查看: 5454|回复: 5
收起左侧

[已解决] 乱码加崩溃,大大救救我

 关闭 [复制链接]
jasonsimon36
发表于 2010-11-22 22:35:08 | 显示全部楼层 |阅读模式
本帖最后由 jasonsimon36 于 2010-11-22 22:38 编辑

最近不知道怎么的,开机变慢了,闪讯拨号后会假死半分钟,更要命的时候,用着用着突然软件都假死,文件名,盘符路径开始出现框框一样的乱码,鼠标可移动,连杀软点一下又说不是不是什么32系统的应用程序,重启后又恢复正常,用360,金山都扫描过,都系统修复过,windows清理助手也扫了,没毒啊,怎么回事啊,救救我


2010-11-21,22:29:28

SysLog Scanner 3.1 - build 20100608
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600)


================================================================
注册项


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <UnlockerAssistant> <"C:\Program Files\Unlocker\UnlockerAssistant.exe"> [N/A]
    <Netkeeper1.0> <D:\Program files\ChinaNetSn\bin\NetKeeper.exe> [XI AN XINLI SOFTWARE TECHNOLOGY CO.,LTD, 0, 0, 5, 1]
    <kxesc> <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxetray.exe" -autorun> [(Verified)Kingsoft Corporation, 2010,10,21,1314]
    <KSafeTray> <"C:\Program Files\KSafe\KSafeTray.exe" -autorun> [(Verified)Kingsoft Corporation, 2.1.0.1025]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs]
    <uxtheme> <uxtheme.dll> [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
    <AtiExtEvent> <Ati2evxx.dll> [ATI Technologies Inc., 6.14.10.4177]
    <WBSrv> <D:\WindowBlinds\WindowBlinds\wbsrv.dll> []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components]
    <{89B4C1CD-B018-4511-B0A1-5476DBF70820}> <C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <&使用优蛋下载> <D:\Program files\UDown\getUrl.htm> [N/A]
    <&使用优蛋下载全部链接> <D:\Program files\UDown\getAllUrl.htm> [N/A]
    <Add to Google Photos Screensa&ver> <res://C:\WINDOWS\system32\GPhotos.scr/200> [Google Inc., 3.6.105.67]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <添加到QQ表情> <D:\Program files\TM2009\Bin\AddEmotion.htm> [N/A]

================================================================
启动组


================================================================
任务计划


================================================================
组件


--------------------------------
Shell Extension
    [Display Panning CPL Extension]
        <{42071714-76d4-11d1-8b24-00a0c9068ff3}> <deskpan.dll> []
    [HyperTerminal Icon Ext]
        <{88895560-9AA2-1069-930E-00AA0030EBC8}> <C:\WINDOWS\system32\hticons.dll> [(Verified)Hilgraeve, Inc., 5.1.2600.0]
    [任务栏和「开始」菜单]
        <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> []
    [HaoZip Shell Extension]
        <{5FED836A-C96C-4d88-A91E-F63F07726585}> <D:\Program Files\HaoZip\HaoZipExt.dll> [(Verified)好压软件工作室, 2.0.1.4930]
    [ShellLink for Application References]
        <{e82a2d71-5b2f-43a0-97b8-81be15854de8}> <C:\WINDOWS\system32\dfshim.dll> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]

--------------------------------
Protocols
    [Cor MIME Filter, CorFltr, CorFltr 1]
        <{1E66F26B-79EE-11D2-8710-00C04F79ED0D}> <mscoree.dll> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    []
        <{6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}> <> []

--------------------------------
Context Menu
    [duba_32bit]
        <{D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4}> <C:\Program Files\Kingsoft\Kingsoft Antivirus\kavmenu.dll> [(Verified)Kingsoft Corporation, 2010,05,29,742]
    [HaoZip]
        <{5FED836A-C96C-4d88-A91E-F63F07726585}> <D:\Program Files\HaoZip\HaoZipExt.dll> [(Verified)好压软件工作室, 2.0.1.4930]
    [QvodMenu]
        <{9F44453E-1E46-4D5C-B57C-112FF2EDAE82}> <d:\Program Files\QvodPlayer\QvodBand.dll> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0]

--------------------------------
BrowserHelperObject
    [迅雷下载支持]
        <{889D2FEB-5411-4565-8998-1DD2C5261283}> <D:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.0.1962.dll> [(Verified)深圳市迅雷网络技术有限公司, 7,1,0,1962]

--------------------------------
ActiveX Extension
    [WWPicUploadCtrl Class]
        <{1D63232D-4F15-4A42-890D-EE617AA1537D}> <D:\Program files\AliWangWang\modules\1685\WWPictureUpload.dll> [Alibaba software (Shanghai) Corporation, 1.0.0.1]
    [GDGetTokenInfo Class]
        <{3AA9CF07-DF20-48FF-98BE-DED276E40146}> <C:\WINDOWS\system32\GDREAD~1.DLL> [Copyright 2007, 1, 0, 0, 2]
    [Agent Class]
        <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> <D:\Program Files\Thunder Network\Thunder\BHO\ThunderAgent7.1.0.1962.dll> [(Verified)深圳市迅雷网络技术有限公司, 7,1,0,1962]
    [EditCtrl Class]
        <{488A4255-3236-44B3-8F27-FA1AECAA8844}> <C:\WINDOWS\system32\aliedit\aliedit.dll> [(Verified)Copyright 2008, 2, 2, 0, 1]
    [WangWangX Class]
        <{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}> <D:\Program files\AliWangWang\AliIMX.dll> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [InfoSecNetSign Class]
        <{62B938C4-4190-4F37-8CF0-A92B0A91CC77}> <C:\WINDOWS\system32\netsign.dll> [Infosec Technologies Co., Ltd., 1, 2, 0, 1]
    [AxInputControl Class]
        <{73E4740C-08EB-4133-896B-8D0A7C9EE3CD}> <C:\WINDOWS\system32\InputControl.dll> [Copyright 2003, 1, 0, 0, 13]
    [XunleiBHO Class]
        <{802F530B-A8F6-4631-AE49-6BACAAC6373E}> <D:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.0.1962.dll> [(Verified)深圳市迅雷网络技术有限公司, 7,1,0,1962]
    [AxSubmitControl Class]
        <{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}> <C:\WINDOWS\system32\SubmitControl.dll> [Copyright 2003, 1, 0, 0, 6]
    [SSOForPTLogin Class]
        <{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B}> <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll> [(Verified)Tencent, 1.0.0.3]
    [OFrameObject Class]
        <{9701758C-4373-482E-B13C-776C048EC890}> <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5927.310.(214).dll> [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 3, 5927, 310]
    [VersionDetector Class]
        <{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B}> <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.32.(107).dll> [(Verified)ShenZhen Thunder Networking Technologies,Ltd., 1, 1, 0, 32]
    [APlayer Control]
        <{A9322148-C691-4B9D-91FC-B9C461DBE9DD}> <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll> [(Verified)ShenZhen Thunder Networking Technologies, LTD, 2.1.5.320]
    [InfoSecICBCNetSign Class]
        <{B1FBC1AD-5644-4084-882A-0F8BA85E7506}> <C:\WINDOWS\system32\ICBC_N~1.DLL> [(Verified)Infosec Technologies Co., Ltd., 1, 0, 75, 3]
    [FTNUpload Class]
        <{BDEACC50-F56D-4D60-860F-CF6ED1766D65}> <D:\Program files\TM2009\Bin\TXFTNActiveX.dll> [(Verified)Tencent, 1, 0, 0, 11]
    [KooPlayer Control]
        <{C728DAB8-FDF5-4CD7-89DD-879D25794C77}> <> []
    [Shockwave Flash Object]
        <{D27CDB6E-AE6D-11CF-96B8-444553540000}> <C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx> [(Verified)Adobe Systems, Inc., 10,1,102,64]
    [TimwpDll.TimwpCheck]
        <{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}> <d:\Program files\TM2009\Bin\Timwp.dll> [(Verified)Tencent, 1, 40, 1050, 0]
    [PPLive Lite Class]
        <{EF0D1A14-1033-41A2-A589-240C01EDC078}> <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll> [(Verified)Copyright 2008, 1, 1, 0, 12]

================================================================
服务

[Ati HotKey Poller / Ati HotKey Poller][Stopped/Manual Start]
    <%SystemRoot%\system32\Ati2evxx.exe>  [ATI Technologies Inc., 6.14.10.4207]
[GP_CLT_Service / GP_CLT_Service][Running/Auto Start]
    <C:\WINDOWS\system32\GP_CLT_Service.exe>  [版权所有 (C) 2007, 1, 0, 1, 8]
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
    <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe">  [Nokia, 7, 0, 133, 0]

[CloudServer / CloudServer][Running/Manual Start]
    <F:\Cloud\CloudServer.exe>  [(Verified)版权所有 (C) 2009, 10, 10, 5, 19]
[Google Updater Service / gusvc][Stopped/Manual Start]
    <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe">  [(Verified)Google, 2.0.711.37800.beta]
[KSafe service / KSafeSvc][Running/Auto Start]
    <"C:\Program Files\KSafe\KSafeSvc.exe" -svc>  [(Verified)Kingsoft Corporation, 2.1.0.1027]
[Kingsoft Core Defend Service / kxedefend][Running/Auto Start]
    <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxedefend.exe" /service kxedefend>  [(Verified)Kingsoft Corporation, 2010,08,05,1009]
[Kingsoft Security App Service / kxesapp][Running/Auto Start]
    <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxesapp.exe" /service kxesapp>  [(Verified)Kingsoft Corporation, 2010,08,05,1009]
[Kingsoft Core Service / kxescore][Running/Auto Start]
    <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxescore.exe" /service kxescore>  [(Verified)Kingsoft Corporation, 2010,08,05,1009]
[Kingsoft Antivirus Update Service / KxEUpSrv][Running/Auto Start]
    <"C:\Program Files\Common Files\Kingsoft\kiscommon\upsvc.exe">  [(Verified)Kingsoft Corporation, 2010,10,18,1297]

================================================================
驱动

[aeaudio / aeaudio][Running/Manual Start]
    <system32\drivers\aeaudio.sys>  [Andrea Electronics Corporation, 4.0.1.7 built by: WinDDK]
[ati2mtag / ati2mtag][Running/Manual Start]
    <system32\DRIVERS\ati2mtag.sys>  [ATI Technologies Inc., 6.14.10.6860]
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
    <system32\DRIVERS\bcm4sbxp.sys>  [Broadcom Corporation, 4.60.0.0 built by: WinDDK]
[bpmjhnpc / bpmjhnpc][Stopped/System Start]
    <\??\c:\windows\system32\drivers\bpmjhnpc.sys>  []
[cFosSpeed Miniport / cFosSpeed][Stopped/Manual Start]
    <system32\DRIVERS\cfosspeed.sys>  []
[EQSysSecure / EQSysSecure][Stopped/System Start]
    <\??\C:\WINDOWS\system32\drivers\EQSysSecure.sys>  []
[jmioaogg / jmioaogg][Stopped/System Start]
    <\??\c:\windows\system32\drivers\jmioaogg.sys>  []
[DDK PACKET Protocol / Packet][Stopped/System Start]
    <system32\DRIVERS\ProtoDrv.sys>  []
[ProGCD / ProGCD][Running/Auto Start]
    <\SystemRoot\System32\DRIVERS\ProGsys.sys>  [HangZhou Metadata Co.,LTD, 1, 5, 3, 30]
[senfilt / senfilt][Running/Manual Start]
    <system32\drivers\senfilt.sys>  [Sensaura, 5.10.00.3515]
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
    <System32\drivers\sfdrv01.sys>  [Protection Technology, 1.37]
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
    <System32\drivers\sfhlp02.sys>  [Protection Technology, 2.3]
[StarForce Protection Synchronization Driver (version 2.x) / sfsync02][Running/Boot Start]
    <System32\drivers\sfsync02.sys>  [Protection Technology, 2.12]
[StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
    <System32\drivers\sfvfs02.sys>  [Protection Technology, 2.12]
[SATALink driver accelerator / SiFilter][Running/Boot Start]
    <system32\drivers\SiWinAcc.sys>  [Silicon Image, Inc., 1.0.0.11]
[smwdm / smwdm][Running/Manual Start]
    <system32\drivers\smwdm.sys>  [Analog Devices, Inc., 5.12.01.5290]
[sptd / sptd][Running/Boot Start]
    <System32\Drivers\sptd.sys>  [N/A]
[System Restore Filter Driver / sr][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\sr.sys>  []
[TAP-Win32 Adapter V9 / tap0901][Stopped/Manual Start]
    <system32\DRIVERS\tap0901.sys>  [The OpenVPN Project, 2.1_rc22 9/6 built by: WinDDK]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[UnlockerDriver5 / UnlockerDriver5][/Boot Start]
    <\??\C:\Program Files\Unlocker\UnlockerDriver5.sys>  [N/A]
[Driver for XLPPoEPC Device / XLPPoEPC][Running/Manual Start]
    <system32\DRIVERS\XLPPoEPC.sys>  [西安信利软件系统公司, 1.0.0.0]

[BC / BC][Running/Boot Start]
    <system32\Drivers\BC.sys>  [(Verified)Kingsoft Corporation, 2010,5,27,89]
[bootsafe / bootsafe][Running/Boot Start]
    <system32\Drivers\bootsafe.sys>  [(Verified)Kinsoft, 2010,05,11,27]
[KAVBootC / KAVBootC][Running/Boot Start]
    <system32\drivers\KAVBootC.sys>  [(Verified)Kingsoft Corporation, 2010,04,14,609]
[KAVSafe / KAVSafe][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys>  [(Verified)Kingsoft Corporation, 2010,05,21,727]
[kmodurl / kmodurl][Running/System Start]
    <\??\C:\Program Files\KSafe\kmodurl.sys>  [(Verified)Kingsoft Corporation, 2.1.0.1025]
[ksdef / ksdef][Running/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\ksdef.sys>  [(Verified)Kingsoft Corporation, 2010,09,13,53]
[kwatch32 / kwatch32][Running/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\kwatch32.sys>  [(Verified)Kingsoft Corporation, 2010,07,22,40]
[LongRADrv / LongRADrv][Running/System Start]
    <\??\F:\Cloud\LongRADrv.sys>  [(Verified)long, 9, 10, 5, 17]
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
    <system32\drivers\ccdcmb.sys>  [(Verified)Nokia, 7.1.29.50]
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
    <system32\drivers\ccdcmbo.sys>  [(Verified)Nokia, 7.1.28.49]
[onbgnkla / onbgnkla][Running/System Start]
    <\??\c:\windows\system32\drivers\onbgnkla.sys>  [(Verified)360.cn, 2.7.2.2]
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
    <system32\DRIVERS\pccsmcfd.sys>  [(Verified)Nokia, 7.0.0.0]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086]
[Anchorfree HSS Adapter / taphss][Stopped/Manual Start]
    <system32\DRIVERS\taphss.sys>  [(Verified)AnchorFree Inc, 2.1_rc19 16/4 built by: WinDDK]
[upperdev / upperdev][Stopped/Manual Start]
    <system32\DRIVERS\usbser_lowerflt.sys>  [(Verified)Nokia, 7.1.28.49]
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
    <system32\DRIVERS\usbser_lowerfltj.sys>  [(Verified)Nokia, 7.1.28.49]

================================================================
活动进程


[PID: 1200 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\Ati2evxx.dll   [ATI Technologies Inc., 6.14.10.4177]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]

[PID: 1256 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1428 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1504 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1624 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1664 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1832 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 188 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]
    C:\Program Files\Unlocker\UnlockerHook.dll   [N/A]
    C:\Program Files\Kingsoft\Kingsoft Antivirus\ktaskbar.dll   [(Verified)Kingsoft Corporation, 2010,05,26,732]
    C:\Program Files\Common Files\Kingsoft\kiscommon\DetectDllHijack.dll   [(Verified)Kingsoft Corporation, 2010,08,30,159]
    C:\Program Files\KSafe\ksfmon.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    d:\Program Files\QvodPlayer\QvodBand.dll   [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0]
    D:\Program Files\HaoZip\HaoZipExt.dll   [(Verified)好压软件工作室, 2.0.1.4930]
    C:\Program Files\Kingsoft\Kingsoft Antivirus\kavmenu.dll   [(Verified)Kingsoft Corporation, 2010,05,29,742]
    C:\Program Files\Kingsoft\Kingsoft Antivirus\kis.dll   [(Verified)Kingsoft Corporation, 2010,08,25,1089]
    D:\Program Files\Tencent\QQPlayer\QPShellExt.dll   [(Verified)Tencent, 1.0.0.1]
    D:\Program Files\Tencent\QQPlayer\i18nu.dll   [(Verified)Tencent, 1.2 alpha1 build2(20080220)]

[PID: 428 / SYSTEM]   C:\Program Files\KSafe\KSafeSvc.exe   [(Verified)Kingsoft Corporation, 2.1.0.1027]
    C:\Program Files\KSafe\ksafeeng.dll   [(Verified)Kingsoft Corporation, 2.1.0.1027]
    C:\Program Files\KSafe\katrun.dll   [(Verified)Kingsoft Corporation, 2.1.0.1027]
    C:\Program Files\KSafe\ksafebak.dll   [(Verified)Kingsoft Corporation, 2.1.0.1027]
    C:\Program Files\KSafe\ksafedb.dll   [(Verified)Kingsoft Corporation, 2.1.0.1027]
    C:\Program Files\KSafe\kcache.dll   [(Verified)Kingsoft Corporation, 2.1.0.1027]
    C:\Program Files\KSafe\knescan.dll   [(Verified)Kingsoft Corporation., 1.0.0.1111]
    C:\Program Files\KSafe\kse\ksbwdet2.dll   [(Verified)Kingsoft Corporation, 2010,11,04,1495]
    C:\Program Files\KSafe\kse\sqlite.dll   [(Verified)Kingsoft Corporation, 2010,03,30,781]
    C:\Program Files\KSafe\KEng\ksafeave.dll   [(Verified)Kingsoft Corporation., 1.0.0.1114]
    C:\Program Files\KSafe\KEng\kae\kaecore.dat   [(Verified)Kingsoft Corporation, 2010,06,30,436]
    C:\Program Files\KSafe\kdump.dll   [(Verified)Kingsoft Corporation, 2010,10,11,1453]
    C:\Program Files\KSafe\kxebase.dll   [(Verified)Kingsoft Corporation, 2010,5,12,402]
    C:\Program Files\KSafe\scom.dll   [(Verified)Kingsoft Corporation, 2010,5,12,402]
    C:\Program Files\KSafe\kxecore\kxecore.dll   [(Verified)Kingsoft Corporation, 2010,5,12,402]
    C:\Program Files\KSafe\kexectrl.dll   [(Verified)Kingsoft Corporation, 2010,09,18,1422]
    C:\Program Files\KSafe\kwssp.dll   [(Verified)Kingsoft Corporation, 2010.11.19.1025]
    C:\Program Files\KSafe\json.dll   [(Verified)N/A]
    C:\Program Files\KSafe\ksscore.dll   [(Verified)Kingsoft Corporation, 2010,11,18,54]
    C:\Program Files\KSafe\kplugeng.dll   [(Verified)Kingsoft Corporation., 1.5.2.1191]
    C:\Program Files\KSafe\kcldrep.dll   [(Verified)Kingsoft Corporation, 2010,11,05,45]
    C:\Program Files\KSafe\kse\ksecorex.dll   [(Verified)Kingsoft Corporation, 2010,09,16,1206]
    C:\Program Files\KSafe\KEng\kae\karchive.dat   [(Verified)Kingsoft Corporation, 2010,06,30,436]
    C:\Program Files\KSafe\KEng\kae\kaearcha.dat   [(Verified)Kingsoft Corporation, 2010,06,30,436]
    C:\Program Files\KSafe\KEng\kae\kaeolea.dat   [(Verified)Kingsoft Corporation, 2010,06,30,436]
    C:\Program Files\KSafe\KEng\kae\kaearchb.dat   [(Verified)Kingsoft Corporation, 2010,06,30,436]
    C:\Program Files\KSafe\fwproxy.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\KSafe\KEng\kae\kaeunpak.dat   [(Verified)Kingsoft Corporation, 2010,06,30,436]
    C:\Program Files\KSafe\KEng\kae\kaeunpack.dat   [(Verified)Kingsoft Corporation, 2010,07,18,365]
    C:\Program Files\KSafe\KEng\kae\kaevname.dat   [(Verified)Kingsoft Corporation, 2010,06,30,436]
    C:\Program Files\KSafe\KEng\kae\kaecorea.dat   [(Verified)Kingsoft Corporation, 2010,06,30,436]

[PID: 1976 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 2880 / SYSTEM]   C:\WINDOWS\system32\GP_CLT_Service.exe   [版权所有 (C) 2007, 1, 0, 1, 8]

[PID: 2912 / Administrator]   C:\WINDOWS\system32\GP_CLT.exe   [Copyright (C) 2007, 2, 0, 0, 7]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]
    C:\WINDOWS\system32\GP_IFD.dll   [CIDC., 1, 0, 17, 45]
    C:\WINDOWS\system32\GP_COS.dll   [Copyright (C) 2008, 2, 0, 1, 15]
    C:\WINDOWS\system32\GP_RES.dll   [Copyright (C) 2008, 2, 0, 1, 9]

[PID: 3208 / Administrator]   C:\Program Files\Unlocker\UnlockerAssistant.exe   [N/A]
    C:\Program Files\Unlocker\UnlockerHook.dll   [N/A]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]

[PID: 3316 / Administrator]   D:\Program files\ChinaNetSn\bin\NetKeeper.exe   [XI AN XINLI SOFTWARE TECHNOLOGY CO.,LTD, 0, 0, 5, 1]
    D:\Program files\ChinaNetSn\bin\StringList.dll   [N/A]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\KSafe\ksfmon.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\Common Files\Kingsoft\kiscommon\DetectDllHijack.dll   [(Verified)Kingsoft Corporation, 2010,08,30,159]
    C:\Program Files\Unlocker\UnlockerHook.dll   [N/A]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]
    D:\Program files\ChinaNetSn\bin\xinliPPPoE.dll   [版权所有 (C) 2007, 1, 0, 1, 7]
    C:\WINDOWS\system32\PProxyCTL.dll   [西安, 4, 0, 0, 3]
    D:\Program files\ChinaNetSn\plugin\EPHONE\NetKeeperToEcp.dll   [浙江省公众信息产业有限公司, 0, 1, 1, 0]

[PID: 3372 / Administrator]   C:\Program Files\KSafe\KSafeTray.exe   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\KSafe\ksfmon.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\KSafe\krunopt.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\KSafe\kdump.dll   [(Verified)Kingsoft Corporation, 2010,10,11,1453]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\Unlocker\UnlockerHook.dll   [N/A]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]
    C:\Program Files\KSafe\kwsctrl.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\Common Files\Kingsoft\kiscommon\DetectDllHijack.dll   [(Verified)Kingsoft Corporation, 2010,08,30,159]
    C:\Program Files\KSafe\ksafedb.dll   [(Verified)Kingsoft Corporation, 2.1.0.1027]
    C:\Program Files\KSafe\ksafevul.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\KSafe\ksafeup.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\KSafe\zlib1.dll   [(Verified)(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3]
    C:\Program Files\KSafe\kplugeng.dll   [(Verified)Kingsoft Corporation., 1.5.2.1191]
    C:\Program Files\KSafe\KEng\ksignup.dll   [(Verified)Kingsoft Corporation., 1.0.0.1114]
    C:\Program Files\KSafe\KEng\KSGMerge.DLL   [(Verified)Kingsoft Corporation, 2010,02,26,47]

[PID: 3460 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\Unlocker\UnlockerHook.dll   [N/A]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]

[PID: 3136 / SYSTEM]   F:\Cloud\CloudServer.exe   [(Verified)版权所有 (C) 2009, 10, 10, 5, 19]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 328 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 2712 / Administrator]   D:\Program files\Opera 11.00 beta\opera.exe   [(Verified)Opera Software, 1104 (1)]
    D:\Program files\Opera 11.00 beta\Opera.dll   [(Verified)Opera Software, 1104 (1)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\KSafe\ksfmon.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\Common Files\Kingsoft\kiscommon\DetectDllHijack.dll   [(Verified)Kingsoft Corporation, 2010,08,30,159]
    C:\Program Files\Unlocker\UnlockerHook.dll   [N/A]
    C:\Program Files\KSafe\kwsui.dll   [(Verified)Kingsoft Corporation, 2010.11.19.1025]
    C:\Program Files\KSafe\kswebshield.dll   [(Verified)Kingsoft Corporation, 2010.11.20.1037]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]
    C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll   [(Verified)N/A]

[PID: 2968 / Administrator]   D:\清理\arswp3\ArSwp3.exe   [(Verified)Windows 清理助手, 3.1.3.0815]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\KSafe\ksfmon.dll   [(Verified)Kingsoft Corporation, 2.1.0.1025]
    C:\Program Files\Common Files\Kingsoft\kiscommon\DetectDllHijack.dll   [(Verified)Kingsoft Corporation, 2010,08,30,159]
    C:\Program Files\Unlocker\UnlockerHook.dll   [N/A]
    C:\WINDOWS\system32\GOOGLEPINYIN2.IME   [(Verified)Google Inc., 2.3.14.85]
    C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx   [(Verified)Adobe Systems, Inc., 10,1,102,64]

================================================================
文件关联

[.jpg] <"C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe" "%1"> [(Verified)Google Inc., 3.6.105.67]
[.zip] <"D:\Program Files\HaoZip\HaoZip.exe" "%1"> [(Verified)好压软件工作室, 2.0.1.4930]
[.rar] <"D:\Program Files\HaoZip\HaoZip.exe" "%1"> [(Verified)好压软件工作室, 2.0.1.4930]
[.swf] <"D:\Program Files\Tencent\QQPlayer\QQPlayer.exe" /o "%1"> [(Verified)Tencent, 2.8.787.400]
[.pdf] <"d:\Program Files\Foxit PDF Reader\FoxitReader.exe" "%1"> [(Verified)Foxit Software, 3, 3, 0, 0430]
[.url] <"D:\Program files\Opera\opera.exe" "%1"> [(Verified)Opera Software, 9053]
[.xml] <"D:\Program files\Opera\opera.exe" "%1"> [(Verified)Opera Software, 9053]
[.ram] <"D:\Program Files\Tencent\QQPlayer\QQPlayer.exe" /o "%1"> [(Verified)Tencent, 2.8.787.400]
[.gif] <"C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe" "%1"> [(Verified)Google Inc., 3.6.105.67]
[.bmp] <"C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe" "%1"> [(Verified)Google Inc., 3.6.105.67]
[.mod] <"D:\Program Files\Tencent\QQPlayer\QQPlayer.exe" /o "%1"> [(Verified)Tencent, 2.8.787.400]

================================================================
Autorun.Inf

================================================================
Winsock提供者


================================================================
隐藏进程


[PID: 3332]  C:\Program Files\Common Files\Kingsoft\kiscommon\kxetray.exe    [(Verified)Kingsoft Corporation, 2010,10,21,1314]

[PID: 2904]  C:\Program Files\Common Files\Kingsoft\kiscommon\upsvc.exe    [(Verified)Kingsoft Corporation, 2010,10,18,1297]

[PID: 824]  C:\Program Files\Common Files\Kingsoft\kiscommon\kxesapp.exe    [(Verified)Kingsoft Corporation, 2010,08,05,1009]

[PID: 356]  C:\Program Files\Common Files\Kingsoft\kiscommon\kxedefend.exe    [(Verified)Kingsoft Corporation, 2010,08,05,1009]

[PID: 368]  C:\Program Files\Common Files\Kingsoft\kiscommon\kxescore.exe    [(Verified)Kingsoft Corporation, 2010,08,05,1009]

================================================================
可疑文件


================================================================
HOSTS

    127.0.0.1 localhost
    0.0.0.0 notice.asdf.com
    0.0.0.0 update.asdf.cn




woshishuxuejia
发表于 2010-11-22 22:59:06 | 显示全部楼层
看起来好像是中毒了的后遗症
zhou0197
发表于 2010-11-22 23:03:18 | 显示全部楼层
回复 1楼 jasonsimon36 的帖子

试试插入原版光盘运行sfc /scannow命令修复系统文件,实在不行建议重装。
jasonsimon36
 楼主| 发表于 2010-11-23 00:11:35 | 显示全部楼层
woshishuxuejia 发表于 2010-11-22 22:59
看起来好像是中毒了的后遗症

都扫描过了,实在不行再换个试试
woshishuxuejia
发表于 2010-11-23 12:01:32 | 显示全部楼层
回复 4楼 jasonsimon36 的帖子

被病毒破坏了啊 找个系统修复工具试试
jasonsimon36
 楼主| 发表于 2010-11-23 12:46:55 | 显示全部楼层
回复 5楼 woshishuxuejia 的帖子

360,金山,可牛的急救箱都用过了,360急救箱扫出一个系统文件被替换,希望就此解决
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-6-16 07:18 , Processed in 0.133142 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表