不知道什么病毒把我的杀软全给挂了.什么杀软动不能运行
动不动就蓝屏
喜欢弹出网页
我装的双系统哦~~~~
把我扫出来的结果发出来:
2007-04-01,18:06:02
System Repair Engineer 2.4.12.806
Smallfrogs (
http://www.KZTechs.com)
Windows Server 2003 Enterprise Edition Service Pack 1 (Build 3790) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(D:\WINDOWS\system32\ctfmon.exe) [(Verified)Microsoft Windows Publisher]
(bgswitch)(C:\WINDOWS\system32\bgswitch.exe) [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)("D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [(Verified)Microsoft Windows Publisher]
(IMEKRMIG6.1)(D:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE) [(Verified)Microsoft Windows Publisher]
(PHIME2002ASync)(D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [(Verified)Microsoft Windows Publisher]
(PHIME2002A)(D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [(Verified)Microsoft Windows Publisher]
()(F:\暗组\暗组2007\tool\防\木马检测\零号防火墙\零号防火墙.exe) [零号防火墙]
(VStart5.0)(F:\暗组\暗组2007\Anzu.exe) [3L软件工作室(3LSoft)]
(fubcwj)(D:\WINDOWS\system32\bryato.exe) []
(bryato)(D:\WINDOWS\system32\severe.exe) []
(System)(D:\Program Files\Common Files\System\Updaterun.exe) []
(CdnCtr)(D:\Program Files\CNNIC\Cdn\cdnup.exe) [CNNIC]
(UOServer)("D:\Program Files\在线安装专家\UOSERVER.exe") []
(RfwMain)("D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(Rav)("D:\Program Files\Rising\Rav\Update\Setup.exe" /UNINSTALL /S /ONCE) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe D:\WINDOWS\system32\drivers\conime.exe) []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({4ED6E0B5-F47A-4609-A940-11CF60FDC3C3})(D:\WINDOWS\system32\trtbc.dll) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
(wodb)(D:\PROGRA~1\vnca\wodb.dll) []
(wbwk)(D:\PROGRA~1\vnca\wodb.dll) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\kbdhu1]
(WinlogonNotify: kbdhu1)(k0rwbrkr.dll) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
({623D33B3-1E70-4705-88E9-649522AF6268})() [N/A]
--------------------------------------------------------------------------------
启动文件夹
[ruango]
(D:\Documents and Settings\All Users\「开始」菜单\程序\启动\ruango.lnk --) D:\WINDOWS\system32\MSRundll.exe [Microsoft Corporation])(N)
--------------------------------------------------------------------------------
服务
[6B182B4C / 6B182B4C][Stopped/Auto Start]
(D:\WINDOWS\system32\6B182B4C.EXE -service)(Microsoft Corporation)
[Intranet Messenger / BUZOR][Running/Auto Start]
(D:\WINDOWS\SYSTEM32\RUNDLL2000.EXE D:\WINDOWS\SYSTEM32\WBEM\CGWOQ.DLL,Export 1087)(Microsoft Corporation)
[ Cryptographic Server / CryptographicServer][Running/Auto Start]
(D:\WINDOWS\system32\mshtmlsed.exe)(N/A)
[D1E69C28 / D1E69C28][Stopped/Auto Start]
(D:\WINDOWS\system32\D1E69C28.EXE -service)(Microsoft Corporation)
[Vsn ewom Service / ewom][Running/Auto Start]
(D:\WINDOWS\system32\rundll32.exe D:\PROGRA~1\kcus\rjyw.dll,Service)(Microsoft Corporation)
[GrayPigeonServer / GrayPigeonServer][Stopped/Auto Start]
(D:\WINDOWS\G_Server2006.exe)(N/A)
[Human Interface Device Access / HidServ][Stopped/Disabled]
(D:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A)
[Clipboard / Indtry][Running/Auto Start]
(D:\WINDOWS\System32\svchost.exe -k netsvcs--)D:\WINDOWS\system32\vlthl.dll)(Microsoft Corporation)
[kkduusfsd / kkduusfsd][Stopped/Auto Start]
(D:\WINDOWS\system32\kkduusfsd.exe -service)(Microsoft Corporation)
[Std vqfd Service / vqfd][Stopped/Auto Start]
(D:\WINDOWS\system32\rundll32.exe D:\PROGRA~1\qixv\avki.dll,Service -s)(Microsoft Corporation)
[Windows Audioi / Windows Audioi][Stopped/Auto Start]
(D:\WINDOWS\G_Server.exe)(N/A)
[Windows Imge Acquisition (WIA / Windows Imge Acquisition (WIA][Stopped/Auto Start]
(D:\WINDOWS\Hacker.com.cn.exe)(N/A)
[Windows Updates / Windows Updates][Stopped/Auto Start]
(D:\WINDOWS\svchost.exe)(N/A)
[Portable Media / WmdmPWD][Stopped/Auto Start]
(D:\WINDOWS\system32\Svchost.exe -k WmdmPWD--)D:\WINDOWS\system32\MDserivces\services\svchost.dll)(Microsoft Corporation)
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
(d:\program files\rising\rfw\rfwproxy.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
(d:\program files\rising\rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[IEAgent service / IEAgent][Stopped/Auto Start]
("D:\WINDOWS\system32\ieagent.exe")()
--------------------------------------------------------------------------------
驱动程序
[acpidisk / acpidisk][Running/Auto Start]
(\??\D:\WINDOWS\system32\drivers\acpidisk.sys)(N/A)
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
(system32\drivers\ALCXWDM.SYS)(Realtek Semiconductor Corp.)
[arupti6 / arupti65][Stopped/Boot Start]
(\SystemRoot\System32\DRIVERS\arupti65.sys)(N/A)
[cdnprot / cdnprot][Stopped/Boot Start]
(\SystemRoot\system32\drivers\cdnprot.sys)(中国互联网络信息中心(CNNIC))
[DarkSpy / DarkSpy][Stopped/Manual Start]
(\??\D:\WINDOWS\system32\DarkSpyKernel.sys)(N/A)
[dijfgjfc / dijfgjfc][Stopped/Boot Start]
(\SystemRoot\system32\drivers\dijfgjfc.sys)(中国互联网络信息中心(CNNIC))
[ExpScaner / ExpScaner][Stopped/Auto Start]
(\??\D:\PROGRAM FILES\RISING\RAV\ExpScan.sys)(N/A)
[gbdjjgdb / gbdjjgdb][Stopped/Boot Start]
(\SystemRoot\system32\drivers\gbdjjgdb.sys)(中国互联网络信息中心(CNNIC))
[HookCont / HookCont][Stopped/Auto Start]
(\??\D:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys)(N/A)
[HookReg / HookReg][Stopped/Auto Start]
(\??\D:\PROGRAM FILES\RISING\RAV\HookReg.sys)(N/A)
[HookSys / HookSys][Stopped/Auto Start]
(\??\D:\PROGRAM FILES\RISING\RAV\HookSys.sys)(N/A)
[ijwals1 / ijwals10][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\ijwals10.sys)(Microsoft Corporation)
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
(system32\DRIVERS\ipinip.sys)(N/A)
[jujtgu2 / jujtgu28][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\jujtgu28.sys)(N/A)
[lempcj7 / lempcj78][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\lempcj78.sys)(N/A)
[MEMSCAN / MEMSCAN][Stopped/Auto Start]
(\??\D:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys)(N/A)
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
(system32\drivers\npf.sys)(NetGroup - Politecnico di Torino)
[npkcrypt / npkcrypt][Running/Auto Start]
(\??\D:\Program Files\Tencent\qq\npkcrypt.sys)(INCA Internet Co., Ltd.)
[nzeujq43 / nzeujq43][Stopped/Manual Start]
(\??\D:\WINDOWS\system32\drivers\nzeujq43.sys)(Microsoft Corporation)
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
(system32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
(\SystemRoot\system32\drivers\RsBoot.sys)(Beijing Rising)
[RSPPSYS / RSPPSYS][Stopped/Auto Start]
(\??\D:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys)(N/A)
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
(system32\DRIVERS\Rtnicxp.sys)(Realtek Semiconductor Corporation)
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
(system32\DRIVERS\RTL8139.SYS)(Realtek Semiconductor Corporation)
[Secdrv / Secdrv][Stopped/Manual Start]
(system32\DRIVERS\secdrv.sys)(Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
[SmartAVS / SmartAVS][Stopped/Manual Start]
(\??\D:\WINDOWS\system32\drivers\SmartAVS.sys)(All-In-Smart [CWJ])
[usb8028 / usb8028][Running/System Start]
(system32\drivers\usb8028.sys)(Microsoft Corporation)
[usb8028x / usb8028x][Running/System Start]
(system32\drivers\usb8028x.sys)(Windows System Internal)
[xrnhzj5 / xrnhzj50][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\xrnhzj50.sys)(N/A)
[XScanPF / XScanPF][Stopped/Manual Start]
(\??\F:\漏洞扫描\X-Scan-v3.3\X-Scan-v3.3\dat\xpf.sys)(N/A)
[ndcia / ndcia][Running/Auto Start]
(\??\D:\WINDOWS\system32\drivers\ndcia.sys)(Microsoft Corporation)
[romman / romman][Running/Auto Start]
(\??\D:\WINDOWS\system32\drivers\romman.sys)(Microsoft Corporation)
[stdio / stdio][Running/Auto Start]
(\??\D:\WINDOWS\system32\drivers\stdio.sys)(Microsoft Corporation)
[Basetdi / Basetdi][Running/Auto Start]
(\??\D:\WINDOWS\system32\drivers\basetdi.sys)(Beijing Rising Technology Co., Ltd.)
[RsFwDrv / RsFwDrv][Running/Auto Start]
(\??\D:\Program Files\Rising\Rfw\RsFwDrv.sys)(Beijing Rising Technology Co., Ltd.)
[HookUrl / HookUrl][Stopped/Auto Start]
(\??\D:\Program Files\Rising\Rfw\HookUrl.sys)(Beijing Rising Technology Co., Ltd.)
[mProcRs / mProcRs][Running/Auto Start]
(\??\d:\program files\rising\rfw\mProcRs.sys)(Beijing Rising Technology Co., Ltd.)
--------------------------------------------------------------------------------
浏览器加载项
[]
{00c299fd-1f9b-49f5-8b0d-4e03f37a8dbf} (D:\WINDOWS\system32\49f5cfsb.dll, N/A)
[Thunder Browser Helper]
{11F09AFC-75AD-4E51-AB43-E09E9351CE16} (D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD)
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} (D:\Program Files\Common Files\CPUSH\cpush.dll, )
[Sodui Search]
{35EC0410-555E-4402-B372-D9A6E0BF6795} (D:\WINDOWS\system32\wintgu28.dll, )
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} (D:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司)
[]
{5333baea-e355-4d7f-ae2b-1b294ae19f4f} (D:\WINDOWS\system32\4d7fntos.dll, N/A)
[bwlj]
{55507D27-AA6C-4ECE-BF07-2300D89F83F0} (D:\PROGRA~1\kcus\ogvw.dll, )
[HelpIE Class]
{589A6FED-A214-4FE3-8D1E-CD07BC634D89} (D:\WINDOWS\system32\HelpIE.dll, TODO: (公司名))
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} (D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC)
[实用搜索]
{6CFD436C-7AAD-4e50-992F-C0C87A94CAD2} (D:\Program Files\superutilbar\superutilbar.dll,
www.shiyongsousuo.com)
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} (C:\Program Files\360safe\safemon\safemon.dll, )
[WinMyFavor Class]
{F7F49040-389C-4f1f-A825-06D5328EAE59} (D:\WINDOWS\system32\MyFavor.dll, N/A)
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} (D:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD)
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} (D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC)
[番茄花园]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} (
http://www.tomatolei.com, N/A)
[CaiFuCOM Class]
{C1F0024B-8278-4999-B7E6-2718426D9FE6} (D:\Program Files\财富通\caif.dll, N/A)
[实用搜索工具条2.0]
{03465FF5-00AE-411a-9C34-960ED566EC03} (D:\Program Files\superutilbar\superutilbar.dll,
www.shiyongsousuo.com)
[e355]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} (D:\WINDOWS\system32\4d7fntos.dll, N/A)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (D:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.)
[]
{00C299FD-1F9B-49F5-8B0D-4E03F37A8DBF} (D:\WINDOWS\system32\49f5cfsb.dll, N/A)
[实用搜索工具条2.0]
{03465FF5-00AE-411A-9C34-960ED566EC03} (D:\Program Files\superutilbar\superutilbar.dll,
www.shiyongsousuo.com)
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} (D:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation)
[Thunder Browser Helper]
{11F09AFC-75AD-4E51-AB43-E09E9351CE16} (D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD)
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} (D:\Program Files\Common Files\CPUSH\cpush.dll, )
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} (D:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation)
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} (D:\WINDOWS\system32\msxml3.dll, Microsoft Corporation)
[Sodui Search]
{35EC0410-555E-4402-B372-D9A6E0BF6795} (D:\WINDOWS\system32\wintgu28.dll, )
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} (D:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司)
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} (D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_007.dll, Thunder Networking Technologies,LTD)
[]
{5333BAEA-E355-4D7F-AE2B-1B294AE19F4F} (D:\WINDOWS\system32\4d7fntos.dll, N/A)
[bwlj]
{55507D27-AA6C-4ECE-BF07-2300D89F83F0} (D:\PROGRA~1\kcus\ogvw.dll, )
[HelpIE Class]
{589A6FED-A214-4FE3-8D1E-CD07BC634D89} (D:\WINDOWS\system32\HelpIE.dll, TODO: (公司名))
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} (D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC)
[YOKHttpFilter Class]
{686D3343-D00D-49A1-96DF-66F3AF62F348} (D:\PROGRA~1\yok\adblock.dll, N/A)
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} (D:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[实用搜索]
{6CFD436C-7AAD-4E50-992F-C0C87A94CAD2} (D:\Program Files\superutilbar\superutilbar.dll,
www.shiyongsousuo.com)
[YOKAdBlock Class]
{718F4AD3-70D4-425E-9159-5598DFC732ED} (D:\PROGRA~1\yok\adblock.dll, N/A)
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} (D:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin11.dll, Thunder Networking Technologies,LTD)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD)
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} (D:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation)
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} (%SystemRoot%\system32\shdocvw.dll, N/A)
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} (C:\Program Files\360safe\safemon\safemon.dll, )
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} (D:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (D:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.)
[e355]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} (D:\WINDOWS\system32\4d7fntos.dll, N/A)
[PasswordEditCtrl Class]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} (D:\Program Files\Tencent\qq\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司)
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} (D:\WINDOWS\system32\msxml3.dll, Microsoft Corporation)
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} (D:\WINDOWS\system32\msxml3.dll, Microsoft Corporation)
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} (D:\WINDOWS\system32\msxml3.dll, Microsoft Corporation)
[WinMyFavor Class]
{F7F49040-389C-4F1F-A825-06D5328EAE59} (D:\WINDOWS\system32\MyFavor.dll, N/A)
[&使用迅雷下载]
(D:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A)
[&使用迅雷下载全部链接]
(D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A)
[上传到QQ网络硬盘]
(D:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A)
[添加到QQ自定义面板]
(D:\Program Files\Tencent\qq\AddPanel.htm, N/A)
[添加到QQ表情]
(D:\Program Files\Tencent\qq\AddEmotion.htm, N/A)
[用QQ彩信发送该图片]
(D:\Program Files\Tencent\qq\SendMMS.htm, N/A)
[访问通用网址]
(D:\Program Files\CNNIC\Cdn\cnnic.htm, N/A)
--------------------------------------------------------------------------------
正在运行的进程
[PID: 340][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 404][\??\D:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 428][\??\D:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\6B182B4C.DLL] [Microsoft Corporation, ]
[D:\WINDOWS\system32\winlib .dll] [N/A, ]
[D:\WINDOWS\system32\D1E69C28.DLL] [Microsoft Corporation, ]
[D:\WINDOWS\system32\bkkdud.dll] [Microsoft Corporation, ]
[D:\WINDOWS\system32\k0rwbrkr.dll] [N/A, ]
[PID: 472][D:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 484][D:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 664][D:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 752][D:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 792][D:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[d:\windows\system32\vlthl.dll] [Microsoft Corporation, 5.1.2600.0]
[PID: 1216][D:\WINDOWS\system32\ShellExt\smss.exe] [FREE, 1.00]
[D:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9782]
[D:\WINDOWS\system32\vb6chs.dll] [Microsoft Corporation, 6.00.8988]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[PID: 1244][D:\WINDOWS\Explorer.exe] [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[D:\WINDOWS\system32\lempcj78.dll] [N/A, ]
[D:\WINDOWS\system32\xrnhzj50.dll] [Microsoft Corporation, 1, 1, 1, 1035]
[D:\PROGRA~1\vnca\wodb.nls] [N/A, ]
[D:\WINDOWS\system32\wbem\cugpqcsy.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\6B182B4C.DLL] [Microsoft Corporation, ]
[D:\WINDOWS\system32\D1E69C28.DLL] [Microsoft Corporation, ]
[D:\WINDOWS\system32\bkkdud.dll] [Microsoft Corporation, ]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\Program Files\superutilbar\superutilbar.dll] [
www.shiyongsousuo.com, 2, 1, 8, 24]
[D:\Program Files\WinRAR\rarext.dll] [N/A, ]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll] [GlobalSCAPE Texas, LP., 50, 6, 3, 2]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\WINDOWS\SYSTEM32\WBEM\CGWOQ.DLL] [Microsoft Corporation, 5, 1, 2600, 2709]
[D:\WINDOWS\system32\trtbc.dll] [, 5, 3, 1, 120]
[d:\windows\system32\vlthl.dll] [Microsoft Corporation, 5.1.2600.0]
[D:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.2.3790.2476 (srv03_sp1_gdr.050628-1710)]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
[D:\PROGRA~1\kcus\ogvw.dll] [, 1, 2, 0, 8]
[D:\WINDOWS\system32\HelpIE.dll] [TODO: (公司名), 1.0.0.1]
[C:\Program Files\360safe\safemon\safemon.dll] [, 3, 2, 0, 1001]
[D:\WINDOWS\system32\MyFavor.dll] [N/A, ]
[PID: 1348][D:\WINDOWS\system32\severe.exe] [N/A, ]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[PID: 1456][D:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1872][D:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[PID: 1912][D:\Program Files\CNNIC\Cdn\cdnup.exe] [CNNIC, 2, 5, 0, 6]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[D:\Program Files\CNNIC\Cdn\cdnuplib.dll] [CNNIC, 2, 5, 0, 5]
[D:\Program Files\CNNIC\Cdn\cdnprh.dll] [CNNIC, 2, 4, 0, 3]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1944][D:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[PID: 2496][D:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5, 6, 0, 280]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 20]
[D:\Program Files\Thunder Network\Thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 13, 2, 61]
[D:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[D:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 13, 2, 61]
[D:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
[D:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 17]
[D:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[D:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\Program Files\Thunder Network\Thunder\Components\DiagnoseHelper\DiagnoseHelper.dll] [Thunder Networking Technologies,LTD, 1, 1, 1, 13]
[D:\Program Files\Thunder Network\Thunder\Components\PortVerify\PortVerify.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[D:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[D:\Program Files\Thunder Network\Thunder\Components\DTAG\DTAG.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 7]
[D:\Program Files\Thunder Network\Thunder\Components\DTAG\ExtractMediaTag.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 7]
[D:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll] [Thunder Networking Technologies,LTD, 1, 1, 1, 20]
[D:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll] [ , 1, 0, 0, 15]
[D:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed08.dll] [ , 3, 2, 0, 63]
[D:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 20]
[D:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 13, 2, 61]
[D:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 9]
[D:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 18]
[D:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 6]
[D:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll] [, 1, 2, 0, 5]
[D:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VideoPicture.dll] [XunLei, 1, 2, 0, 5]
[D:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 1, 1, 50]
[D:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[D:\Program Files\Thunder Network\Thunder\Plugins\BhoAdv\bho_adv.dll] [深圳市迅雷网络技术有限公司, 1.0.1.0]
[D:\Program Files\Thunder Network\Thunder\Program\FloatBar.dll] [Giganology Inc., 1, 0, 0, 2]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[PID: 1932][D:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\Program Files\CNNIC\Cdn\cdnuplib.dll] [CNNIC, 2, 5, 0, 5]
[D:\Program Files\superutilbar\superutilbar.dll] [
www.shiyongsousuo.com, 2, 1, 8, 24]
[D:\WINDOWS\system32\49f5cfsb.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
[D:\Program Files\Common Files\CPUSH\cpush.dll] [, 1.0.2.7]
[D:\WINDOWS\system32\wintgu28.dll] [, 1, 1, 1, 1015]
[D:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll] [金泰丰(广州)科技有限公司, 2, 3, 0, 0]
[D:\WINDOWS\system32\4d7fntos.dll] [N/A, ]
[D:\PROGRA~1\kcus\ogvw.dll] [, 1, 2, 0, 8]
[D:\WINDOWS\system32\HelpIE.dll] [TODO: (公司名), 1.0.0.1]
[C:\Program Files\360safe\safemon\safemon.dll] [, 3, 2, 0, 1001]
[D:\WINDOWS\system32\MyFavor.dll] [N/A, ]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\WINDOWS\system32\winals10.dll] [, 1, 1, 1, 1008]
[D:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[D:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[PID: 2768][D:\WINDOWS\system32\MSRundll.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\player.dll] [ , 1, 0, 0, 3]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[PID: 3012][D:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[D:\WINDOWS\system32\kbnaxp.dll] [Microsoft Corporation, 5.1.1800.2813]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\WINDOWS\system32\trtbc.dll] [, 5, 3, 1, 120]
[PID: 4272][D:\WINDOWS\system32\drivers\conime.exe] [N/A, ]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[PID: 4800][D:\WINDOWS\system32\cmd.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 9828][D:\WINDOWS\system32\bryato.exe] [N/A, ]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 6872][D:\Documents and Settings\Administrator\桌面\sreng2\Sng.EXE] [Smallfrogs Studio, 2.4.12.806]
[D:\WINDOWS\system32\jujtgu28.dll] [, 1, 1, 1, 1004]
[D:\WINDOWS\system32\ijwals10.dll] [, 1, 1, 1, 1004]
[D:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[D:\WINDOWS\system32\bryato.dll] [N/A, ]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
--------------------------------------------------------------------------------
文件关联
.TXT Error. [D:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. [hh.exe %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
--------------------------------------------------------------------------------
Winsock 提供者
N/A
--------------------------------------------------------------------------------
Autorun.inf
[D:\]
[AutoRun]
open=OSO.exe
shellexecute=OSO.exe
shell\Auto\command=OSO.exe
[E:\]
[AutoRun]
open=OSO.exe
shellexecute=OSO.exe
shell\Auto\command=OSO.exe
[F:\]
[AutoRun]
open=OSO.exe
shellexecute=OSO.exe
shell\Auto\command=OSO.exe
[G:\]
[AutoRun]
open=OSO.exe
shellexecute=OSO.exe
shell\Auto\command=OSO.exe
--------------------------------------------------------------------------------
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 mmsk.cn
127.0.0.1 ikaka.com
127.0.0.1 safe.qq.com
127.0.0.1 360safe.com
127.0.0.1
www.mmsk.cn127.0.0.1
www.ikaka.com127.0.0.1 tool.ikaka.com
127.0.0.1
www.360safe.com127.0.0.1 zs.kingsoft.com
127.0.0.1 forum.ikaka.com
127.0.0.1 up.rising.com.cn
127.0.0.1 scan.kingsoft.com
127.0.0.1 kvup.jiangmin.com
127.0.0.1 reg.rising.com.cn
127.0.0.1 update.rising.com.cn
127.0.0.1 update7.jiangmin.com
127.0.0.1 download.rising.com.cn
127.0.0.1 dnl-us1.kaspersky-labs.com
127.0.0.1 dnl-us2.kaspersky-labs.com
127.0.0.1 dnl-us3.kaspersky-labs.com
127.0.0.1 dnl-us4.kaspersky-labs.com
127.0.0.1 dnl-us5.kaspersky-labs.com
127.0.0.1 dnl-us6.kaspersky-labs.com
127.0.0.1 dnl-us7.kaspersky-labs.com
127.0.0.1 dnl-us8.kaspersky-labs.com
127.0.0.1 dnl-us9.kaspersky-labs.com
127.0.0.1 dnl-us10.kaspersky-labs.com
127.0.0.1 dnl-eu1.kaspersky-labs.com
127.0.0.1 dnl-eu2.kaspersky-labs.com
127.0.0.1 dnl-eu3.kaspersky-labs.com
127.0.0.1 dnl-eu4.kaspersky-labs.com
127.0.0.1 dnl-eu5.kaspersky-labs.com
127.0.0.1 dnl-eu6.kaspersky-labs.com
127.0.0.1 dnl-eu7.kaspersky-labs.com
127.0.0.1 dnl-eu8.kaspersky-labs.com
127.0.0.1 dnl-eu9.kaspersky-labs.com
127.0.0.1 dnl-eu10.kaspersky-labs.com
--------------------------------------------------------------------------------
API HOOK
N/A
--------------------------------------------------------------------------------
隐藏进程
N/A
--------------------------------------------------------------------------------
[ 此贴被□◆.|鉺釘?在2007-04-03 17:16重新编辑 ]
