设为首页收藏本站
开启辅助访问 切换到窄版

八达网

 找回密码
 注册
八达网»论坛 星际区 八达大杂烩 有困难,找8DA,万能的8DA啊,给我个杀木马病毒的利器吧 ...
返回列表 发新帖
查看: 200|回复: 27
打印 上一主题 下一主题

有困难,找8DA,万能的8DA啊,给我个杀木马病毒的利器吧!我要抓狂了

[复制链接]
8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
跳转到指定楼层
1
发表于 2009-1-17 22:03 |只看该作者 |倒序浏览
系统重新装了2次了,还是有病毒,乱开进程,IE错误,什么错误都有,
全是数字的进程5、6个,没办法了
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

淅灵神见

0

主题

0

好友

3393

积分

飞龙
2
发表于 2009-1-17 22:05 |只看该作者
。。。。听说过落雪么?
D盘E盘F盘==盘的AUTORAN。。
   醉笑陪君三万场,不诉离伤...
回复

使用道具 举报

kkk1234486 该用户已被删除
3
发表于 2009-1-17 22:05 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
回复

使用道具 举报

2Ber
头像被屏蔽

13

主题

0

好友

4118

积分

禁止发言
4
发表于 2009-1-17 22:06 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
回复

使用道具 举报

古妮娅 该用户已被删除
5
发表于 2009-1-17 22:06 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
回复

使用道具 举报

2Ber
头像被屏蔽

13

主题

0

好友

4118

积分

禁止发言
6
发表于 2009-1-17 22:07 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
回复

使用道具 举报

厂长 该用户已被删除
7
发表于 2009-1-17 22:07 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
回复

使用道具 举报

a2_lovely

2

主题

0

好友

4万

积分

光明执政官
8
发表于 2009-1-17 22:08 |只看该作者
NOD32       www.duote.com上有试用版   时间基本上可以用到你死的那天

如果是杀毒软件达人的话  应该都知道 NOD32 这款全球享誉盛名的杀毒软件  极其牛逼的同时 耗费机器资源微乎其微 。
厂长 发表于 2009-1-17 22:07
....我一直用NOD32
回复

使用道具 举报

卡尔-兰德里

0

主题

0

好友

9511

积分

大象
9
发表于 2009-1-17 22:12 |只看该作者
瑞星。。。
回复

使用道具 举报

加内特

19

主题

0

好友

1万

积分

航母
10
发表于 2009-1-17 22:12 |只看该作者
备份资料,重新分区
回复

使用道具 举报

古妮娅 该用户已被删除
11
发表于 2009-1-17 22:16 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
回复

使用道具 举报

xhb221
头像被屏蔽

0

主题

0

好友

1277

积分

禁止发言
12
发表于 2009-1-17 22:16 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
签名被屏蔽
回复

使用道具 举报

a2_lovely

2

主题

0

好友

4万

积分

光明执政官
13
发表于 2009-1-17 22:17 |只看该作者
全部格式化 一个不放过
回复

使用道具 举报

PPLN

0

主题

0

好友

8万

积分

仲裁者
14
发表于 2009-1-17 22:17 |只看该作者
扫个报告看看
回复

使用道具 举报

kkk1234486 该用户已被删除
15
发表于 2009-1-17 22:18 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
16
发表于 2009-1-17 22:29 |只看该作者
你们说的烧个报告是什么意思嘛,我没烧过啊
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

古妮娅 该用户已被删除
17
发表于 2009-1-17 22:41 |只看该作者
提示: 作者被禁止或删除 内容自动屏蔽
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
18
发表于 2009-1-17 22:48 |只看该作者
马上少妙出来,吗哟,老子以后要是听到哪个是做病毒的一定打得他吗都认不到
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

Aphrodite

0

主题

0

好友

7万

积分

仲裁者
19
发表于 2009-1-17 22:49 |只看该作者
你的其他盘有问题 再怎么装系统都是白搭

全盘格式化完  下哥杀软 整哥防火墙
然后注意上网习惯

关自动播放  u盘使用特别注意
2010年北京國際車展美女全集 多圖
回复

使用道具 举报

Aphrodite

0

主题

0

好友

7万

积分

仲裁者
20
发表于 2009-1-17 22:49 |只看该作者
你的其他盘有问题 再怎么装系统都是白搭

全盘格式化完  下哥杀软 整哥防火墙
然后注意上网习惯

关自动播放  u盘使用特别注意
2010年北京國際車展美女全集 多圖
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
21
发表于 2009-1-17 22:49 |只看该作者
马上少妙出来,吗哟,老子以后要是听到哪个是做病毒的一定打得他吗都认不到
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
22
发表于 2009-1-17 22:49 |只看该作者
马上少妙出来,吗哟,老子以后要是听到哪个是做病毒的一定打得他吗都认不到
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
23
发表于 2009-1-17 22:49 |只看该作者
马上少妙出来,吗哟,老子以后要是听到哪个是做病毒的一定打得他吗都认不到
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
24
发表于 2009-1-17 22:50 |只看该作者
8DA又侧漏了?怎么回复1个是几个?
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
25
发表于 2009-1-17 22:50 |只看该作者
2009-01-17,22:50:35

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
API HOOK
隐藏进程


启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [(Infected) Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(nwiz)(nwiz.exe /install) []
(RTHDCPL)(RTHDCPL.EXE) [(Verified)Microsoft Windows Hardware Compatibility Publisher]
(Alcmtr)(ALCMTR.EXE) [(Verified)Microsoft Windows Hardware Compatibility Publisher]
(Windows木马防火墙)(D:\个人资料管理\Administrator\桌面\mmsk\Trojanwall.exe) [风云谷科技]
(NvCplDaemon)(RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup) [(Verified)Microsoft Windows Hardware Compatibility Publisher]
(HBService32)(System.exe) [HB Software]
(nod32kui)("C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE) [Eset ]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
(Alcmtr)(anymie360.exe) []
(ctfn)(C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\457416) []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [(Verified)Microsoft Windows Component Publisher]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)(ieebhibb.dll,HBCHIBI.dll,fgfinafd.dll,jibgmeng.dll,lalnhdbf.dll,fojeijod.dll,egiafooh.dll,fhgeogbg.dll,aalcjjpg.dll,cmahmoni.dll,dmdpggja.dll,cffhhleo.dll,bbnefkea.dll,dpkkacma.dll) []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({AEB6717E-7E19-11d0-97EE-00C04FD91972})(shell32.dll) [(Verified)Microsoft Windows Component Publisher]
({47665FA5-FCF5-4444-B552-DF6549ECCA27})(C:\Program Files\Internet Explorer\UzsKtNt.Zs3) []
({2EEB12BB-4899-4229-8518-9BD1E5E211A2})(C:\WINDOWS\system32\ieebhibb.dll) []
({F0F27AFD-0C91-40B3-B5C0-32175CB5AE65})(C:\WINDOWS\system32\fgfinafd.dll) []
({32B06E70-7A19-43B2-9C67-0BDED9FDB3F9})(C:\WINDOWS\system32\jibgmeng.dll) []
({5A571DBF-6102-4330-8545-9FE0455260B1})(C:\WINDOWS\system32\lalnhdbf.dll) []
({F83E238D-CC67-4439-A6A2-E901FB46677D})(C:\WINDOWS\system32\fojeijod.dll) []
({E02AF881-6DD6-4E41-9EE5-8E82CDA9E14A})(C:\WINDOWS\system32\egiafooh.dll) []
({F10E80B0-5632-4159-B55A-791636775ED9})(C:\WINDOWS\system32\fhgeogbg.dll) []
({AA5C3390-F1DD-4F78-8583-E85C8699A980})(C:\WINDOWS\system32\aalcjjpg.dll) []
({C6A16872-4C3E-4548-9361-C8A1E0E8FD4B})(C:\WINDOWS\system32\cmahmoni.dll) []
({D6D9003A-431B-41B7-BACE-CC90BCE854C3})(C:\WINDOWS\system32\dmdpggja.dll) []
({CFF115E8-1030-4AA1-8B12-AF660B6C405F})(C:\WINDOWS\system32\cffhhleo.dll) []
({BB7EF4EA-EAB4-4942-82DC-747C53CE70E0})(C:\WINDOWS\system32\bbnefkea.dll) []
({D944AC6A-38B5-4550-AB1A-030D1DE88A8E})(C:\WINDOWS\system32\dpkkacma.dll) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
(PostBootReminder)(%SystemRoot%\system32\SHELL32.dll) [(Verified)Microsoft Windows Component Publisher]
(CDBurn)(%SystemRoot%\system32\SHELL32.dll) [(Verified)Microsoft Windows Component Publisher]
(WebCheck)(%SystemRoot%\system32\webcheck.dll) [(Verified)Microsoft Windows Publisher]
(SysTray)(C:\WINDOWS\system32\stobject.dll) [(Verified)Microsoft Windows Publisher]
(2EEB12BB)(C:\WINDOWS\system32\ieebhibb.dll) []
(F0F27AFD)(C:\WINDOWS\system32\fgfinafd.dll) []
(32B06E70)(C:\WINDOWS\system32\jibgmeng.dll) []
(5A571DBF)(C:\WINDOWS\system32\lalnhdbf.dll) []
(F83E238D)(C:\WINDOWS\system32\fojeijod.dll) []
(E02AF881)(C:\WINDOWS\system32\egiafooh.dll) []
(F10E80B0)(C:\WINDOWS\system32\fhgeogbg.dll) []
(AA5C3390)(C:\WINDOWS\system32\aalcjjpg.dll) []
(C6A16872)(C:\WINDOWS\system32\cmahmoni.dll) []
(D6D9003A)(C:\WINDOWS\system32\dmdpggja.dll) []
(CFF115E8)(C:\WINDOWS\system32\cffhhleo.dll) []
(BB7EF4EA)(C:\WINDOWS\system32\bbnefkea.dll) []
(D944AC6A)(C:\WINDOWS\system32\dpkkacma.dll) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
(WinlogonNotify: crypt32chain)(crypt32.dll) [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
(WinlogonNotify: cryptnet)(cryptnet.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
(WinlogonNotify: cscdll)(cscdll.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
(WinlogonNotify: ScCertProp)(wlnotify.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
(WinlogonNotify: Schedule)(wlnotify.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
(WinlogonNotify: sclgntfy)(sclgntfy.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
(WinlogonNotify: SensLogn)(WlNotify.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
(WinlogonNotify: termsrv)(wlnotify.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
(WinlogonNotify: wlballoon)(wlnotify.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
({438755C2-A8BA-11D1-B96B-00A0C90312E1})(%SystemRoot%\system32\browseui.dll) [(Verified)Microsoft Windows Component Publisher]
({8C7461EF-2B13-11d2-BE35-3078302C2030})(%SystemRoot%\system32\browseui.dll) [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
(Microsoft Windows Media Player)(C:\WINDOWS\inf\unregmp2.exe /ShowWMP) [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){26923b43-4d38-484f-9b9e-de460746276c}]
(Internet Explorer)(%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE) [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
(浏览器自定义组件)(RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
(Outlook Express)(%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE) [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
(Themes Setup)(%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll) [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
(Microsoft Outlook Express 6)("%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install) [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
(NetMeeting 3.01)(rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
(Windows Messenger 4.7)(rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
(通讯簿 6)("%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install) [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
(Windows 桌面更新)(regsvr32.exe /s /n /i:U shell32.dll) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
(Internet Explorer 6)(%SystemRoot%\system32\ie4uinit.exe) [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
(SCRNSAVE.EXE)(C:\WINDOWS\System32\桌面下雪.scr) [Nord-Tec Software Engineering]




--------------------------------------------------------------------------------



启动文件夹

N/A



--------------------------------------------------------------------------------



服务

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
(C:\Program Files\StormII\stormliv.exe /asservice)(北京暴风网际科技有限公司)
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
(C:\WINDOWS\system32\svchost -k DcomLaunch--)%SystemRoot%\system32\rpcss.dll)(N/A)
[Winlognetoworker Managerser / DiskerManagerse][Stopped/Auto Start]
(C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\Officemanagera.ini)(Microsoft Windows Explorer)
[Help and Support / helpsvc][Stopped/Disabled]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll)(N/A)
[HID Input Service / HidServ][Stopped/Auto Start]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A)
[Microsoftnetwork gervice / Microsoftmanager][Stopped/Auto Start]
(C:\Documents and Settings\All Users\Application Data\Microsoft\Micsofoffice1.exe)(N/A)
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
()((File is missing))
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
("C:\Program Files\Eset\nod32krn.exe")(Eset)
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
(C:\WINDOWS\system32\nvsvc32.exe)(NVIDIA Corporation)
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
(C:\WINDOWS\system32\svchost -k rpcss--)c:\windows\system32\rpcss.dll)(N/A)
[Windows Time / W32Time][Stopped/Auto Start]
(C:\D--)C:\WINDOWS\system32\w32time.dll)()
[Automatic Updates / wuauserv][Stopped/Auto Start]
(t%\sy--)C:\WINDOWS\system32\wuauserv.dll)(Microsoft Corporation)



--------------------------------------------------------------------------------



驱动程序

[2310_00 / 2310_00][Stopped/Boot Start]
(\SystemRoot\system32\DRIVERS\2310_00.sys)(HighPoint Technologies, Inc.)
[3wareDrv / 3wareDrv][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\3wareDrv.sys)(N/A)
[3waregsm / 3waregsm][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\3waregsm.sys)(N/A)
[a320raid / a320raid][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\a320raid.sys)(Adaptec, Inc.)
[aaatimeo / aaatimeo][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aaatimeo.sys)(Microsoft Corporation)
[Adaptec RAID Miniport Driver / aac][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aac.sys)(Adaptec, Inc.)
[Adaptec SAS/SATA-II RAID Miniport Driver / aacsas][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aacsas.sys)(Adaptec, Inc.)
[aar1210 / aar1210][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aar1210.sys)(Adaptec, Inc.)
[adp94xx / adp94xx][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\adp94xx.sys)(Adaptec, Inc.)
[adpu160m / adpu160m][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\adpu160m.sys)(Adaptec, Inc.)
[adpu320 / adpu320][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\adpu320.sys)(Adaptec, Inc.)
[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aec6210.sys)(ACARD Technology Corp.)
[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aec6260.sys)(ACARD Technology Corp.)
[aec6280 / aec6280][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aec6280.sys)(ACARD Technology Corp.)
[aec6290 / aec6290][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aec6280.sys)(ACARD Technology Corp.)
[aec67160 / aec67160][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aec67160.sys)(ACARD Technology Corp.)
[AEC671X / AEC671X][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\AEC671X.sys)(ACARD Technology Corp.)
[AEC6880 / AEC6880][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\AEC6880.sys)(ACARD Technology Corp.)
[aec6897 / aec6897][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aec6897.sys)(ACARD Technology Corp.)
[aec68x5 / aec68x5][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aec68x5.sys)(ACARD Technology Corp.)
[AFAMgt / AFAMgt][Running/Boot Start]
(\SystemRoot\system32\DRIVERS\afamgt.sys)(Adaptec, Inc.)
[ahcix86 / ahcix86][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ahcix86.sys)(ATI Technologies Inc.)
[AliIde / AliIde][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\aliide.sys)(ALi Corporation)
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\amdagp.sys)(Advanced Micro Devices, Inc.)
[amdbusdr / amdbusdr][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\amdbusdr.sys)(AMD)
[AMD EIDE 驱动程衼E / amdeide][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\AmdEide.sys)(AMD)
[AMON / AMON][Running/Auto Start]
(\SystemRoot\system32\drivers\amon.sys)(Eset)
[arcm_x86 / arcm_x86][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\arcm_x86.sys)(ARECA Technology Corporation)
[asc / asc][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\asc.sys)(Advanced System Products, Inc.)
[asc3550 / asc3550][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\asc3550.sys)(Advanced System Products, Inc.)
[SiI-3112 SATALink Controller / ASH1205][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ASH1205.sys)(Silicon Image, Inc.)
[ata1200a / ata1200a][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ata1200a.sys)(Adaptec, Inc.)
[atiide / atiide][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\atiide.sys)(ATI Technologies Inc.)
[Promise driver accelerator / bb-run][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\bb-run.sys)(Promise Technology, Inc.)
[cda1000 / cda1000][Stopped/Boot Start]
(\SystemRoot\system32\DRIVERS\cda1000.sys)(Adaptec, Inc.)
[DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\cercsr6.sys)(Adaptec, Inc.)
[CmdIde / CmdIde][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\cmdide.sys)(CMD Technology, Inc.)
[Cpq32fs2 / Cpq32fs2][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\Cpq32fs2.sys)(Hewlett-Packard Company)
[cpqarry2 / cpqarry2][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\cpqarry2.sys)(Compaq Computer Corporation)
[cpqcissm / cpqcissm][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\cpqcissm.sys)(Hewlett-Packard Company)
[dac2w2k / dac2w2k][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\dac2w2k.sys)(Mylex Corporation)
[dac960nt / dac960nt][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\dac960nt.sys)(Mylex Corporation)
[Promise Removable Disk Control Driver / dontgo][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\DontGo.sys)(Promise Technology, Inc.)
[dpti2o / dpti2o][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\dpti2o.sys)(Adaptec, Inc.)
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start]
(system32\drivers\es1371mp.sys)(Creative Technology Ltd.)
[FastSx / FastSx][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\FastSx.sys)(Promise Technology, Inc.)
[fasttrak / fasttrak][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\fasttrak.sys)(Promise Technology, Inc.)
[fasttx2k / fasttx2k][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\fasttx2k.sys)(Promise Technology, Inc.)
[FTCkillfile / FTCkillfile][Stopped/Manual Start]
(System32\Drivers\FTCkillfile.sys)(风云谷科技)
[FTCProtect / FTCProtect][Stopped/Manual Start]
(System32\Drivers\FTCProtect.sys)(风云谷科技)
[fttxr52P / fttxr52P][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\fttxr52P.sys)(Promise Technology, Inc.)
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
(system32\DRIVERS\HDAudBus.sys)(Windows (R) Server 2003 DDK provider)
[HpCISSm2 / HpCISSm2][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\HpCISSm2.sys)(Hewlett-Packard Company)
[Hpt366 / Hpt366][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\Hpt366.sys)(Microsoft Corporation)
[hpt374 / hpt374][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\hpt374.sys)(HighPoint Technologies, Inc.)
[hpt3xx / hpt3xx][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\hpt3xx.sys)(HighPoint Technologies, Inc.)
[hptmv / hptmv][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\hptmv.sys)(HighPoint Technologies, Inc.)
[hptmv6 / hptmv6][Stopped/Boot Start]
(\SystemRoot\system32\DRIVERS\hptmv6.sys)(HighPoint Technologies, Inc.)
[hptpro / hptpro][Stopped/Boot Start]
(\SystemRoot\system32\DRIVERS\hptpro.sys)(HighPoint Technologies, Inc.)
[Intel RAID Controller / iaStor][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\iaStor.sys)(Intel Corporation)
[Intel RAID Controller / iaStor55][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\iaStor55.sys)(Intel Corporation)
[Intel RAID Controller / iaStor70][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\iaStor70.sys)(Intel Corporation)
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
(system32\drivers\RtkHDAud.sys)(Realtek Semiconductor Corp.)
[IBM ServeRAID Device Driver / ipsraidn][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ipsraidn.sys)(IBM Corporation)
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\iteraid.sys)(Integrated Technology Express, Inc.)
[JRAID / JRAID][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\jraid.sys)(JMicron Technology Corp.)
[m5228 / m5228][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\m5228.sys)(ALi Corporation.)
[m5281 / m5281][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\m5281.sys)(ALi Corporation)
[m5287 / m5287][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\m5287.sys)(ULi Electronics Inc.)
[m5288 / m5288][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\m5288.sys)(ULi Electronics Inc.)
[m5289 / m5289][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\m5289.sys)(ULi Electronics Inc.)
[MegaIDE / MegaIDE][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\MegaIDE.sys)(LSI Logic Corporation.)
[mraid35x / mraid35x][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\mraid35x.sys)(American Megatrends Inc.)
[msiffei / msiffei][Stopped/Manual Start]
(System32\Drivers\msiffei.sys)(N/A)
[mv614x / mv614x][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\mv614x.sys)(N/A)
[mv61xx / mv61xx][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\mv61xx.sys)(Marvell Semiconductor, Inc.)
[mvSata / mvSata][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\mvsata.sys)(Marvell Semiconductors Inc.)
[IBM ServeRAID 4M/4L/4Mx/4Lx/5i/6M/6i/7k Device Driver / nfrd960][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\nfrd960.sys)(IBM Corporation)
[nod32drv / nod32drv][Running/System Start]
(\SystemRoot\system32\drivers\nod32drv.sys)(N/A)
[nv / nv][Running/Manual Start]
(system32\DRIVERS\nv4_mini.sys)(NVIDIA Corporation)
[nvatabus / nvatabus][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\nvatabus.sys)(NVIDIA Corporation)
[nvgts / nvgts][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\nvgts.sys)(NVIDIA Corporation)
[NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\nvraid.sys)(NVIDIA Corporation)
[NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\nvrd32.sys)(NVIDIA Corporation)
[AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start]
(system32\DRIVERS\pcntpci5.sys)(AMD Inc.)
[CMD IDE Raid Controller / Pnp649r][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\pnp649r.sys)(CMD Technology, Inc.)
[SiI 680 ATA Controller / Pnp680][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\pnp680.sys)(Silicon Image, Inc.)
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\pnp680r.sys)(Silicon Image, Inc)
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
(system32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[ql1080 / ql1080][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ql1080.sys)(QLogic Corporation)
[ql12160 / ql12160][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ql12160.sys)(QLogic Corporation)
[ql1280 / ql1280][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ql1280.sys)(QLogic Corporation)
[ql2100 / ql2100][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ql2100.sys)(QLogic Corporation)
[ql2200 / ql2200][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ql2200.sys)(QLogic Corporation)
[QLogic Fibre Channel SCSI Miniport Driver (w32 IP) / ql2300][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ql2300.sys)(QLogic Corporation)
[raidsrc / raidsrc][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\raidsrc.sys)(Intel)
[rr172x / rr172x][Stopped/Boot Start]
(\SystemRoot\system32\DRIVERS\rr172x.sys)(HighPoint Technologies, Inc.)
[rr174x / rr174x][Stopped/Boot Start]
(\SystemRoot\system32\DRIVERS\rr174x.sys)(HighPoint Technologies, Inc.)
[rr232x / rr232x][Stopped/Boot Start]
(\SystemRoot\system32\DRIVERS\rr232x.sys)(HighPoint Technologies, Inc.)
[rr2340 / rr2340][Stopped/Boot Start]
(\SystemRoot\system32\DRIVERS\rr2340.sys)(HighPoint Technologies, Inc.)
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
(system32\DRIVERS\Rtenicxp.sys)(Realtek Semiconductor Corporation)
[S150sx8 / S150sx8][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\S150sx8.sys)(Promise Technology, Inc.)
[Safe Mon 360 / SafeMon0][Running/System Start]
(\??\C:\WINDOWS\system32\1ACD18E8.dat)(N/A)
[Secdrv / Secdrv][Stopped/Manual Start]
(system32\DRIVERS\secdrv.sys)(Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
[SiI-3512 SATALink Controller / SI3112][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\SI3112.sys)(Silicon Image, Inc.)
[ATI-437A Serial ATA Controller / SI3112r][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\SI3112r.sys)(Silicon Image, Inc)
[SiI-3114 SATALink Controller / SI3114][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\SI3114.sys)(Silicon Image, Inc.)
[SiI-3114 SATARaid Controller / SI3114r][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\SI3114R.sys)(Silicon Image, Inc)
[SiI-3114 SoftRaid 5 Controller / Si3114r5][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\Si3114r5.sys)(Silicon Image, Inc)
[SiI-3124 SATALink Controller / SI3124][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\SI3124.sys)(Silicon Image, Inc.)
[SiI-3124 SATARaid Controller / SI3124r][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\SI3124R.sys)(Silicon Image, Inc)
[SiI-3124 SoftRaid 5 Controller / Si3124r5][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\Si3124r5.sys)(Silicon Image, Inc)
[SiI-3132 SATALink Controller / SI3132][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\SI3132.sys)(Silicon Image, Inc.)
[SiI-3132 SoftRaid 5 Controller / Si3132r5][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\Si3132r5.sys)(Silicon Image, Inc)
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\SiWinAcc.sys)(Silicon Image, Inc.)
[SATALink External Device Filter / SiRemFil][Running/Boot Start]
(\SystemRoot\system32\DRIVERS\SiRemFil.sys)(Silicon Image, Inc.)
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\sisagp.sys)(Silicon Integrated Systems Corporation)
[SiSide / SiSide][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\siside.sys)(Silicon Integrated Systems Corp.)
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\sisraid4.sys)(Silicon Integrated Systems)
[sisraidx / sisraidx][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\sisraidx.sys)(Silicon Integrated Systems Corp.)
[Sparrow / Sparrow][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\sparrow.sys)(Adaptec, Inc.)
[sptrak / sptrak][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\sptrak.sys)(Promise Technology, Inc.)
[symc8xx / symc8xx][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\symc8xx.sys)(LSI Logic)
[Symmpi / Symmpi][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\symmpi.sys)(LSI Logic)
[sym_hi / sym_hi][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\sym_hi.sys)(LSI Logic)
[sym_u3 / sym_u3][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\sym_u3.sys)(LSI Logic)
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
(system32\DRIVERS\tcpip.sys)(Microsoft Corporation)
[UlSata / UlSata][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ulsata.sys)(Promise Technology, Inc.)
[ulsata2 / ulsata2][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ulsata2.sys)(Promise Technology, Inc.)
[ultra / ultra][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ultra.sys)(Promise Technology, Inc.)
[viamraid / viamraid][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\viamraid.sys)(VIA Technologies inc,.ltd)
[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\viapdsk.sys)(VIA Technologies, Inc.)
[ViBus / ViBus][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ViBus.sys)(VIA Technologies, Inc.)
[videX32 / videX32][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\videX32.sys)(VIA Technologies, Inc.)
[VIA SATA IDE Device Driver / ViPrt][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\ViPrt.sys)(VIA Technologies, Inc.)
[VMscsi / VMscsi][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\vmscsi.sys)(VMware, Inc.)
[VIA SATA IDE Hot-plug Driver / xfilt][Stopped/Disabled]
(\SystemRoot\system32\DRIVERS\xfilt.sys)(VIA Technologies,Inc)



--------------------------------------------------------------------------------



浏览器加载项

[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} (C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD)
[]
{47665FA5-FCF5-4444-B552-DF6549ECCA27} (C:\Program Files\Internet Explorer\UzsKtNt.Zs3, N/A)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD)
[BoBoControl Class]
{EC0978ED-24E3-403C-AB7A-060E388553E6} (C:\WINDOWS\system32\BoBo_ActiveX_V3.ocx, 广州易播信息科技有限公司)
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} (C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD)
[]
{47665FA5-FCF5-4444-B552-DF6549ECCA27} (C:\Program Files\Internet Explorer\UzsKtNt.Zs3, N/A)
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} (C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD)
[]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} (, )
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} (C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.)
[BoBoControl Class]
{EC0978ED-24E3-403C-AB7A-060E388553E6} (C:\WINDOWS\system32\BoBo_ActiveX_V3.ocx, 广州易播信息科技有限公司)
[使用迅雷下载]
(C:\Program Files\Thunder\Program\geturl.htm, N/A)
[使用迅雷下载全部链接]
(C:\Program Files\Thunder\Program\getallurl.htm, N/A)



--------------------------------------------------------------------------------



正在运行的进程

[PID: 624 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 684 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\csrss.dll] [N/A, ]
[C:\WINDOWS\system32\sh05022.dll] [N/A, ]
[PID: 708 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[PID: 764 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 944 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[c:\windows\system32\rpcss.dll] [N/A, ]
[C:\WINDOWS\system32\anymie360.dll] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[PID: 1016 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[c:\windows\system32\rpcss.dll] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1132 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\System32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\System32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[PID: 1276 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1308 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1476 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[PID: 1688 / Administrator][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\WINDOWS\system32\kmjeafch.dll] [N/A, ]
[C:\WINDOWS\system32\emiokcoo.dll] [N/A, ]
[C:\WINDOWS\system32\ngclanac.dll] [N/A, ]
[C:\WINDOWS\system32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\system32\mifieejn.dll] [N/A, ]
[C:\WINDOWS\system32\emjapdea.dll] [N/A, ]
[C:\WINDOWS\system32\eoiiejle.dll] [N/A, ]
[C:\WINDOWS\system32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\system32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\system32\acjeblfe.dll] [N/A, ]
[C:\WINDOWS\system32\alfokhai.dll] [N/A, ]
[C:\WINDOWS\system32\anymie360.dll] [N/A, ]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Eset\nodshex.dll] [N/A, ]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\nvshell.dll] [, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\ieebhibb.dll] [N/A, ]
[C:\WINDOWS\system32\fgfinafd.dll] [N/A, ]
[C:\WINDOWS\system32\jibgmeng.dll] [N/A, ]
[C:\WINDOWS\system32\lalnhdbf.dll] [N/A, ]
[C:\WINDOWS\system32\fojeijod.dll] [N/A, ]
[C:\WINDOWS\system32\egiafooh.dll] [N/A, ]
[C:\WINDOWS\system32\fhgeogbg.dll] [N/A, ]
[C:\WINDOWS\system32\aalcjjpg.dll] [N/A, ]
[C:\WINDOWS\system32\cmahmoni.dll] [N/A, ]
[C:\WINDOWS\system32\dmdpggja.dll] [N/A, ]
[C:\WINDOWS\system32\cffhhleo.dll] [N/A, ]
[C:\WINDOWS\system32\bbnefkea.dll] [N/A, ]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1980 / Administrator][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.2.5.9]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[PID: 2024 / Administrator][C:\WINDOWS\system32\System.exe] [HB Software, 1, 2, 1, 1007]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[PID: 2032 / Administrator][C:\Program Files\Eset\nod32kui.exe] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\nod32rui.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\Program Files\Eset\pu_amon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 16 ]
[C:\Program Files\Eset\pu_dmon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_dmon.dll] [N/A, ]
[C:\Program Files\Eset\pu_emon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_emon.dll] [N/A, ]
[C:\Program Files\Eset\pu_imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Eset\pu_nod32.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 16 ]
[C:\Program Files\Eset\pu_upd.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_upd.dll] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\ieebhibb.dll] [N/A, ]
[C:\WINDOWS\system32\fgfinafd.dll] [N/A, ]
[C:\WINDOWS\system32\egiafooh.dll] [N/A, ]
[C:\WINDOWS\system32\fojeijod.dll] [N/A, ]
[C:\WINDOWS\system32\lalnhdbf.dll] [N/A, ]
[C:\WINDOWS\system32\jibgmeng.dll] [N/A, ]
[C:\WINDOWS\system32\fhgeogbg.dll] [N/A, ]
[C:\WINDOWS\system32\dmdpggja.dll] [N/A, ]
[C:\WINDOWS\system32\cmahmoni.dll] [N/A, ]
[C:\WINDOWS\system32\aalcjjpg.dll] [N/A, ]
[C:\WINDOWS\system32\cffhhleo.dll] [N/A, ]
[C:\WINDOWS\system32\bbnefkea.dll] [N/A, ]
[PID: 2040 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [(Infected) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[PID: 2012 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\System32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\System32\alfokhai.dll] [N/A, ]
[C:\WINDOWS\System32\acjeblfe.dll] [N/A, ]
[C:\WINDOWS\System32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\System32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\System32\eoiiejle.dll] [N/A, ]
[C:\WINDOWS\System32\emjapdea.dll] [N/A, ]
[C:\WINDOWS\System32\mifieejn.dll] [N/A, ]
[C:\WINDOWS\System32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\System32\ngclanac.dll] [N/A, ]
[C:\WINDOWS\System32\emiokcoo.dll] [N/A, ]
[C:\WINDOWS\System32\kmjeafch.dll] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 160 / SYSTEM][C:\Program Files\StormII\stormliv.exe] [北京暴风网际科技有限公司, 3, 8, 3, 15]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\alfokhai.dll] [N/A, ]
[C:\WINDOWS\system32\acjeblfe.dll] [N/A, ]
[C:\WINDOWS\system32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\system32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\system32\eoiiejle.dll] [N/A, ]
[C:\WINDOWS\system32\emjapdea.dll] [N/A, ]
[C:\WINDOWS\system32\mifieejn.dll] [N/A, ]
[C:\WINDOWS\system32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\system32\ngclanac.dll] [N/A, ]
[C:\WINDOWS\system32\emiokcoo.dll] [N/A, ]
[C:\WINDOWS\system32\kmjeafch.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 660 / SYSTEM][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\alfokhai.dll] [N/A, ]
[C:\WINDOWS\system32\acjeblfe.dll] [N/A, ]
[C:\WINDOWS\system32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\system32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\system32\eoiiejle.dll] [N/A, ]
[C:\WINDOWS\system32\emjapdea.dll] [N/A, ]
[C:\WINDOWS\system32\mifieejn.dll] [N/A, ]
[C:\WINDOWS\system32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\system32\ngclanac.dll] [N/A, ]
[C:\WINDOWS\system32\emiokcoo.dll] [N/A, ]
[C:\WINDOWS\system32\kmjeafch.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1100 / SYSTEM][C:\Program Files\Internet Explorer\UnxxZun.Zmp] [N/A, ]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\alfokhai.dll] [N/A, ]
[C:\WINDOWS\system32\acjeblfe.dll] [N/A, ]
[C:\WINDOWS\system32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\system32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\system32\eoiiejle.dll] [N/A, ]
[C:\WINDOWS\system32\emjapdea.dll] [N/A, ]
[C:\WINDOWS\system32\mifieejn.dll] [N/A, ]
[C:\WINDOWS\system32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\system32\ngclanac.dll] [N/A, ]
[C:\WINDOWS\system32\emiokcoo.dll] [N/A, ]
[C:\WINDOWS\system32\kmjeafch.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[PID: 912 / SYSTEM][C:\Program Files\Eset\nod32krn.exe] [Eset , 2, 70, 39 ]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\alfokhai.dll] [N/A, ]
[C:\WINDOWS\system32\acjeblfe.dll] [N/A, ]
[C:\WINDOWS\system32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\system32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\system32\eoiiejle.dll] [N/A, ]
[C:\WINDOWS\system32\emjapdea.dll] [N/A, ]
[C:\WINDOWS\system32\mifieejn.dll] [N/A, ]
[C:\WINDOWS\system32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\system32\ngclanac.dll] [N/A, ]
[C:\WINDOWS\system32\emiokcoo.dll] [N/A, ]
[C:\WINDOWS\system32\kmjeafch.dll] [N/A, ]
[C:\Program Files\Eset\nod32krr.dll] [Eset , 2, 70, 32 ]
[C:\Program Files\Eset\ps_amon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 16 ]
[C:\Program Files\Eset\ps_dmon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_dmon.dll] [N/A, ]
[C:\Program Files\Eset\ps_emon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_emon.dll] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Eset\ps_nod32.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 16 ]
[C:\Program Files\Eset\ps_upd.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_upd.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1844 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\system32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\system32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1912 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\alfokhai.dll] [N/A, ]
[C:\WINDOWS\system32\acjeblfe.dll] [N/A, ]
[C:\WINDOWS\system32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\system32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\system32\eoiiejle.dll] [N/A, ]
[C:\WINDOWS\system32\emjapdea.dll] [N/A, ]
[C:\WINDOWS\system32\mifieejn.dll] [N/A, ]
[C:\WINDOWS\system32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\system32\ngclanac.dll] [N/A, ]
[C:\WINDOWS\system32\emiokcoo.dll] [N/A, ]
[C:\WINDOWS\system32\kmjeafch.dll] [N/A, ]
[PID: 3692 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\141270] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\ofkdghli.dll] [N/A, ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\alfokhai.dll] [N/A, ]
[C:\WINDOWS\system32\acjeblfe.dll] [N/A, ]
[C:\WINDOWS\system32\nijonfcj.dll] [N/A, ]
[C:\WINDOWS\system32\gcplgfhc.dll] [N/A, ]
[C:\WINDOWS\system32\eoiiejle.dll] [N/A, ]
[C:\WINDOWS\system32\emjapdea.dll] [N/A, ]
[C:\WINDOWS\system32\mifieejn.dll] [N/A, ]
[C:\WINDOWS\system32\fgcbkfob.dll] [N/A, ]
[C:\WINDOWS\system32\ngclanac.dll] [N/A, ]
[C:\WINDOWS\system32\emiokcoo.dll] [N/A, ]
[C:\WINDOWS\system32\kmjeafch.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 3468 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\395788] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\WINDOWS\system32\pehaclcj.dll] [N/A, ]
[C:\WINDOWS\system32\ieebhibb.dll] [N/A, ]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\fgfinafd.dll] [N/A, ]
[C:\WINDOWS\system32\jibgmeng.dll] [N/A, ]
[C:\WINDOWS\system32\lalnhdbf.dll] [N/A, ]
[C:\WINDOWS\system32\fojeijod.dll] [N/A, ]
[C:\WINDOWS\system32\kebfolip.dll] [N/A, ]
[C:\WINDOWS\system32\egiafooh.dll] [N/A, ]
[C:\WINDOWS\system32\japabadk.dll] [N/A, ]
[C:\WINDOWS\system32\fhgeogbg.dll] [N/A, ]
[C:\WINDOWS\system32\jeafojjf.dll] [N/A, ]
[C:\WINDOWS\system32\aalcjjpg.dll] [N/A, ]
[C:\WINDOWS\system32\cmahmoni.dll] [N/A, ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2004 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\457416] [N/A, ]
[C:\WINDOWS\system32\ieebhibb.dll] [N/A, ]
[C:\WINDOWS\system32\fgfinafd.dll] [N/A, ]
[C:\WINDOWS\system32\jibgmeng.dll] [N/A, ]
[C:\WINDOWS\system32\lalnhdbf.dll] [N/A, ]
[C:\WINDOWS\system32\fojeijod.dll] [N/A, ]
[C:\WINDOWS\system32\egiafooh.dll] [N/A, ]
[C:\WINDOWS\system32\fhgeogbg.dll] [N/A, ]
[C:\WINDOWS\system32\aalcjjpg.dll] [N/A, ]
[C:\WINDOWS\system32\cmahmoni.dll] [N/A, ]
[C:\WINDOWS\system32\dmdpggja.dll] [N/A, ]
[C:\WINDOWS\system32\cffhhleo.dll] [N/A, ]
[C:\WINDOWS\system32\bbnefkea.dll] [N/A, ]
[C:\WINDOWS\system32\bbijjojb.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[PID: 2392 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\ieebhibb.dll] [N/A, ]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\fgfinafd.dll] [N/A, ]
[C:\WINDOWS\system32\jibgmeng.dll] [N/A, ]
[C:\WINDOWS\system32\lalnhdbf.dll] [N/A, ]
[C:\WINDOWS\system32\fojeijod.dll] [N/A, ]
[C:\WINDOWS\system32\egiafooh.dll] [N/A, ]
[C:\WINDOWS\system32\fhgeogbg.dll] [N/A, ]
[C:\WINDOWS\system32\aalcjjpg.dll] [N/A, ]
[C:\WINDOWS\system32\cmahmoni.dll] [N/A, ]
[C:\WINDOWS\system32\dmdpggja.dll] [N/A, ]
[C:\WINDOWS\system32\cffhhleo.dll] [N/A, ]
[C:\WINDOWS\system32\bbnefkea.dll] [N/A, ]
[C:\WINDOWS\system32\dpkkacma.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.3.0.0]
[PID: 2124 / Administrator][D:\个人资料管理\Administrator\桌面\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210]
[C:\WINDOWS\system32\cffhhleo.dll] [N/A, ]
[C:\WINDOWS\system32\fhgeogbg.dll] [N/A, ]
[C:\WINDOWS\system32\ieebhibb.dll] [N/A, ]
[C:\WINDOWS\system32\fgfinafd.dll] [N/A, ]
[C:\WINDOWS\system32\lalnhdbf.dll] [N/A, ]
[C:\WINDOWS\system32\aalcjjpg.dll] [N/A, ]
[C:\WINDOWS\system32\fojeijod.dll] [N/A, ]
[C:\WINDOWS\system32\jibgmeng.dll] [N/A, ]
[C:\WINDOWS\system32\dmdpggja.dll] [N/A, ]
[C:\WINDOWS\system32\egiafooh.dll] [N/A, ]
[C:\WINDOWS\system32\bbnefkea.dll] [N/A, ]
[C:\WINDOWS\system32\cmahmoni.dll] [N/A, ]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[PID: 2468 / Administrator][D:\个人资料管理\Administrator\桌面\sreng2\SREf18ba150.EXE] [Smallfrogs Studio, 2.7.0.1210]
[C:\WINDOWS\system32\cffhhleo.dll] [N/A, ]
[C:\WINDOWS\system32\fhgeogbg.dll] [N/A, ]
[C:\WINDOWS\system32\ieebhibb.dll] [N/A, ]
[C:\WINDOWS\system32\fgfinafd.dll] [N/A, ]
[C:\WINDOWS\system32\lalnhdbf.dll] [N/A, ]
[C:\WINDOWS\system32\aalcjjpg.dll] [N/A, ]
[C:\WINDOWS\system32\fojeijod.dll] [N/A, ]
[C:\WINDOWS\system32\jibgmeng.dll] [N/A, ]
[C:\WINDOWS\system32\dmdpggja.dll] [N/A, ]
[C:\WINDOWS\system32\egiafooh.dll] [N/A, ]
[C:\WINDOWS\system32\bbnefkea.dll] [N/A, ]
[C:\WINDOWS\system32\cmahmoni.dll] [N/A, ]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[D:\个人资料管理\Administrator\桌面\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 2796 / Administrator][C:\Program Files\Thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.8.1.507]
[C:\Program Files\Thunder\Program\BugReport.dll] [Thunder Networking Technologies,LTD, 1, 4, 1, 20]
[C:\Program Files\Thunder\Program\ThunderEx.dll] [, 1, 2, 5, 24]
[C:\WINDOWS\system32\ieebhibb.dll] [N/A, ]
[C:\WINDOWS\system32\HBCHIBI.dll] [N/A, ]
[C:\WINDOWS\system32\fgfinafd.dll] [N/A, ]
[C:\WINDOWS\system32\jibgmeng.dll] [N/A, ]
[C:\WINDOWS\system32\lalnhdbf.dll] [N/A, ]
[C:\WINDOWS\system32\fojeijod.dll] [N/A, ]
[C:\WINDOWS\system32\egiafooh.dll] [N/A, ]
[C:\WINDOWS\system32\fhgeogbg.dll] [N/A, ]
[C:\WINDOWS\system32\aalcjjpg.dll] [N/A, ]
[C:\WINDOWS\system32\cmahmoni.dll] [N/A, ]
[C:\WINDOWS\system32\dmdpggja.dll] [N/A, ]
[C:\WINDOWS\system32\cffhhleo.dll] [N/A, ]
[C:\WINDOWS\system32\bbnefkea.dll] [N/A, ]
[C:\WINDOWS\system32\dpkkacma.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\UzsKtNt.Zs3] [N/A, ]
[C:\Program Files\Thunder\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 6, 66]
[C:\Program Files\Thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 3, 1, 2, 311]
[C:\Program Files\Thunder\Program\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Thunder\Program\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Thunder\Program\asyn_frame.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 13]
[C:\Program Files\Thunder\Program\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Thunder\Program\emule_id.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 7]
[C:\Program Files\Thunder\Program\backend_agent.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 17]
[C:\Program Files\Thunder\Program\ptl.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 18]
[C:\Program Files\Thunder\Program\xl_stat.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 3]
[C:\Program Files\Thunder\Program\fs.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 9]
[C:\Program Files\Thunder\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 5, 1, 24]
[C:\Program Files\Thunder\Program\iTargetAD.dll] [N/A, ]
[C:\Program Files\Thunder\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 1, 10]
[C:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll] [, 1, 0, 12, 30]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Thunder\Program\p2sp.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 18]
[C:\Program Files\Thunder\Program\down_dispatcher.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 17]
[C:\Program Files\Thunder\Program\p2p.dll] [Thunder Networking Technologies,LTD, 1,1,2,24]
[C:\Program Files\Thunder\Program\xldc.dll] [Thunder Networking Technologies,LTD, 2, 6, 2, 12]
[C:\Program Files\Thunder\Program\stream.dll] [Thunder Networking Technologies,LTD, 2, 1, 2, 369]
[C:\Program Files\Thunder\Program\p2p_upload.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 8]
[C:\Program Files\Thunder\Program\p2p_local_res.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 8]
[C:\Program Files\Thunder\Program\al.dll] [Thunder Networking Technologies,LTD, 1,1,2,15]
[C:\Program Files\Thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 2, 2, 0, 55]
[C:\Program Files\Thunder\Program\XLCommunityEx.dll] [N/A, ]
[C:\Program Files\Thunder\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 17, 0, 67]
[C:\Program Files\Thunder\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Thunder\Components\Security\ThunderSafe.dll] [深圳市迅雷网络技术有限公司, 2, 0, 0, 88]
[C:\Program Files\Thunder\Components\Security\ConfigManager.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 1]
[C:\Program Files\Thunder\Components\Security\SafeManager.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 11]
[C:\Program Files\Thunder\Plugins\XLSafeHost\XLSafeHost.dll] [深圳市迅雷网络技术有限公司, 1, 1, 0, 65]
[C:\Program Files\Thunder\Program\XLNetU.Dll] [Thunder Networking Technologies,LTD, 1, 5, 1, 24]
[C:\Program Files\Thunder\Program\bt_download.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 12]
[C:\Program Files\Thunder\Program\emule.dll] [, 1, 1, 2, 12]
[C:\Program Files\Thunder\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 6, 21]
[C:\Program Files\Thunder\Program\LiveUpdate.dll] [Thunder Networking Technologies,LTD, 1, 2, 3, 25]
[C:\Program Files\Thunder\Components\XLSoftBase\XLSoftwareBase.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 4]
[C:\Program Files\Thunder\Plugins\GouGouTop\GouGouTop.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 5]
[C:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 19]
[C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
[C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
[C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29]
[C:\Program Files\Thunder\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 12, 108]
[C:\Program Files\Thunder\Components\DownloadStat\DownloadStat.dll] [Thunder Networking Technologies,LTD, 1, 4, 1, 6]
[C:\Program Files\Thunder\Components\Tips\XLIPC.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
[C:\Program Files\Thunder\Program\bd.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 17]



--------------------------------------------------------------------------------



文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]



--------------------------------------------------------------------------------



Winsock 提供者

NOD32 protected [MSAFD Tcpip [TCP/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)



--------------------------------------------------------------------------------



Autorun.inf

N/A



--------------------------------------------------------------------------------



HOSTS 文件

127.0.0.1 v.onondown.com.cn
127.0.0.2 ymsdasdw1.cn
127.0.0.3 h96b.info
127.0.0.0 fuck.zttwp.cn
127.0.0.0 www.hackerbf.cn
127.0.0.0 ww.popdm.cn
127.1.1.1 bbt.etimes888.com
127.1.1.1 219.147.13.53
127.1.1.1 dl.360safe.com
127.1.1.1 20068080.cn
127.1.1.1 l.neter888.cn
127.1.1.1 stat.untang.com
127.1.1.1 www.ikdy.cn
127.0.0.0 geekbyfeng.cn
127.0.0.0 121.14.101.68
127.0.0.0 ppp.etimes888.com
127.0.0.0 www.bypk.com
127.0.0.0 CSC3-2004-crl.verisign.com
127.0.0.1 va9sdhun23.cn
127.0.0.0 udp.hjob123.com
127.1.1.1 999.hfdy2828.com
127.1.1.1 www.hfdy2929.com
127.1.1.1 www.xiazaide1.cn
127.1.1.1 www.vuf51579.cn
127.1.1.1 wm.eo2q.cn
127.1.1.1 d.www-263.com
127.1.1.1 www.ssy1688.cn
127.1.1.1 121.12.173.218
127.1.1.1 qq.18i16.net
127.1.1.1 a.baidu-6661.com
127.1.1.1 www.vuf51579.cn
127.1.1.1 www.1079223105.cn
127.1.1.1 home.xzx6.cn
127.1.1.1 top.fgc3.cn
127.1.1.1 165.246.44.228
127.1.1.1 wwww.ttfafa.com
127.1.1.1 pa.tt-09.com
127.0.0.2 bnasnd83nd.cn
127.0.0.0 www.gamehacker.com.cn
127.0.0.0 gamehacker.com.cn
127.1.1.1 www.cctv-100008.cn
127.1.1.1 222.73.208.141
127.0.0.3 adlaji.cn
127.1.1.1 aiyyw.com
127.0.0.1 858656.com
127.1.1.1 bnasnd83nd.cn
127.0.0.1 my123.com
127.0.0.0 user1.12-27.net
127.0.0.1 8749.com
127.0.0.0 fengent.cn
127.0.0.1 4199.com
127.0.0.1 user1.16-22.net
127.0.0.1 7379.com
127.0.0.1 2be37c5f.3f6e2cc5f0b.com
127.0.0.1 7255.com
127.0.0.1 user1.23-12.net
127.0.0.1 3448.com
127.0.0.1 www.guccia.net
127.0.0.1 7939.com
127.0.0.1 a.o1o1o1.nEt
127.0.0.1 8009.com
127.0.0.1 user1.12-73.cn
127.0.0.1 piaoxue.com
127.0.0.1 3n8nlasd.cn
127.0.0.1 kzdh.com
127.0.0.0 www.sony888.cn
127.0.0.1 about.blank.la
127.0.0.0 user1.asp-33.cn
127.0.0.1 6781.com
127.0.0.0 www.netkwek.cn
127.0.0.1 7322.com
127.0.0.0 ymsdkad6.cn
127.0.0.1 localhost
127.0.0.0 www.lkwueir.cn
127.0.0.1 06.jacai.com
127.0.1.1 user1.23-17.net
127.0.0.1 1.jopenkk.com
127.0.0.0 upa.luzhiai.net
127.0.0.1 1.jopenqc.com
127.0.0.0 www.guccia.net
127.0.0.1 1.joppnqq.com
127.0.0.0 4m9mnlmi.cn
127.0.0.1 1.xqhgm.com
127.0.0.0 mm119mkssd.cn
127.0.0.1 100.332233.com
127.0.0.0 61.128.171.115:8080
127.0.0.1 121.11.90.79
127.0.0.0 www.1119111.com
127.0.0.1 121565.net
127.0.0.0 win.nihao69.cn
127.0.0.1 125.90.88.38
127.0.0.1 16888.6to23.com
127.0.0.1 2.joppnqq.com
127.0.0.0 puc.lianxiac.net
127.0.0.1 204.177.92.68
127.0.0.0 pud.lianxiac.net
127.0.0.1 210.74.145.236
127.0.0.0 210.76.0.133
127.0.0.1 219.129.239.220
127.0.0.0 61.166.32.2
127.0.0.1 219.153.40.221
127.0.0.0 218.92.186.27
127.0.0.1 219.153.46.27
127.0.0.0 www.fsfsfag.cn
127.0.0.1 219.153.52.123
127.0.0.0 ovo.ovovov.cn
127.0.0.1 221.195.42.71
127.0.0.0 dw.com.com
127.0.0.1 222.73.218.115
127.0.0.1 203.110.168.233:80
127.0.0.1 3.joppnqq.com
127.0.0.1 203.110.168.221:80
127.0.0.1 363xx.com
127.0.0.1 www1.ip10086.com.cm
127.0.0.1 4199.com
127.0.0.1 blog.ip10086.com.cn
127.0.0.1 43242.com
127.0.0.1 www.ccji68.cn
127.0.0.1 5.xqhgm.com
127.0.0.0 t.myblank.cn
127.0.0.1 520.mm5208.com
127.0.0.0 x.myblank.cn
127.0.0.1 59.34.131.54
127.0.0.1 210.51.45.5
127.0.0.1 59.34.198.228
127.0.0.1 www.ew1q.cn
127.0.0.1 59.34.198.88
127.0.0.1 59.34.198.97
127.0.0.1 60.190.114.101
127.0.0.1 60.190.218.34
127.0.0.0 qq-xing.com.cn
127.0.0.1 60.191.124.252
127.0.0.1 61.145.117.212
127.0.0.1 61.157.109.222
127.0.0.1 75.126.3.216
127.0.0.1 220.250.64.21
127.0.0.1 75.126.3.217
127.0.0.1 75.126.3.218
127.0.0.0 59.125.231.177:17777
127.0.0.1 75.126.3.220
127.0.0.1 75.126.3.221
127.0.0.1 75.126.3.222
127.0.0.1 772630.com
127.0.0.1 832823.cn
127.0.0.1 8749.com
127.0.0.1 888.jopenqc.com
127.0.0.1 89382.cn
127.0.0.1 8v8.biz
127.0.0.1 97725.com
127.0.0.1 9gg.biz
127.0.0.1 www.9000music.com
127.0.0.1 test.591jx.com
127.0.0.1 a.topxxxx.cn
127.0.0.1 picon.chinaren.com
127.0.0.1 www.5566.net
127.0.0.1 p.qqkx.com
127.0.0.1 news.netandtv.com
127.0.0.1 z.neter888.cn
127.0.0.1 b.myblank.cn
127.0.0.1 wvw.wokutu.com
127.0.0.1 unionch.qyule.com
127.0.0.1 www.qyule.com
127.0.0.1 it.itjc.cn
127.0.0.1 www.linkwww.com
127.0.0.1 vod.kaicn.com
127.0.0.1 www.tx8688.com
127.0.0.1 b.neter888.cn
127.0.0.1 promote.huanqiu.com
127.0.0.1 www.huanqiu.com
127.0.0.1 www.haokanla.com
127.0.0.1 play.unionsky.cn
127.0.0.1 www.52v.com
127.0.0.1 www.gghka.cn
127.0.0.1 icon.ajiang.net
127.0.0.1 new.ete.cn
127.0.0.1 www.stiae.cn
127.0.0.1 o.neter888.cn
127.0.0.1 comm.jinti.com
127.0.0.1 www.google-analytics.com
127.0.0.1 hz.mmstat.com
127.0.0.1 www.game175.cn
127.0.0.1 x.neter888.cn
127.0.0.1 z.neter888.cn
127.0.0.1 p.etimes888.com
127.0.0.1 hx.etimes888.com
127.0.0.1 abc.qqkx.com
127.0.0.1 dm.popdm.cn
127.0.0.1 www.yl9999.com
127.0.0.1 www.dajiadoushe.cn
127.0.0.1 v.onondown.com.cn
127.0.0.1 www.interoo.net
127.0.0.1 bally1.bally-bally.net
127.0.0.1 www.bao5605509.cn
127.0.0.1 www.rty456.cn
127.0.0.1 www.werqwer.cn
127.0.0.1 1.360-1.cn
127.0.0.1 user1.23-16.net
127.0.0.1 www.guccia.net
127.0.0.1 www.interoo.net
127.0.0.1 upa.netsool.net
127.0.0.1 js.users.51.la
127.0.0.1 vip2.51.la
127.0.0.1 web.51.la
127.0.0.1 qq.gong2008.com
127.0.0.1 2008tl.copyip.com
127.0.0.1 tla.laozihuolaile.cn
127.0.0.1 www.tx6868.cn
127.0.0.1 p001.tiloaiai.com
127.0.0.1 s1.tl8tl.com
127.0.0.1 s1.gong2008.com
127.0.0.1 4b3ce56f9g.3f6e2cc5f0b.com
127.0.0.1 2be37c5f.3f6e2cc5f0b.com



--------------------------------------------------------------------------------



进程特权扫描

特殊特权被允许: SeSystemtimePrivilege [PID = 2024, C:\WINDOWS\SYSTEM32\SYSTEM.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2024, C:\WINDOWS\SYSTEM32\SYSTEM.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2024, C:\WINDOWS\SYSTEM32\SYSTEM.EXE]
特殊特权被允许: SeSystemtimePrivilege [PID = 2032, C:\PROGRAM FILES\ESET\NOD32KUI.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2032, C:\PROGRAM FILES\ESET\NOD32KUI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2032, C:\PROGRAM FILES\ESET\NOD32KUI.EXE]
特殊特权被允许: SeSystemtimePrivilege [PID = 2040, C:\WINDOWS\SYSTEM32\CTFMON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2040, C:\WINDOWS\SYSTEM32\CTFMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2040, C:\WINDOWS\SYSTEM32\CTFMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1100, C:\PROGRAM FILES\INTERNET EXPLORER\UNXXZUN.ZMP]
特殊特权被允许: SeSystemtimePrivilege [PID = 3692, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\141270]
特殊特权被允许: SeDebugPrivilege [PID = 3692, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\141270]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3692, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\141270]
特殊特权被允许: SeSystemtimePrivilege [PID = 3468, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\395788]
特殊特权被允许: SeDebugPrivilege [PID = 3468, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\395788]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3468, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\395788]
特殊特权被允许: SeSystemtimePrivilege [PID = 2004, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\457416]
特殊特权被允许: SeDebugPrivilege [PID = 2004, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\457416]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2004, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\457416]
特殊特权被允许: SeSystemtimePrivilege [PID = 2124, D:\个人资料管理\ADMINISTRATOR\桌面\SRENG2\SRENGLDR.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2124, D:\个人资料管理\ADMINISTRATOR\桌面\SRENG2\SRENGLDR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2124, D:\个人资料管理\ADMINISTRATOR\桌面\SRENG2\SRENGLDR.EXE]
特殊特权被允许: SeSystemtimePrivilege [PID = 2796, C:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2796, C:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2796, C:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]



--------------------------------------------------------------------------------



计划任务

N/A



--------------------------------------------------------------------------------



API HOOK

入口点错误:FreeLibrary (危险等级: 高, 被下面模块所HOOK: 0x5F00002D)



--------------------------------------------------------------------------------



隐藏进程

N/A



--------------------------------------------------------------------------------
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
26
发表于 2009-1-17 22:50 |只看该作者
这个算不算少妙报告?
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
27
发表于 2009-1-17 22:50 |只看该作者
这个算不算少妙报告?
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

8dacc

64

主题

1

好友

2万

积分

大和

啥子头衔?
28
发表于 2009-1-17 22:50 |只看该作者
这个算不算少妙报告?
我儿豁你,虽然我来8DA很几年了,但是这个ID是我在8DA的第一个ID,绝对不是马甲,真的。
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

手机版|Archiver|八达网    

GMT+8, 2026-3-22 19:37

Powered by Discuz! X2.5

© 2001-2012 Comsenz Inc.

回顶部