游戏机厂家出现555怎么办

555游戏机被没收了【唐山62中吧】_百度贴吧
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&签到排名:今日本吧第个签到,本吧因你更精彩,明天继续来努力!
本吧签到人数:0成为超级会员,使用一键签到本月漏签0次!成为超级会员,赠送8张补签卡连续签到:天&&累计签到:天超级会员单次开通12个月以上,赠送连续签到卡3张
关注:2,175贴子:
555游戏机被没收了收藏
今天晚上我心情特别不好,就在最后一节自习课上玩我一个月前还没通关的口袋妖怪。没看见老师,就被没收了。我的心啊,这个疼啊。我的GBA,拜拜
HUAWEI Mate 10官方商城首销,立即购买。
右眼皮跳跳,坏事要来到
兰宁,我画个圈圈诅咒你
呃...好复古啊...话说好久没玩掌机了...
我现在手机等游戏机玩
呃…掌机最近一直没电…汗…
登录百度帐号推荐应用只需一步,快速开始
后使用快捷导航
我开机和启动游戏都出现这个
该用户从未签到
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
才可以下载或查看,没有帐号?
55.jpg (15.26 KB, 下载次数: 5)
18:03 上传
用SRENG扫描,去掉可疑的启动项
11.jpg (30.34 KB, 下载次数: 4)
21:24 上传
22.jpg (56.31 KB, 下载次数: 6)
21:24 上传
可能和杀软或者防火墙产生冲突了
我也有这个问题。。和杀毒冲突。不知道怎么回事。
关了杀毒就不这样
我打游戏时经常莫名其妙的弹出来,为什么???看了一下,是有个程序隔几分钟就要运行一次,windows/system32/lad91.exe,根本莫法删除,!这个程序在启动项里,无法禁用,手动删不了,也粉碎不了,只有128KB大小!还有个&万能搜索变种sf&插件,移除了,隔一会儿又有了!各位大哥斑竹帮帮忙啊,谢谢啦!
多个可疑程序!
为了更好地解决您的问题,需要您配合提供更多的信息,
⒉请下载SRENG(System Repair Engineer)
& &2.1将下载的文件Sreng2.zip&&&解压缩释放任意文件夹&&&运行SREngPS.EXE{Sreng2.exe}&&&智能扫描…&扫描…&保存报告
& &2.2将保存的报告以文本方式打开,复制里面的内容,以回复形式粘贴发上论坛您的求助贴处,以作分析问题。
& &△SRENG使用图解:
& &①扫描时请关闭所有手动打开的程序
& &②如出现SRENG不能运行情况,把文件改名(类似 \ gen.scr)后再运行
& &③如遇见需要用户名和授权号,或者版本过期,请将系统日期设置为当前再运行
& &④请不要在对分析结果作出建议前进行任何修复、编辑、删除操作。
System Repair Engineer官方2.5下载:
System Repair Engineer官方在线帮助手册
SRENG2.4 / 2.5下载 (已经预先修改程序名字和后缀)
当前进程中的这两个文件都有问题,建议楼主发上来,然后再删掉
System Repair Engineer 2.5.16.900
Smallfrogs ()
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
& & 所有的启动项目(包括注册表、启动文件夹、服务等)
& & 浏览器加载项
& & 正在运行的进程(包括进程模块信息)
& & 文件关联
& & Winsock 提供者
& & Autorun.inf
& & HOSTS 文件
& & 进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& & &ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&&&[(Verified)Microsoft Windows Publisher]
& & &swg&&C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe&&&[(Verified)Google Inc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
& & &load&&&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& & &NvCplDaemon&&RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &RTHDCPL&&RTHDCPL.EXE&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &SkyTel&&SkyTel.EXE&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &Alcmtr&&ALCMTR.EXE&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &CertificateRegistration&&SafeSignCertReg.exe&&&[A.E.T. Europe B.V.]
& & &IMSCMig&&C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload&&&[(Verified)Microsoft Corporation]
& & &FixCamera&&C:\WINDOWS\FixCamera.exe&&&[]
& & &TkBellExe&&&C:\Program Files\Common Files\Real\Update_OB\realsched.exe&&&-osboot&&&[(Verified)&RealNetworks, Inc.&]
& & &KernelFaultCheck&&%systemroot%\system32\dumprep 0 -k&&&[N/A]
& & &Vmlist&®svr32 /s apphelps.dll&&&[N/A]
& & &KavStart&&&C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\K***Start.exe& -startup&&&[(Verified)KINGSOFT CORPORATION]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &shell&&Explorer.exe&&&[(Verified)Microsoft Windows Publisher]
& & &Userinit&&C:\WINDOWS\system32\userinit.exe&&&[(Verified)Microsoft Windows Publisher]
& & &UIHost&&logonui.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{d38-484f-9b9e-dec}]
& & &Internet Explorer&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
& & &Outlook Express&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]
& & &Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
& & &Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
& & &NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{e7d-11d1-bc44-00c04fd912be}]
& & &Windows Messenger 4.7&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& & &Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]
& & &通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
& & &Alcmtr&&; ALCMTR.EXE&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &ASUSGamerOSD&&; C:\Program Files\ASUS\GamerOSD\GamerOSD.exe&&&[ASUSTeK Computer Inc.]
& & &IMJPMIG8.1&&; &C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE& /Spoil /RemAdvDef /Migration32&&&[(Verified)Microsoft Windows Publisher]
& & &IMSCMig&&; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload&&&[(Verified)Microsoft Corporation]
& & &NeroFilterCheck&&; C:\WINDOWS\system32\NeroCheck.exe&&&[Ahead Software Gmbh]
& & &NvCplDaemon&&; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &NvMediaCenter&&; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit&&&[(Verified)Microsoft Windows Publisher]
& & &nwiz&&; nwiz.exe /install&&&[]
& & &PHIME2002A&&; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName&&&[(Verified)Microsoft Windows Publisher]
& & &PHIME2002ASync&&; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC&&&[(Verified)Microsoft Windows Publisher]
& & &RTHDCPL&&; RTHDCPL.EXE&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &SkyTel&&; SkyTel.EXE&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &StormCodec_Helper&&; &C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe& /S /opti&&&[N/A]
& & &SysExplr&&; C:\Program Files\herosoft\SuperPLAY3500\SysExplr.exe&&&[N/A]
& & &TkBellExe&&; &C:\Program Files\Common Files\Real\Update_OB\realsched.exe&&&-osboot&&&[(Verified)&RealNetworks, Inc.&]
==================================
启动文件夹
[腾讯QQ]
&&&C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --& C:\PROGRA~1\多特软~1\Tencent\QQ.exe [TENCENT]&&H&
[QQ游戏启动加速程序]
&&&C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --& C:\PROGRA~1\多特软~1\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]&&H&
==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
&&&&C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe&&&Adobe Systems&
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
&&&&C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe&&&Apple, Inc.&
[ATK Keyboard Service / ATKKeyboardService][Running/Auto Start]
&&&C:\WINDOWS\ATKKBService.exe&&ASUSTeK COMPUTER INC.&
[Forceware Web Interface / ForcewareWebInterface][Running/Auto Start]
&&&&C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe& -k runservice&&Apache Software Foundation&
[Google Updater Service / gusvc][Stopped/Manual Start]
&&&&C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe&&&Google&
[Human Interface Device Access / HidServ][Stopped/Disabled]
&&&C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
&&&&C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe&&&Macrovision Corporation&
[iPod 服务 / iPod Service][Stopped/Manual Start]
&&&&C:\Program Files\iPod\bin\iPodService.exe&&&Apple Inc.&
[Kingsoft Internet Security Common Service / KISSvc][Running/Auto Start]
&&&C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE&&Kingsoft Corporation&
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
&&&&C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE&&&Kingsoft Corporation&
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
&&&&C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE&&&Kingsoft Corporation&
[ForceWare IP service / nSvcIp][Running/Auto Start]
&&&C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe&&NVIDIA Corporation&
[ForceWare user log service / nSvcLog][Running/Auto Start]
&&&C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe&&NVIDIA Corporation&
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
&&&C:\WINDOWS\system32\nvsvc32.exe&&NVIDIA Corporation&
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
&&&C:\WINDOWS\system32\HPZipm12.exe&&HP&
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
&&&&C:\Program Files\PC Connectivity Solution\ServiceLayer.exe&&&Nokia.&
[StarWind iSCSI Service / StarWindService][Running/Auto Start]
&&&d:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe&&Rocket Division Software&
[Distributed Link Tracking Servers / TrkNetsSvcs][Stopped/Auto Start]
&&&C:\WINDOWS\svchost.exe -netsvcs&&N/A&
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
&&&C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe&&Ulead Systems, Inc.&
[Windows Media Connect Service / WMConnectCDS][Stopped/Manual Start]
&&&C:\Program Files\Windows Media Connect 2\wmccds.exe&&Microsoft Corporation&
[ms_2fax / ms_2fax][Running/Auto Start]
&&&C:\WINDOWS\system32\1ad91.exe&&Microsoft Corporation&
==================================
驱动程序
[AMD Processor Driver / AmdK8][Running/System Start]
&&&system32\DRIVERS\AmdK8.sys&&Advanced Micro Devices&
[ASUS Virtual Video Capture Device Driver / asusgsb][Running/Manual Start]
&&&system32\drivers\asusgsb.sys&&ASUSTeK Computer Inc.&
[Enhanced Display Driver Helper Service / asuskbnt][Running/System Start]
&&&system32\drivers\atkkbnt.sys&&ASUSTeK COMPUTER INC.&
[EagleNT / EagleNT][Stopped/Manual Start]
&&&\??\C:\WINDOWS\system32\drivers\EagleNT.sys&&N/A&
[edcvac2 / edcvac29][Running/Boot Start]
&&&\SystemRoot\System32\DRIVERS\edcvac29.sys&&N/A&
[EIO / EIO][Running/System Start]
&&&\??\C:\WINDOWS\system32\drivers\EIO.sys&&ASUSTeK Computer Inc.&
[erac / eract][Running/Boot Start]
&&&\SystemRoot\System32\DRIVERS\eract.sys&&N/A&
[usb Card Device / ft2kEnum][Running/Manual Start]
&&&system32\DRIVERS\ic2kenum.sys&&OEM Corporation&
[USB Chip Holder Service / GDBaseSmc][Running/Manual Start]
&&&system32\DRIVERS\Chip_smc.sys&&OEM&
[USB Chip Service / GD_USB][Stopped/Manual Start]
&&&system32\DRIVERS\Chip_usb.sys&&&
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
&&&System32\Drivers\GEARAspiWDM.sys&&GEAR Software Inc.&
[Hardlock / Hardlock][Running/Auto Start]
&&&\??\C:\WINDOWS\system32\drivers\hardlock.sys&&Aladdin Knowledge Systems&
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
&&&system32\DRIVERS\HDAudBus.sys&&Windows (R) Server 2003 DDK provider&
[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]
&&&system32\DRIVERS\HPZid412.sys&&HP&
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]
&&&system32\DRIVERS\HPZipr12.sys&&HP&
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]
&&&system32\DRIVERS\HPZius12.sys&&HP&
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
&&&system32\drivers\RtkHDAud.sys&&Realtek Semiconductor Corp.&
[K***Base / K***Base][Running/Auto Start]
&&&\??\C:\WINDOWS\system32\Drivers\K***Base.sys&&Kingsoft Corporation&
[K***BootC / K***BootC][Running/Boot Start]
&&&\SystemRoot\system32\Drivers\K***BootC.sys&&Kingsoft Corporation&
[KNetWch / KNetWch][Running/System Start]
&&&\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS&&Kingsoft Corporation&
[KSCDMAN / KSCDMAN][Running/Auto Start]
&&&system32\drivers\kscdman.sys&&KingSoft Corp.&
[KWatch3 / KWatch3][Running/Auto Start]
&&&\??\C:\WINDOWS\system32\drivers\KWatch3.SYS&&Kingsoft Corporation&
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
&&&system32\DRIVERS\ASACPI.sys&&&
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
&&&system32\drivers\nmwcd.sys&&Nokia&
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
&&&system32\drivers\nmwcdc.sys&&Nokia&
[Nokia USB Port / nmwcdcj][Stopped/Manual Start]
&&&system32\drivers\nmwcdcj.sys&&Nokia&
[Nokia USB Modem / nmwcdcm][Stopped/Manual Start]
&&&system32\drivers\nmwcdcm.sys&&Nokia&
[npkcrypt / npkcrypt][Running/Auto Start]
&&&\??\C:\Program Files\多特软件合集\Tencent\QQ\npkcrypt.sys&&INCA Internet Co., Ltd.&
[nv / nv][Running/Manual Start]
&&&system32\DRIVERS\nv4_mini.sys&&NVIDIA Corporation&
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
&&&system32\DRIVERS\NVENETFD.sys&&NVIDIA Corporation&
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
&&&system32\DRIVERS\nvnetbus.sys&&NVIDIA Corporation&
[Padus ASPI Shell / pfc][Stopped/Manual Start]
&&&system32\drivers\pfc.sys&&Padus, Inc.&
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
&&&system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&
[PxHelp20 / PxHelp20][Running/Boot Start]
&&&\SystemRoot\System32\Drivers\PxHelp20.sys&&Sonic Solutions&
[SmartCard Reader Device&&/ Reader_Device][Running/Manual Start]
&&&system32\DRIVERS\usbic2k.sys&&OEM&
[Secdrv / Secdrv][Stopped/Manual Start]
&&&system32\DRIVERS\secdrv.sys&&N/A&
[USB PC Camera (SNPSTD325) / SNP325][Stopped/Manual Start]
&&&system32\DRIVERS\snp325.sys&&Sonix Co. Ltd.&
[sptd / sptd][Running/Boot Start]
&&&\SystemRoot\System32\Drivers\sptd.sys&&N/A&
[uas22xe / uas22xev][Stopped/Boot Start]
&&&\SystemRoot\System32\DRIVERS\uas22xev.sys&&N/A&
[ASUS Video3D Service / Video3D][Running/Manual Start]
&&&System32\Drivers\Video3D32.sys&&ASUSTeK COMPUTER INC.&
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
&&&system32\DRIVERS\WSTCODEC.SYS&&Microsoft Corporation&
==================================
浏览器加载项
[Kingsoft Trojan Webshield]
&&{4E8AFE3-BF78-8A7CCD6EF333} &C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\Antispy\IEBuddy.DLL, Kingsoft Corporation&
[Invoke Class]
&&{5FB8C5D4-929F--7E3EE26EE701} &C:\WINDOWS\system32\e1a1.dll, &
[浩方对战平台]
&&{0A155D3C-68E2-4215-A47A-E800A446447A} &E:\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司&
[IEBuddyExtControl Class]
&&{3AECD3C1-DC-47B6CF7EF749} &C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\Antispy\IEBuddyExt.DLL, Kingsoft Corporation&
[信息检索(&R)]
&&{CC-41C8-B9BE-3C9C571A8263} &C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation&
[启动WEB迅雷]
&&{962EFB8E--AC74-AAA4C759B9C6} &, N/A&
[快车]
&&{D6E814A0-E0C5-11d4-8D29-E3} &C:\Program Files\FlashGet\FlashGet.exe, &
[Messenger]
&&{FB5Fd2-BB9E-00C04F795683} &C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation&
[&Google]
&&{--9B18-CD4F} &c:\program files\google\googletoolbar1.dll, Google Inc.&
[EditCtrl Class]
&&{488AB3-8F27-FA1AECAA8844} &C:\WINDOWS\system32\aliedit\aliedit.dll, &
[Shockwave Flash Object]
&&{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.&
[Google Script Object]
&&{00EF-47C0-BD25-CF2D5D657FEB} &c:\program files\google\googletoolbar1.dll, Google Inc.&
[WebThunder Class]
&&{03507A1A-E0C5-4404-AA26-2D} &, N/A&
[Adobe PDF Reader Link Helper]
&&{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} &C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated&
[CLDown Object]
&&{0BECAB3A-E1F8-45E6-0EBA01} &D:\Tuotu\TuoTuHelper_v8.dll, &
[InfosecCertInstall Class]
&&{0EB487C8-E9AC-43A6-8C4C-2F} &C:\WINDOWS\system32\certInStall.dll, &
[iTrusPTA Class]
&&{1E0DFFCF-27FF-007349FEDA} &C:\WINDOWS\system32\aliedit\pta.dll, &
[Windows Media Player]
&&{22D6F312-B0F6-11D0-94AB-E95} &C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation&
[&Google]
&&{--9B18-CD4F} &c:\program files\google\googletoolbar1.dll, Google Inc.&
[HTML Document]
&&{F9-11CF-8FD0-00AA00686F13} &%SystemRoot%\system32\mshtml.dll, N/A&
[DHTML Edit Control Safe for Scripting for IE5]
&&{2D360201-FFF5-11D1-8D03-00A0C959BC0A} &C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation&
[WebThunder DapPlayer]
&&{2EEDA47E-8D5C-4d7e-B4B6-E16E} &D:\web\DownAndPlay\DapPlayer3.0.31.55.dll, ShenZhen Thunder Networking Technologies Ltd.&
[IEBuddyExtControl Class]
&&{3AECD3C1-DC-47B6CF7EF749} &C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\Antispy\IEBuddyExt.DLL, Kingsoft Corporation&
[XML Document]
&&{4D9-11D1-A6B3-00C04FD91555} &%SystemRoot%\system32\msxml3.dll, N/A&
[EditCtrl Class]
&&{488AB3-8F27-FA1AECAA8844} &C:\WINDOWS\system32\aliedit\aliedit.dll, &
[Kingsoft Trojan Webshield]
&&{4E8AFE3-BF78-8A7CCD6EF333} &C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\Antispy\IEBuddy.DLL, Kingsoft Corporation&
[HHCtrl Object]
&&{52A2AAAE-085D-4187-97EA-8C30DB990436} &C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation&
[Shell Name Space]
&&{DE-11D1-B9F2-00A0C98BC547} &%SystemRoot%\system32\shdocvw.dll, N/A&
[PowerPlayer Control]
&&{5EC7C511-CD0F-42E6-830C-1BD} &C:\WINDOWS\system32\stsys\POWERP~1.DLL, PPStream Inc.&
[Invoke Class]
&&{5FB8C5D4-929F--7E3EE26EE701} &C:\WINDOWS\system32\e1a1.dll, &
[InfoSecNetSign Class]
&&{62B938C4--8CF0-A92B0A91CC77} &C:\WINDOWS\system32\NetSign.dll, Infosec Technologies Co., Ltd.&
[WUWebControl Class]
&&{6414512B-B978-451D-A0D8-FCFDF33E833C} &C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation&
[XMP Class]
&&{8-4C41-AACC-52D4D7845851} &C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, &
[XDRM]
&&{693571CB-54A3-4E90-9D52-EEAE} &C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, &
[Windows Media Player]
&&{6BF52A52-394A-11D3-B153-00C04F79FAA6} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&
[WangWangObj Class]
&&{6E213FC7-DD5A--D4CE} &D:\Program Files\Alisoft\WangWang\WangWangX4.dll, 阿里巴巴软件(上海)有限公司&
[AxInputControl Class]
&&{73E4740C-08EB-D0A7C9EE3CD} &C:\WINDOWS\system32\INPUTC~1.DLL, &
[MediaComm Class]
&&{1B-42AF-BDFE-46D26AF5EFF2} &D:\web\InMedia\MediaAddin13.dll, Thunder Networking Technologies,LTD&
[360SafeLive]
&&{C--D416CB8059E3} &C:\Program Files\360safe\live.dll, &
[Microsoft Web 浏览器]
&&{A-11D0-A96B-00C04FD705A2} &C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation&
[Thunder Browser Helper]
&&{889D2FEB-98-1DD2C5261283} &C:\Program Files\多特软件合集\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD&
[AxSubmitControl Class]
&&{8D9E0B29-563C--5FF2AE77E1D2} &C:\WINDOWS\system32\SUBMIT~1.DLL, &
[RMGetLicense Class]
&&{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} &C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation&
[Google Toolbar Helper]
&&{AA58ED58-01DD-4D91-8333-CF} &c:\program files\google\googletoolbar1.dll, Google Inc.&
[Microsoft Scriptlet Component]
&&{AE24FDAE-03C6-11D1-8B76-} &C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation&
[Google Toolbar Notifier BHO]
&&{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} &C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.&
[SearchAssistantOC]
&&{B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, N/A&
[RDS.DataSpace]
&&{BD96C556-65A3-11D0-983A-00C04FC29E36} &C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation&
[AUDIO__MP3 Moniker Class]
&&{CD3AFA76-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&
[AUDIO__X_MS_WMA Moniker Class]
&&{CD3AFA84-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&
[RealPlayer G2 Control]
&&{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.&
[Shockwave Flash Object]
&&{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.&
[AxUSBKey Class]
&&{DAB2-47DE-AE24-DA95481DFFBA} &C:\WINDOWS\system32\USBKey.dll, &
[FlashGet GetFlash Class]
&&{FEF-470C-80DBA} &C:\Program Files\FlashGet\getflash.dll, &
[XPPlayer Class]
&&{F3E70CEA-956E-49CC-B444-73AFE593AD7F} &C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder&
[FGAutoLive]
&&{F90D830D-C175-4bbe-82C7-FF} &C:\Program Files\FlashGet\fgupdate.dll, &
[FGCatchUrl]
&&{FB5DA724-162B-11D3-8B9B-AA70B4B0B524} &C:\Program Files\FlashGet\jccatch.dll, &
[&使用快车(FlashGet)下载]
&&&C:\Program Files\FlashGet\jc_link.htm, N/A&
[&使用快车(FlashGet)下载全部链接]
&&&C:\Program Files\FlashGet\jc_all.htm, N/A&
[使用Web迅雷下载]
&&&D:\web\GetUrl.htm, N/A&
[使用Web迅雷下载全部链接]
&&&D:\web\GetAllUrl.htm, N/A&
[使用脱兔下载]
&&&D:\Tuotu\TT_one.htm, N/A&
[使用脱兔下载全部链接]
&&&D:\Tuotu\TT_all.htm, N/A&
[使用迅雷下载]
&&&C:\Program Files\多特软件合集\Thunder\Program\geturl.htm, N/A&
[使用迅雷下载全部链接]
&&&C:\Program Files\多特软件合集\Thunder\Program\getallurl.htm, N/A&
[导出到 Microsoft Office Excel(&X)]
&&&res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A&
[添加到QQ表情]
&&&C:\Program Files\多特软件合集\Tencent\AddEmotion.htm, N/A&
==================================
正在运行的进程
[PID: 788 / SYSTEM][\SystemRoot\System32\smss.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 844 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 868 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [C:\WINDOWS\system32\msacm32.drv]&&[Microsoft Corporation, 5.1.2600.0 (xpclient.8)]
[PID: 912 / SYSTEM][C:\WINDOWS\system32\services.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 924 / SYSTEM][C:\WINDOWS\system32\lsass.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1084 / SYSTEM][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1140 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1228 / SYSTEM][C:\WINDOWS\System32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [c:\windows\system32\wbem\lreenfvnb.dll]&&[Microsoft Crop., 6.0.3.189]
[PID: 1268 / SYSTEM][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [c:\windows\system32\wudfsvc.dll]&&[Microsoft Corporation, 6.0.5730.0 (winmain.5)]
& & [c:\windows\system32\WUDFPlatform.dll]&&[Microsoft Corporation, 6.0.5730.0 (winmain.5)]
[PID: 1324 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1488 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1844 / Administrator][C:\WINDOWS\Explorer.EXE]&&[Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
& & [C:\WINDOWS\system32\edcvac29.dll]&&[N/A, ]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
& & [C:\WINDOWS\system32\msacm32.drv]&&[Microsoft Corporation, 5.1.2600.0 (xpclient.8)]
& & [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]&&[Adobe Systems, Inc., 8.1.0.0]
& & [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]&&[Adobe Systems, Inc., 8.0.0.0]
& & [C:\WINDOWS\system32\e1a1.dll]&&[, 1, 0, 0, 2]
& & [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]&&[Microsoft Corporation, 11.0.5510]
[PID: 1904 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_gdr.9)]
& & [C:\WINDOWS\system32\hpzll43a.dll]&&[Hewlett-Packard Company, 60.053.243.00]
& & [C:\WINDOWS\system32\mdimon.dll]&&[Microsoft Corporation, 11.3.8166.2]
& & [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp43a.dll]&&[Hewlett-Packard Corporation, 60.053.243.00]
& & [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]&&[Microsoft Corporation, 11.3.8166.2]
[PID: 1944 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 456 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe]&&[Apple, Inc., 1, 12, 0, 0]
[PID: 536 / SYSTEM][C:\WINDOWS\ATKKBService.exe]&&[ASUSTeK COMPUTER INC., 6, 14, 10, 201]
& & [C:\WINDOWS\OneTouchVga.dll]&&[ASUSTek, 1, 1, 0, 0]
& & [C:\WINDOWS\aticlocklib.dll]&&[N/A, ]
& & [C:\WINDOWS\EIO.DLL]&&[ASUSTek Computer Inc.,, 2, 6, 2, 0]
& & [C:\WINDOWS\system32\nvapi.dll]&&[NVIDIA Corporation, 6.14.11.5827]
& & [C:\WINDOWS\nvgpio.dll]&&[NVIDIA Corporation, 2.0.0.1]
[PID: 560 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe]&&[Apache Software Foundation, 2.0.52]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapr.dll]&&[Apache Software Foundation, 0.0.0.0]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libaprutil.dll]&&[Apache Software Foundation, 0.0.0.0]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapriconv.dll]&&[Apache Software Foundation, 0.0.0.0]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libhttpd.dll]&&[Apache Software Foundation, 2.0.52]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_access.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_actions.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_alias.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so]&&[N/A, ]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\nv_common.dll]&&[NVIDIA, 2, 2, 0, 464]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_cgi.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_env.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_expires.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_headers.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_include.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_log_config.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_mime.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_negotiation.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_rewrite.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_setenvif.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_ssl.so]&&[Apache Software Foundation, 2.0.47]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll]&&[N/A, ]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll]&&[N/A, ]
[PID: 660 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe]&&[NVIDIA Corporation, 2, 2, 0, 464]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll]&&[NVIDIA, 2, 2, 0, 464]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\NMI.dll]&&[NVIDIA Corporation, 2, 2, 0, 464]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\MSVCP60.dll]&&[Microsoft Corporation, 6.02.3104.0]
[PID: 840 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe]&&[Apache Software Foundation, 2.0.52]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapr.dll]&&[Apache Software Foundation, 0.0.0.0]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libaprutil.dll]&&[Apache Software Foundation, 0.0.0.0]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapriconv.dll]&&[Apache Software Foundation, 0.0.0.0]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libhttpd.dll]&&[Apache Software Foundation, 2.0.52]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_access.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_actions.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_alias.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so]&&[N/A, ]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\nv_common.dll]&&[NVIDIA, 2, 2, 0, 464]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_cgi.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_env.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_expires.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_headers.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_include.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_log_config.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_mime.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_negotiation.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_rewrite.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_setenvif.so]&&[Apache Software Foundation, 2.0.49]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_ssl.so]&&[Apache Software Foundation, 2.0.47]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll]&&[N/A, ]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll]&&[N/A, ]
[PID: 1128 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]&&[NVIDIA Corporation, 6.14.11.5827]
& & [C:\WINDOWS\system32\nvapi.dll]&&[NVIDIA Corporation, 6.14.11.5827]
[PID: 1184 / SYSTEM][C:\WINDOWS\system32\HPZipm12.exe]&&[HP, 10, 1, 1, 2]
[PID: 1400 / SYSTEM][d:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe]&&[Rocket Division Software, 2.6.1 Build 0x]
[PID: 1316 / SYSTEM][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1472 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]&&[Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 1660 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe]&&[NVIDIA Corporation, 2, 2, 0, 464]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll]&&[NVIDIA, 2, 2, 0, 464]
& & [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common_firewall.dll]&&[NVIDIA, 2, 2, 0, 464]
[PID: 2416 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 2628 / Administrator][C:\WINDOWS\RTHDCPL.EXE]&&[Realtek Semiconductor Corp., 2.0.9.6]
& & [C:\WINDOWS\system32\msacm32.drv]&&[Microsoft Corporation, 5.1.2600.0 (xpclient.8)]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
[PID: 2720 / Administrator][C:\WINDOWS\system32\SafeSignCertReg.exe]&&[A.E.T. Europe B.V., 2.0.0.2]
[PID: 2736 / Administrator][C:\WINDOWS\FixCamera.exe]&&[, 1, 0, 0, 9]
[PID: 2840 / Administrator][C:\WINDOWS\system32\ctfmon.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 2904 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]&&[Google Inc., 2, 0, 301, 1654]
& & [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll]&&[Google Inc., 2, 0, 301, 7164]
& & [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll]&&[Google Inc., 2, 0, 301, 7164]
& & [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll]&&[Google Inc., 2, 0, 301, 7164]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
[PID: 2892 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]&&[Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
& & [c:\program files\google\googletoolbar1.dll]&&[Google Inc., 4, 0, ]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\Antispy\IEBuddy.DLL]&&[Kingsoft Corporation, ,41]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\Antispy\IEBuddyExt.DLL]&&[Kingsoft Corporation, ,264]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\Antispy\KANTray.dll]&&[Kingsoft Corporation, ,133]
& & [C:\WINDOWS\system32\e1a1.dll]&&[, 1, 0, 0, 2]
& & [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]&&[Microsoft Corporation, 11.0.5510]
& & [D:\Program Files\Nokia PC Suite 6\PhoneBrowser.dll]&&[Nokia, 6, 83, 74, 9]
& & [D:\Program Files\Nokia PC Suite 6\PCSCM.dll]&&[Nokia, 6, 83, 92, 11]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\WINDOWS\system32\MSVCR71.dll]&&[Microsoft Corporation, 7.10.3052.4]
& & [D:\Program Files\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr]&&[Nokia, 6, 83, 47, 1]
& & [D:\Program Files\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr]&&[Nokia, 6, 83, 15, 1]
& & [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]&&[Adobe Systems, Inc., 9,0,47,0]
& & [C:\WINDOWS\system32\msacm32.drv]&&[Microsoft Corporation, 5.1.2600.0 (xpclient.8)]
[PID: 3316 / Administrator][C:\WINDOWS\system32\rundll32.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [C:\WINDOWS\system32\3e1.dll]&&[&&, 1, 0, 0, 3]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
[PID: 1336 / SYSTEM][C:\WINDOWS\system32\1ad91.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 2496 / Administrator][C:\WINDOWS\system32\wbem\8291\svchost.exe]&&[N/A, ]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
& & [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]&&[Adobe Systems, Inc., 9,0,47,0]
& & [C:\WINDOWS\system32\msacm32.drv]&&[Microsoft Corporation, 5.1.2600.0 (xpclient.8)]
[PID: 1396 / Administrator][C:\Program Files\多特软件合集\Tencent\QQ.exe]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQBaseClassInDll.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQHelperDll.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\BasicCtrlDll.dll]&&[TENCENT, 7, 0, 431, 1723]
& & [C:\Program Files\多特软件合集\Tencent\MFC42.DLL]&&[Microsoft Corporation, 6.00.8665.0]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\多特软件合集\Tencent\RICHED32.DLL]&&[Microsoft Corporation, 5.00.2134.1]
& & [C:\Program Files\多特软件合集\Tencent\RICHED20.dll]&&[Microsoft Corporation, 5.31.23.1218]
& & [C:\Program Files\多特软件合集\Tencent\QQAPI.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\TIMProxy.dll]&&[tencent, 0, 3, 2, 4]
& & [C:\Program Files\多特软件合集\Tencent\LoginCtrl.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\LoginCtrlRes.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQRes.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQMainFrame.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\gdiplus.dll]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [C:\Program Files\多特软件合集\Tencent\UnReadMsgMgr.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\CQQApplication.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\FlashAvatarDll.dll]&&[, 1, 4, 0, 1]
& & [C:\Program Files\多特软件合集\Tencent\NewSkin.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\MailSummary.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQKnowledgeSearch.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\WINDOWS\system32\msacm32.drv]&&[Microsoft Corporation, 5.1.2600.0 (xpclient.8)]
& & [C:\WINDOWS\system32\msadp32.acm]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [C:\Program Files\多特软件合集\Tencent\QQAllInOne.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\SCCore.dll]&&[TENCENT, 1, 6, 0, 2]
& & [C:\Program Files\多特软件合集\Tencent\CameraDll.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQSpace.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\vbscript.dll]&&[Microsoft Corporation, 5.6.0.7426]
& & [C:\WINDOWS\system32\msdmo.dll]&&[, ]
& & [C:\Program Files\多特软件合集\Tencent\QQGroupMng.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQSysMsgMng.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\UserDefinedHead.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQPlugin.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\QQConfigPlugin.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQAvatar.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\QQCustomFace.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\QRingMng.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\LongConnection.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\PhoneAPI.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\DialerAllinOne.dll]&&[tencent, 1, 4, 0, 0]
& & [C:\Program Files\多特软件合集\Tencent\QQPet.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\BQQApplication.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\CommercesMng.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\PersonalDesktop.dll]&&[深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
& & [C:\Program Files\多特软件合集\Tencent\QQAddr.dll]&&[深圳市腾讯计算机系统有限公司, 5, 0, 101, 310]
& & [C:\Program Files\多特软件合集\Tencent\QQFileTransfer.dll]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\多特软件合集\Tencent\QQSceneMng.dll]&&[N/A, ]
& & [C:\Program Files\多特软件合集\Tencent\AddrSearch.dll]&&[腾讯科技(深圳)有限公司, 2, 1, 9, 97]
& & [C:\Program Files\多特软件合集\Tencent\QQDoctor\TSFSCAN.DAT]&&[Tencent, , 6]
& & [C:\Program Files\多特软件合集\Tencent\QQDoctor\TSELoder.DAT]&&[Tencent, , 8]
& & [C:\Program Files\多特软件合集\Tencent\QQDoctor\TSEngine.DAT]&&[Tencent, , 16]
& & [C:\Program Files\多特软件合集\Tencent\QQDoctor\TSECD.DAT]&&[tencent, , 3]
& & [C:\Program Files\多特软件合集\Tencent\QQDoctor\TSESC.DAT]&&[Tencent, , 2]
[PID: 360 / Administrator][C:\Program Files\多特软件合集\Tencent\TIMPlatform.exe]&&[TENCENT, 7,0,431,1723]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\多特软件合集\Tencent\TIMProxy.dll]&&[tencent, 0, 3, 2, 4]
[PID: 2472 / Administrator][D:\web\WebThunder.exe]&&[深圳市迅雷网络技术有限公司, 1, 11, 1, 188]
& & [D:\web\MSVCR71.dll]&&[Microsoft Corporation, 7.10.3052.4]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
& & [D:\web\TaskManager.dll]&&[Thunder Networking Technologies,LTD, 1, 2, 4, 38]
& & [D:\web\download_interface.dll]&&[Thunder Networking Technologies,LTD, 2, 19, 2, 178]
& & [D:\web\stlport_vc646.dll]&&[STLport Consulting, Inc., 4.6.]
& & [D:\web\asyn_dns.dll]&&[Thunder Networking Technologies,LTD, 2, 19, 2, 178]
& & [D:\web\streammedialib.dll]&&[, 1, 2, 0, 78]
& & [D:\web\RegisterDll.dll]&&[Thunder Networking Technologies,LTD, 2, 16, 5, 61]
& & [D:\web\CacheServer.dll]&&[, 1, 0, 0, 1]
& & [D:\web\XLSafe\SafeInfo.dll]&&[深圳市迅雷网络技术有限公司, 1, 0, 1, 0]
& & [D:\web\XLNet.Dll]&&[Thunder Networking Technologies,LTD, 1, 2, 1, 9]
& & [D:\web\DownAndPlay\WebDownAndPlay.dll]&&[ShenZhen Thunder Networking Technologies Ltd., 1, 0, 2, 20]
& & [D:\web\XLStatistic\XLStatisticAddin.dll]&&[深圳市迅雷网络技术有限公司, 1, 3, 0, 4]
& & [C:\WINDOWS\system32\msacm32.drv]&&[Microsoft Corporation, 5.1.2600.0 (xpclient.8)]
[PID: 2052 / Administrator][H:\SREngPS.EXE]&&[Smallfrogs Studio, 2.5.16.900]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]&&[Kingsoft Corporation, ,128]
& & [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]&&[Kingsoft Corporation, ,128]
& & [H:\Upload\3rdUpd.DLL]&&[Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT&&OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE&&OK. [&%1& %*]
.COM&&OK. [&%1& %*]
.PIF&&OK. [&%1& %*]
.REG&&OK. [regedit.exe &%1&]
.BAT&&OK. [&%1& %*]
.SCR&&OK. [&%1& /S]
.CHM&&Error. [&hh.exe& %1]
.HLP&&Error. [winhlp32.exe %1]
.INI&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS&&OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.JS& &OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.LNK&&OK. [{0-}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1& && & localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 456, C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 536, C:\WINDOWS\ATKKBSERVICE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 660, C:\PROGRAM FILES\NVIDIA CORPORATION\NETWORKACCESSMANAGER\BIN\NSVCLOG.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1660, C:\PROGRAM FILES\NVIDIA CORPORATION\NETWORKACCESSMANAGER\BIN\NSVCIP.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2736, C:\WINDOWS\FIXCAMERA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2496, C:\WINDOWS\SYSTEM32\WBEM\8291\SVCHOST.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================复制代码
我打游戏时经常莫名其妙的弹出来,为什么???看了一下,是有个程序隔几分钟就要运行一次,windows/system32/lad91.exe,根本莫法删除,!这个程序在启动项里,无法禁用,手动删不了,也粉碎不了,只有128KB大小!还有个&万能搜索变种sf&插件,移除了,隔一会儿又有了!各位大哥斑竹帮帮忙啊,谢谢啦
! 每次开机就抢杀了14个病毒
毒[localimg=720,532]2[/localimg]
66.jpg (126.22 KB, 下载次数: 3)
11:51 上传
88.jpg (39.35 KB, 下载次数: 3)
11:56 上传
lad91,我已上传可疑文件里去了
12:01 上传
点击文件名下载附件
46.72 KB, 下载次数: 10
(XP)关闭系统还原:右键&我的电脑&—&属性—&系统还原—&&在所有驱动器上关闭系统还原& 打勾即可。
(VISTA)关闭系统还原:右键&我的电脑&(“计算机”)—&属性—&系统保护—&在所有驱动器上去掉打勾按提示关闭即可
(以上操作,在病毒清理后请自行决定是否打开)
推荐方法 And 为了能帮助更多人
(红色标示部分为重要部分,不能遗漏)
将方案保存文本放在桌面,没有操作完之前,不要打开任何网站、网页、QQ,不要进入任何分区。
预先下载好所有工具,看清楚步骤和要求。
按步骤走完后,为了能帮助更多人,在xdelbox目录下有一个backups文件夹,将里面的文件压缩并设置密码为123456
发送EMail到:& &&&或者是上传论坛 后,系统没异常,backups下的文件可以全部删除。建议及时PM我去处理
用下面的工具,清理系统临时文件和IE临时文件
建议使用XDelBox删除以上文件()使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。建议解压缩任意文件夹再运行xdelbox,运行前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。[选择备份,勾选“抑制文件再生”有提示不存在该文件就忽略,继续添加其它文件]
c:\windows\system32\apphelps.dll
c:\windows\system32\1ad91.exe
c:\windows\svchost.exe
c:\windows\system32\drivers\uas22xev.sys
c:\windows\system32\drivers\sptd.sys
c:\windows\system32\drivers\edcvac29.sys
c:\windows\system32\drivers\eract.sys
c:\windows\system32\wbem\8291\svchost.exe
c:\windows\system32\wbem\lreenfvnb.dll
c:\windows\system32\e1a1.dll
c:\windows\system32\edcvac29.dll
c:\windows\aticlocklib.dll
c:\windows\system32\3e1.dll
将以下启动项目删除:(使用SREng操作)
[Vmlist]& & ®svr32 /s apphelps.dll&
将以下服务删除:(使用SREng操作)
方法:SREng-在&启动项目-&服务-&&Win32服务应用程序&选中&隐藏已认证的微软项目& 然后将下面名称的服务删除(选中有问题的服务后,点&删除服务&,点“设置”按钮即可。注意弹出的窗口中要点 &否NO&才是确认删除服务)(不能删除的就禁用:启动类型改为disabled,点中修改启动类型,点设置):
[ms_2fax / ms_2fax]& & &C:\WINDOWS\system32\1ad91.exe&
[Distributed Link Tracking Servers / TrkNetsSvcs]& & &C:\WINDOWS\svchost.exe -netsvcs&
将以下驱动程序删除:(使用SREng操作)
方法:SREng-启动项目-&服务-驱动程序中&选中&隐藏已认证的微软项目&然后删除下面名称的驱动程序(选中有问题的驱动后,点&删除服务&,点&设置&按钮即可。注意弹出的窗口中要点&否NO&才是确认删除服务)(不能删除就禁用:启动类型改为disabled,点中修改启动类型,点设置):
[uas22xe / uas22xev]& & &\SystemRoot\System32\DRIVERS\uas22xev.sys&
[sptd / sptd]& & &\SystemRoot\System32\Drivers\sptd.sys&
[edcvac2 / edcvac29]& & &\SystemRoot\System32\DRIVERS\edcvac29.sys&
[erac / eract]& & &\SystemRoot\System32\DRIVERS\eract.sys&
检查系统状态,用下面工具升级后转安全模式下清理:
[检查系统,上传未知项目]
PS:由于勾选了“抑制文件再生”被删除文件同一个地方会有相同的文件名字文件夹,(并且开机会自动打开这些文件夹,请忽略。)请一一进去将与原来病毒同名文件夹删除即可
检查系统状态,用下面工具升级后转安全模式下清理: 金山清理专家 [检查系统,上传未知项目] Windows清理助手(压缩版) 恶意软件清理助手 PS:由于勾选了“抑制文件再生”被删除文件同一个地方会有相同的文件名字文件夹,(并且开机会自动打开这些文件夹,请忽略。)请一一进去将与原来病毒同名文件夹删除即可!!!
这步怎么做啊!病毒文件是哪些???
99.jpg (30.82 KB, 下载次数: 3)
13:13 上传
98.jpg (34.13 KB, 下载次数: 3)
13:13 上传
96.jpg (23.34 KB, 下载次数: 3)
13:13 上传
启动项里什么是必须的
谢谢annygi,问题解决了
逛了这许久,何不进去瞧瞧?
关注我们:

参考资料

 

随机推荐