wow暗夜游魂掉落 杀完怎么什么也不掉
点击联系发帖人
时间:2015-08-26 09:50
我的电脑中了木马怎么杀也杀不掉,后来我只是打开DOS工具箱乱弄,也没改变什么,木马就没有了,怎么回事啊_百度知道
个人、企业类
违法有害信息,请在下方选择后提交
色情、暴力
我们会通过消息、邮箱等方式尽快将举报结果通知您。
我的电脑中了木马怎么杀也杀不掉,后来我只是打开DOS工具箱乱弄,也没改变什么,木马就没有了,怎么回事啊
我有更好的答案
你重装系统了那是
你应该是恢复了吧
没有就OK也许黑小子认为你有很高的技术手平
为您推荐:
其他类似问题
dos工具箱的相关知识
换一换
回答问题,赢新手礼包为什么有一个病毒 用可牛云杀毒怎么也杀不掉 就是每次都显示杀完 但重新扫描又出现_百度知道
个人、企业类
违法有害信息,请在下方选择后提交
色情、暴力
我们会通过消息、邮箱等方式尽快将举报结果通知您。
为什么有一个病毒 用可牛云杀毒怎么也杀不掉 就是每次都显示杀完 但重新扫描又出现
我有更好的答案
用360急救箱或金山急救箱杀掉还有把病毒上传到杀软的病毒举报网,进一步检测是否是把系统文件误报了
采纳率:25%
所以就成了循环。完了后重起。也就是说除了杀毒,别的都不要动。前面三步一定要做完。(比如QQ开机就启动。)解决方法,第一先杀毒,第二用360安全卫士清掉所有可以清理的插件,垃圾,但是你下次开机时,这些开机自起动的并且附带木马的软件又把木马加载进去了、文件夹。切记在此之间不要打开任何磁盘(因为你的盘符很可能就是木马),临时文件。第三,一键优化开机项你这种情况很可能是你装的软件中附带的有木马,这个软件可能是开机就启动的,所以你一开机就会有,而360也是杀它已经产生出来的而已。当你这次杀完后,的确是没有了
可牛,并不是专门做专业杀毒的出身,就是使用了一个卡巴的引擎,杀毒能力并不是很突出,建议你换一款杀毒软件对系统再进行下查杀吧,360杀毒就不错,我现在就在用,360杀毒软件在国内的杀毒软件里,算是很出色的一个免费杀毒软件了,杀毒能力强,占用资源也比较少,你可以试试。
重买个电脑
杀不掉是因为病毒正在运行,建议你重启电脑狂按F8
进入安全模式 断掉网络连接(因为在断网的情况下木马无法运行,而且在安全模式下更无法运行) 用360安全卫士全盘杀木马,杀出来后重启一次,再次进入安全模式用360杀软全盘扫描。
找个专门的杀木马的软件,我一直是用的360卫士 ,这个对木马有很好 的作用,而且预防能力也很强
其他3条回答
为您推荐:
其他类似问题
云杀毒的相关知识
换一换
回答问题,赢新手礼包暗夜游魂 杀完怎么什么也不掉_百度知道
个人、企业类
违法有害信息,请在下方选择后提交
色情、暴力
我们会通过消息、邮箱等方式尽快将举报结果通知您。
暗夜游魂 杀完怎么什么也不掉
我有更好的答案
这个就要你去找发现暗夜游魂不能杀,走近他会给你叠一层BUFF,然后消失。叠到10层之后BOSS就会打你,在沼泽都任何一个地方出现,不会在山洞里
为您推荐:
其他类似问题
游魂的相关知识
换一换
回答问题,赢新手礼包只需一步,快速开始
后使用快捷导航
这个木马为什么怎么也杀不掉啊。。。
该用户从未签到
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
才可以下载或查看,没有帐号?
每次全盘扫描都发现并处理9个病毒,但是重启后还是有病毒
平时发现中毒后也点“立即清除”但是一会又出来了
而且,自从中毒后,很多软件都被莫明其妙的删掉了,比如QQ,每次重新开机后QQ都是登上去后几秒就自动关掉,或者干脆就直接被删除了。
机子也变得慢起来了
未命名.jpg (26.03 KB, 下载次数: 5)
18:41 上传
就是这两个木马
(26.48 KB, 下载次数: 0)
18:41 上传
按着提示的路径删除他,然后用金山急救箱扫描系统
亲爱的用户你好,急救箱能解决你的问题吗?若不能解决你问题的,麻烦你联系下我QQ 为你看下情况。感谢你的反馈。
貌似是很厉害的病毒木马,用专杀工具顽固病毒木马大权试试看!
不行就重装系统(前提是病毒木马没有感染引导区)!
还是不行,手动删除后我用急救箱扫描了,但是还是会出现这些木马,删除后都是每隔一段时间有出现在那个文件夹下,木马名称没有变,但是会每隔一段时间产生不同名称的木马程序
刚又发现一种木马
56412.jpg (26.11 KB, 下载次数: 0)
20:06 上传
下载SRENG扫描日志发上来
本帖最后由 lhqly 于
21:00 编辑
,20:38:25 System Repair Engineer 2.8.4.1331 Smallfrogs () Windows Vista Home Premium Edition (Build 6000) - 管理权限用户 - 完整功能 以下内容被选中: 所有的启动项目(包括注册表、启动文件夹、服务等) 浏览器加载项 正在运行的进程(包括进程模块信息) 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 进程特权扫描 计划任务 Windows 安全更新检查 API HOOK 隐藏进程 启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows] [(Verified)Hewlett-Packard Company] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] && [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] &%ProgramFiles%\Windows Defender\MSASCui.exe -hide& [(Verified)Microsoft Windows] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [JME Co.,Ltd.] [] &&C:\Program Files\KSafe\KSafeTray.exe& -autorun& [(Verified)Kingsoft Security Co.,Ltd] &&C:\Program Files\Common Files\Kingsoft\kiscommon\kxetray.exe& -autorun& [(Verified)Zhuhai Kingsoft Software Co.,Ltd] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] && [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] &{8C7461EF-2B13-11d2-BE35-0}&&%SystemRoot%\system32\browseui.dll& [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22d6f312-b0f6-11d0-94ab-e95}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{d38-484f-9b9e-dec}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60B49E34-C7CC-11D0-C90347FF}]
[(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}] &%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll& [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] &&%ProgramFiles%\Windows Mail\WinMail.exe& OCInstallUserConfigOE& [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] &%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI& [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}] [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] [(Verified)Microsoft Windows] ================================== 启动文件夹 N/A ================================== 服务 [Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start] && [KSafe service / KSafeSvc][Running/Auto Start] &&C:\Program Files\KSafe\KSafeSvc.exe& -svc& [Kingsoft Security App Service / kxesapp][Running/Auto Start] &&C:\Program Files\Common Files\Kingsoft\kiscommon\kxesapp.exe& /service kxesapp& [Kingsoft Core Service / kxescore][Running/Auto Start] &&C:\Program Files\Common Files\Kingsoft\kiscommon\kxescore.exe& /service kxescore& [Kingsoft Antivirus Update Service / KxEUpSrv][Running/Auto Start] &&C:\Program Files\Common Files\Kingsoft\kiscommon\upsvc.exe&& ================================== 驱动程序 [adp94xx / adp94xx][Stopped/Disabled] &\SystemRoot\system32\drivers\adp94xx.sys& [adpahci / adpahci][Stopped/Disabled] &\SystemRoot\system32\drivers\adpahci.sys& [adpu160m / adpu160m][Stopped/Disabled] &\SystemRoot\system32\drivers\adpu160m.sys& [adpu320 / adpu320][Stopped/Disabled] &\SystemRoot\system32\drivers\adpu320.sys& [aic78xx / aic78xx][Stopped/Disabled] &\SystemRoot\system32\drivers\djsvs.sys& [aliide / aliide][Stopped/Disabled] &\SystemRoot\system32\drivers\aliide.sys& [Apaidi / Apaidi][Running/Auto Start] &\??\C:\Windows\system32\drivers\Apaidi.sys& [arc / arc][Stopped/Disabled] &\SystemRoot\system32\drivers\arc.sys& [arcsas / arcsas][Stopped/Disabled] &\SystemRoot\system32\drivers\arcsas.sys& [blbdrive / blbdrive][Stopped/Disabled] &\SystemRoot\system32\drivers\blbdrive.sys& [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] &\SystemRoot\system32\drivers\brfiltlo.sys&
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] &\SystemRoot\system32\drivers\brfiltup.sys&
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled] &\SystemRoot\system32\drivers\brserid.sys&
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled] &\SystemRoot\system32\drivers\brserwdm.sys&
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled] &\SystemRoot\system32\drivers\brusbmdm.sys&
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] &\SystemRoot\system32\drivers\brusbser.sys&
[cmdide / cmdide][Stopped/Disabled] &\SystemRoot\system32\drivers\cmdide.sys& [Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start] [elxstor / elxstor][Stopped/Disabled] &\SystemRoot\system32\drivers\elxstor.sys& [HpCISSs / HpCISSs][Stopped/Disabled] &\SystemRoot\system32\drivers\hpcisss.sys& [Intel RAID Controller Vista / iaStorV][Stopped/Disabled] &\SystemRoot\system32\drivers\iastorv.sys& [iirsp / iirsp][Stopped/Disabled] &\SystemRoot\system32\drivers\iirsp.sys& [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] [ITEATAPI_Service_Install / iteatapi][Stopped/Disabled] &\SystemRoot\system32\drivers\iteatapi.sys& [ITERAID_Service_Install / iteraid][Stopped/Disabled] &\SystemRoot\system32\drivers\iteraid.sys& [KAVBootC / KAVBootC][Running/Boot Start] &\SystemRoot\system32\drivers\KAVBootC.sys& [KAVSafe / KAVSafe][Running/Auto Start] &\??\C:\Windows\system32\Drivers\KAVSafe.sys& [kisknl / kisknl][Running/Auto Start] &\??\C:\Windows\system32\drivers\kisknl.sys& [kmodurl / kmodurl][Running/System Start] &\??\C:\Program Files\KSafe\kmodurl.sys& [krpr / krpr][Stopped/Manual Start] &\??\C:\Windows\system32\Drivers\krpr.sys& [LSI_FC / LSI_FC][Stopped/Disabled] &\SystemRoot\system32\drivers\lsi_fc.sys& [LSI_SAS / LSI_SAS][Stopped/Disabled] &\SystemRoot\system32\drivers\lsi_sas.sys& [LSI_SCSI / LSI_SCSI][Stopped/Disabled] &\SystemRoot\system32\drivers\lsi_scsi.sys& [megasas / megasas][Stopped/Disabled] &\SystemRoot\system32\drivers\megasas.sys& [Mraid35x / Mraid35x][Stopped/Disabled] &\SystemRoot\system32\drivers\mraid35x.sys& [Softlumos Multi-Platform / Mulsys][Running/Boot Start] &\SystemRoot\System32\DRIVERS\Mulsys.SYS& [nfrd960 / nfrd960][Stopped/Disabled] &\SystemRoot\system32\drivers\nfrd960.sys& [N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled] &\SystemRoot\system32\drivers\ntrigdigi.sys& [nvlddmkm / nvlddmkm][Running/Manual Start] [nvraid / nvraid][Stopped/Disabled] &\SystemRoot\system32\drivers\nvraid.sys& [nvstor / nvstor][Stopped/Disabled] &\SystemRoot\system32\drivers\nvstor.sys& [IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start] [IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start] [PauseDrv / PauseDrv][Stopped/Manual Start] &\??\C:\Windows\system32\Drivers\PauseDrv.sys& [QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled] &\SystemRoot\system32\drivers\ql2300.sys& [QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled] &\SystemRoot\system32\drivers\ql40xx.sys& [Realtek 10/100 NIC 系列 NDIS x86 驱动程序 / RTL8023xp][Running/Manual Start] [SiSRaid2 / SiSRaid2][Stopped/Disabled] &\SystemRoot\system32\drivers\sisraid2.sys& [SiSRaid4 / SiSRaid4][Stopped/Disabled] &\SystemRoot\system32\drivers\sisraid4.sys& [Symc8xx / Symc8xx][Stopped/Disabled] &\SystemRoot\system32\drivers\symc8xx.sys& [Sym_hi / Sym_hi][Stopped/Disabled] &\SystemRoot\system32\drivers\sym_hi.sys& [Sym_u3 / Sym_u3][Stopped/Disabled] &\SystemRoot\system32\drivers\sym_u3.sys& [uliahci / uliahci][Stopped/Disabled] &\SystemRoot\system32\drivers\uliahci.sys& [UlSata / UlSata][Stopped/Disabled] &\SystemRoot\system32\drivers\ulsata.sys& [ulsata2 / ulsata2][Stopped/Disabled] &\SystemRoot\system32\drivers\ulsata2.sys& [viaide / viaide][Running/Boot Start] &\SystemRoot\system32\drivers\viaide.sys& [vsmraid / vsmraid][Stopped/Disabled] &\SystemRoot\system32\drivers\vsmraid.sys& [WINIO / WINIO][Running/Auto Start] &\??\C:\Program Files\iFly Info Tek\MagicVoice\bin\mapio.sys& ================================== 浏览器加载项 [Tencent Browser Helper] {0C7C23EF-A848-485B-873C-0ED} [QQ工具栏] {29CF293A-1E7D--E} [] {669751ED-D558-49AE-B01A-3B374CC7910E} [信息检索(&R)] {CC-41C8-B9BE-3C9C571A8263} [QQ工具栏] {29CF293A-1E7D--E} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-} [PhotoDrawEx Class] {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} [Tencent Browser Helper] {0C7C23EF-A848-485B-873C-0ED} [Player Class] {11F2A418-94B2-4e16-9B0C-B00C} [] {EB-11D2-B92F-008048FDD814} &, & [InstallHelper Class] {1DABF8D5-B7F-A30E53D709B3} [HTML Document] {F9-11CF-8FD0-00AA00686F13} [XML DOM Document] {B36-11D2-B20E-00C04F983E60} &%SystemRoot%\System32\msxml3.dll, (Signed) N/A& [QQ工具栏] {29CF293A-1E7D--E} [] {-A5F6-11D4-BFE2-A} &, & [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} &%SystemRoot%\System32\hhctrl.ocx, (Signed) N/A& [] {E-470E-8A57-} &, & [] {669751ED-D558-49AE-B01A-3B374CC7910E} [QQLiveFile Class] {6BF1-41c3-C1D8A72} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} &%SystemRoot%\system32\wmp.dll, (Signed) N/A& [Microsoft Web Browser] {A-11D0-A96B-00C04FD705A2} [XML DOM 文档 5.0] {88D969E5-F192-11D4-A65F-E5} [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-E5} &%SystemRoot%\System32\msxml6.dll, (Signed) N/A& [] {CC-41C8-B9BE-3C9C571A8263} &, & [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC} &%SystemRoot%\system32\wmp.dll, (Signed) N/A& [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-} [QQLive Class] {D9EBCF5D-3F8F-4b6a-89BA-7} [PlayerCtrl Class] {E05BC2A3-9A46-4a32-80C9-023A473F5B23} [RevealTrans] {E31E87C4-86EA-A-5BD5D179A737} [SSOForPTLogin2 Class] {EAAED308-B-965E-171933ADD473} [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [XML HTTP Request] {ED8C108E--91A4-00C04F7969E8} &%SystemRoot%\System32\msxml3.dll, (Signed) N/A& [XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} &%SystemRoot%\System32\msxml3.dll, (Signed) N/A& [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} &%SystemRoot%\System32\msxml3.dll, (Signed) N/A& [QQ工具栏] {FB46BBEE-B3D5-46BF-94F4-A6C1A17F0A28} [导出到 Microsoft Office Excel(&X)] ================================== 正在运行的进程 [PID: 384 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 448 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 496 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 508 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 540 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 552 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 560 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 708 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 740 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 812 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 864 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 956 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\system32\RtkAPO.dll] [Realtek Semiconductor Corp., 11.0.6000.29 built by: WinDDK] [PID: 1024 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 1040 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 1156 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [(Verified) Microsoft Corporation, 6.0. (vista_gdr.0)] [PID: 1212 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 1380 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 1560 / SYSTEM][E:\新建文件夹 (5)\KSM\ksmsvc.exe] [, ,1479] [E:\新建文件夹 (5)\KSM\kdump.dll] [Kingsoft Corporation, ,1453] [E:\新建文件夹 (5)\KSM\kxestat.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\kxebase.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\scom.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\kxecore\kxelog.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\kxecore\kxecore.dll] [Kingsoft Corporation, ,402] [E:\新建文件夹 (5)\KSM\kxecore\kxestat.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\ksmcorex.dll] [Kingsoft Corporation, ,78] [E:\新建文件夹 (5)\KSM\ksecorex.dll] [Kingsoft Corporation, ,1518] [E:\新建文件夹 (5)\KSM\kae\kaecore.dat] [Kingsoft Corporation, ,110] [E:\新建文件夹 (5)\KSM\ksbwdet2.dll] [Kingsoft Corporation, ,1665] [E:\新建文件夹 (5)\KSM\sqlite.dll] [N/A, ] [E:\新建文件夹 (5)\KSM\kae\karchive.dat] [Kingsoft Corporation, ,110] [E:\新建文件夹 (5)\KSM\kae\kaearcha.dat] [Kingsoft Corporation, ,110] [E:\新建文件夹 (5)\KSM\kae\kaeolea.dat] [Kingsoft Corporation, ,110] [E:\新建文件夹 (5)\KSM\kae\kaearchb.dat] [Kingsoft Corporation, ,436] [E:\新建文件夹 (5)\KSM\ksmbrfix.dll] [Kingsoft Corporation, ,1403] [E:\新建文件夹 (5)\KSM\ksbwsspx.dll] [Kingsoft Corporation, ,1072] [E:\新建文件夹 (5)\KSM\kavquara.dll] [Kingsoft Corporation, ,924] [E:\新建文件夹 (5)\KSM\ksreng3.dll] [Kingsoft Corporation, ,139] [E:\新建文件夹 (5)\KSM\kssdet.dll] [Kingsoft Corporation, ,1638] [E:\新建文件夹 (5)\KSM\kcldrep.dll] [Kingsoft Corporation, ,1524] [E:\新建文件夹 (5)\KSM\kavifr.dll] [Kingsoft Corporation, ,74] [PID: 1676 / SYSTEM][C:\Program Files\KSafe\KSafeSvc.exe] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\ksafeeng.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\katrun.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\ksafebak.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\ksafedb.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\kcache.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\knescan.dll] [Kingsoft Corporation., 1.0.0.1111] [C:\Program Files\KSafe\KEng\ksafeave.dll] [Kingsoft Corporation, 1.1.0.1078] [C:\Program Files\KSafe\KEng\kae\kaecore.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, ,1546] [C:\Program Files\KSafe\kxebase.dll] [Kingsoft Corporation, ,402] [C:\Program Files\KSafe\scom.dll] [Kingsoft Corporation, ,402] [C:\Program Files\KSafe\kxecore\kxecore.dll] [Kingsoft Corporation, ,402] [C:\Program Files\KSafe\kexectrl.dll] [Kingsoft Corporation, ,1422] [C:\Program Files\KSafe\ksscore.dll] [Kingsoft Corporation, ,3] [C:\Program Files\KSafe\kplugeng.dll] [Kingsoft Corporation., 1.5.2.1191] [C:\Program Files\KSafe\kwssp.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\json.dll] [N/A, ] [C:\Program Files\KSafe\kcldrep.dll] [Kingsoft Corporation, ,47] [C:\Program Files\KSafe\fwproxy.dll] [Kingsoft Corporation, 2.1.0.1084] [C:\Program Files\KSafe\sqlite.dll] [Kingsoft Corporation, ,781] [C:\Program Files\KSafe\kse\ksecorex.dll] [Kingsoft Corporation, ,1467] [C:\Program Files\KSafe\kse\ksbwdet2.dll] [Kingsoft Corporation, ,1526] [C:\Program Files\KSafe\KEng\kae\karchive.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaearcha.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaeolea.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaearchb.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaeunpak.dat] [Kingsoft Corporation, ,436] [C:\Program Files\KSafe\KEng\kae\kaevname.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaeunpack.dat] [Kingsoft Corporation, ,365] [C:\Program Files\KSafe\KEng\kae\kaecorea.dat] [Kingsoft Corporation, ,1454] [PID: 1992 / founder][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [PID: 2012 / founder][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [PID: 2020 / founder][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Kingsoft\Kingsoft Antivirus\ktaskbar.dll] [Kingsoft Corporation, ,732] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Kingsoft\Kingsoft Antivirus\kavmenu.dll] [Kingsoft Corporation, ,273] [C:\Program Files\Kingsoft\Kingsoft Antivirus\kis.dll] [Kingsoft Corporation, ,59] [PID: 532 / founder][C:\Program Files\Windows Defender\MSASCui.exe] [Microsoft Corporation, 1.1.1505.0] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 700 / founder][C:\Windows\RtHDVCpl.exe] [Realtek Semiconductor, 1, 0, 0, 43] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 2080 / SYSTEM][C:\Windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\System32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0] [C:\Windows\system32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0] [PID: 2132 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 2184 / founder][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\System32\NVSVC.DLL] [NVIDIA Corporation, 7.15.11.5818] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Windows\System32\nvapi.dll] [NVIDIA Corporation, 7.15.11.5818] [PID: 2400 / founder][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\system32\NvMcTray.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Windows\System32\nvapi.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 2412 / founder][C:\Program Files\jmesoft\hotkey.exe] [JME Co.,Ltd., 3, 9, 0, 616] [C:\Program Files\jmesoft\Keyhook.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 2424 / founder][C:\Program Files\Founder\Emergency Center\hotkey.exe] [N/A, ] [C:\Program Files\Founder\Emergency Center\MFC42D.DLL] [Microsoft Corporation, 6.00.8168.0] [C:\Program Files\Founder\Emergency Center\MSVCRTD.dll] [Microsoft Corporation, 6.00.8168.0] [C:\Program Files\Founder\Emergency Center\MSVCP60D.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [PID: 2432 / founder][C:\Program Files\KSafe\KSafeTray.exe] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\krunopt.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, ,1546] [C:\Program Files\KSafe\kwsctrl.dll] [Kingsoft Corporation, 2.1.0.1084] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksafevul.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\ksafeup.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\zlib1.dll] [, 1.2.3] [C:\Program Files\KSafe\ksafedb.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\kplugeng.dll] [Kingsoft Corporation., 1.5.2.1191] [PID: 2644 / founder][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.0. (vista_gdr.0)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 2668 / founder][C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe] [Hewlett-Packard Company, 1.6.43.1] [C:\Program Files\Common Files\LightScribe\QtCore4.dll] [N/A, ] [C:\Program Files\Common Files\LightScribe\QtGui4.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 3624 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 3684 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 3764 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 4004 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466] [PID: 4052 / SYSTEM][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 4060 / founder][C:\Windows\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.4. (winmain_wtr_wsus3sp2(wmbla).4)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 1820 / founder][D:\qq\Bin\QQ.exe] [Tencent, 1.60.] [D:\qq\Bin\Common.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\zlib.dll] [, 1, 2, 5, 0] [D:\qq\Bin\libexpat.dll] [, 2, 0, 1, 0] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0._none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.] [D:\qq\Bin\KernelUtil.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\xImage.dll] [Tencent, 5, 9, 9, 0] [D:\qq\Bin\libpng.dll] [, 1, 2, 2, 3] [D:\qq\Bin\libjpeg6.dll] [, 6, 2, 0, 0] [D:\qq\Bin\GF.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\xGraphic32.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\jgImage.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\jgIOStub.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\AFUtil.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\IPC.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\FlashService.dll] [Tencent, 1, 60, 2020, 0] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kwsui.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kswebshield.dll] [Kingsoft Corporation, .1084] [D:\qq\Bin\LoginPanel.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\IM.dll] [Tencent, 1, 60, 2010, 0] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [D:\qq\Bin\AppMisc.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\AppUtil.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\TaskTray.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\TXPFProxy.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\MainFrame.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\AppFramework.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\SkinMgr.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\AFCtrl.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\ProcessSession.DLL] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\SystemMsg.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\ConfigCenter.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\ChatFrameApp.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\GroupApp.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\Contacts.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\InformationBox.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.VAS\Bin\VAS.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.CRM\Bin\CRM.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Soso\Bin\Soso.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Memo\Bin\Memo.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Mail\Bin\Mail.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.FileTransfer\Bin\FileTransfer.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQRing\Bin\QQRing.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.WBlog\Bin\WBlog.dll] [Tencent, 1, 60, 2020, 0] [C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.15\Bin\SSOPlatform.dll] [Tencent, 1.2.1.15] [C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.15\Bin\SSOCommon.DLL] [Tencent, 1.2.1.10] [D:\qq\Bin\PluginCommon.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\QInterLive.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.GameLife\Bin\GameLife.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.netdisk\Bin\NetDisk.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.netdisk\Bin\DiskIPC.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.netdisk\Bin\DiskCommon.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.netdisk\Bin\FileBase.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\ContactInfoFrame.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.qqmusic\Bin\QQMusic.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.winks\Bin\Winks.dll] [Tencent, 1, 60, 2020, 0] [C:\Windows\system32\Macromed\Flash\Flash10l.ocx] [Adobe Systems, Inc., 10,1,102,64] [D:\qq\Bin\MsgMgr.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.mmog\Bin\MMOG.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.qqgame\Bin\QQGame.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1, 60, 2020, 0] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466] [D:\qq\Plugin\com.tencent.advertisement\Bin\Advertisement.dll] [Tencent, 1, 60, 2020, 0] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [D:\qq\Bin\LongCnn.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\CustomFace.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\AddrSearch.dll] [Tencent, 2, 3, 12, 11] [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0._none_cbf2\MFC80U.DLL] [Microsoft Corporation, 8.00.] [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0._none_03ca6\MFC80CHS.DLL] [Microsoft Corporation, 8.00.] [C:\Windows\system32\UNISPIM6.IME] [北京紫光华宇软件股份有限公司, 6.0.0.6055] [D:\qq\Bin\Camera.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\SCCore.dll] [Tencent, 1, 7, 1, 6] [D:\qq\Bin\KernelMisc.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll] [Tencent, 7.65.] [D:\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QQPlayer.DLL] [Tencent, 7.65.] [D:\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\CMInternet.dll] [TENCENT, 8, 0, 1, 1224] [PID: 2300 / founder][D:\qq\Bin\TXPlatform.exe] [Tencent, 1, 60, 2010, 0] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [D:\qq\Bin\TXPFProxy.dll] [Tencent, 1, 60, 2010, 0] [PID: 2712 / founder][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00. (vista_rtm.5)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kwsui.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, ,1546] [C:\Program Files\KSafe\kswebshield.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kswbc.dll] [Kingsoft Corporation, .1084] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Tencent\QQToolbar\IEBar.dll] [TENCENT, 4, 0, 1, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\ToolBar.dll] [Tencent, 4, 1, 20, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\TBAddr.dll] [Tencent, 4, 1, 16, 10] [C:\Program Files\TENCENT\SSPlus\SAddr.dll] [腾讯, 5, 1, 16, 10] [C:\PROGRA~1\TENCENT\SSPlus\SSup.dll] [腾讯, 5, 0, 5, 12] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Shuqian\Shuqian.dll] [Tencent, 4, 1, 4, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Qzone\Qzone.dll] [TENCENT, 4, 1, 4, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\QQMail\QQMail.dll] [TENCENT, 4, 1, 2, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Wenwen\Wenwen.dll] [TENCENT, 4, 1, 1, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\PrScrn\PrScrn.dll] [Tencent, 4, 1, 3, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Clear\Clear.dll] [TENCENT, 4, 1, 3, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\SideBar.dll] [Tencent, 4, 1, 7, 10] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Windows\system32\Macromed\Flash\Flash10l.ocx] [Adobe Systems, Inc., 10,1,102,64] [PID: 5816 / founder][C:\Windows\explorer.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Kingsoft\Kingsoft Antivirus\kis.dll] [Kingsoft Corporation, ,59] [C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Program Files\TENCENT\SSPlus\SAddr.dll] [腾讯, 5, 1, 16, 10] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Kingsoft\Kingsoft Antivirus\kavmenu.dll] [Kingsoft Corporation, ,273] [C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.11.5818] [PID: 4144 / founder][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00. (vista_rtm.5)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kwsui.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, ,1546] [C:\Program Files\KSafe\kswebshield.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kswbc.dll] [Kingsoft Corporation, .1084] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Tencent\QQToolbar\IEBar.dll] [TENCENT, 4, 0, 1, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\ToolBar.dll] [Tencent, 4, 1, 20, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\TBAddr.dll] [Tencent, 4, 1, 16, 10] [C:\Program Files\TENCENT\SSPlus\SAddr.dll] [腾讯, 5, 1, 16, 10] [C:\PROGRA~1\TENCENT\SSPlus\SSup.dll] [腾讯, 5, 0, 5, 12] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Shuqian\Shuqian.dll] [Tencent, 4, 1, 4, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Qzone\Qzone.dll] [TENCENT, 4, 1, 4, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\QQMail\QQMail.dll] [TENCENT, 4, 1, 2, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Wenwen\Wenwen.dll] [TENCENT, 4, 1, 1, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\PrScrn\PrScrn.dll] [Tencent, 4, 1, 3, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Clear\Clear.dll] [TENCENT, 4, 1, 3, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\SideBar.dll] [Tencent, 4, 1, 7, 10] [C:\Windows\system32\UNISPIM6.IME] [北京紫光华宇软件股份有限公司, 6.0.0.6055] [C:\Windows\system32\Macromed\Flash\Flash10l.ocx] [Adobe Systems, Inc., 10,1,102,64] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [PID: 4760 / founder][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kwsui.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kswebshield.dll] [Kingsoft Corporation, .1084] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 5064 / founder][C:\Users\founder\AppData\Local\Temp\Rar$EX02.985\SREngLdr.EXE] [Smallfrogs Studio, 2.8.4.1331] [PID: 4672 / founder][C:\Users\founder\AppData\Local\Temp\Rar$EX02.985\SRE47a12361.EXE] [Smallfrogs Studio, 2.8.4.1331] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] ================================== 文件关联 .TXT Error. [C:\Windows\notepad.exe %1] .EXE OK. [&%1& %*] .COM OK. [&%1& %*] .PIF OK. [&%1& %*] .REG OK. [regedit.exe &%1&] .BAT OK. [&%1& %*] .SCR OK. [&%1& /S] .CHM OK. [&%SystemRoot%\hh.exe& %1] .HLP OK. [%SystemRoot%\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. [&%SystemRoot%\System32\WScript.exe& &%1& %*] .JS OK. [%SystemRoot%\System32\WScript.exe &%1& %*] .LNK OK. [{0-}] ================================== Winsock 提供者 N/A ================================== Autorun.inf [C:\] [AutoRun] ;xTapBWxBis csbmvAlJHls ispBwk kNeB shELl\open\defaULt=1 sHEll\open\commaNd=ydma.uoXnsM oPen= ydma.FhrmTakiFEodneHx SheLl\exPloRE\command = ydma. Shell\autoPlaY\COmmand=ydma.pif [D:\] [AutoRun] ;JShdknVTkyvayngPFr xwkhtuYiyxXhpkeyR vkVayC SHelL\eXPLORe\CoMmAnD= nhxfu.kVjbJYvGunpkwhhaikw VerD PpphTHfvBOi nBNW sHelL\OpEN\ComMAnd =nhxfu. oPeN = nhxfu.pnykiW AyAem sHelL\OpeN\DefaulT=1 ; shell\AutoPLAy\CoMmanD = nhxfu.yeYBKVeisGnJddivKliri NuDHoVjnAMDduqid RJbTXiqy [E:\] [AutoRun] ; ;wMbFw OPeN = fvmrp. sHEll\opEn\DefauLT=1 ;yrgLb sHell\ExploRE\cOmMand = fvmrp. sHell\OPEN\coMmaND= fvmrp.fyxNvdQiQxv sHelL\aUTOPLaY\cOmmaNd =fvmrp. [F:\] [AutoRun] SHell\open\Command = evtsvj.CpctS Shell\eXpLorE\COmmAnd= evtsvj.exe sHElL\OpeN\DeFaUlT=1 open=evtsvj.mcualiPt sHelL\AuTOPLay\CommAnd =evtsvj.exe [G:\] [AutoRun] ;wmJxwHdoE NKhwyROE ;oVeomSvu ShEll\ExpLOre\CommANd = wnavcb.exe shell\open\coMmanD= wnavcb. Open= wnavcb.exe shELL\oPen\Default=1 ;IjonuPMw TeICdS ShELl\AutOplay\Command =wnavcb.qurrEGaJtUMA ================================== HOSTS 文件 127.0.0.1 localhost ::1 localhost ================================== 进程特权扫描特殊特权被允许: SeDebugPrivilege [PID = 4760, C:\PROGRAM FILES\WINRAR\WINRAR.EXE] ================================== 计划任务 [已启用] \\{93DC8D0F-5E24-E-44D} C:\Windows\system32\pcalua.exe -a &C:\Users\Administrator\Desktop\Apabi Reader\AutoBookSpeech\InstallSpeech.exe& -d &C:\Users\Administrator\Desktop\Apabi Reader\AutoBookSpeech& [已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask BthUdTask.exe $(Arg0) [已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask N/A [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask N/A [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam N/A [已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator %SystemRoot%\System32\wsqmcons.exe [已启用] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [已启用] \Microsoft\Windows\Defrag\ScheduledDefrag %windir%\system32\defrag.exe -c -i [已禁用] \Microsoft\Windows\Media Center\ehDRMInit %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [已禁用] \Microsoft\Windows\Media Center\mcupdate %SystemRoot%\ehome\mcupdate $(Arg0) -gc [已禁用] \Microsoft\Windows\Media Center\OCURActivate %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [已禁用] \Microsoft\Windows\Media Center\OCURDiscovery %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [已禁用] \Microsoft\Windows\Media Center\UpdateRecordPath %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [已启用] \Microsoft\Windows\MobilePC\HotStart N/A [已启用] \Microsoft\Windows\MobilePC\TMM N/A [已启用] \Microsoft\Windows\MUI\LPRemove %windir%\system32\lpremove.exe [已启用] \Microsoft\Windows\Multimedia\SystemSoundsService N/A [已启用] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI N/A [已启用] \Microsoft\Windows\Shell\CrawlStartPages N/A [已禁用] \Microsoft\Windows\SideShow\AutoWake N/A [已启用] \Microsoft\Windows\SideShow\GadgetManager N/A [已禁用] \Microsoft\Windows\SideShow\SessionAgent N/A [已禁用] \Microsoft\Windows\SideShow\SystemDataProviders N/A [已禁用] \Microsoft\Windows\SystemRestore\SR %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1 rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2 rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [已启用] \Microsoft\Windows\UPnP\UPnPHostConfig sc.exe config upnphost start= auto [已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting %windir%\system32\wermgr.exe -queuereporting [已启用] \Microsoft\Windows\Wired\GatherWiredInfo %windir%\system32\gatherWiredInfo.vbs [已启用] \Microsoft\Windows\Wireless\GatherWirelessInfo %windir%\system32\gatherWirelessInfo.vbs ================================== Windows 安全更新检查 KB936330, Windows Vista Service Pack 1 (KB936330) KB958869, Windows Vista 安全更新程序 (KB958869) MS09-062 KB890830, Windows 恶意软件删除工具 - 2011 年 2 月 (KB890830) ================================== API HOOK 入口点错误:LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: 0x) 入口点错误:CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x) 入口点错误:CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x) ================================== 隐藏进程 N/A ================================== 复制代码
添一句,系统是Vista的
楼上是扫描日志
这日志是被你修改了呢还是贴到论坛上变样了呢?完全无法看。能否把LOG文件压缩作为附件发上来?
本帖最后由 byxxdrls 于
22:08 编辑
从混乱的日志来看,存在AUTO病毒,可以尝试用金山U盘专杀查一下。
昨天关机前又用急救箱杀了次毒,发现30多个病毒,但今天早上用U盘专杀的时候又发现了20多个病毒,但只有5个被清除了
(47.93 KB, 下载次数: 7)
12:08 上传
点击文件名下载附件
上面是扫描日志
最好吧查杀的截图和日志也传上来
怎么得到急救箱的日志?
我用另一个杀毒软件试了下,但是重启后问题还是没有解决,这个是日志
(4.78 KB, 下载次数: 21)
22:18 上传
点击文件名下载附件
卸载你的QQ和QQ工具栏,然后用毒霸全盘查杀,看看是否解决
我卸载了QQ和QQ工具栏,全盘查杀的结果是8个病毒,下面是截图
捕获.JPG (71.93 KB, 下载次数: 0)
12:58 上传
51.JPG (66.31 KB, 下载次数: 0)
12:58 上传
然后我删除了QQ宠物,重新启动后再次全盘查杀的结果是,还有4个病毒,下面是截图
捕获1.JPG (70.46 KB, 下载次数: 0)
12:58 上传
楼主留下联系方式吧,俺帮你在通知个官人远程看看
麻烦你联系我QQ 为你看下情况。
您好,您可以加楼上的QQ: ,或者加我QQ:。
另:请看看
C:\ydma.pif
D:\nhxfu.pif
E:\fvmrp.exe
F:\evtsvj.exe
G:\wnavcb.exe
是否有这几个文件。
win32.sality是一种感染型病毒。
问题依然没解决。。。我按照18楼说的下载了备用木马库,杀了次,还是解决不了,而且重启后金山毒霸的安全服务启动项被禁止了
用U盘专杀的时候,查到9993个文件的时候就会卡死。。。
捕获4.JPG (39.12 KB, 下载次数: 0)
22:17 上传
下面这两个项目无法开启,怎么点都没反映
捕获5.JPG (69.89 KB, 下载次数: 0)
22:17 上传
逛了这许久,何不进去瞧瞧?
关注我们:}
个人、企业类
违法有害信息,请在下方选择后提交
色情、暴力
我们会通过消息、邮箱等方式尽快将举报结果通知您。
我的电脑中了木马怎么杀也杀不掉,后来我只是打开DOS工具箱乱弄,也没改变什么,木马就没有了,怎么回事啊
我有更好的答案
你重装系统了那是
你应该是恢复了吧
没有就OK也许黑小子认为你有很高的技术手平
为您推荐:
其他类似问题
dos工具箱的相关知识
换一换
回答问题,赢新手礼包为什么有一个病毒 用可牛云杀毒怎么也杀不掉 就是每次都显示杀完 但重新扫描又出现_百度知道
个人、企业类
违法有害信息,请在下方选择后提交
色情、暴力
我们会通过消息、邮箱等方式尽快将举报结果通知您。
为什么有一个病毒 用可牛云杀毒怎么也杀不掉 就是每次都显示杀完 但重新扫描又出现
我有更好的答案
用360急救箱或金山急救箱杀掉还有把病毒上传到杀软的病毒举报网,进一步检测是否是把系统文件误报了
采纳率:25%
所以就成了循环。完了后重起。也就是说除了杀毒,别的都不要动。前面三步一定要做完。(比如QQ开机就启动。)解决方法,第一先杀毒,第二用360安全卫士清掉所有可以清理的插件,垃圾,但是你下次开机时,这些开机自起动的并且附带木马的软件又把木马加载进去了、文件夹。切记在此之间不要打开任何磁盘(因为你的盘符很可能就是木马),临时文件。第三,一键优化开机项你这种情况很可能是你装的软件中附带的有木马,这个软件可能是开机就启动的,所以你一开机就会有,而360也是杀它已经产生出来的而已。当你这次杀完后,的确是没有了
可牛,并不是专门做专业杀毒的出身,就是使用了一个卡巴的引擎,杀毒能力并不是很突出,建议你换一款杀毒软件对系统再进行下查杀吧,360杀毒就不错,我现在就在用,360杀毒软件在国内的杀毒软件里,算是很出色的一个免费杀毒软件了,杀毒能力强,占用资源也比较少,你可以试试。
重买个电脑
杀不掉是因为病毒正在运行,建议你重启电脑狂按F8
进入安全模式 断掉网络连接(因为在断网的情况下木马无法运行,而且在安全模式下更无法运行) 用360安全卫士全盘杀木马,杀出来后重启一次,再次进入安全模式用360杀软全盘扫描。
找个专门的杀木马的软件,我一直是用的360卫士 ,这个对木马有很好 的作用,而且预防能力也很强
其他3条回答
为您推荐:
其他类似问题
云杀毒的相关知识
换一换
回答问题,赢新手礼包暗夜游魂 杀完怎么什么也不掉_百度知道
个人、企业类
违法有害信息,请在下方选择后提交
色情、暴力
我们会通过消息、邮箱等方式尽快将举报结果通知您。
暗夜游魂 杀完怎么什么也不掉
我有更好的答案
这个就要你去找发现暗夜游魂不能杀,走近他会给你叠一层BUFF,然后消失。叠到10层之后BOSS就会打你,在沼泽都任何一个地方出现,不会在山洞里
为您推荐:
其他类似问题
游魂的相关知识
换一换
回答问题,赢新手礼包只需一步,快速开始
后使用快捷导航
这个木马为什么怎么也杀不掉啊。。。
该用户从未签到
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
才可以下载或查看,没有帐号?
每次全盘扫描都发现并处理9个病毒,但是重启后还是有病毒
平时发现中毒后也点“立即清除”但是一会又出来了
而且,自从中毒后,很多软件都被莫明其妙的删掉了,比如QQ,每次重新开机后QQ都是登上去后几秒就自动关掉,或者干脆就直接被删除了。
机子也变得慢起来了
未命名.jpg (26.03 KB, 下载次数: 5)
18:41 上传
就是这两个木马
(26.48 KB, 下载次数: 0)
18:41 上传
按着提示的路径删除他,然后用金山急救箱扫描系统
亲爱的用户你好,急救箱能解决你的问题吗?若不能解决你问题的,麻烦你联系下我QQ 为你看下情况。感谢你的反馈。
貌似是很厉害的病毒木马,用专杀工具顽固病毒木马大权试试看!
不行就重装系统(前提是病毒木马没有感染引导区)!
还是不行,手动删除后我用急救箱扫描了,但是还是会出现这些木马,删除后都是每隔一段时间有出现在那个文件夹下,木马名称没有变,但是会每隔一段时间产生不同名称的木马程序
刚又发现一种木马
56412.jpg (26.11 KB, 下载次数: 0)
20:06 上传
下载SRENG扫描日志发上来
本帖最后由 lhqly 于
21:00 编辑
,20:38:25 System Repair Engineer 2.8.4.1331 Smallfrogs () Windows Vista Home Premium Edition (Build 6000) - 管理权限用户 - 完整功能 以下内容被选中: 所有的启动项目(包括注册表、启动文件夹、服务等) 浏览器加载项 正在运行的进程(包括进程模块信息) 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 进程特权扫描 计划任务 Windows 安全更新检查 API HOOK 隐藏进程 启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows] [(Verified)Hewlett-Packard Company] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] && [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] &%ProgramFiles%\Windows Defender\MSASCui.exe -hide& [(Verified)Microsoft Windows] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [JME Co.,Ltd.] [] &&C:\Program Files\KSafe\KSafeTray.exe& -autorun& [(Verified)Kingsoft Security Co.,Ltd] &&C:\Program Files\Common Files\Kingsoft\kiscommon\kxetray.exe& -autorun& [(Verified)Zhuhai Kingsoft Software Co.,Ltd] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] && [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] &{8C7461EF-2B13-11d2-BE35-0}&&%SystemRoot%\system32\browseui.dll& [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22d6f312-b0f6-11d0-94ab-e95}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{d38-484f-9b9e-dec}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60B49E34-C7CC-11D0-C90347FF}]
[(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}] &%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll& [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] &&%ProgramFiles%\Windows Mail\WinMail.exe& OCInstallUserConfigOE& [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] &%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI& [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}] [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] [(Verified)Microsoft Windows] ================================== 启动文件夹 N/A ================================== 服务 [Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start] && [KSafe service / KSafeSvc][Running/Auto Start] &&C:\Program Files\KSafe\KSafeSvc.exe& -svc& [Kingsoft Security App Service / kxesapp][Running/Auto Start] &&C:\Program Files\Common Files\Kingsoft\kiscommon\kxesapp.exe& /service kxesapp& [Kingsoft Core Service / kxescore][Running/Auto Start] &&C:\Program Files\Common Files\Kingsoft\kiscommon\kxescore.exe& /service kxescore& [Kingsoft Antivirus Update Service / KxEUpSrv][Running/Auto Start] &&C:\Program Files\Common Files\Kingsoft\kiscommon\upsvc.exe&& ================================== 驱动程序 [adp94xx / adp94xx][Stopped/Disabled] &\SystemRoot\system32\drivers\adp94xx.sys& [adpahci / adpahci][Stopped/Disabled] &\SystemRoot\system32\drivers\adpahci.sys& [adpu160m / adpu160m][Stopped/Disabled] &\SystemRoot\system32\drivers\adpu160m.sys& [adpu320 / adpu320][Stopped/Disabled] &\SystemRoot\system32\drivers\adpu320.sys& [aic78xx / aic78xx][Stopped/Disabled] &\SystemRoot\system32\drivers\djsvs.sys& [aliide / aliide][Stopped/Disabled] &\SystemRoot\system32\drivers\aliide.sys& [Apaidi / Apaidi][Running/Auto Start] &\??\C:\Windows\system32\drivers\Apaidi.sys& [arc / arc][Stopped/Disabled] &\SystemRoot\system32\drivers\arc.sys& [arcsas / arcsas][Stopped/Disabled] &\SystemRoot\system32\drivers\arcsas.sys& [blbdrive / blbdrive][Stopped/Disabled] &\SystemRoot\system32\drivers\blbdrive.sys& [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] &\SystemRoot\system32\drivers\brfiltlo.sys&
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] &\SystemRoot\system32\drivers\brfiltup.sys&
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled] &\SystemRoot\system32\drivers\brserid.sys&
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled] &\SystemRoot\system32\drivers\brserwdm.sys&
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled] &\SystemRoot\system32\drivers\brusbmdm.sys&
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] &\SystemRoot\system32\drivers\brusbser.sys&
[cmdide / cmdide][Stopped/Disabled] &\SystemRoot\system32\drivers\cmdide.sys& [Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start] [elxstor / elxstor][Stopped/Disabled] &\SystemRoot\system32\drivers\elxstor.sys& [HpCISSs / HpCISSs][Stopped/Disabled] &\SystemRoot\system32\drivers\hpcisss.sys& [Intel RAID Controller Vista / iaStorV][Stopped/Disabled] &\SystemRoot\system32\drivers\iastorv.sys& [iirsp / iirsp][Stopped/Disabled] &\SystemRoot\system32\drivers\iirsp.sys& [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] [ITEATAPI_Service_Install / iteatapi][Stopped/Disabled] &\SystemRoot\system32\drivers\iteatapi.sys& [ITERAID_Service_Install / iteraid][Stopped/Disabled] &\SystemRoot\system32\drivers\iteraid.sys& [KAVBootC / KAVBootC][Running/Boot Start] &\SystemRoot\system32\drivers\KAVBootC.sys& [KAVSafe / KAVSafe][Running/Auto Start] &\??\C:\Windows\system32\Drivers\KAVSafe.sys& [kisknl / kisknl][Running/Auto Start] &\??\C:\Windows\system32\drivers\kisknl.sys& [kmodurl / kmodurl][Running/System Start] &\??\C:\Program Files\KSafe\kmodurl.sys& [krpr / krpr][Stopped/Manual Start] &\??\C:\Windows\system32\Drivers\krpr.sys& [LSI_FC / LSI_FC][Stopped/Disabled] &\SystemRoot\system32\drivers\lsi_fc.sys& [LSI_SAS / LSI_SAS][Stopped/Disabled] &\SystemRoot\system32\drivers\lsi_sas.sys& [LSI_SCSI / LSI_SCSI][Stopped/Disabled] &\SystemRoot\system32\drivers\lsi_scsi.sys& [megasas / megasas][Stopped/Disabled] &\SystemRoot\system32\drivers\megasas.sys& [Mraid35x / Mraid35x][Stopped/Disabled] &\SystemRoot\system32\drivers\mraid35x.sys& [Softlumos Multi-Platform / Mulsys][Running/Boot Start] &\SystemRoot\System32\DRIVERS\Mulsys.SYS& [nfrd960 / nfrd960][Stopped/Disabled] &\SystemRoot\system32\drivers\nfrd960.sys& [N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled] &\SystemRoot\system32\drivers\ntrigdigi.sys& [nvlddmkm / nvlddmkm][Running/Manual Start] [nvraid / nvraid][Stopped/Disabled] &\SystemRoot\system32\drivers\nvraid.sys& [nvstor / nvstor][Stopped/Disabled] &\SystemRoot\system32\drivers\nvstor.sys& [IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start] [IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start] [PauseDrv / PauseDrv][Stopped/Manual Start] &\??\C:\Windows\system32\Drivers\PauseDrv.sys& [QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled] &\SystemRoot\system32\drivers\ql2300.sys& [QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled] &\SystemRoot\system32\drivers\ql40xx.sys& [Realtek 10/100 NIC 系列 NDIS x86 驱动程序 / RTL8023xp][Running/Manual Start] [SiSRaid2 / SiSRaid2][Stopped/Disabled] &\SystemRoot\system32\drivers\sisraid2.sys& [SiSRaid4 / SiSRaid4][Stopped/Disabled] &\SystemRoot\system32\drivers\sisraid4.sys& [Symc8xx / Symc8xx][Stopped/Disabled] &\SystemRoot\system32\drivers\symc8xx.sys& [Sym_hi / Sym_hi][Stopped/Disabled] &\SystemRoot\system32\drivers\sym_hi.sys& [Sym_u3 / Sym_u3][Stopped/Disabled] &\SystemRoot\system32\drivers\sym_u3.sys& [uliahci / uliahci][Stopped/Disabled] &\SystemRoot\system32\drivers\uliahci.sys& [UlSata / UlSata][Stopped/Disabled] &\SystemRoot\system32\drivers\ulsata.sys& [ulsata2 / ulsata2][Stopped/Disabled] &\SystemRoot\system32\drivers\ulsata2.sys& [viaide / viaide][Running/Boot Start] &\SystemRoot\system32\drivers\viaide.sys& [vsmraid / vsmraid][Stopped/Disabled] &\SystemRoot\system32\drivers\vsmraid.sys& [WINIO / WINIO][Running/Auto Start] &\??\C:\Program Files\iFly Info Tek\MagicVoice\bin\mapio.sys& ================================== 浏览器加载项 [Tencent Browser Helper] {0C7C23EF-A848-485B-873C-0ED} [QQ工具栏] {29CF293A-1E7D--E} [] {669751ED-D558-49AE-B01A-3B374CC7910E} [信息检索(&R)] {CC-41C8-B9BE-3C9C571A8263} [QQ工具栏] {29CF293A-1E7D--E} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-} [PhotoDrawEx Class] {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} [Tencent Browser Helper] {0C7C23EF-A848-485B-873C-0ED} [Player Class] {11F2A418-94B2-4e16-9B0C-B00C} [] {EB-11D2-B92F-008048FDD814} &, & [InstallHelper Class] {1DABF8D5-B7F-A30E53D709B3} [HTML Document] {F9-11CF-8FD0-00AA00686F13} [XML DOM Document] {B36-11D2-B20E-00C04F983E60} &%SystemRoot%\System32\msxml3.dll, (Signed) N/A& [QQ工具栏] {29CF293A-1E7D--E} [] {-A5F6-11D4-BFE2-A} &, & [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} &%SystemRoot%\System32\hhctrl.ocx, (Signed) N/A& [] {E-470E-8A57-} &, & [] {669751ED-D558-49AE-B01A-3B374CC7910E} [QQLiveFile Class] {6BF1-41c3-C1D8A72} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} &%SystemRoot%\system32\wmp.dll, (Signed) N/A& [Microsoft Web Browser] {A-11D0-A96B-00C04FD705A2} [XML DOM 文档 5.0] {88D969E5-F192-11D4-A65F-E5} [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-E5} &%SystemRoot%\System32\msxml6.dll, (Signed) N/A& [] {CC-41C8-B9BE-3C9C571A8263} &, & [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC} &%SystemRoot%\system32\wmp.dll, (Signed) N/A& [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-} [QQLive Class] {D9EBCF5D-3F8F-4b6a-89BA-7} [PlayerCtrl Class] {E05BC2A3-9A46-4a32-80C9-023A473F5B23} [RevealTrans] {E31E87C4-86EA-A-5BD5D179A737} [SSOForPTLogin2 Class] {EAAED308-B-965E-171933ADD473} [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [XML HTTP Request] {ED8C108E--91A4-00C04F7969E8} &%SystemRoot%\System32\msxml3.dll, (Signed) N/A& [XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} &%SystemRoot%\System32\msxml3.dll, (Signed) N/A& [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} &%SystemRoot%\System32\msxml3.dll, (Signed) N/A& [QQ工具栏] {FB46BBEE-B3D5-46BF-94F4-A6C1A17F0A28} [导出到 Microsoft Office Excel(&X)] ================================== 正在运行的进程 [PID: 384 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 448 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 496 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 508 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 540 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 552 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 560 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 708 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 740 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 812 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 864 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 956 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\system32\RtkAPO.dll] [Realtek Semiconductor Corp., 11.0.6000.29 built by: WinDDK] [PID: 1024 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 1040 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 1156 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [(Verified) Microsoft Corporation, 6.0. (vista_gdr.0)] [PID: 1212 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 1380 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 1560 / SYSTEM][E:\新建文件夹 (5)\KSM\ksmsvc.exe] [, ,1479] [E:\新建文件夹 (5)\KSM\kdump.dll] [Kingsoft Corporation, ,1453] [E:\新建文件夹 (5)\KSM\kxestat.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\kxebase.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\scom.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\kxecore\kxelog.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\kxecore\kxecore.dll] [Kingsoft Corporation, ,402] [E:\新建文件夹 (5)\KSM\kxecore\kxestat.dll] [Kingsoft Corporation, ,309] [E:\新建文件夹 (5)\KSM\ksmcorex.dll] [Kingsoft Corporation, ,78] [E:\新建文件夹 (5)\KSM\ksecorex.dll] [Kingsoft Corporation, ,1518] [E:\新建文件夹 (5)\KSM\kae\kaecore.dat] [Kingsoft Corporation, ,110] [E:\新建文件夹 (5)\KSM\ksbwdet2.dll] [Kingsoft Corporation, ,1665] [E:\新建文件夹 (5)\KSM\sqlite.dll] [N/A, ] [E:\新建文件夹 (5)\KSM\kae\karchive.dat] [Kingsoft Corporation, ,110] [E:\新建文件夹 (5)\KSM\kae\kaearcha.dat] [Kingsoft Corporation, ,110] [E:\新建文件夹 (5)\KSM\kae\kaeolea.dat] [Kingsoft Corporation, ,110] [E:\新建文件夹 (5)\KSM\kae\kaearchb.dat] [Kingsoft Corporation, ,436] [E:\新建文件夹 (5)\KSM\ksmbrfix.dll] [Kingsoft Corporation, ,1403] [E:\新建文件夹 (5)\KSM\ksbwsspx.dll] [Kingsoft Corporation, ,1072] [E:\新建文件夹 (5)\KSM\kavquara.dll] [Kingsoft Corporation, ,924] [E:\新建文件夹 (5)\KSM\ksreng3.dll] [Kingsoft Corporation, ,139] [E:\新建文件夹 (5)\KSM\kssdet.dll] [Kingsoft Corporation, ,1638] [E:\新建文件夹 (5)\KSM\kcldrep.dll] [Kingsoft Corporation, ,1524] [E:\新建文件夹 (5)\KSM\kavifr.dll] [Kingsoft Corporation, ,74] [PID: 1676 / SYSTEM][C:\Program Files\KSafe\KSafeSvc.exe] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\ksafeeng.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\katrun.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\ksafebak.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\ksafedb.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\kcache.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\knescan.dll] [Kingsoft Corporation., 1.0.0.1111] [C:\Program Files\KSafe\KEng\ksafeave.dll] [Kingsoft Corporation, 1.1.0.1078] [C:\Program Files\KSafe\KEng\kae\kaecore.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, ,1546] [C:\Program Files\KSafe\kxebase.dll] [Kingsoft Corporation, ,402] [C:\Program Files\KSafe\scom.dll] [Kingsoft Corporation, ,402] [C:\Program Files\KSafe\kxecore\kxecore.dll] [Kingsoft Corporation, ,402] [C:\Program Files\KSafe\kexectrl.dll] [Kingsoft Corporation, ,1422] [C:\Program Files\KSafe\ksscore.dll] [Kingsoft Corporation, ,3] [C:\Program Files\KSafe\kplugeng.dll] [Kingsoft Corporation., 1.5.2.1191] [C:\Program Files\KSafe\kwssp.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\json.dll] [N/A, ] [C:\Program Files\KSafe\kcldrep.dll] [Kingsoft Corporation, ,47] [C:\Program Files\KSafe\fwproxy.dll] [Kingsoft Corporation, 2.1.0.1084] [C:\Program Files\KSafe\sqlite.dll] [Kingsoft Corporation, ,781] [C:\Program Files\KSafe\kse\ksecorex.dll] [Kingsoft Corporation, ,1467] [C:\Program Files\KSafe\kse\ksbwdet2.dll] [Kingsoft Corporation, ,1526] [C:\Program Files\KSafe\KEng\kae\karchive.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaearcha.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaeolea.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaearchb.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaeunpak.dat] [Kingsoft Corporation, ,436] [C:\Program Files\KSafe\KEng\kae\kaevname.dat] [Kingsoft Corporation, ,1454] [C:\Program Files\KSafe\KEng\kae\kaeunpack.dat] [Kingsoft Corporation, ,365] [C:\Program Files\KSafe\KEng\kae\kaecorea.dat] [Kingsoft Corporation, ,1454] [PID: 1992 / founder][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [PID: 2012 / founder][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [PID: 2020 / founder][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Kingsoft\Kingsoft Antivirus\ktaskbar.dll] [Kingsoft Corporation, ,732] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Kingsoft\Kingsoft Antivirus\kavmenu.dll] [Kingsoft Corporation, ,273] [C:\Program Files\Kingsoft\Kingsoft Antivirus\kis.dll] [Kingsoft Corporation, ,59] [PID: 532 / founder][C:\Program Files\Windows Defender\MSASCui.exe] [Microsoft Corporation, 1.1.1505.0] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 700 / founder][C:\Windows\RtHDVCpl.exe] [Realtek Semiconductor, 1, 0, 0, 43] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 2080 / SYSTEM][C:\Windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\System32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0] [C:\Windows\system32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0] [PID: 2132 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 2184 / founder][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\System32\NVSVC.DLL] [NVIDIA Corporation, 7.15.11.5818] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Windows\System32\nvapi.dll] [NVIDIA Corporation, 7.15.11.5818] [PID: 2400 / founder][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Windows\system32\NvMcTray.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Windows\System32\nvapi.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 2412 / founder][C:\Program Files\jmesoft\hotkey.exe] [JME Co.,Ltd., 3, 9, 0, 616] [C:\Program Files\jmesoft\Keyhook.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 2424 / founder][C:\Program Files\Founder\Emergency Center\hotkey.exe] [N/A, ] [C:\Program Files\Founder\Emergency Center\MFC42D.DLL] [Microsoft Corporation, 6.00.8168.0] [C:\Program Files\Founder\Emergency Center\MSVCRTD.dll] [Microsoft Corporation, 6.00.8168.0] [C:\Program Files\Founder\Emergency Center\MSVCP60D.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [PID: 2432 / founder][C:\Program Files\KSafe\KSafeTray.exe] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\krunopt.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, ,1546] [C:\Program Files\KSafe\kwsctrl.dll] [Kingsoft Corporation, 2.1.0.1084] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\KSafe\ksafevul.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\ksafeup.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\zlib1.dll] [, 1.2.3] [C:\Program Files\KSafe\ksafedb.dll] [Kingsoft Corporation, 2.1.0.1078] [C:\Program Files\KSafe\kplugeng.dll] [Kingsoft Corporation., 1.5.2.1191] [PID: 2644 / founder][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.0. (vista_gdr.0)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 2668 / founder][C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe] [Hewlett-Packard Company, 1.6.43.1] [C:\Program Files\Common Files\LightScribe\QtCore4.dll] [N/A, ] [C:\Program Files\Common Files\LightScribe\QtGui4.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 3624 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 3684 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 3764 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 4004 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466] [PID: 4052 / SYSTEM][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [PID: 4060 / founder][C:\Windows\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.4. (winmain_wtr_wsus3sp2(wmbla).4)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 1820 / founder][D:\qq\Bin\QQ.exe] [Tencent, 1.60.] [D:\qq\Bin\Common.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\zlib.dll] [, 1, 2, 5, 0] [D:\qq\Bin\libexpat.dll] [, 2, 0, 1, 0] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0._none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.] [D:\qq\Bin\KernelUtil.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\xImage.dll] [Tencent, 5, 9, 9, 0] [D:\qq\Bin\libpng.dll] [, 1, 2, 2, 3] [D:\qq\Bin\libjpeg6.dll] [, 6, 2, 0, 0] [D:\qq\Bin\GF.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\xGraphic32.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\jgImage.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\jgIOStub.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\AFUtil.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\IPC.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\FlashService.dll] [Tencent, 1, 60, 2020, 0] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kwsui.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kswebshield.dll] [Kingsoft Corporation, .1084] [D:\qq\Bin\LoginPanel.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\IM.dll] [Tencent, 1, 60, 2010, 0] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [D:\qq\Bin\AppMisc.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\AppUtil.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\TaskTray.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\TXPFProxy.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\MainFrame.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\AppFramework.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\SkinMgr.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\AFCtrl.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\ProcessSession.DLL] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\SystemMsg.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\ConfigCenter.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\ChatFrameApp.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\GroupApp.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\Contacts.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\InformationBox.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.VAS\Bin\VAS.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.CRM\Bin\CRM.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Soso\Bin\Soso.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Memo\Bin\Memo.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.Mail\Bin\Mail.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.FileTransfer\Bin\FileTransfer.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.QQRing\Bin\QQRing.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.WBlog\Bin\WBlog.dll] [Tencent, 1, 60, 2020, 0] [C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.15\Bin\SSOPlatform.dll] [Tencent, 1.2.1.15] [C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.15\Bin\SSOCommon.DLL] [Tencent, 1.2.1.10] [D:\qq\Bin\PluginCommon.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\QInterLive.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\Com.Tencent.GameLife\Bin\GameLife.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.netdisk\Bin\NetDisk.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.netdisk\Bin\DiskIPC.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.netdisk\Bin\DiskCommon.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.netdisk\Bin\FileBase.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\ContactInfoFrame.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.qqmusic\Bin\QQMusic.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.winks\Bin\Winks.dll] [Tencent, 1, 60, 2020, 0] [C:\Windows\system32\Macromed\Flash\Flash10l.ocx] [Adobe Systems, Inc., 10,1,102,64] [D:\qq\Bin\MsgMgr.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.mmog\Bin\MMOG.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.qqgame\Bin\QQGame.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1, 60, 2020, 0] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466] [D:\qq\Plugin\com.tencent.advertisement\Bin\Advertisement.dll] [Tencent, 1, 60, 2020, 0] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [D:\qq\Bin\LongCnn.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Bin\CustomFace.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\AddrSearch.dll] [Tencent, 2, 3, 12, 11] [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0._none_cbf2\MFC80U.DLL] [Microsoft Corporation, 8.00.] [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0._none_03ca6\MFC80CHS.DLL] [Microsoft Corporation, 8.00.] [C:\Windows\system32\UNISPIM6.IME] [北京紫光华宇软件股份有限公司, 6.0.0.6055] [D:\qq\Bin\Camera.dll] [Tencent, 1, 60, 2020, 0] [D:\qq\Bin\SCCore.dll] [Tencent, 1, 7, 1, 6] [D:\qq\Bin\KernelMisc.dll] [Tencent, 1, 60, 2010, 0] [D:\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll] [Tencent, 7.65.] [D:\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QQPlayer.DLL] [Tencent, 7.65.] [D:\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\CMInternet.dll] [TENCENT, 8, 0, 1, 1224] [PID: 2300 / founder][D:\qq\Bin\TXPlatform.exe] [Tencent, 1, 60, 2010, 0] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [D:\qq\Bin\TXPFProxy.dll] [Tencent, 1, 60, 2010, 0] [PID: 2712 / founder][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00. (vista_rtm.5)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kwsui.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, ,1546] [C:\Program Files\KSafe\kswebshield.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kswbc.dll] [Kingsoft Corporation, .1084] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Tencent\QQToolbar\IEBar.dll] [TENCENT, 4, 0, 1, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\ToolBar.dll] [Tencent, 4, 1, 20, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\TBAddr.dll] [Tencent, 4, 1, 16, 10] [C:\Program Files\TENCENT\SSPlus\SAddr.dll] [腾讯, 5, 1, 16, 10] [C:\PROGRA~1\TENCENT\SSPlus\SSup.dll] [腾讯, 5, 0, 5, 12] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Shuqian\Shuqian.dll] [Tencent, 4, 1, 4, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Qzone\Qzone.dll] [TENCENT, 4, 1, 4, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\QQMail\QQMail.dll] [TENCENT, 4, 1, 2, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Wenwen\Wenwen.dll] [TENCENT, 4, 1, 1, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\PrScrn\PrScrn.dll] [Tencent, 4, 1, 3, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Clear\Clear.dll] [TENCENT, 4, 1, 3, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\SideBar.dll] [Tencent, 4, 1, 7, 10] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [C:\Windows\system32\Macromed\Flash\Flash10l.ocx] [Adobe Systems, Inc., 10,1,102,64] [PID: 5816 / founder][C:\Windows\explorer.exe] [(Verified) Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Kingsoft\Kingsoft Antivirus\kis.dll] [Kingsoft Corporation, ,59] [C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0. (vista_rtm.5)] [C:\Program Files\TENCENT\SSPlus\SAddr.dll] [腾讯, 5, 1, 16, 10] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Kingsoft\Kingsoft Antivirus\kavmenu.dll] [Kingsoft Corporation, ,273] [C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.11.5818] [PID: 4144 / founder][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00. (vista_rtm.5)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kwsui.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, ,1546] [C:\Program Files\KSafe\kswebshield.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kswbc.dll] [Kingsoft Corporation, .1084] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [C:\Program Files\Tencent\QQToolbar\IEBar.dll] [TENCENT, 4, 0, 1, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\ToolBar.dll] [Tencent, 4, 1, 20, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\TBAddr.dll] [Tencent, 4, 1, 16, 10] [C:\Program Files\TENCENT\SSPlus\SAddr.dll] [腾讯, 5, 1, 16, 10] [C:\PROGRA~1\TENCENT\SSPlus\SSup.dll] [腾讯, 5, 0, 5, 12] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Shuqian\Shuqian.dll] [Tencent, 4, 1, 4, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Qzone\Qzone.dll] [TENCENT, 4, 1, 4, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\QQMail\QQMail.dll] [TENCENT, 4, 1, 2, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Wenwen\Wenwen.dll] [TENCENT, 4, 1, 1, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\PrScrn\PrScrn.dll] [Tencent, 4, 1, 3, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\btns\Clear\Clear.dll] [TENCENT, 4, 1, 3, 10] [C:\Users\founder\AppData\LocalLow\TENCENT\QQToolbar\dlls\SideBar.dll] [Tencent, 4, 1, 7, 10] [C:\Windows\system32\UNISPIM6.IME] [北京紫光华宇软件股份有限公司, 6.0.0.6055] [C:\Windows\system32\Macromed\Flash\Flash10l.ocx] [Adobe Systems, Inc., 10,1,102,64] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.5818] [PID: 4760 / founder][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\KSafe\kwsui.dll] [Kingsoft Corporation, .1084] [C:\Program Files\KSafe\kswebshield.dll] [Kingsoft Corporation, .1084] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] [PID: 5064 / founder][C:\Users\founder\AppData\Local\Temp\Rar$EX02.985\SREngLdr.EXE] [Smallfrogs Studio, 2.8.4.1331] [PID: 4672 / founder][C:\Users\founder\AppData\Local\Temp\Rar$EX02.985\SRE47a12361.EXE] [Smallfrogs Studio, 2.8.4.1331] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.1.0.1089] [C:\Program Files\Founder\Emergency Center\SBHotkey.dll] [N/A, ] ================================== 文件关联 .TXT Error. [C:\Windows\notepad.exe %1] .EXE OK. [&%1& %*] .COM OK. [&%1& %*] .PIF OK. [&%1& %*] .REG OK. [regedit.exe &%1&] .BAT OK. [&%1& %*] .SCR OK. [&%1& /S] .CHM OK. [&%SystemRoot%\hh.exe& %1] .HLP OK. [%SystemRoot%\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. [&%SystemRoot%\System32\WScript.exe& &%1& %*] .JS OK. [%SystemRoot%\System32\WScript.exe &%1& %*] .LNK OK. [{0-}] ================================== Winsock 提供者 N/A ================================== Autorun.inf [C:\] [AutoRun] ;xTapBWxBis csbmvAlJHls ispBwk kNeB shELl\open\defaULt=1 sHEll\open\commaNd=ydma.uoXnsM oPen= ydma.FhrmTakiFEodneHx SheLl\exPloRE\command = ydma. Shell\autoPlaY\COmmand=ydma.pif [D:\] [AutoRun] ;JShdknVTkyvayngPFr xwkhtuYiyxXhpkeyR vkVayC SHelL\eXPLORe\CoMmAnD= nhxfu.kVjbJYvGunpkwhhaikw VerD PpphTHfvBOi nBNW sHelL\OpEN\ComMAnd =nhxfu. oPeN = nhxfu.pnykiW AyAem sHelL\OpeN\DefaulT=1 ; shell\AutoPLAy\CoMmanD = nhxfu.yeYBKVeisGnJddivKliri NuDHoVjnAMDduqid RJbTXiqy [E:\] [AutoRun] ; ;wMbFw OPeN = fvmrp. sHEll\opEn\DefauLT=1 ;yrgLb sHell\ExploRE\cOmMand = fvmrp. sHell\OPEN\coMmaND= fvmrp.fyxNvdQiQxv sHelL\aUTOPLaY\cOmmaNd =fvmrp. [F:\] [AutoRun] SHell\open\Command = evtsvj.CpctS Shell\eXpLorE\COmmAnd= evtsvj.exe sHElL\OpeN\DeFaUlT=1 open=evtsvj.mcualiPt sHelL\AuTOPLay\CommAnd =evtsvj.exe [G:\] [AutoRun] ;wmJxwHdoE NKhwyROE ;oVeomSvu ShEll\ExpLOre\CommANd = wnavcb.exe shell\open\coMmanD= wnavcb. Open= wnavcb.exe shELL\oPen\Default=1 ;IjonuPMw TeICdS ShELl\AutOplay\Command =wnavcb.qurrEGaJtUMA ================================== HOSTS 文件 127.0.0.1 localhost ::1 localhost ================================== 进程特权扫描特殊特权被允许: SeDebugPrivilege [PID = 4760, C:\PROGRAM FILES\WINRAR\WINRAR.EXE] ================================== 计划任务 [已启用] \\{93DC8D0F-5E24-E-44D} C:\Windows\system32\pcalua.exe -a &C:\Users\Administrator\Desktop\Apabi Reader\AutoBookSpeech\InstallSpeech.exe& -d &C:\Users\Administrator\Desktop\Apabi Reader\AutoBookSpeech& [已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask BthUdTask.exe $(Arg0) [已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask N/A [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask N/A [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam N/A [已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator %SystemRoot%\System32\wsqmcons.exe [已启用] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [已启用] \Microsoft\Windows\Defrag\ScheduledDefrag %windir%\system32\defrag.exe -c -i [已禁用] \Microsoft\Windows\Media Center\ehDRMInit %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [已禁用] \Microsoft\Windows\Media Center\mcupdate %SystemRoot%\ehome\mcupdate $(Arg0) -gc [已禁用] \Microsoft\Windows\Media Center\OCURActivate %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [已禁用] \Microsoft\Windows\Media Center\OCURDiscovery %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [已禁用] \Microsoft\Windows\Media Center\UpdateRecordPath %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [已启用] \Microsoft\Windows\MobilePC\HotStart N/A [已启用] \Microsoft\Windows\MobilePC\TMM N/A [已启用] \Microsoft\Windows\MUI\LPRemove %windir%\system32\lpremove.exe [已启用] \Microsoft\Windows\Multimedia\SystemSoundsService N/A [已启用] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI N/A [已启用] \Microsoft\Windows\Shell\CrawlStartPages N/A [已禁用] \Microsoft\Windows\SideShow\AutoWake N/A [已启用] \Microsoft\Windows\SideShow\GadgetManager N/A [已禁用] \Microsoft\Windows\SideShow\SessionAgent N/A [已禁用] \Microsoft\Windows\SideShow\SystemDataProviders N/A [已禁用] \Microsoft\Windows\SystemRestore\SR %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1 rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2 rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [已启用] \Microsoft\Windows\UPnP\UPnPHostConfig sc.exe config upnphost start= auto [已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting %windir%\system32\wermgr.exe -queuereporting [已启用] \Microsoft\Windows\Wired\GatherWiredInfo %windir%\system32\gatherWiredInfo.vbs [已启用] \Microsoft\Windows\Wireless\GatherWirelessInfo %windir%\system32\gatherWirelessInfo.vbs ================================== Windows 安全更新检查 KB936330, Windows Vista Service Pack 1 (KB936330) KB958869, Windows Vista 安全更新程序 (KB958869) MS09-062 KB890830, Windows 恶意软件删除工具 - 2011 年 2 月 (KB890830) ================================== API HOOK 入口点错误:LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: 0x) 入口点错误:CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x) 入口点错误:CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x) ================================== 隐藏进程 N/A ================================== 复制代码
添一句,系统是Vista的
楼上是扫描日志
这日志是被你修改了呢还是贴到论坛上变样了呢?完全无法看。能否把LOG文件压缩作为附件发上来?
本帖最后由 byxxdrls 于
22:08 编辑
从混乱的日志来看,存在AUTO病毒,可以尝试用金山U盘专杀查一下。
昨天关机前又用急救箱杀了次毒,发现30多个病毒,但今天早上用U盘专杀的时候又发现了20多个病毒,但只有5个被清除了
(47.93 KB, 下载次数: 7)
12:08 上传
点击文件名下载附件
上面是扫描日志
最好吧查杀的截图和日志也传上来
怎么得到急救箱的日志?
我用另一个杀毒软件试了下,但是重启后问题还是没有解决,这个是日志
(4.78 KB, 下载次数: 21)
22:18 上传
点击文件名下载附件
卸载你的QQ和QQ工具栏,然后用毒霸全盘查杀,看看是否解决
我卸载了QQ和QQ工具栏,全盘查杀的结果是8个病毒,下面是截图
捕获.JPG (71.93 KB, 下载次数: 0)
12:58 上传
51.JPG (66.31 KB, 下载次数: 0)
12:58 上传
然后我删除了QQ宠物,重新启动后再次全盘查杀的结果是,还有4个病毒,下面是截图
捕获1.JPG (70.46 KB, 下载次数: 0)
12:58 上传
楼主留下联系方式吧,俺帮你在通知个官人远程看看
麻烦你联系我QQ 为你看下情况。
您好,您可以加楼上的QQ: ,或者加我QQ:。
另:请看看
C:\ydma.pif
D:\nhxfu.pif
E:\fvmrp.exe
F:\evtsvj.exe
G:\wnavcb.exe
是否有这几个文件。
win32.sality是一种感染型病毒。
问题依然没解决。。。我按照18楼说的下载了备用木马库,杀了次,还是解决不了,而且重启后金山毒霸的安全服务启动项被禁止了
用U盘专杀的时候,查到9993个文件的时候就会卡死。。。
捕获4.JPG (39.12 KB, 下载次数: 0)
22:17 上传
下面这两个项目无法开启,怎么点都没反映
捕获5.JPG (69.89 KB, 下载次数: 0)
22:17 上传
逛了这许久,何不进去瞧瞧?
关注我们:}
我要回帖
更多关于 暗夜游魂掉落 的文章
更多推荐
- ·cad中cad自动保存的文件在哪里可以找到文件在什么地方?
- ·东风560报价及图片EQ153相关参数
- ·进程里有个fkYVNnl0程序,是什么,怎么用cmd强制关闭进程删除?
- ·新疆十大著名佛寺的寺庙有哪些
- ·世界上最小最小号的电池是几号有多小?
- ·怪物猎人2g上位真红眼黑龙上位卡组唐土炮一阶打法
- ·单机天使之剑手游红巫师怎么打
- ·穿越火线桌面图片踢人同意以后自动返回桌面了
- ·如果QQ我的qq号被盗了怎么办该怎么办呀?
- ·摩尔庄园家园背景大全冰之洞穴背景音乐
- ·剑三六周年礼包还能消耗通宝买五周年称号吗
- ·时风风骏1号时风农用三轮车价格充电怎样显示正常
- ·怎么用北通手柄怎么用的手柄插上去没用
- ·苏泊尔cfxb40fc833 75Z16怎么样?苏泊尔cfxb40fc833 75Z16好吗
- ·口袋妖怪漆黑穿墙的魅影BW手机版穿墙术金手指代码
- ·为什么有人说世界上有几个地球两个地球呢?这是真的吗?
- ·求黑色玫瑰会玩盲僧回旋踢教学的教我,要会r闪和眼踢
- ·香港地道美食攻略正版地道龙怎么订购
- ·上古世纪武器升级制作什么前缀可以继续升级
- ·4399快打西游怎么三人组队的手游
- ·wow暗夜游魂掉落 杀完怎么什么也不掉
- ·跑宝宝环奖励跟等级风水有关系系但是怎么划分等级
- ·问道荣誉值怎么刷站长刷转网址什么
- ·神武手游pt孩子计划书2手游孩子打书是包成功的吗
- ·天涯明月刀1星单子OL求一二星单子npc的名字。另外在哪可以买那种一下恢复很多血的药剂,不是50%那个。是
- ·超神战记哪个英雄好英雄代码大全
- ·qq自由幻想法宝任务中收集任务每天最多做几次
- ·7k7k街头霸王47k7k小游戏戏最后一个人物为什么没有出来
- ·仿盛大内功心法传奇又来内个了么
- ·c cf爆破地图报点模式五大地图.
- ·汉字火场英雄2014通关的第一关怎么过
- ·奇迹暖暖礼包兑换码现在能用的兑换码。
- ·怎么驯服怨魂我的世界驯服恶魂
- ·乱斗西游2新英雄法宝英雄转化是怎么来的
- ·我的手机系统是4.2.2的,为什么玩儿 这是我的战争修改器 总是一卡一卡的,有些时候还会死机
