmPmSN][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%COMMONPROGRAMFILES%\Microsoft Shared\DAO\DAO718.dll><N/A>

==================================
驱动程序
[AMD AGP Bus Filter Driver / amdagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[AMD Processor Driver / AmdK8][Running/System Start]
  <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[AMD Low Level Device Driver / AmdLLD][Running/Manual Start]
  <system32\DRIVERS\AmdLLD.sys><AMD, Inc.>
[ASL_DRV / ASL_DRV][Stopped/Manual Start]
  <\??\G:\bin\ASLDRV32.SYS><N/A>
[avgio / avgio][Running/System Start]
  <\??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Auto Start]
  <system32\DRIVERS\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
  <system32\DRIVERS\avipbb.sys><Avira GmbH>
[BC / BC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\BC.sys><Kingsoft Corporation>
[Beike AntiARP NIDS Driver / BeikeAntiarp][Running/Manual Start]
  <system32\DRIVERS\beikearp.sys><贝壳网际（北京）安全技术有限公司>
[BeikeBootCheck / BeikeBootCheck][Running/Boot Start]
  <\SystemRoot\system32\Drivers\beikebc.sys><Beike Internet Security.>
[bootsafe / bootsafe][Running/Boot Start]
  <\SystemRoot\system32\Drivers\bootsafe.sys><>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hptpro / hptpro][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[KAVSafe / KAVSafe][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[KDEKERNEL / KDEKERNEL][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\kdekernel.sys><Kingsoft Corporation>
[krpr / krpr][Stopped/Manual Start]
  <\??\C:\Program Files\kingsoft\KSM3.0\krpr.sys><Kingsoft Corporation>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce 10/100 Mbps Ethernet  / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Manual Start]
  <system32\drivers\nvhda32.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[PSTRIP / PSTRIP][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QqNetflpwControl / QqNetflpwControl][Running/System Start]
  <\??\C:\Program Files\Tencent\QQPCMgr\QMNetflowxp.sys><tencent>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SATALink External Device Filter / SiRemFil][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
[SIS AGP Bus Filter / sisagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[System Restore Filter Driver / sr][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\sr.sys><N/A>
[ssmdrv / ssmdrv][Running/System Start]
  <system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[TcHardWare / TcHardWare][Running/Manual Start]
  <\??\C:\Program Files\Tencent\QQPCMgr\QQPCHW.sys><Tencent>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TCSafeBox / TCSafeBox][Running/System Start]
  <\??\C:\Program Files\Tencent\QQPCMgr\TCSafeBox.sys><TENCENT>
[TSFM / TSFM][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQPCMgr\TSFM.sys><Tencent>
[TSKSP / TSKSP][Running/System Start]
  <\??\C:\Program Files\Tencent\QQPCMgr\TSKsp.sys><Tencent>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[QvodExtend]
  {53AC8551-0DE0-4606-8A1E-A51AF20ADD60} <D:\Downloads\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[CTSWebSiteMon Class]
  {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} <C:\Program Files\Tencent\QQPCMgr\TSWebMon.dat, (Signed) Tencent>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[999W网址导航]
  {C18CB140-0BBB-11D4-8FE8-0088CC102438} <http://www.999w.com/, N/A>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[QvodButton]
  {82D9671E-0B56-4285-92CD-15BC08B883BB} <D:\Downloads\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[Hewlett-Packard Online Support Services]
  {1851174C-97BD-4217-A0CC-E908F60D5B7A} <C:\WINDOWS\DOWNLO~1\HPISDA~1.DLL, (Signed) Hewlett-Packard>
[System Requirements Lab Class]
  {1E54D648-B804-468d-BC78-4AFFED8E262F} <C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll, (Signed) Husdawg, LLC>
[]
  {33564D57-0000-0010-8000-00AA00389B71} <, >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\InputControl.dll, (Signed) >
[InfoSecICBCNetSign Class]
  {B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\DOWNLO~1\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[QvodExtend]
  {53AC8551-0DE0-4606-8A1E-A51AF20ADD60} <D:\Downloads\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[WangWangX Class]
  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <F:\E\淘宝网\淘宝旺旺\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[CTSWebSiteMon Class]
  {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} <C:\Program Files\Tencent\QQPCMgr\TSWebMon.dat, (Signed) Tencent>
[]
  {82D9671E-0B56-4285-92CD-15BC08B883BB} <, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[ICBC Anti-Phishing class]
  {BB4491A2-D11A-4C6B-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[]
  {C18CB140-0BBB-11D4-8FE8-0088CC102438} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

显示全部楼层 · 发表于 2010-10-14 11:21:15

==================================
正在运行的进程
[PID: 896 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 944 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1028 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1072 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 1108 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 1308 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 4.00.1382.5896]
[C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.12.5896]
[C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.12.5896]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[PID: 1364 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1404 / SYSTEM][C:\Program Files\Tencent\QQPCMgr\QQPCRTP.exe]  [Tencent, 4.0.260.400]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[C:\Program Files\Tencent\QQPCMgr\plugins\QMHipsEngine.dll]  [N/A, ]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[C:\Program Files\Tencent\QQPCMgr\dr.dll]  [N/A, ]
[C:\Program Files\Tencent\QQPCMgr\Common.dll]  [Tencent, 1, 55, 1840, 0]
[C:\Program Files\Tencent\QQPCMgr\TSFSEngine.dat]  [Tencent, 2010, 8, 16, 1]
[C:\Program Files\Tencent\QQPCMgr\TSFileFilter.dat]  [tencent, 2007, 12, 5, 01]
[C:\Program Files\Tencent\QQPCMgr\plugins\QMHips.dll]  [N/A, ]
[C:\Program Files\Tencent\QQPCMgr\plugins\QMSafeboxPlugin.dll]  [N/A, ]
[C:\Program Files\Tencent\QQPCMgr\QMSafebox.dat]  [N/A, ]
[C:\Program Files\Tencent\QQPCMgr\TSCUpload.dat]  [TENCENT, 2010, 9, 9, 1]
[C:\Program Files\Tencent\QQPCMgr\TSCNet.dat]  [TENCENT, 2010, 10, 11, 1]
[C:\Program Files\Tencent\QQPCMgr\QQPCHardware.dll]  [Tencent, 4.2.603.400]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 1464 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 1592 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[c:\program files\common files\microsoft shared\dao\dao718.dll]  [N/A, ]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 1752 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 1868 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 164 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[C:\Program Files\kingsoft\kpp3\ksafemon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[C:\Program Files\kingsoft\kpp3\ksmon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
[C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 264 / SYSTEM][d:\Program Files\kingsoft\kws\KSWebShield.exe]  [Kingsoft Corporation, 2010,07,02,8]
[d:\Program Files\kingsoft\kws\kdump.dll]  [Kingsoft Corporation, 2010,08,24,1353]
[d:\Program Files\kingsoft\kws\kwssp.dll]  [Kingsoft Corporation, 2010,09,19,19]
[d:\Program Files\kingsoft\kws\kxebase.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\kingsoft\kws\scom.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\kingsoft\kws\kxecore\kxelog.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\kingsoft\kws\kxecore\kxecore.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\kingsoft\kws\kxecore\kxestat.dll]  [Kingsoft Corporation, 2010,5,12,402]
[d:\Program Files\kingsoft\kws\report\kinfoc.dll]  [Kingsoft Corporation, 2010,05,07,677]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[d:\Program Files\kingsoft\kws\kwsow.dll]  [Kingsoft Corporation, 2010,05,25,180]
[d:\Program Files\kingsoft\kws\KSE\ksecorex.dll]  [Kingsoft Corporation, 2010,08,25,1089]
[d:\Program Files\kingsoft\kws\KSE\kae\kaecore.dat]  [Kingsoft Corporation, 2010,08,31,108]
[d:\Program Files\kingsoft\kws\KSE\wfs.dll]  [Kingsoft Corporation, 2010,08,23,1070]
[d:\Program Files\kingsoft\kws\kwsmot.dll]  [Kingsoft Corporation, 2010,06,28,220]
[d:\Program Files\kingsoft\kws\KSE\sqlite.dll]  [Kingsoft Corporation, 2010,07,05,1194]
[d:\Program Files\kingsoft\kws\KSE\ksbwdet2.dll]  [Kingsoft Corporation, 2010,08,26,1359]
[C:\Program Files\kingsoft\kpp3\ksafemon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[C:\Program Files\kingsoft\kpp3\ksmon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[PID: 280 / SYSTEM][C:\Program Files\kingsoft\KSM3.0\ksmsvc.exe]  [, 2010,07,15,1223]
[C:\Program Files\kingsoft\KSM3.0\kdump.dll]  [Kingsoft Corporation, 2010,10,11,1453]
[C:\Program Files\kingsoft\KSM3.0\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
[C:\Program Files\kingsoft\KSM3.0\kxebase.dll]  [Kingsoft Corporation, 2009,11,20,309]
[C:\Program Files\kingsoft\KSM3.0\scom.dll]  [Kingsoft Corporation, 2009,11,20,309]
[C:\Program Files\kingsoft\KSM3.0\kxecore\kxelog.dll]  [Kingsoft Corporation, 2009,11,20,309]
[C:\Program Files\kingsoft\KSM3.0\kxecore\kxecore.dll]  [Kingsoft Corporation, 2010,5,12,402]
[C:\Program Files\kingsoft\KSM3.0\kxecore\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
[C:\Program Files\kingsoft\KSM3.0\ksmcorex.dll]  [Kingsoft Corporation, 2010,10,08,1445]
[C:\Program Files\kingsoft\KSM3.0\sqlite.dll]  [N/A, ]
[C:\Program Files\kingsoft\KSM3.0\kavquara.dll]  [Kingsoft Corporation, 2010,07,14,924]
[C:\Program Files\kingsoft\KSM3.0\ksecorex.dll]  [Kingsoft Corporation, 2010,09,16,1206]
[C:\Program Files\kingsoft\KSM3.0\kae\kaecore.dat]  [Kingsoft Corporation, 2010,06,30,436]
[C:\Program Files\kingsoft\KSM3.0\ksbwdet2.dll]  [Kingsoft Corporation, 2010,08,26,1359]
[C:\Program Files\kingsoft\KSM3.0\kae\karchive.dat]  [Kingsoft Corporation, 2010,06,30,436]
[C:\Program Files\kingsoft\KSM3.0\kae\kaearcha.dat]  [Kingsoft Corporation, 2010,06,30,436]
[C:\Program Files\kingsoft\KSM3.0\kae\kaeolea.dat]  [Kingsoft Corporation, 2010,03,18,77]
[C:\Program Files\kingsoft\KSM3.0\kae\kaearchb.dat]  [Kingsoft Corporation, 2010,06,30,436]
[C:\Program Files\kingsoft\KSM3.0\ksbwsspx.dll]  [Kingsoft Corporation, 2010,05,27,1072]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[C:\Program Files\kingsoft\KSM3.0\kcldrep.dll]  [Kingsoft Corporation, 2010,09,20,1427]
[C:\Program Files\kingsoft\KSM3.0\kavifr.dll]  [Kingsoft Corporation, 2010,05,25,74]
[PID: 364 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 612 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\sched.exe]  [Avira GmbH, 10.00.00.17]
[C:\Program Files\Avira\AntiVir Desktop\schedr.dll]  [Avira GmbH, 10.00.04.00]
[C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll]  [Avira GmbH, 10.00.00.08]
[C:\Program Files\Avira\AntiVir Desktop\cfglib.dll]  [Avira GmbH, 10.00.13.00]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll]  [, 3.06.19.00]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 632 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\avguard.exe]  [Avira GmbH, 10.00.01.44]
[C:\Program Files\Avira\AntiVir Desktop\libdb44.dll]  [Sleepycat Software, 4.4.20]
[C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll]  [Avira GmbH, 10.00.00.08]
[C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll]  [Avira GmbH, 10.00.07.00]
[C:\Program Files\Avira\AntiVir Desktop\cfglib.dll]  [Avira GmbH, 10.00.13.00]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll]  [, 3.06.19.00]
[C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL]  [Avira GmbH, 10.00.00.00]
[C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll]  [Avira GmbH, 10.00.00.17]
[C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL]  [Avira GmbH, 10.00.01.01]
[C:\Program Files\Avira\AntiVir Desktop\aecore.dll]  [Avira GmbH, 8.1.17.0]
[C:\Program Files\Avira\AntiVir Desktop\aevdf.dll]  [Avira GmbH, 8.1.2.1]
[C:\Program Files\Avira\AntiVir Desktop\aescript.dll]  [Avira GmbH, 8.1.3.45]
[C:\Program Files\Avira\AntiVir Desktop\aescn.dll]  [Avira GmbH, 8.1.6.1]
[C:\Program Files\Avira\AntiVir Desktop\aesbx.dll]  [Avira GmbH, 8.1.3.1]
[C:\Program Files\Avira\AntiVir Desktop\aerdl.dll]  [Avira GmbH, 8.1.9.2]
[C:\Program Files\Avira\AntiVir Desktop\aepack.dll]  [Avira GmbH, 8.2.3.11]
[C:\Program Files\Avira\AntiVir Desktop\unacev2.dll]  [ACE Compression Software, 2.6.0.2]
[C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll]  [Avira GmbH, 8.1.1.8]
[C:\Program Files\Avira\AntiVir Desktop\aeheur.dll]  [Avira GmbH, 8.1.2.33]
[C:\Program Files\Avira\AntiVir Desktop\aehelp.dll]  [Avira GmbH, 8.1.14.0]
[C:\Program Files\Avira\AntiVir Desktop\aegen.dll]  [Avira GmbH, 8.1.3.23]
[C:\Program Files\Avira\AntiVir Desktop\aeemu.dll]  [Avira GmbH, 8.1.2.0]
[C:\Program Files\Avira\AntiVir Desktop\aebb.dll]  [Avira GmbH, 8.1.1.0]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll]  [Avira GmbH, 1.2.0.24]
[PID: 988 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1360 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\avshadow.exe]  [Avira GmbH, 1.0.0.6]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll]  [Avira GmbH, 1.2.0.24]
[PID: 1944 / Administrator][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.12.5896]
[C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.12.5896]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.12.5896]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[PID: 1952 / Administrator][C:\Program Files\Tencent\QQPCMgr\QQPCTray.exe]  [Tencent, 4.2.460.400]
[C:\Program Files\Tencent\QQPCMgr\Common.dll]  [Tencent, 1, 55, 1840, 0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[C:\Program Files\Tencent\QQPCMgr\GF.dll]  [Tencent, 1, 55, 1840, 0]
[C:\Program Files\Tencent\QQPCMgr\xGraphic32.dll]  [Tencent, 1, 55, 1840, 0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[C:\Program Files\Tencent\QQPCMgr\dr.dll]  [N/A, ]
[C:\Program Files\Tencent\QQPCMgr\TSVulEngine.dll]  [Tencent, 2010, 8, 27, 39]
[C:\Program Files\Tencent\QQPCMgr\plugins\QMWebFW.dll]  [N/A, ]
[C:\Program Files\Tencent\QQPCMgr\plugins\QMSafeboxPlugin.dll]  [N/A, ]
[C:\Program Files\Tencent\QQPCMgr\QMSafebox.dat]  [N/A, ]
[C:\Program Files\Tencent\QQPCMgr\TSWebMon.dat]  [Tencent, 2010, 8, 16, 1]
[PID: 1964 / Administrator][C:\Program Files\Avira\AntiVir Desktop\avgnt.exe]  [Avira GmbH, 10.00.13.17]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll]  [Avira GmbH, 10.00.00.17]
[c:\program files\avira\antivir desktop\cfglib.dll]  [Avira GmbH, 10.00.13.00]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[c:\program files\avira\antivir desktop\ccgen.dll]  [Avira GmbH, 10.00.33.00]
[c:\program files\avira\antivir desktop\ccgenrc.dll]  [Avira GmbH, 10.00.33.00]
[c:\program files\avira\antivir desktop\ccguard.dll]  [Avira GmbH, 10.00.28.12]
[c:\program files\avira\antivir desktop\ccgrdrc.dll]  [Avira GmbH, 10.00.29.00]
[c:\program files\avira\antivir desktop\ccgrdw.dll]  [Avira GmbH, 10.00.09.25]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll]  [Avira GmbH, 1.2.0.24]
[c:\program files\avira\antivir desktop\ccupdate.dll]  [Avira GmbH, 10.00.29.09]
[c:\program files\avira\antivir desktop\ccupdrc.dll]  [Avira GmbH, 10.00.29.01]
[c:\program files\avira\antivir desktop\cclic.dll]  [Avira GmbH, 10.00.09.22]
[c:\program files\avira\antivir desktop\cclicrc.dll]  [Avira GmbH, 10.00.09.00]
[c:\program files\avira\antivir desktop\ccmsg.dll]  [Avira GmbH, 10.00.09.34]
[c:\program files\avira\antivir desktop\ccmsgrc.dll]  [Avira GmbH, 10.00.09.00]
[C:\Program Files\Avira\AntiVir Desktop\rcimage.dll]  [Avira GmbH, 10.00.00.32]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[c:\program files\avira\antivir desktop\ccmainrc.dll]  [Avira GmbH, 10.00.11.00]
[C:\Program Files\kingsoft\kpp3\ksafemon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[C:\Program Files\kingsoft\kpp3\ksmon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[PID: 1976 / Administrator][D:\Program Files\Beike\Antiarp\beikearpmain.exe]  [贝壳网际（北京）安全技术有限公司, 2009.12.17.61]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[D:\Program Files\Beike\Antiarp\skylarkd.dll]  [Beike Internet Security., 2009.11.5.179]
[D:\Program Files\Beike\Antiarp\beikecmm.dll]  [贝壳网际（北京）安全技术有限公司, 2009.12.17.61]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 652 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[PID: 2352 / Administrator][C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFWMan.exe]  [Tencent, 2010, 8, 6, 1]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[PID: 2624 / SYSTEM][D:\Program Files\Beike\Antiarp\beikearpsvc.exe]  [贝壳网际（北京）安全技术有限公司, 2009.12.17.61]
[D:\Program Files\Beike\Antiarp\skylarkd.dll]  [Beike Internet Security., 2009.11.5.179]
[D:\Program Files\Beike\Antiarp\beikecmm.dll]  [贝壳网际（北京）安全技术有限公司, 2009.12.17.61]
[D:\Program Files\Beike\Antiarp\beikearpdevc.dll]  [贝壳网际（北京）安全技术有限公司, 2009.11.19.50]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Program Files\Beike\Antiarp\beikenetcfg.dll]  [贝壳网际（北京）安全技术有限公司, 2009.11.5.38]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 2684 / SYSTEM][C:\Program Files\StormII\stormliv.exe]  [, 3, 10, 5, 26]
[C:\Program Files\StormII\StormUpdate.dll]  [, 3, 10, 5, 26]
[C:\Program Files\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[C:\Program Files\StormII\box\BoxLog.dll]  [北京暴风网际科技有限公司, 3, 10, 5, 21]
[PID: 616 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[PID: 2416 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2848 / Administrator][C:\Program Files\TheWorld 2.4\TheWorld.exe]  [Phoenix Studio, 2, 4, 1, 7]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\kingsoft\kpp3\ksafemon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[C:\Program Files\kingsoft\kpp3\ksmon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[d:\Program Files\kingsoft\kws\kswbc.dll]  [Kingsoft Corporation, 2010,08,25,13]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]
[C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx]  [Adobe Systems, Inc., 10,0,32,18]
[PID: 1328 / Administrator][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\kingsoft\kpp3\ksafemon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[C:\Program Files\kingsoft\kpp3\ksmon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[PID: 184 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.407\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
[PID: 2152 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.407\SRE5e06bc71.EXE]  [Smallfrogs Studio, 2.8.2.1321]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\kingsoft\kpp3\ksafemon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[C:\Program Files\kingsoft\kpp3\ksmon.dll]  [Kingsoft Corporation, 2010,01,13,360]
[d:\Program Files\kingsoft\kws\kwsui.dll]  [Kingsoft Corporation, 2010,09,19,19]
[C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506)]
[d:\Program Files\kingsoft\kws\kswebshield.dll]  [Kingsoft Corporation, 2010,09,17,18]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT]  [Tencent, 2010, 9, 15, 1]
[C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulTip.dll]  [Tencent, 2010, 8, 14, 1]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.407\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\GameLink.dll]  [zhanxun co.,ltd, 10, 1, 1, 25]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
Easy2Game-Chain
C:\WINDOWS\system32\GameLink.dll(zhanxun co.,ltd, Network Service Provider)
Easy2Game-Chain
C:\WINDOWS\system32\GameLink.dll(zhanxun co.,ltd, Network Service Provider)
Easy2Game-Chain
C:\WINDOWS\system32\GameLink.dll(zhanxun co.,ltd, Network Service Provider)
Easy2Game-Chain
C:\WINDOWS\system32\GameLink.dll(zhanxun co.,ltd, Network Service Provider)
Easy2Game-Filter
C:\WINDOWS\system32\GameLink.dll(zhanxun co.,ltd, Network Service Provider)
Easy2Game-Filter
C:\WINDOWS\system32\GameLink.dll(zhanxun co.,ltd, Network Service Provider)
Easy2Game-Filter
C:\WINDOWS\system32\GameLink.dll(zhanxun co.,ltd, Network Service Provider)
Easy2Game-Filter
C:\WINDOWS\system32\GameLink.dll(zhanxun co.,ltd, Network Service Provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1    localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1328, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
计划任务
[已启用] 贝壳木马专杀登录扫描任务.job
      C:\Program Files\Beike\Beike Scan\beikescan.exe
[已启用] 贝壳木马专杀每日定时扫描任务.job
      C:\Program Files\Beike\Beike Scan\beikescan.exe

==================================
Windows 安全更新检查
N/A

==================================
API HOOK
入口点错误：NtCreateProcess (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\kingsoft\kpp3\ksmon.dll)
入口点错误：NtCreateProcessEx (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\kingsoft\kpp3\ksmon.dll)
入口点错误：ZwCreateProcess (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\kingsoft\kpp3\ksmon.dll)
入口点错误：ZwCreateProcessEx (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\kingsoft\kpp3\ksmon.dll)
入口点错误：LoadLibraryExW (危险等级: 一般,  被下面模块所HOOK: C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT)
入口点错误：CreateProcessA (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\kingsoft\kpp3\ksmon.dll)
入口点错误：CreateProcessW (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\kingsoft\kpp3\ksmon.dll)
入口点错误：ShellExecuteEx (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\kingsoft\kpp3\ksmon.dll)
入口点错误：ShellExecuteExA (危险等级: 一般,  被下面模块所HOOK: C:\Program Files\kingsoft\kpp3\ksmon.dll)
入口点错误：ShellExecuteExW (危险等级: 一般,  被下面模块所HOOK: d:\Program Files\kingsoft\kws\kswebshield.dll)

==================================
隐藏进程
N/A

==================================

[/CODE]

显示全部楼层 · 发表于 2010-10-14 13:38:43

好久不看这玩意  严重生疏了~~~

大致看了下，下面这个服务应该有问题

[Portable Media Serial Number Service / WmdmPmSN][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%COMMONPROGRAMFILES%\Microsoft Shared\DAO\DAO718.dll><N/A>

下面这个驱动不显示公司，也觉得怪怪的

[bootsafe / bootsafe][Running/Boot Start]
  <\SystemRoot\system32\Drivers\bootsafe.sys><>

显示全部楼层 · 发表于 2010-10-14 13:56:36

C:\WINDOWS\system32\GameLink.dll（这个文件要注意插入了好几个系统文件千万别强删如果扫描后不是病毒就先别管它或者网上搜下如何删除http://help.360.cn/5030809/28177036.html）
C:\WINDOWS\system32\srsvc.dll
这2个文件发到多引擎网站上扫描下http://virscan.org/

1.建议使用XDelBox删除以下文件：(XDelBox1.8下载)
使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择剪贴板导入不检查路径，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。

c:\program files\common files\microsoft shared\dao\dao718.dll
g:\bin\asldrv32.sys

2.删除重启后使用SREng修复下面各项：

启动项目－－服务－－驱动程序之如下项禁用：
[ASL_DRV / ASL_DRV] <\??\G:\bin\ASLDRV32.SYS>

显示全部楼层 · 发表于 2010-10-14 15:55:56

楼主电脑里有Easy2Game这个软件吗，C:\WINDOWS\system32\GameLink.dll貌似是这个软件的，一个外挂吧。
其中，在SREng中将“Winsock 提供者”全部删除，里面都是C:\WINDOWS\system32\GameLink.dll。
以及%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll
   C:\WINDOWS\system32\srsvc.dll
      %COMMONPROGRAMFILES%\Microsoft Shared\DAO\DAO718.dll
      <\SystemRoot\system32\Drivers\bootsafe.sys>
      C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS
      <\SystemRoot\system32\DRIVERS\sr.sys>
这几个比较有问题，方法LS几位大牛都说了，我就不重复！
另外，在浏览器加载项中，删除以下几项:
1.[999W网址导航]
  {C18CB140-0BBB-11D4-8FE8-0088CC102438} <http://www.999w.com/, N/A>
2.[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
3.[System Requirements Lab Class]
  {1E54D648-B804-468d-BC78-4AFFED8E262F} <C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll, (Signed) Husdawg, LLC>
4.[]
  {33564D57-0000-0010-8000-00AA00389B71} <, >
5.[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
      <\??\G:\bin\ASLDRV32.SYS>
6.[]
  {82D9671E-0B56-4285-92CD-15BC08B883BB} <, >
7.[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
8.[]
  {C18CB140-0BBB-11D4-8FE8-0088CC102438} <, >

显示全部楼层 · 发表于 2010-10-15 09:06:09

谢谢大家帮助，以后自己要多多学习了~Easy2Game，印象里似乎没装过，怎么跑我电脑上的

[求助] 第一次用sreng扫描，求大家帮分析~

评分

评分

评分