Home Contact Sitemap

Firefox中文观察站

您渴望的网络生活就在眼前

FireFox火狐浏览器3.0.8中文版下载

大小:9,031KB 类别:主页浏览
下载:122360057次 授权:免费版
语言:简体中文 环境:Window/linux
评级: 更新:2009-03-30
更新日志

下载地址:
FireFox3.0.8中文增强版高速下载

彻底攻破firefox病毒,完全清除Firefox下载提示

近期接到用户反馈使用IE浏览器打开任意网页都会有下载火狐的提示,本文旨在寻找问题原因和提供解决方案。典型截图如下:

“系统检测发现您正在使用极低版本IE浏览器,可能存在安全隐患,强烈推荐您在windows系统使用更快速!更安全!更稳定!的浏览器:FireFox火狐浏览器,点击下载”




该问题原本可能是arp欺骗以及恶意的网络推广,本站过去,现在,将来都没有使用这种方式,所以也请在本站乱喷F的愤青们,嘴下留情吧。

总体上看:在类似现象主机中存在很多风险程序以及恶意软件。就这个现象本身而言,用sreng扫描(您也可以使用360安全卫士等类似软件),将浏览器辅助对象以及explorer.exe和iexplore.exe进程中同时存在的可疑dll文件通过一些强制删除工具删除或者卸载相关dll文件即可。(注意:强制删除文件前请备份完整注册表,以免造成异常)

目前处理的机器是下面的这个文件: bteqavvkerblq.dll『将这个dll在正常主机上面注册后,访问新浪网现象即可重现』中招用户可以在命令行状态下,输入内容:regsvr32 /u %systemroot%system32bteqavvkerblq.dll 运行即可解决。如果没有解决,请上传sreng检测报告(或360安全卫士报告)。

浏览器加载项:{98836B5F-4E24-4207-952D-A5EA63C7A645} <C:WINDOWSsystem32bteqavvkerblq.dll >

正在运行的进程
[PID: 3468 / ym][C:WINDOWSExplorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]    [C:WINDOWSsystem32bteqavvkerblq.dll]  [, 1.0.0.0]
[PID: 3800 / ym][C:Program FilesInternet Exploreriexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]   [C:WINDOWSsystem32bteqavvkerblq.dll]  [, 1.0.0.0]

由于该问题提交的日志量并不多,而且该现象大多以局域网arp,网络会话劫持,网络恶意推广等问题为主。所以目前暂时也无法确认具体原因。为了更广泛的寻找该问题的原因,请将sreng(或360安全卫士报告)的检测报告以附件的形式回复此帖。(不一定解决所有提交的问题,因为有相当大的一部分是其他问题导致的)

使用的软件:
sreng
360安全卫士
同时建议您使用最新版的杀毒软件全面杀毒

题外话,推广火狐是有利益的,但是有些站却用病毒来推广,火狐是好软件,我喜欢了好几年,真的不希望有人这样恶意来推广

2008-02-22 19:59:51

刘 海 龙 on 2008-03-06 11:27:52

科技和撒旦疯狂

00000 on 2008-03-06 04:58:10

火狐呢本心说是不错,不是不应该为了市场占有量以这种方式强推,还有一定要装个什么google工具栏,我很讨厌

无奈 on 2008-03-06 04:06:14

实在过分,杀毒又杀不掉,又不能好好工作

甘圣吉 on 2008-03-01 05:15:00

,农民就是不一样啊

海 on 2008-02-29 05:00:16

还没解决,你这是不是真的啊?

李藍 on 2008-02-28 21:50:37

狠好

曾华伟 on 2008-02-28 06:52:54

可以哦...你太棒了

王建峰 on 2008-02-28 01:56:29

真的不错
我以前也下过
我推荐大家来

sreng检测报告 on 2008-02-27 19:48:04

[CODE]

2008-02-28,11:38:28

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[N/A]
[(Verified)Beijing Rising Science and Technology Corporation Limited]
[]
[NVIDIA Corporation]
[NVIDIA Corporation]
[N/A]
[InstallShield Software Corporation]
[InstallShield Software Corporation]
[N/A]
[]
[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows XP Publisher]
[(Verified)Microsoft Windows Publisher]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
[(Verified)Beijing Rising Science and Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceobjectDelayLoad]
[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{26923b43-4d38-484f-9b9e-de460746276c}]
[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[N/A]

==================================
启动文件夹
N/A

==================================
服务
[Google Updater Service / gusvc][Stopped/Manual Start]

[Human Interface Device Access / HidServ][Stopped/Disabled]
%SystemRoot%\System32\hidserv.dll>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]

[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]

[Chinese Paladin 4 CN Drivers Auto Removal (pr2ach4f) / pr2ach4f][Stopped/Auto Start]

[Qvod Terminal / Qvod Terminal][Running/Auto Start]

[Rising Process Communication Center / RsCCenter][Running/Auto Start]

[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]

[Windows Advanced Manager / wamer][Stopped/Auto Start]

[Portable Media Serial Number Services / WmdmPmSNs][Stopped/Auto Start]


==================================
驱动程序
[20cyr / 20cyr][Running/Auto Start]

[9158cap, WDM Video Capture / 9158CAP][Running/Auto Start]

[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]

[AliIde / AliIde][Stopped/Boot Start]

[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]

[Rising TDI base Driver / baseTDI][Running/Auto Start]

[bootdrv / bootdrv][Running/Boot Start]

[CmdIde / CmdIde][Stopped/Boot Start]

[CnsStd / CnsStd][Running/Auto Start]

[EagleNT / EagleNT][Stopped/Manual Start]

[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]

[FTCkillfile / FTCkillfile][Stopped/Manual Start]

[HookCont / HookCont][Running/System Start]

[HookNtos / HookNtos][Running/System Start]

[HookReg / HookReg][Running/System Start]

[HookSys / HookSys][Running/System Start]

[kswyuut / kswyuutq][Running/Boot Start]

[nglarho / nglarho][Running/Boot Start]

[Netgroup Packet Filter / NPF][Running/Manual Start]

[npkcrypt / npkcrypt][Running/Auto Start]

[nv / nv][Running/Manual Start]

[nvata / nvata][Running/Boot Start]

[NVATABUS / NVATABUS][Running/Boot Start]

[Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Running/Manual Start]

[Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Running/Manual Start]

[Chinese Paladin 4 CN Environment Driver (pe3ach4f) / pe3ach4f][Running/Boot Start]

[Chinese Paladin 4 CN Synchronization Driver (ps6ach4f) / ps6ach4f][Running/Boot Start]

[Direct Parallel link Driver / Ptilink][Running/Manual Start]

[RsNTGDI / RsNTGDI][Running/Boot Start]

[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]

[Secdrv / Secdrv][Stopped/Manual Start]

[WoptiHWDetect / WoptiHWDetect][Stopped/Manual Start]

[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]

[Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]


==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[]
{4D2EAF15-81D0-42DA-8C39-19EDD39E0FB3}
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A}
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283}
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7}
[SrchHook Class]
{F08555B0-9CC3-11D2-AA8E-000000000000}
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583}
[快捷工具条3.21]
{BE830FD4-E393-417F-9F4B-CC70ABB3384C}
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
[Download Class]
{ADC16E87-FAFB-4A89-95BA-87C51DC42E66}
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233}
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13}
[DHTML Edit Control Safe for scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A}
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844}
[]
{4D2EAF15-81D0-42DA-8C39-19EDD39E0FB3}
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A}
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283}
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7}
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89}
[快捷工具条3.21]
{BE830FD4-E393-417F-9F4B-CC70ABB3384C}
[Shockwave Flash object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[SrchHook Class]
{F08555B0-9CC3-11D2-AA8E-000000000000}
[使用迅雷下载]

[使用迅雷下载全部链接]

[导出到 Microsoft Office Excel(&X)]

[添加到QQ表情]


==================================
正在运行的进程
[PID: 588 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 656 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 680 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 892 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 956 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1056 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[PID: 1072 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1112 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1216 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1332 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\ravmond.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.74]
[C:\PROGRAM FILES\RISING\RAV\BWList.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.4]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[C:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[C:\PROGRAM FILES\RISING\RAV\RsLog.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.34]
[C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\PROGRAM FILES\RISING\RAV\MonRule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[C:\PROGRAM FILES\RISING\RAV\Hooksys.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 8]
[C:\PROGRAM FILES\RISING\RAV\HookReg.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
[C:\PROGRAM FILES\RISING\RAV\HookNtos.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
[C:\PROGRAM FILES\RISING\RAV\rswalmon.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
[C:\PROGRAM FILES\RISING\RAV\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 27]
[C:\PROGRAM FILES\RISING\RAV\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
[C:\PROGRAM FILES\RISING\RAV\ffr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 10]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.8]
[C:\PROGRAM FILES\RISING\RAV\HookCont.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
[C:\Program Files\Rising\Rav\fakescan.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.13]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.36]
[C:\PROGRAM FILES\RISING\RAV\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
[C:\PROGRAM FILES\RISING\RAV\extfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
[C:\PROGRAM FILES\RISING\RAV\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
[C:\PROGRAM FILES\RISING\RAV\pearc.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
[C:\PROGRAM FILES\RISING\RAV\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.2]
[C:\PROGRAM FILES\RISING\RAV\nvfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\PROGRAM FILES\RISING\RAV\scanexec.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
[C:\PROGRAM FILES\RISING\RAV\unexe.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[C:\PROGRAM FILES\RISING\RAV\scanex.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 44]
[C:\PROGRAM FILES\RISING\RAV\scanpack.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
[C:\PROGRAM FILES\RISING\RAV\revm.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
[C:\PROGRAM FILES\RISING\RAV\urutils.dll] [, 20, 0, 0, 3]
[C:\PROGRAM FILES\RISING\RAV\ur000.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\PROGRAM FILES\RISING\RAV\scriptci.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\PROGRAM FILES\RISING\RAV\ur014.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[C:\PROGRAM FILES\RISING\RAV\uroutine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
[C:\PROGRAM FILES\RISING\RAV\posttrt.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
[C:\PROGRAM FILES\RISING\RAV\ur001.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 2]
[C:\PROGRAM FILES\RISING\RAV\extmail.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[C:\PROGRAM FILES\RISING\RAV\scansct.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
[PID: 1628 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.9136]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\nvshell.dll] [, ]
[D:\迅雷\111\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[C:\WINDOWS\system32\vnzuxsxeepfgm.dll] [, 1.0.0.0]
[D:\迅雷\111\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 55]
[D:\迅雷\111\Components\ResWorker\DsBho_01.dll] [, 1, 0, 0, 12]
[D:\迅雷\111\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[D:\Alisoft\WangWang\WangWangX4.dll] [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1]
[C:\WINDOWS\system32\aliedit\aliedit.dll] [, 1, 1, 0, 3]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[D:\ftc2008\FTCCommenu.dll] [Fygsoft and Microsoft, 3.0.0.71]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[d:\Wopti\WoptiEncryptModule.dll] [共软网络, 1.0.8.103]
[PID: 1676 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1896 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\RavStub.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.9]
[C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 128 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[PID: 416 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
[PID: 456 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.22]
[C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[PID: 496 / Administrator][C:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 20.0.01.11]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 27]
[C:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
[C:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
[C:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
[C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[C:\Program Files\Rising\Rav\MonRule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[C:\Program Files\Rising\Rav\Rsguilib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
[C:\Program Files\Rising\Rav\Rsxml.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 608 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 352 / Administrator][C:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.9136]
[PID: 444 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2172 / Administrator][C:\Program Files\ChinaNet\VnetClient.exe] [, 2007, 6, 29, 18]
[C:\Program Files\ChinaNet\Communicate.dll] [GDCN, 2006, 2, 15, 1]
[C:\Program Files\ChinaNet\DialModule.dll] [GDCN, 2007, 11, 30, 14]
[C:\Program Files\ChinaNet\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\PROGRA~1\ChinaNet\CLIENT~1.DLL] [, 2004, 2, 28, 1]
[C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX] [, 2007, 1, 24, 9]
[C:\PROGRA~1\ChinaNet\sign.dll] [0, 2004, 12, 1, 1]
[C:\PROGRA~1\ChinaNet\ADVERT~1.OCX] [, 2007, 4, 20, 15]
[C:\PROGRA~1\ChinaNet\VnetBs.ocx] [, 2004, 11, 18, 1]
[C:\PROGRA~1\ChinaNet\BDSearch.ocx] [gdcn, 2007, 8, 3, 10]
[C:\PROGRA~1\ChinaNet\PageFram.ocx] [Workgroup, 2007, 6, 8, 10]
[C:\PROGRA~1\ChinaNet\ACCOUN~1.OCX] [Workgroup, 2007, 8, 16, 18]
[C:\PROGRA~1\ChinaNet\AccountMgr.dll] [, 2006, 11, 19, 14]
[C:\PROGRA~1\ChinaNet\IcosBar.ocx] [Workgroup, 2007, 4, 29, 15]
[C:\PROGRA~1\ChinaNet\VnetSkin.ocx] [GDDC, 2006, 9, 6, 15]
[C:\PROGRA~1\ChinaNet\Dialogstyle.dll] [, 1, 0, 0, 1]
[C:\PROGRA~1\ChinaNet\Timer.ocx] [, 2007, 5, 25, 11]
[C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX] [, 2006, 4, 4, 1]
[C:\Program Files\ChinaNet\NewMessage.dll] [, 2007, 6, 18, 18]
[C:\PROGRA~1\ChinaNet\PassCtrl.dll] [GDCN, 2006, 3, 1, 16]
[C:\WINDOWS\system32\wpcap.dll] [Politecnico di Torino, 3, 0, 0, 18]
[C:\WINDOWS\system32\pthreadVC.dll] [N/A, ]
[C:\WINDOWS\system32\packet.dll] [Politecnico di Torino, 3, 0, 0, 18]
[C:\PROGRA~1\ChinaNet\PlugPush.dll] [, 2006, 12, 20, 20]
[C:\PROGRA~1\ChinaNet\ALLINT~1.DLL] [, 2007, 4, 28, 18]
[C:\PROGRA~1\ChinaNet\VNETLO~1.OCX] [, 2007, 6, 14, 17]
[C:\PROGRA~1\ChinaNet\StatNum.dll] [, 2006, 12, 9, 17]
[c:\PROGRA~1\chinanet\VN7F90~2.OCX] [, 2007, 10, 30, 17]
[C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL] [GDCN, 2007, 7, 25, 9]
[C:\PROGRA~1\ChinaNet\VnetOptLog.dll] [ , 2007, 5, 11, 15]
[C:\PROGRA~1\ChinaNet\VNETSE~1.OCX] [, 2007, 8, 8, 11]
[C:\PROGRA~1\ChinaNet\Weather.ocx] [Microsoft, 2007, 3, 29, 15]
[C:\PROGRA~1\ChinaNet\MAILTO~1.OCX] [GDCN, 2007, 3, 14, 17]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\Program Files\ChinaNet\base64.dll] [N/A, ]
[PID: 2332 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
[PID: 2260 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\ietool.dll] [, 3.21.2008.0225]
[D:\迅雷\111\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[C:\WINDOWS\system32\vnzuxsxeepfgm.dll] [, 1.0.0.0]
[C:\Program Files\ChinaNet\VnetTransfer.dll] [, 2007, 5, 11, 17]
[C:\Program Files\ChinaNet\Communicate.dll] [GDCN, 2006, 2, 15, 1]
[C:\PROGRA~1\ChinaNet\CLIENT~1.DLL] [, 2004, 2, 28, 1]
[D:\迅雷\111\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 55]
[D:\迅雷\111\Components\ResWorker\DsBho_01.dll] [, 1, 0, 0, 12]
[D:\迅雷\111\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
[c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\WBZX.IME] [Microsoft, 4.00.950]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[PID: 2580 / Administrator][C:\Program Files\Rising\Rav\rav.exe] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 62]
[C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\Rsguilib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\Rav\Rsxml.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsCommon.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\Program Files\Rising\Rav\ravpagem.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 92]
[C:\Program Files\Rising\Rav\htmllib.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.15]
[C:\Program Files\Rising\Rav\ravpagew.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 84]
[C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17]
[C:\Program Files\Rising\Rav\fakescan.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.13]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.36]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.4]
[C:\Program Files\Rising\Rav\SysMail.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[C:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 27]
[C:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
[C:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
[C:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
[C:\Program Files\Rising\Rav\ffr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 10]
[C:\Program Files\Rising\Rav\nvfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\Program Files\Rising\Rav\scanexec.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
[C:\Program Files\Rising\Rav\unexe.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[C:\Program Files\Rising\Rav\scanex.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 44]
[C:\Program Files\Rising\Rav\scansct.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
[C:\Program Files\Rising\Rav\pearc.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
[C:\Program Files\Rising\Rav\extfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
[C:\Program Files\Rising\Rav\extole.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 11]
[C:\Program Files\Rising\Rav\scanpack.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
[C:\Program Files\Rising\Rav\revm.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
[C:\Program Files\Rising\Rav\urutils.dll] [, 20, 0, 0, 3]
[C:\Program Files\Rising\Rav\ur000.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\Program Files\Rising\Rav\extmail.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[C:\Program Files\Rising\Rav\scriptci.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\Program Files\Rising\Rav\uroutine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
[C:\Program Files\Rising\Rav\ur001.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 2]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.8]
[C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.34]
[C:\Program Files\Rising\Rav\scanmac.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
[C:\Program Files\Rising\Rav\ur014.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 2420 / Administrator][D:\SREng2\sreng2\SREng.EXE] [Smallfrogs Studio, 2.5.16.900]
[D:\SREng2\sreng2\Plugins\NTFSTREAM.SRE] [Smallfrogs Studio, 1, 0, 0, 5]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\Wscript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\Wscript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 128, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2172, C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

AA on 2008-02-27 05:11:03

有沒有簡單一些的辦法

魏伦 on 2008-02-26 13:52:53

好啊啊啊啊啊啊啊啊

魏伦 on 2008-02-26 13:52:08

非常好还可以。

气愤 on 2008-02-24 20:46:11

以前准备用,现在坚决不用,这病毒害的我花重装系统.

老薋啵爺 on 2008-02-24 06:44:12

hahahahahahhaha

求助 on 2008-02-23 07:38:24

OK拉,谢谢

liberty on 2008-02-23 00:48:46

回复

求助 on 2008-02-22 22:34:00



{1234480D-7230-1231-2336-00C0343289D}
把这东西去了试试

求助 on 2008-02-22 22:34:00

浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[Adobe PDF Reader link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014}
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283}
[VideoHelper Class]
{AB89DD48-0830-4E5F-84D8-26FD53117778}
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}
[Create Mobile Favorite]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}
[Create Mobile Favorite]
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}
[掌中影音伴侣]
{C211C413-2833-44d5-8FE9-CBD8F2473FBE}
[Fiddler]
{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}
[XMedia 卡拉OK]
{E9AE3247-63CB-4bb5-ACFF-953AA3B4797B}
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683}
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844}
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}
[Shockwave Flash object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233}
[Adobe PDF Reader link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014}
[Fade]
{16B280C5-EE70-11D1-9066-00C04FD9189D}
[Fade]
{1234480D-7230-1231-2336-00C0343289D}
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B}
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA}
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95}
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13}
[xml DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60}
[DHTML Edit Control Safe for scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A}
[xml Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555}
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844}
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C}
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851}
[XDRM]
{693571CB-54A3-4E90-9D52-EEAE1334E2D3}
[StormPlayer object]
{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6}
[WangWangObj Class]
{6E213FC7-DD5A-4115-B7E6-D4C7838C361E}
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD}
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2}
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2}
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283}
[xml DOM Document 4.0]
{88D969C0-F192-11D4-A65F-0040963251E5}
[xml HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5}
[xml DOM 文档 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5}
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062}
[VideoHelper Class]
{AB89DD48-0830-4E5F-84D8-26FD53117778}
[Thunder DapCtrl]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}
[Messenger object]
{B69003B3-C55E-4B48-836C-BC5946FC3B28}
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36}
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127}
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}
[Shockwave Flash object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[xml HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8}
[Thunder DapPlayer]
{EEDD6FF9-13DE-496B-9A1C-D78B3215E266}
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F}
[xml DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221}
[xml HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221}
[xml DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4}
[xml HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4}
[Messenger Application]
{FB7199AB-79BF-11D2-8D94-0000F875C541}
[+ Offline &Explorer: Download the link]

[+ Offline E&xplorer: Download the current page]

[使用迅雷下载]

[使用迅雷下载全部链接]

[导出到 Microsoft Office Excel(&X)]


==================================
正在运行的进程
[PID: 844 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 912 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 944 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 988 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1000 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1160 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1228 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1268 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)]
[PID: 1380 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1424 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)]
[PID: 1748 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.2175.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.2175.0]
[PID: 440 / alig][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[C:\Program Files\TENCENT\SSPlus\SAddr.dll] [Tencent, 5, 0, 6, 15]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 55]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll] [, 1, 0, 0, 12]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
[C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\Program Files\Notepad++\nppcm.dll] [Burgaud.com, 1.2.1]
[C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll] [ESET, 3.0.551 ]
[C:\Program Files\EditPlus 2\eppshell.dll] [N/A, ]
[C:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.8464]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.8464]
[C:\WINDOWS\system32\nvshell.dll] [, ]
[PID: 716 / alig][C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe] [Hewlett-Packard Development Company, L.P., 2, 0, 7, 2]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[PID: 760 / alig][C:\Program Files\HP\QuickPlay\QPService.exe] [Cyberlink Corp., 4.5.0.0000]
[C:\Program Files\HP\QuickPlay\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\HP\QuickPlay\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\HP\QuickPlay\helper.dll] [Cyberlink Corp., 3.00.4021 ]
[C:\Program Files\HP\QuickPlay\Kernel\common\CLDataSync.dll] [, 1, 0, 0, 1]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[PID: 752 / alig][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 8.2.23 31Mar06]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 8.2.23 31Mar06]
[C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 8.2.23 31Mar06]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[PID: 804 / alig][C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe] [Intel Corporation, 5.5.0.1035]
[C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_CHS.dll] [Intel Corporation, 5.5.0.1035]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[PID: 816 / alig][C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe] [ Hewlett-Packard Development Company, L.P., 6, 3, 4, 2]
[C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.DLL] [Hewlett-Packard Development Company, L.P., 6, 3, 4, 2]
[C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.DLL] [Hewlett-Packard Company, 6, 3, 4, 2]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)]
[PID: 852 / alig][C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe] [ESET, 3.0.551 ]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll] [ESET, 3.0.551 ]
[PID: 900 / SYSTEM][C:\Program Files\StormII\stormliv.exe] [北京暴风网际科技有限公司, 3, 8, 1, 13]
[C:\Program Files\StormII\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)]
[PID: 1004 / alig][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[PID: 1184 / alig][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 3, 11]
[PID: 1576 / SYSTEM][C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll] [ESET, 3.0.551 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll] [ESET, 3.0.551 ]
[PID: 1800 / SYSTEM][C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe] [Intel Corporation, 5.5.0.1035]
[PID: 1868 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1952 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[PID: 548 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8464]
[PID: 1348 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe] [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9]
[PID: 364 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 280 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3924 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 5304 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

500kuai on 2008-02-22 22:25:15

支持博主,这帮人太坏了

不喜欢 on 2008-02-22 22:23:59

谢谢站长,解决了,虽然不是同样的文件名,我这机器上是braaadvkerblq.dll

<< 首页 < 上页 [2 / 2] 下页 > 末页 >>

添加评论

* = 必填

:

:


5 + 7 =