帮忙看下日志 bbs.ikaka.com

乱马飘雪 - 2007-5-2 3:02:00

2007-05-02,02:30:22

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<7c6su8s1ce21><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\iexpl0re.exe> []
<cf3d4tjk0stj><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\Servera.exe> []
<h3s1hdj6c5ycjx6><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\crasos.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<fy><C:\WINDOWS\Sysfy4\svchost.exe> []
<JT><C:\WINDOWS\SysJT4\svchost.exe> []
<J2><C:\WINDOWS\system32\SysJ2\svchost.exe> []
<sun><C:\WINDOWS\SysSun2\svchost.exe> []
<wl><C:\WINDOWS\Syswl3\svchost.exe> []
<wm><C:\WINDOWS\Syswm7\svchost.exe> []
<sj><C:\WINDOWS\Syssj5\svchost.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<360Safetray><d:\Program Files\360safe\safemon\360tray.exe> [奇虎网]
<Exprer><; C:\WINDOWS\Exprer.exe> []
<nwizAskTao><; C:\WINDOWS\system32\nwizAskTao.exe> []
<SoundMan><; SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[局域网通讯协议 / Hello World][Stopped/Auto Start]
<C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.EXE><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>

==================================
浏览器加载项
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <d:\Program Files\360safe\safemon\safemon.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>

乱马飘雪 - 2007-5-2 3:07:00

正在运行的进程
[PID: 436][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 492][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 516][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 560][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 572][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 844][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 892][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 924][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1256][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\Exprer.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\nwizAskTao.dll] [N/A, ]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Kavs1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\LgSy1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Msxo1.dll] [N/A, ]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[PID: 1412][D:\Program Files\360safe\safemon\360tray.exe] [奇虎网, 1, 0, 0, 1001]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[D:\Program Files\360safe\safemon\SafeKrnl.dll] [奇虎网, 1, 0, 0, 1001]
[D:\Program Files\360safe\AntiAdwa.dll] [360Safe.com, 2, 2, 1, 2000]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\Exprer.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Msxo1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\LgSy1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Kavs1.dll] [N/A, ]
[PID: 1448][C:\WINDOWS\Sysfy4\svchost.exe] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1456][C:\WINDOWS\SysJT4\svchost.exe] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[PID: 1468][C:\WINDOWS\system32\SysJ2\svchost.exe] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[PID: 1492][C:\WINDOWS\SysSun2\svchost.exe] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[PID: 1520][C:\WINDOWS\Syswl3\svchost.exe] [N/A, ]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[PID: 1528][C:\WINDOWS\Syswm7\svchost.exe] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[PID: 1536][C:\WINDOWS\Syssj5\svchost.exe] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[PID: 1548][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[PID: 964][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1000][C:\WINDOWS\system32\taskmgr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\Exprer.dll] [N/A, ]
[PID: 1380][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1040][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1472][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1396][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]

乱马飘雪 - 2007-5-2 3:07:00

[PID: 1504][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1584][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1236][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2124][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2176][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2192][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2264][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2360][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2376][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2552][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2592][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2636][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2748][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]

乱马飘雪 - 2007-5-2 3:08:00

PID: 2812][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2820][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2992][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3128][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3288][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3396][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3460][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3496][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3540][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3652][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3744][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3824][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3856][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3980][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 384][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]

乱马飘雪 - 2007-5-2 3:09:00

D: 1840][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1760][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 752][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1988][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2272][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3376][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1828][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2328][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3668][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 4040][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 4028][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3604][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1200][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2136][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2508][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2120][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]

tk26 - 2007-5-2 3:09:00

<7c6su8s1ce21><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\iexpl0re.exe> []
<cf3d4tjk0stj><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\Servera.exe> []
<h3s1hdj6c5ycjx6><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\crasos.exe> []
<fy><C:\WINDOWS\Sysfy4\svchost.exe> []
<JT><C:\WINDOWS\SysJT4\svchost.exe> []
<J2><C:\WINDOWS\system32\SysJ2\svchost.exe> []
<sun><C:\WINDOWS\SysSun2\svchost.exe> []
<wl><C:\WINDOWS\Syswl3\svchost.exe> []
<wm><C:\WINDOWS\Syswm7\svchost.exe> []
<sj><C:\WINDOWS\Syssj5\svchost.exe> []
<Exprer><; C:\WINDOWS\Exprer.exe> []
<nwizAskTao><; C:\WINDOWS\system32\nwizAskTao.exe> []
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\Exprer.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]

服务
[局域网通讯协议 / Hello World][Stopped/Auto Start]
<C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.EXE><N/A>

乱马飘雪 - 2007-5-2 3:10:00

PID: 2276][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 464][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3632][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1836][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3944][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2112][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 4080][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3752][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3684][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3804][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3104][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3308][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 380][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2828][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 4000][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]

乱马飘雪 - 2007-5-2 3:11:00

[PID: 200][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 3932][C:\program files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 2792][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 5412][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Msxo1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\LgSy1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Kavs1.dll] [N/A, ]
[C:\WINDOWS\system32\Exprer.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\macromed\flash\flash.ocx] [Macromedia, Inc., 6,0,79,0]
[C:\WINDOWS\system32\xpsp3res.dll] [Microsoft Corporation, 5.1.2600.3100 (xpsp_sp2_gdr.070309-0025)]
[C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 4640][C:\Documents and Settings\晓峰\桌面\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[D:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1001]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Msxo1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\LgSy1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Kavs1.dll] [N/A, ]
[C:\WINDOWS\system32\Exprer.dll] [N/A, ]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 mmm.caifu18.net
127.0.0.1 www.18dmm.com
127.0.0.1 d.qbbd.com
127.0.0.1 www.5117music.com
127.0.0.1 www.union123.com
127.0.0.1 www.wu7x.cn
127.0.0.1 www.54699.com
127.0.0.1 www1.6tan.com
127.0.0.1 www2.6tan.com
127.0.0.1 www.97725.com
127.0.0.1 down.97725.com
127.0.0.1 ip.315hack.com
127.0.0.1 ip.54liumang.com
127.0.0.1 www.41ip.com
127.0.0.1 xulao.com
127.0.0.1 www.heixiou.com
127.0.0.1 www.9cyy.com
127.0.0.1 www.hunll.com
127.0.0.1 www.down.hunll.com
127.0.0.1 do.77276.com
127.0.0.1 www.baidulink.com
127.0.0.1 adnx.yygou.cn
127.0.0.1 222.73.220.45
127.0.0.1 www.f5game.com
127.0.0.1 www.guazhan.cn
127.0.0.1 wm,103715.com
127.0.0.1 www.my6688.cn
127.0.0.1 i.96981.com
127.0.0.1 d.77276.com
127.0.0.1 www1.cw988.cn
127.0.0.1 cool.47555.com
127.0.0.1 www.asdwc.com
127.0.0.1 55880.cn
127.0.0.1 61.152.169.234
127.0.0.1 cc.wzxqy.com
127.0.0.1 www.54699.com
127.0.0.1 t.gcuj.com
127.0.0.1 www.puma163.com
127.0.0.1 ceoww.com
127.0.0.1 boolom.com
127.0.0.1 adult-novel.cn
127.0.0.1 ll.chinasese.net
127.0.0.1 www.tellumore.com
127.0.0.1 www.o1wg.com
127.0.0.1 www.qq756.com
127.0.0.1 ll.chinasese.net

==================================
API HOOK
入口点错误：CreateProcessA (危险等级: 一般, 被下面模块所HOOK: D:\Program Files\360safe\safemon\safemon.dll)
入口点错误：CreateProcessW (危险等级: 一般, 被下面模块所HOOK: D:\Program Files\360safe\safemon\safemon.dll)

==================================
隐藏进程
N/A

==================================

[/CODE]

乱马飘雪 - 2007-5-2 3:12:00

先谢谢大侠了,我装了很多次系统还是不行

tk26 - 2007-5-2 3:15:00

启动项目

<7c6su8s1ce21><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\iexpl0re.exe> []
<cf3d4tjk0stj><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\Servera.exe> []
<h3s1hdj6c5ycjx6><; C:\DOCUME~1\晓峰\LOCALS~1\Temp\crasos.exe> []
<fy><C:\WINDOWS\Sysfy4\svchost.exe> []
<JT><C:\WINDOWS\SysJT4\svchost.exe> []
<J2><C:\WINDOWS\system32\SysJ2\svchost.exe> []
<sun><C:\WINDOWS\SysSun2\svchost.exe> []
<wl><C:\WINDOWS\Syswl3\svchost.exe> []
<wm><C:\WINDOWS\Syswm7\svchost.exe> []
<sj><C:\WINDOWS\Syssj5\svchost.exe> []
<Exprer><; C:\WINDOWS\Exprer.exe> []
<nwizAskTao><; C:\WINDOWS\system32\nwizAskTao.exe> []

服务
[局域网通讯协议 / Hello World][Stopped/Auto Start]
<C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.EXE><N/A>

进程模块
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\Exprer.dll] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[C:\WINDOWS\system32\nwizAskTao.dll] [N/A, ]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Kavs1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\LgSy1.dll] [N/A, ]
[C:\DOCUME~1\晓峰\LOCALS~1\Temp\Msxo1.dll] [N/A, ]
[PID: 1448][C:\WINDOWS\Sysfy4\svchost.exe] [N/A, ]
[C:\WINDOWS\Sysfy4\Ghook.dll] [N/A, ]
[PID: 1456][C:\WINDOWS\SysJT4\svchost.exe] [N/A, ]
[C:\WINDOWS\SysJT4\Ghook.dll] [N/A, ]
[PID: 1468][C:\WINDOWS\system32\SysJ2\svchost.exe] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[PID: 1492][C:\WINDOWS\SysSun2\svchost.exe] [N/A, ]
[C:\WINDOWS\SysSun2\Ghook.dll] [N/A, ]
[PID: 1520][C:\WINDOWS\Syswl3\svchost.exe] [N/A, ]
[C:\WINDOWS\Syswl3\Ghook.dll] [N/A, ]
[PID: 1528][C:\WINDOWS\Syswm7\svchost.exe] [N/A, ]
[C:\WINDOWS\Syswm7\Ghook.dll] [N/A, ]
[PID: 1536][C:\WINDOWS\Syssj5\svchost.exe] [N/A, ]
[C:\WINDOWS\Syssj5\Ghook.dll] [N/A, ]

乱马飘雪 - 2007-5-2 17:49:00

是不是把那些删掉呢？

乱马飘雪 - 2007-5-2 17:51:00

我上次删了很多，到最后连系统都进不了了，安全模式下进入系统都要密码

乱马飘雪 - 2007-5-3 2:56:00

神啊!救救我吧

桃子CiCi - 2007-5-3 3:07:00

参看置顶帖

赤日炎炎 - 2007-5-3 7:22:00

病毒看似很多，有游戏木马Ghook.dll-svchost.exe，还有C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.EXE。清除办法网上有专门介绍。
个人以为，清除了一点意义都没有，因为楼主没装任何防范病毒的软件，杀光了还会再中的。
裸奔只适合那些故意想感染病毒然后研究杀毒的大虾们，菜鸟级的最好不要冒这个险了，呵呵。

乱马飘雪 - 2007-5-3 14:07:00

我是重装过系统的，所以好多软件没来得及装，我原先装卡巴的，但老是报警，连卡巴也被病毒搞得时好时坏，经常提示过期，要什么授权码。

瑞星卡卡安全论坛