瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 求助】win32.Hack.NsAnti.eb.43611 总杀不掉.麻烦你们帮我看看日志

12   2  /  2  页   跳转

求助】win32.Hack.NsAnti.eb.43611 总杀不掉.麻烦你们帮我看看日志

收藏
天赐我一生
头像
健康舞勺狮
  • 帖子:357
  • 注册: 2007-05-06
  • 来自:
论坛9周年纪念
发表于: 2007-05-06 19:47 | 短消息 资料
字号: 11楼

学啊!!!
gototop
 
horseluke11
头像
飘泊而立狮
  • 帖子:497
  • 注册: 2006-11-13
  • 来自:
发表于: 2007-05-06 19:51 | 短消息 资料
字号: 12楼

而且驱动和浏览器加载项都是比较关键的部分。没了它可不行。
所以现在只能根据这个不全的日志给出不全的方案。楼主在做完后请重新扫描,重新贴日志..........

1、下载ICESWORD:http://www.onlinedown.net/soft/4523.htm

2、断网(不会就直接拔网线)

3、打开ICESWORD,“文件”--〉“设置”,勾选上“禁止进线程创建”。

4、结束以下进程。
[188] C:\Program Files\msn\msn.cc
[2644] C:\Program Files\Common Files\Bitoot
[PID: 1908][C:\WINDOWS\shualai.exe] [N/A, ]
[PID: 512][C:\Progra~1\Eset\1explore.exe] [N/A, ]

5、在ICESWORD中删除以下文件:
<ztsa><C:\DOCUME~1\new\LOCALS~1\Temp\ztso.exe> []
<qjsa><C:\DOCUME~1\new\LOCALS~1\Temp\qjso.exe> []
<shualai><C:\WINDOWS\shualai.exe /i> []
<cmdbcs><C:\WINDOWS\cmdbcs.exe> []
<winform><C:\WINDOWS\winform.exe> []
<mppds><C:\WINDOWS\mppds.exe> []
<msccrt><C:\WINDOWS\msccrt.exe> []
<Kvsc3><C:\WINDOWS\Kvsc3.exe> []
<WinXPService><C:\WINDOWS\system32\nero.exe> [mIRC Co. Ltd.]
<C:\Program Files\msn\msn.cc><N/A>
<C:\SNOWTEST\System32\RaV.exe><N/A>
<C:\WINDOWS\system32\2DE760.EXE -d><Microsoft Corporation>
C:\PROGRA~1\gsil\qcsv.dll><N/A>
<C:\WINDOWS\system32\MSupdate.exe><N/A>
<C:\Program Files\Common Files\Bitoot><N/A>
<C:\Program Files\Common Files\Service><N/A>
[C:\WINDOWS\system32\pdkpri.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ]
[C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ]
[C:\WINDOWS\system32\mppds.dll] [N/A, ]
[C:\WINDOWS\system32\winform.dll] [N/A, ]
[C:\WINDOWS\system32\shualai.dll] [N/A, ]
[C:\WINDOWS\system32\Kvsc3.dll] [N/A, ]
[C:\WINDOWS\system32\msccrt.dll] [N/A, ]
[PID: 1908][C:\WINDOWS\shualai.exe] [N/A, ]
[C:\WINDOWS\system32\shualai.dll] [N/A, ]
[PID: 512][C:\Progra~1\Eset\1explore.exe] [N/A, ]
[C:\WINDOWS\system32\msccrt.dll] [N/A, ]
[C:\WINDOWS\system32\Kvsc3.dll] [N/A, ]
[C:\WINDOWS\system32\mppds.dll] [N/A, ]
[C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll] [N/A, ]
[C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll] [N/A, ]
[C:\WINDOWS\system32\winform.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\shualai.dll] [N/A, ]


在ICESWORE删除如下文件夹:
C:\SNOWTEST\


6、取消“禁止进线程创建”。

7、启动SREG2。
“启动项目”---〉“注册表”选项卡。删除如下启动项目。
<ztsa><C:\DOCUME~1\new\LOCALS~1\Temp\ztso.exe> []
<qjsa><C:\DOCUME~1\new\LOCALS~1\Temp\qjso.exe> []
<shualai><C:\WINDOWS\shualai.exe /i> []
<cmdbcs><C:\WINDOWS\cmdbcs.exe> []
<winform><C:\WINDOWS\winform.exe> []
<mppds><C:\WINDOWS\mppds.exe> []
<msccrt><C:\WINDOWS\msccrt.exe> []
<Kvsc3><C:\WINDOWS\Kvsc3.exe> []
<WinXPService><C:\WINDOWS\system32\nero.exe> [mIRC Co. Ltd.]


“启动项目”---〉“服务”选项卡,单击“Win32服务应用程序”,然后勾选上“隐藏已认证的微软项目”。
在以下服务上面单击右键--〉“停止服务”,然后再次选中该服务,选中“删除服务”,点“设置”再点“否”就可以删除
[Automatic / Automatic][Running/Auto Start]
<C:\Program Files\msn\msn.cc><N/A>
[CoolWare / CoolWare][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\struts.dll><N/A>
[DNS Clisent / DNS Clisent][Stopped/Auto Start]
<C:\SNOWTEST\System32\RaV.exe><N/A>
[F1959A0A / F1959A0A][Stopped/Auto Start]
<C:\WINDOWS\system32\2DE760.EXE -d><Microsoft Corporation>
[Windows lxnq RunThem / lxnq][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\gsil\qcsv.dll><N/A>
[Serv-U FTP Server / Serv-U][Running/Auto Start]
<C:\WINDOWS\system32\MSupdate.exe><N/A>
[System Updater Server / System Updater Server][Running/Auto Start]
<C:\Program Files\Common Files\Bitoot><N/A>
[Universal Plug and Play Device / Universal Plug and Play Device][Stopped/Auto Start]
[UpdataServer / UpdataServer][Stopped/Auto Start]
<C:\Program Files\Common Files\Service><N/A>

“系统修复”--〉“hosts文件”选项卡。按红色的“重置”--〉选择“是”。再按保存。


8、删除临时文件夹里面的所有东西,包括:
C:\Documents and Settings\<用户名>\Local Settings\Temp
C:\WINDOWS\TEMP
Internet临时文件夹(控制面板--〉“Internet选项”---〉“删除文件”---〉勾选“包括临时文件夹”--〉确定)

9、打开金山网镖,并转到“应用规则”。将步骤4和5中出现的所有相关EXE程序访问网络规则改为“禁止”。

10、卸载QQ并删除其安装文件夹。重新安装qq,但不要安装在默认目录。

11、重新启动,并且上网

12、如果上不了网,请到SRENG2“系统修复”--〉“WINSOCK供应者”选项卡。按红色的“重置所有内容为默认值”--〉按提示操作。
gototop
 
chenxiao8191
头像
初生襁褓狮
  • 帖子:21
  • 注册: 2006-08-04
  • 来自:
发表于: 2007-05-06 20:23 | 只看楼主 短消息 资料
字号: 13楼

动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
    <KavPFW><"C:\KAV2007\KPFW32.EXE">  [Kingsoft Corporation]
    <ravshell><C:\Progra~1\Eset\1explore.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Publisher]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <LHotkey><LHotkey.exe>  [Chicony]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <KavStart><"C:\KAV2007\KAVStart.exe" -startup>  [Kingsoft Corporation]
    <WebThunder><E:\WEB\web迅雷\WebThunder.exe>  [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
    <ztsa><C:\DOCUME~1\new\LOCALS~1\Temp\ztso.exe>  []
    <qjsa><C:\DOCUME~1\new\LOCALS~1\Temp\qjso.exe>  []
    <shualai><C:\WINDOWS\shualai.exe /i>  []
    <cmdbcs><C:\WINDOWS\cmdbcs.exe>  []
    <winform><C:\WINDOWS\winform.exe>  []
    <mppds><C:\WINDOWS\mppds.exe>  []
    <msccrt><C:\WINDOWS\msccrt.exe>  []
    <Kvsc3><C:\WINDOWS\Kvsc3.exe>  []
    <WinXPService><C:\WINDOWS\system32\nero.exe>  [mIRC Co. Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\Userinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{42A612A4-4334-4424-4234-42261A31A236}><C:\WINDOWS\system32\pdkpri.dll>  []
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\BLISS.SCR>  [Microsoft]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\new\「开始」菜单\程序\启动\腾讯QQ.lnk --> F:\QQ2007\2007qq\QQ.exe [TENCENT]><N>

==================================
服务
[Automatic / Automatic][Running/Auto Start]
  <C:\Program Files\msn\msn.cc><N/A>
[CoolWare / CoolWare][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\struts.dll><N/A>
[DNS Clisent / DNS Clisent][Stopped/Auto Start]
  <C:\SNOWTEST\System32\RaV.exe><N/A>
[F1959A0A / F1959A0A][Stopped/Auto Start]
  <C:\WINDOWS\system32\2DE760.EXE -d><Microsoft Corporation>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
  <"C:\KAV2007\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <C:\KAV2007\KWatch.EXE><Kingsoft Corporation>
[Windows lxnq RunThem / lxnq][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\gsil\qcsv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Serv-U FTP Server / Serv-U][Paused/Auto Start]
  <C:\WINDOWS\system32\MSupdate.exe><N/A>
[System Updater Server / System Updater Server][Running/Auto Start]
  <C:\Program Files\Common Files\Bitoot><N/A>
[Universal Plug and Play Device / Universal Plug and Play Device][Stopped/Auto Start]
  <C:\Program Files\ATI Technologies\ATI.ACE\Data\ati><N/A>
[UpdataServer / UpdataServer][Stopped/Auto Start]
  <C:\Program Files\Common Files\Service><N/A>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV][Running/Manual Start]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[HWiNFO32 Kernel Driver / HWiNFO32][Running/Auto Start]
  <\??\C:\Program Files\HWiNFO32\HWiNFO32.SYS><REALiX(tm)>
[king001 / king001][Stopped/Manual Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xpe.sys><N/A>
[KNetWch / KNetWch][Running/System Start]
  <\??\C:\KAV2007\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\D:\Program Files\QQ2005\npkcrypt.sys><N/A>
[NTSIM / NTSIM][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\ntsim.sys><VIA Networking Technologies, Inc.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
gototop
 
chenxiao8191
头像
初生襁褓狮
  • 帖子:21
  • 注册: 2006-08-04
  • 来自:
发表于: 2007-05-06 20:33 | 只看楼主 短消息 资料
字号: 14楼

浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2007\KAVAFish.DLL, Kingsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\迅雷 V5.5.5.269\xunlei55\Thunder.exe, Thunder Networking Technologies,LTD>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\QQ2007\2007qq\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <d:\Program Files\QQ2005\QQIEHelper.dll, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\KAV2007\Flash.OCX, Macromedia, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2007\KAVAFish.DLL, Kingsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\KAV2007\Flash.OCX, Macromedia, Inc.>
[&使用迅雷下载]
  <F:\迅雷 V5.5.5.269\xunlei55\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <F:\迅雷 V5.5.5.269\xunlei55\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <F:\QQ2007\2007qq\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <E:\WEB\web迅雷\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <E:\WEB\web迅雷\GetAllUrl.htm, N/A>
[使用影音传送带下载]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <F:\QQ2007\2007qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\QQ2007\2007qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\QQ2007\2007qq\SendMMS.htm, N/A>
[金山毒霸反钓鱼...]
  <C:\KAV2007\KAF\ShowSet.htm, N/A>

==================================
正在运行的进程
[PID: 592][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 648][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 672][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 716][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 728][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 888][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1520][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\pdkpri.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [C:\WINDOWS\system32\WINWB86.IME]  [Microsoft Corporation, 4.00.950]
    [C:\WINDOWS\system32\IMSC40A.IME]  [Microsoft Corporation, 6.0.0.2527]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Acrobatchs\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\KAV2007\KAVEXT.DLL]  [Kingsoft Corporation, 2005, 8, 5, 16]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[PID: 1816][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.7184]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.7184]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1824][C:\WINDOWS\LHotkey.exe]  [Chicony, 1. 0. 0. 1]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1832][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.34]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1864][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
gototop
 
chenxiao8191
头像
初生襁褓狮
  • 帖子:21
  • 注册: 2006-08-04
  • 来自:
发表于: 2007-05-06 20:42 | 只看楼主 短消息 资料
字号: 15楼

PID: 1864][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1872][C:\KAV2007\KAVStart.exe]  [Kingsoft Corporation, 2007, 4, 9, 269]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2007, 1, 15, 30]
    [C:\KAV2007\SvcTimer.DLL]  [Kingsoft Corporation, 2006.12.22.84]
    [C:\KAV2007\PopSprt3.dll]  [Kingsoft Corporation, 2007, 1, 16, 45]
    [C:\KAV2007\KAVPassp.dll]  [Kingsoft Corporation, 2006, 12, 30, 271]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
[PID: 1884][E:\WEB\web迅雷\WebThunder.exe]  [深圳市迅雷网络技术有限公司, 1, 7, 2, 107]
    [E:\WEB\web迅雷\taskmanage.dll]  [Thunder Networking Technologies,LTD, 1, 7, 2, 107]
    [E:\WEB\web迅雷\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 79]
    [E:\WEB\web迅雷\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [E:\WEB\web迅雷\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 79]
    [E:\WEB\web迅雷\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [E:\WEB\web迅雷\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 3, 0, 228]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [E:\WEB\web迅雷\iEmbedShell.dll]  [ , 1, 0, 0, 17]
    [E:\WEB\web迅雷\iEmbed09.dll]  [ , 3, 3, 0, 78]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
[PID: 1908][C:\WINDOWS\shualai.exe]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
[PID: 244][C:\KAV2007\KMailMon.EXE]  [Kingsoft Corporation, 2007, 2, 25, 948]
    [C:\KAV2007\KAntiSpm.dll]  [Kingsoft Corporation, 2007, 2, 25, 129]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2007, 1, 15, 30]
    [C:\KAV2007\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\KAV2007\KAEPlat.DLL]  [Kingsoft Corp., 2007, 2, 4, 61]
    [C:\KAV2007\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KAV2007\KAEUnpack.DAT]  [Kingsoft Corp., 2007, 3, 12, 114]
    [C:\KAV2007\KAConfig.DLL]  [Kingsoft Corporation, 2007, 1, 11, 41]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 480][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 496][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe]  [Google Inc., 1, 2, 1128, 5462]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_zh-CN.dll]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 504][C:\KAV2007\KPFW32.EXE]  [Kingsoft Corporation, 2007, 2, 2, 687]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2007, 1, 15, 30]
    [C:\KAV2007\KAConfig.DLL]  [Kingsoft Corporation, 2007, 1, 11, 41]
    [C:\KAV2007\FiltList.dll]  [N/A, ]
    [C:\KAV2007\KAVPassp.DLL]  [Kingsoft Corporation, 2006, 12, 30, 271]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
gototop
 
chenxiao8191
头像
初生襁褓狮
  • 帖子:21
  • 注册: 2006-08-04
  • 来自:
发表于: 2007-05-06 20:43 | 只看楼主 短消息 资料
字号: 16楼

PID: 504][C:\KAV2007\KPFW32.EXE]  [Kingsoft Corporation, 2007, 2, 2, 687]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2007, 1, 15, 30]
    [C:\KAV2007\KAConfig.DLL]  [Kingsoft Corporation, 2007, 1, 11, 41]
    [C:\KAV2007\FiltList.dll]  [N/A, ]
    [C:\KAV2007\KAVPassp.DLL]  [Kingsoft Corporation, 2006, 12, 30, 271]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
[PID: 512][C:\Progra~1\Eset\1explore.exe]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2836][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2796][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\WINDOWS\system32\pdkpri.dll]  [N/A, ]
[PID: 2996][C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.890\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1        localhost
127.0.0.1        popwin.9983.com
61.152.169.246    www.kuaiso.com
61.152.169.246    www.my6688.cn
61.152.169.246    www.union123.com
61.152.169.246    www.ktan.cn
61.152.169.246    www.2t2t.cn
61.152.169.246    www.cq530.com
61.152.169.246    www.365tc.com
61.152.169.246    ad.qucha.net
61.152.169.246    www.tan8.cn
61.152.169.246    www.itjj.net
61.152.169.246    www.start188.com
61.152.169.246    www.at58.cn
61.152.169.246    union.yxad.com
61.152.169.246    www.iptan.com
61.152.169.246    www.ip2008.net
61.152.169.246    www.yqif.com
61.152.169.246    www.2t2t.cn
61.152.169.246    www.17tan8.com
61.152.169.246    17tan8.com
61.152.169.246    www.688ip.com
61.152.169.246    www.17tc.com
61.152.169.246    www.zztan.com
61.152.169.246    www.5tanip.com
61.152.169.246    www.16tc.com
61.152.169.246    www.163se.net
61.152.169.246    www.724tc.com
61.152.169.246    www1.6tan.com
61.152.169.246    www2.6tan.com
61.152.169.246    www.6tan.com
61.152.169.246    quxiuu.com
61.152.169.246    www.quxiuu.com
61.152.169.246    www.23b.cn
61.152.169.246    www.ookkw.com
61.152.169.246    www.97725.com
61.152.169.246    down.97725.com
61.152.169.246    www.54699.com
61.152.169.246    web.77276.com
61.152.169.246    www.77276.com
61.152.169.246    d.77276.com
61.152.169.246    do.77276.com
61.152.169.246    i.96981.com
61.152.169.246    wm.103715.com
61.152.169.246    www.138505.com
61.152.169.246    cool.47555.com
61.152.169.246    www.437799.com
61.152.169.246    www.168080.com
61.152.169.246    w.168080.com
61.152.169.246    q.168080.com
61.152.169.246    www.baidu8.org
61.152.169.246    d.qbbd.com
61.152.169.246    w.qbbd.com
61.152.169.246    www.npjxjy.com
61.152.169.246    www.wwwlm.net
61.152.169.246    new2.jixie123.cn
61.152.169.246    www.18dmm.com
61.152.169.246    www.souxse.cn
61.152.169.246    dm1.yiall.com
61.152.169.246    www.nze21.com
61.152.169.246    www.puma163.com
61.152.169.246    www.hyap98.com
61.152.169.246    www.51liulan.cn
61.152.169.246    s.gcuj.com
61.152.169.246    long.down988.cn
61.152.169.246    x.vvcyin.com
61.152.169.246    w.vvcyin.com
61.152.169.246    cc.wzxqy.com
61.152.169.246    ip.315hack.com
61.152.169.246    ip.54liumang.com
61.152.169.246    www.41ip.com
61.152.169.246    xulao.com
61.152.169.246    www.xulao.com
61.152.169.246    www.heixiou.com
61.152.169.246    www.9cyy.com
61.152.169.246    adnx.yygou.cn
61.152.169.246    www1.cw988.cn
61.152.169.246    www2.cw988.cn
61.152.169.246    www.asdwc.com
61.152.169.246    ceoww.com
61.152.169.246    boolom.com
61.152.169.246    www.boolom.com
61.152.169.246    www.tellumore.com
61.152.169.246    www.o1wg.com
61.152.169.246    www.qq756.com
61.152.169.246    ll.chinasese.net
61.152.169.246    www.cnwangmeng.cn
61.152.169.246    0.82211.net
61.152.169.246    rising.whatthishome.com
61.152.169.246    www.canqiou.com
61.152.169.246    www.if56.cn
61.152.169.246    woai777.com
61.152.169.246    www.cz-kc.com
61.152.169.246    www.f1ash8.net
61.152.169.246    new.hackpp.com
61.152.169.246    ad.taoip.cn
61.152.169.246    www.game53.com
61.152.169.246    up.boolom.com
61.152.169.246    t.gcuj.com
61.152.169.246    w.zpx520.com
61.152.169.246    www.08325.cn
61.152.169.246    d.fangni.net
61.152.169.246    psxiaokan1.mei7.com
61.152.169.246    jd.54liumang.com
61.152.169.246    www.ipvip.info
61.152.169.246    www.tao168188.com

==================================
API HOOK
入口点错误:LoadLibraryExW (危险等级: 一般,  被下面模块所HOOK: C:\KAV2007\KASocket.dll)

==================================
隐藏进程
    [188] C:\Program Files\msn\msn.cc
    [2644] C:\Program Files\Common Files\Bitoot

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT