机器狗打败卡卡狮?瑞星监控变红伞1
endurer 原创
2008-02-23 第1版
前天,一位网友求助,说他的电脑可能中了病毒,瑞星监控绿伞变成红伞了,系统反应很慢,请偶帮忙检修~
下载 pe_xscan 扫描log 发现如下可疑项(进程模块部分有省略):
/===
pe_xscan 08-02-19 by Purple Endurer
2008-2-21 17:40:52
Windows XP Service Pack 2(5.1.2600)
管理员用户组
正常模式
[System Process] * 0
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/ATGNEHZ.DLL | 2008-2-21 14:9:54
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/PAHZIJ.DLL | 2008-2-21 14:13:22
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/OAIJIHZEUYOUHZ.DLL | 2008-2-21 14:13:18
C:/WINDOWS/SYSTEM32/JEMNAW.DLL | 2008-2-21 14:13:28
C:/WINDOWS/SYSTEM32/LAIXUHZ.DLL | 2008-2-21 14:13:8
C:/WINDOWS/SYSTEM32/XJXR.DLL | 2008-2-21 14:11:10
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/ZADNEW.DLL | 2008-2-21 14:12:54
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/QLIHZOUHGNFE.DLL | 2008-2-21 14:12:50
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/QVBHOTYWOW.DLL | 2008-2-21 14:11:18 | Microsoft(R) Windows(R) Operating System | 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) | Windows XP MSPLAY API DLL | (C) Microsoft Corporation. All rights resad. | 5.1.2600.3099 | Microsoft Corporation | Microsoft | msplay32 | msplay32
C:/WINDOWS/SYSTEM32/SGREFG.DLL | 2008-2-21 14:13:30
C:/WINDOWS/SYSTEM32/DBGHLP32.DLL | 2008-2-21 14:12:26
C:/WINDOWS/SYSTEM32/NVDISPDRV.DLL | 2008-2-21 14:12:18
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/SYSTEM32/SHAPROC.DLL | 2008-2-21 14:3:20
C:/WINDOWS/SYSTEM32/WINLOGON.EXE* 532 | 2006-12-14 6:29:30 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Windows NT Logon Application | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | winlogon | WINLOGON.EXE
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/SERVICES.EXE* 580 | 2006-12-14 6:29:30 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Services and Controller app | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | services.exe | services.exe
C:/WINDOWS/SYSTEM32/LYMANGR.DLL | 2008-2-21 14:9:50
C:/WINDOWS/SYSTEM32/SVCHOST.EXE* 740 | 2006-12-14 6:29:30 | Microsoft? Windows? Operating System | 5.1.2600.2180 | Generic Host Process for Win32 Services | ? Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | svchost.exe | svchost.exe
C:/WINDOWS/SYSTEM32/SHAPROC.DLL | 2008-2-21 14:3:20
C:/WINDOWS/XWLQVVVV.DLL | 2008-2-21 14:3:8
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/WQVVICYG.DLL | 2008-2-21 14:9:52
C:/WINDOWS/SYSTEM32/QVBHOTYWOW.DLL | 2008-2-21 14:11:18 | Microsoft(R) Windows(R) Operating System | 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) | Windows XP MSPLAY API DLL | (C) Microsoft Corporation. All rights resad. | 5.1.2600.3099 | Microsoft Corporation | Microsoft | msplay32 | msplay32
C:/WINDOWS/SYSTEM32/NVDISPDRV.DLL | 2008-2-21 14:12:18
C:/WINDOWS/SYSTEM32/DBGHLP32.DLL | 2008-2-21 14:12:26
C:/WINDOWS/SYSTEM32/SGREFG.DLL | 2008-2-21 14:13:30
C:/WINDOWS/SYSTEM32/USERINIT.EXE* 1348 | 2006-12-14 6:29:30
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/EXPLORER.EXE* 1428 | 2007-6-13 21:21:56 | Microsoft(R) Windows(R) Operating System | 6.00.2900.3156 | Windows Explorer | (C) Microsoft Corporation. All rights reserved. | 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Microsoft Corporation| ? | explorer | EXPLORER.EXE
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/XWLQVVVV.DLL | 2008-2-21 14:3:8
C:/WINDOWS/YYNRMFCH.DLL | 2008-2-21 14:3:8
C:/WINDOWS/SYSTEM32/SHAPROC.DLL | 2008-2-21 14:3:20
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/WQVVICYG.DLL | 2008-2-21 14:9:52
C:/WINDOWS/SYSTEM32/QVBHOTYWOW.DLL | 2008-2-21 14:11:18 | Microsoft(R) Windows(R) Operating System | 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) | Windows XP MSPLAY API DLL | (C) Microsoft Corporation. All rights resad. | 5.1.2600.3099 | Microsoft Corporation | Microsoft | msplay32 | msplay32
C:/WINDOWS/SYSTEM32/NVDISPDRV.DLL | 2008-2-21 14:12:18
C:/WINDOWS/SYSTEM32/DBGHLP32.DLL | 2008-2-21 14:12:26
C:/WINDOWS/SYSTEM32/ZADNEW.DLL | 2008-2-21 14:12:54
C:/WINDOWS/SYSTEM32/SGREFG.DLL | 2008-2-21 14:13:30
C:/WINDOWS/TATZCYGYA.EXE * 224 | 2008-2-6 17:6:26
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/XWLQVVVV.DLL | 2008-2-21 14:3:8
C:/PROGRAM FILES/RISING/RAV/RAVTASK.EXE* 900 | 2007-12-22 19:3:8 | Rising Antivirus 2008 | 20.00 | RavTimer | Rising Corp.All rights reserved. | 20.0.0.22 | Beijing Rising Technology Co., Ltd.| ? | Beijing Rising Technology Co., Ltd. | RavTask.exe
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/SHAPROC.DLL | 2008-2-21 14:3:20
C:/WINDOWS/XWLQVVVV.DLL | 2008-2-21 14:3:8
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/WQVVICYG.DLL | 2008-2-21 14:9:52
C:/WINDOWS/SYSTEM32/QVBHOTYWOW.DLL | 2008-2-21 14:11:18 | Microsoft(R) Windows(R) Operating System | 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) | Windows XP MSPLAY API DLL | (C) Microsoft Corporation. All rights resad. | 5.1.2600.3099 | Microsoft Corporation | Microsoft | msplay32 | msplay32
C:/WINDOWS/SYSTEM32/NVDISPDRV.DLL | 2008-2-21 14:12:18
C:/WINDOWS/SYSTEM32/DBGHLP32.DLL | 2008-2-21 14:12:26
C:/WINDOWS/SYSTEM32/SGREFG.DLL | 2008-2-21 14:13:30
C:/WINDOWS/SYSTEM32/CTFMON.EXE* 2348 | 2006-12-14 6:29:30 | Microsoft? Windows? Operating System | 5.1.2600.2180 | CTF Loader | ? Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | CTFMON | CTFMON.EXE
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/XWLQVVVV.DLL | 2008-2-21 14:3:8
C:/WINDOWS/SYSTEM32/SHAPROC.DLL | 2008-2-21 14:3:20
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/WQVVICYG.DLL | 2008-2-21 14:9:52
C:/WINDOWS/SYSTEM32/QVBHOTYWOW.DLL | 2008-2-21 14:11:18 | Microsoft(R) Windows(R) Operating System | 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) | Windows XP MSPLAY API DLL | (C) Microsoft Corporation. All rights resad. | 5.1.2600.3099 | Microsoft Corporation | Microsoft | msplay32 | msplay32
C:/WINDOWS/SYSTEM32/DBGHLP32.DLL | 2008-2-21 14:12:26
C:/WINDOWS/SYSTEM32/NVDISPDRV.DLL | 2008-2-21 14:12:18
C:/WINDOWS/SYSTEM32/SGREFG.DLL | 2008-2-21 14:13:30
C:/PROGRAM FILES/TENCENT/QQ/QQ.EXE* 3224 | 2007-12-19 19:40:46 | QQ | 7,0,313,1681 | QQ | Copyright (C) 1998 - 2007 TENCENT Inc. All Rights Reserved | 7,0,313,1681 | TENCENT | | COMQQD | QQ.exe
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/SHAPROC.DLL | 2008-2-21 14:3:20
C:/WINDOWS/XWLQVVVV.DLL | 2008-2-21 14:3:8
C:/WINDOWS/SYSTEM32/WBJJU.DLL | 2004-11-13 10:27:2
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/WQVVICYG.DLL | 2008-2-21 14:9:52
C:/WINDOWS/SYSTEM32/QVBHOTYWOW.DLL | 2008-2-21 14:11:18 | Microsoft(R) Windows(R) Operating System | 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) | Windows XP MSPLAY API DLL | (C) Microsoft Corporation. All rights resad. | 5.1.2600.3099 | Microsoft Corporation | Microsoft | msplay32 | msplay32
C:/WINDOWS/SYSTEM32/NVDISPDRV.DLL | 2008-2-21 14:12:18
C:/WINDOWS/SYSTEM32/DBGHLP32.DLL | 2008-2-21 14:12:26
C:/WINDOWS/SYSTEM32/SGREFG.DLL | 2008-2-21 14:13:30
C:/PROGRAM FILES/RISING/RAV/RAVMON.EXE* 1296 | 2008-1-30 11:47:16 | Rising AntiVirus 2008 | 20.00 | Rising realtime monitor shell | Rising Corp. All rights reserved. | 20.0.01.11 | Beijing Rising Technology Co., Ltd.| ? | Beijing Rising Technology Co., Ltd. | RavTray.EXE
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/SHAPROC.DLL | 2008-2-21 14:3:20
C:/WINDOWS/XWLQVVVV.DLL | 2008-2-21 14:3:8
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/WQVVICYG.DLL | 2008-2-21 14:9:52
C:/WINDOWS/SYSTEM32/QVBHOTYWOW.DLL | 2008-2-21 14:11:18 | Microsoft(R) Windows(R) Operating System | 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) | Windows XP MSPLAY API DLL | (C) Microsoft Corporation. All rights resad. | 5.1.2600.3099 | Microsoft Corporation | Microsoft | msplay32 | msplay32
C:/WINDOWS/SYSTEM32/NVDISPDRV.DLL | 2008-2-21 14:12:18
C:/WINDOWS/SYSTEM32/DBGHLP32.DLL | 2008-2-21 14:12:26
C:/WINDOWS/SYSTEM32/SGREFG.DLL | 2008-2-21 14:13:30
C:/PROGRAM FILES/INTERNET EXPLORER/IEXPLORE.EXE* 3792 | 2007-8-17 18:19:26 | Windows? Internet Explorer | 7.00.6000.16544 | Internet Explorer | ? Microsoft Corporation. All rights reserved. | 7.00.6000.16544 (vista_gdr.070814-1500) | Microsoft Corporation| ? | iexplore | IEXPLORE.EXE
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/SHAPROC.DLL | 2008-2-21 14:3:20
C:/WINDOWS/XWLQVVVV.DLL | 2008-2-21 14:3:8
C:/WINDOWS/SYSTEM32/HDDGUARD.DLL | 2008-2-21 14:9:34
C:/WINDOWS/WQVVICYG.DLL | 2008-2-21 14:9:52
C:/WINDOWS/SYSTEM32/QVBHOTYWOW.DLL | 2008-2-21 14:11:18 | Microsoft(R) Windows(R) Operating System | 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) | Windows XP MSPLAY API DLL | (C) Microsoft Corporation. All rights resad. | 5.1.2600.3099 | Microsoft Corporation | Microsoft | msplay32 | msplay32
C:/WINDOWS/SYSTEM32/NVDISPDRV.DLL | 2008-2-21 14:12:18
C:/WINDOWS/SYSTEM32/DBGHLP32.DLL | 2008-2-21 14:12:26
C:/WINDOWS/SYSTEM32/SGREFG.DLL | 2008-2-21 14:13:30
C:/WINDOWS/WQVVICYG.EXE * 272 | 2008-2-21 14:9:50
C:/WINDOWS/SYSTEM32/VHQQ.DLL | 2008-2-21 14:12:32
C:/WINDOWS/SYSTEM32/IJOUGIEMNAW.DLL | 2008-2-21 14:12:58
C:/WINDOWS/SYSTEM32/TSQC.DLL | 2008-2-21 14:11:46
C:/WINDOWS/SYSTEM32/KILUW.DLL | 2008-2-21 14:13:4
C:/WINDOWS/SYSTEM32/SVE.DLL | 2008-2-21 14:12:42
C:/WINDOWS/SYSTEM32/GNOLNAIT.DLL | 2008-2-21 14:11:4
C:/WINDOWS/SYSTEM32/KNAIXNAUHUOYIZQQ.DLL | 2008-2-21 14:12:46
C:/WINDOWS/SYSTEM32/DUYGNEF.DLL | 2008-2-21 14:13:12
C:/WINDOWS/SYSTEM32/XHTD.DLL | 2008-2-6 17:7:12
C:/WINDOWS/SYSTEM32/3AUHAD.DLL | 2008-2-6 17:6:40
C:/WINDOWS/SYSTEM32/OADNEW.DLL | 2008-2-6 17:6:58
C:/WINDOWS/SYSTEM32/IEMNAW.DLL | 2008-2-6 17:7:10
C:/WINDOWS/SYSTEM32/HJXR.DLL | 2008-2-6 17:6:32
C:/WINDOWS/SYSTEM32/NAIXUHZ.DLL | 2008-2-6 17:7:2
C:/WINDOWS/SYSTEM32/NAHZIJ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/SYSTEM32/UTGNEHZ.DLL | 2008-2-6 17:6:30
C:/WINDOWS/SYSTEM32/AUHAD.DLL | 2008-2-6 17:6:38
C:/WINDOWS/SYSTEM32/NAIJIHZEUYOUHZ.DLL | 2008-2-6 17:7:8
C:/WINDOWS/WQVVICYG.DLL | 2008-2-21 14:9:52
O2 - BHO TENCENT BROWSER HELPER - {0C7C23EF-A848-485B-873C-0ED954731014} -C:/PROGRAM FILES/TENCENT/SSPLUS/SADDR1.DLL
O4 - HKLM/../RUN: [STUP.EXE] RUNDLL32.EXEC:/PROGRA~1/TENCENT/SSPLUS/SPLUS.DLL ,Rundll32 R
O4 - HKLM/../RUN: [NVDISPDRV]C:/WINDOWS/NVDISPDRV.EXE
O4 - HKLM/../RUN: [DBGHLP32]C:/WINDOWS/DBGHLP32.EXE
O4 - HKLM/../POLICIES/EXPLORER/RUN: [TATZCYGYA] TATZCYGYA.EXE
O4 - HKLM/../POLICIES/EXPLORER/RUN: [WISIN]C:/WINDOWS/SYSTEM32/WISIN.EXE
O11 - IE扩展选项组:TBH (中文搜搜) =
O20 - AppInit_DLLs = bauhgnem.dll,eohsom.dll,fyom.dll,sauhad.dll,
O23 - 服务: ATI2HDDSRV (ATI2HDDSRV) -C:/WINDOWS/SYSTEM32/DRIVERS/ATI32SRV.SYS (手动)
O23 - 服务: DEEPFREE UPDATE (DEEPFREE UPDATE) -C:/WINDOWS/SYSTEM32/DRIVERS/PCIHDD2.SYS (手动)
O23 - 服务: MSERTK (MSERTK) - SYSTEM32/DRIVERS/MSYECP.SYS (自动)
O23 - 服务: MSSKYE (MSSKYE) - SYSTEM32/DRIVERS/MSACLUE.SYS (自动)
O24 - SHLEXECHOOK: [MICROSOFT] - {45AADFAA-DD36-42AB-83AD-0521BBF58C24} =C:/WINDOWS/SYSTEM32/ZJYDCX.DLL
O24 - SHLEXECHOOK: [MICROSOFT] - {8C41B7F7-3168-400D-A702-0E7EFE0BA304}=C:/WINDOWS/system32/sgrefg.dll
O26 - IFEO: 360rpt.exe -> ntsd -d
O26 - IFEO: 360Safe.exe -> ntsd -d
O26 - IFEO: 360tray.exe -> ntsd -d
O26 - IFEO: adam.exe -> ntsd -d
O26 - IFEO: AgentSvr.exe -> ntsd -d
O26 - IFEO: AppSvc32.exe -> ntsd -d
O26 - IFEO: autoruns.exe -> ntsd -d
O26 - IFEO: avconsol.exe -> ntsd -d
O26 - IFEO: avgrssvc.exe -> ntsd -d
O26 - IFEO: AvMonitor.exe -> ntsd -d
O26 - IFEO: avp.com -> ntsd -d
O26 - IFEO: avp.exe -> ntsd -d
O26 - IFEO: CCenter.exe -> ntsd -d
O26 - IFEO: ccSvcHst.exe -> ntsd -d
O26 - IFEO: EGHOST.exe -> ntsd -d
O26 - IFEO: FileDsty.exe -> ntsd -d
O26 - IFEO: FTCleanerShell.exe -> ntsd -d
O26 - IFEO: FYFireWall.exe -> ntsd -d
O26 - IFEO: HijackThis.exe -> ntsd -d
O26 - IFEO: IceSword.exe -> ntsd -d
O26 - IFEO: iparmo.exe -> ntsd -d
O26 - IFEO: Iparmor.exe -> ntsd -d
O26 - IFEO: isPwdSvc.exe -> ntsd -d
O26 - IFEO: kabaload.exe -> ntsd -d
O26 - IFEO: KaScrScn.SCR -> ntsd -d
O26 - IFEO: KASMain.exe -> ntsd -d
O26 - IFEO: KASTask.exe -> ntsd -d
O26 - IFEO: KAV32.exe -> ntsd -d
O26 - IFEO: KAVDX.exe -> ntsd -d
O26 - IFEO: KAVPF.exe -> ntsd -d
O26 - IFEO: KAVPFW.exe -> ntsd -d
O26 - IFEO: KAVSetup.exe -> ntsd -d
O26 - IFEO: KAVStart.exe -> ntsd -d
O26 - IFEO: KISLnchr.exe -> ntsd -d
O26 - IFEO: KMailMon.exe -> ntsd -d
O26 - IFEO: KMFilter.exe -> ntsd -d
O26 - IFEO: KPFW32.exe -> ntsd -d
O26 - IFEO: KPFW32X.exe -> ntsd -d
O26 - IFEO: KPfwSvc.exe -> ntsd -d
O26 - IFEO: KRegEx.exe -> ntsd -d
O26 - IFEO: KRepair.com -> ntsd -d
O26 - IFEO: KsLoader.exe -> ntsd -d
O26 - IFEO: KVCenter.kxp -> ntsd -d
O26 - IFEO: KvDetect.exe -> ntsd -d
O26 - IFEO: KvfwMcl.exe -> ntsd -d
O26 - IFEO: KVMonXP.kxp -> ntsd -d
O26 - IFEO: KVMonXP_1.kxp -> ntsd -d
O26 - IFEO: kvol.exe -> ntsd -d
O26 - IFEO: kvolself.exe -> ntsd -d
O26 - IFEO: KvReport.kxp -> ntsd -d
O26 - IFEO: KVScan.kxp -> ntsd -d
O26 - IFEO: KVSrvXP.exe -> ntsd -d
O26 - IFEO: KVStub.kxp -> ntsd -d
O26 - IFEO: kvupload.exe -> ntsd -d
O26 - IFEO: kvwsc.exe -> ntsd -d
O26 - IFEO: KvXP.kxp -> ntsd -d
O26 - IFEO: KvXP_1.kxp -> ntsd -d
O26 - IFEO: KWatch.exe -> ntsd -d
O26 - IFEO: KWatch9x.exe -> ntsd -d
O26 - IFEO: KWatchX.exe -> ntsd -d
O26 - IFEO: MagicSet.exe -> ntsd -d
O26 - IFEO: mcconsol.exe -> ntsd -d
O26 - IFEO: mmqczj.exe -> ntsd -d
O26 - IFEO: mmsk.exe -> ntsd -d
O26 - IFEO: Navapw32.exe -> ntsd -d
O26 - IFEO: nod32.exeNavapsvc.exe -> ntsd -d
O26 - IFEO: nod32krn.exe -> ntsd -d
O26 - IFEO: nod32kui.exe -> ntsd -d
O26 - IFEO: NPFMntor.exe -> ntsd -d
O26 - IFEO: OllyDBG.EXE -> ntsd -d
O26 - IFEO: OllyICE.EXE -> ntsd -d
O26 - IFEO: PFW.exe -> ntsd -d
O26 - IFEO: PFWLiveUpdate.exe -> ntsd -d
O26 - IFEO: procexp.exe -> ntsd -d
O26 - IFEO: QHSET.exe -> ntsd -d
O26 - IFEO: QQDoctor.exe -> ntsd -d
O26 - IFEO: QQKav.exe -> ntsd -d
O26 - IFEO: Ras.exe -> ntsd -d
O26 - IFEO: RavMonD.exe -> ntsd -d
O26 - IFEO: RavStub.exe -> ntsd -d
O26 - IFEO: RawCopy.exe -> ntsd -d
O26 - IFEO: RegClean.exe -> ntsd -d
O26 - IFEO: RegTool.exe -> ntsd -d
O26 - IFEO: rfwcfg.exe -> ntsd -d
O26 - IFEO: rfwmain.exe -> ntsd -d
O26 - IFEO: rfwProxy.exe -> ntsd -d
O26 - IFEO: rfwsrv.exe -> ntsd -d
O26 - IFEO: rfwstub.exe -> ntsd -d
O26 - IFEO: RsAgent.exe -> ntsd -d
O26 - IFEO: Rsaupd.exe -> ntsd -d
O26 - IFEO: runiep.exe -> ntsd -d
O26 - IFEO: safelive.exe -> ntsd -d
O26 - IFEO: scan32.exe -> ntsd -d
O26 - IFEO: shcfg32.exe -> ntsd -d
O26 - IFEO: SmartUp.exe -> ntsd -d
O26 - IFEO: SREng.EXE -> ntsd -d
O26 - IFEO: symlcsvc.exe -> ntsd -d
O26 - IFEO: SysSafe.exe -> ntsd -d
O26 - IFEO: TrojanDetector.exe -> ntsd -d
O26 - IFEO: Trojanwall.exe -> ntsd -d
O26 - IFEO: TrojDie.kxp -> ntsd -d
O26 - IFEO: UIHost.exe -> ntsd -d
O26 - IFEO: UmxAgent.exe -> ntsd -d
O26 - IFEO: UmxAttachment.exe -> ntsd -d
O26 - IFEO: UmxCfg.exe -> ntsd -d
O26 - IFEO: UmxFwHlp.exe -> ntsd -d
O26 - IFEO: UmxPol.exe -> ntsd -d
O26 - IFEO: UpLive.exe -> ntsd -d
O26 - IFEO: vsstat.exe -> ntsd -d
O26 - IFEO: webscanx.exe -> ntsd -d
O26 - IFEO: WoptiClean.exe -> ntsd -d
===/
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
