caobihole
- 浏览: 946104 次
-
文章分类
最新评论
winyyy.sys,hcpidesk.sys,mtlrd.sys,uldfhjfh.sys,servets.exe等1
winyyy.sys,hcpidesk.sys,mtlrd.sys,uldfhjfh.sys,servets.exe等1
endurer 原创
2009-11-19 第1版
一位朋友的电脑最近开机速度很慢,而且有QQ提示框说“您的QQ号已经被系统选取为【10周年庆典】的二等奖获得者”
很多程序运行不了,请偶帮忙检修。
用 pe_xscan 扫描 log 并分析,发现如下可疑项(进程模块部分有省略):
pe_xscan 09-06-21 by Purple Endurer
2009-11-10 19:49:16
Windows XP Service Pack 3(5.1.2600)
MSIE:6.0.2900.5512
管理员用户组
正常模式
[System Process] * 0
C:/WINDOWS/system32/kb110172630.dll | 2009-11-10 17:26:30
C:/WINDOWS/system32/kb210172648.dll | 2009-11-10 17:26:48
C:/WINDOWS/system32/kb510172916.dll | 2009-11-10 17:29:17
C:/WINDOWS/Fonts/kb28192213.dll | 2009-11-8 19:22:13
C:/WINDOWS/Fonts/kb48192251.dll | 2009-11-8 19:22:51
C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
C:/WINDOWS/Fonts/kb410172748.dll | 2009-11-10 17:27:48
C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
C:/Program Files/Internet Explorer/sdk2.dll | 2009-11-10 11:59:20
C:/Documents and Settings/Administrator/Application Data/Spy009.dll | 2009-11-9 2:41:52
C:/WINDOWS/system32/JMq7bpeR4Xa8eV5ftCB.inf | 2009-11-1 23:44:52
C:/WINDOWS/system32/RXNK8eR3xW8KTCWBCGTbqm.inf | 2009-11-10 11:17:32
C:/WINDOWS/system32/A2CbFrBy28J6zdXNZgqCtJ6Ae.inf | 2009-10-29 2:13:52
C:/WINDOWS/Downloaded Program Files/AnXnubyMnv58c9vaECWX.cur | 2009-10-29 2:14:2
C:/WINDOWS/Downloaded Program Files/uBwdaS5QeRv5fUyk7etsUNqVEjT.cur | 2009-10-29 2:14:20
C:/WINDOWS/Tasks/Wfayv6njQnCsg.inf | 2009-10-30 2:2:52
C:/WINDOWS/Tasks/4H5HJTHFZkxrCpehBpx4TmR.inf | 2009-10-29 1:47:10
C:/WINDOWS/system32/BtmBAnd89jc9PsPq5EKNj.inf | 2009-10-26 18:43:28
C:/WINDOWS/system32/WQVBYhAJ6ADw5qzCY8gv84KTH.inf | 2009-10-26 18:41:40
C:/WINDOWS/system32/qzp3jTZCSfSh.dll | 2009-10-26 18:41:2
C:/WINDOWS/Downloaded Program Files/rJaeKv7CcbwSzhQbDu.cur | 2009-10-26 18:41:22
C:/WINDOWS/Tasks/yGfdVUegEQm9fhY5rnN.inf | 2009-10-26 18:40:14
C:/WINDOWS/fonts/A97CRaCB.fon | 2009-10-26 18:39:42
C:/WINDOWS/system32/bWxJAeWKDxgRfhkaWEfA33C36nr.inf | 2009-10-26 18:38:54
C:/WINDOWS/system32/08223B03.dll | 2009-10-26 18:38:20
C:/WINDOWS/Downloaded Program Files/gxrSG8sdA4hAbGNQXnr9JGFu6nZ.cur | 2009-10-26 18:37:28
C:/WINDOWS/system32/FsmBY3kmWnAG5gRbwGgU.inf | 2009-10-26 18:37:12
C:/WINDOWS/Tasks/TDz5y2TEAKw2z7xkPhf9Sqj.inf | 2009-10-26 18:36:56
C:/WINDOWS/system32/2exJW3dsaTgWrf5uAPadmHN.dll | 2009-10-26 18:36:4
C:/WINDOWS/Downloaded Program Files/WUstNjhyfQfpv8PQbC.cur | 2009-10-26 18:36:22
C:/WINDOWS/Downloaded Program Files/SjRjQgREDp3P8B4rEEg.cur | 2009-10-26 18:35:20
C:/WINDOWS/Tasks/c2nH4numz9knY5zqnC.inf | 2009-10-26 18:35:34
C:/WINDOWS/system32/BhfwdJchYBNmD25PSCxza.inf | 2009-10-26 18:35:6
C:/WINDOWS/Downloaded Program Files/NnjrQW5EUm9zePgHXM2eB44E.cur | 2009-10-26 18:34:36
C:/WINDOWS/system32/PERrGx5DkqSbQdwauCRQH.dll | 2009-10-26 18:34:52
C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
C:/WINDOWS/System32/winlogon.exe* 540 | 2007-6-1 0:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.5512 | Windows NT Logon Application | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2113) | Microsoft Corporation| ? | winlogon | WINLOGON.EXE
C:/WINDOWS/system32/kb11011166.dll | 2009-11-10 11:16:6
C:/WINDOWS/system32/kb210111617.dll | 2009-11-10 11:16:18
C:/WINDOWS/system32/kb510111719.dll | 2009-11-10 11:17:20
C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
C:/WINDOWS/Fonts/kb28192213.dll | 2009-11-8 19:22:13
C:/WINDOWS/Fonts/kb48192251.dll | 2009-11-8 19:22:51
C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
C:/WINDOWS/Fonts/kb410111652.dll | 2009-11-10 11:16:52
C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
C:/WINDOWS/system32/winlib .dll
C:/WINDOWS/system32/COMRes.dll | 2009-11-6 20:56:2
C:/WINDOWS/system32/syslib .dll
C:/WINDOWS/system32/kb110172630.dll | 2009-11-10 17:26:30
C:/WINDOWS/system32/kb210172648.dll | 2009-11-10 17:26:48
C:/WINDOWS/system32/kb510172916.dll | 2009-11-10 17:29:17
C:/WINDOWS/Tasks/JJX5r8wnsqUnNxGwpwn.inf | 2009-10-26 18:34:22
C:/WINDOWS/Downloaded Program Files/NnjrQW5EUm9zePgHXM2eB44E.cur | 2009-10-26 18:34:36
C:/WINDOWS/system32/PERrGx5DkqSbQdwauCRQH.dll | 2009-10-26 18:34:52
C:/WINDOWS/system32/BhfwdJchYBNmD25PSCxza.inf | 2009-10-26 18:35:6
C:/WINDOWS/Downloaded Program Files/SjRjQgREDp3P8B4rEEg.cur | 2009-10-26 18:35:20
C:/WINDOWS/Tasks/c2nH4numz9knY5zqnC.inf | 2009-10-26 18:35:34
C:/WINDOWS/system32/SCEVFJRCmaB7.dll | 2009-10-26 18:35:50
C:/WINDOWS/system32/2exJW3dsaTgWrf5uAPadmHN.dll | 2009-10-26 18:36:4
C:/WINDOWS/Downloaded Program Files/WUstNjhyfQfpv8PQbC.cur | 2009-10-26 18:36:22
C:/WINDOWS/system32/ndxq9awMc.dll | 2009-10-26 18:36:36
C:/WINDOWS/Tasks/TDz5y2TEAKw2z7xkPhf9Sqj.inf | 2009-10-26 18:36:56
C:/WINDOWS/system32/FsmBY3kmWnAG5gRbwGgU.inf | 2009-10-26 18:37:12
C:/WINDOWS/Downloaded Program Files/gxrSG8sdA4hAbGNQXnr9JGFu6nZ.cur | 2009-10-26 18:37:28
C:/WINDOWS/Downloaded Program Files/sZaeAC74EzXJeVeJu6p.cur | 2009-10-26 18:37:42
C:/WINDOWS/system32/08223B03.dll | 2009-10-26 18:38:20
C:/WINDOWS/system32/z6FVkEF47huPzgaXee.inf | 2009-10-26 18:38:38
C:/WINDOWS/system32/bWxJAeWKDxgRfhkaWEfA33C36nr.inf | 2009-10-26 18:38:54
C:/WINDOWS/system32/122B901E.dll | 2009-10-26 18:39:10
C:/WINDOWS/Tasks/SbrmpxjdCrgRAFhz4gHh.inf | 2009-10-26 18:39:26
C:/WINDOWS/fonts/A97CRaCB.fon | 2009-10-26 18:39:42
C:/WINDOWS/fonts/SD78dgC7hD2sktQHyAu.fon | 2009-10-26 18:39:58
C:/WINDOWS/Tasks/yGfdVUegEQm9fhY5rnN.inf | 2009-10-26 18:40:14
C:/WINDOWS/system32/t9hdtMrwMeQcvYV3CMvhtNZpC.inf | 2009-10-26 18:40:30
C:/WINDOWS/system32/qzp3jTZCSfSh.dll | 2009-10-26 18:41:2
C:/WINDOWS/Downloaded Program Files/rJaeKv7CcbwSzhQbDu.cur | 2009-10-26 18:41:22
C:/WINDOWS/system32/WQVBYhAJ6ADw5qzCY8gv84KTH.inf | 2009-10-26 18:41:40
C:/WINDOWS/system32/BtmBAnd89jc9PsPq5EKNj.inf | 2009-10-26 18:43:28
C:/WINDOWS/system32/AMNCZw74h8gwd6CpYGkrZDy8.inf | 2009-10-29 2:13:48
C:/WINDOWS/Tasks/4H5HJTHFZkxrCpehBpx4TmR.inf | 2009-10-29 1:47:10
C:/WINDOWS/system32/A2CbFrBy28J6zdXNZgqCtJ6Ae.inf | 2009-10-29 2:13:52
C:/WINDOWS/Downloaded Program Files/AnXnubyMnv58c9vaECWX.cur | 2009-10-29 2:14:2
C:/WINDOWS/Downloaded Program Files/uBwdaS5QeRv5fUyk7etsUNqVEjT.cur | 2009-10-29 2:14:20
C:/WINDOWS/Tasks/Wfayv6njQnCsg.inf | 2009-10-30 2:2:52
C:/WINDOWS/system32/EMQzJJURMfVkrkEx9GJ.inf | 2009-10-30 10:32:12
C:/WINDOWS/system32/ujMhyGsS7tRV9gU2HHMkJcu7DPU.inf | 2009-11-2 1:10:32
C:/WINDOWS/system32/JMq7bpeR4Xa8eV5ftCB.inf | 2009-11-1 23:44:52
C:/WINDOWS/system32/jY8sGUnWqbZb3x2BPhY.dll | 2009-11-2 1:11:54
C:/Documents and Settings/Administrator/Application Data/Spy009.dll | 2009-11-9 2:41:52
C:/Program Files/Internet Explorer/sdk2.dll | 2009-11-10 11:59:20
C:/WINDOWS/system32/pEcFwPj48y6DADf87r.inf | 2009-11-7 11:6:12
C:/WINDOWS/Fonts/kb410172748.dll | 2009-11-10 17:27:48
C:/WINDOWS/system32/RXNK8eR3xW8KTCWBCGTbqm.inf | 2009-11-10 11:17:32
C:/WINDOWS/fonts/AN2Epfv2VzeHreV.fon | 2009-11-10 11:32:42
C:/WINDOWS/system32/CDuAUVkGy9.dll | 2009-11-10 11:33:4
C:/WINDOWS/System32/services.exe* 648 | 2009-2-9 19:21:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.5755 | Services and Controller app | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) | Microsoft Corporation| ? | services.exe | services.exe
C:/WINDOWS/system32/kb11011166.dll | 2009-11-10 11:16:6
C:/WINDOWS/system32/kb210111617.dll | 2009-11-10 11:16:18
C:/WINDOWS/system32/kb510111719.dll | 2009-11-10 11:17:20
C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
C:/WINDOWS/Fonts/kb28192213.dll | 2009-11-8 19:22:13
C:/WINDOWS/Fonts/kb48192251.dll | 2009-11-8 19:22:51
C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
C:/WINDOWS/Fonts/kb410111652.dll | 2009-11-10 11:16:52
C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
C:/WINDOWS/system32/kb110172630.dll | 2009-11-10 17:26:30
C:/WINDOWS/system32/kb210172648.dll | 2009-11-10 17:26:48
C:/WINDOWS/system32/kb510172916.dll | 2009-11-10 17:29:17
C:/WINDOWS/System32/lsass.exe * 660 | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | LSA Shell (Export Version) | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2113) | Microsoft Corporation| ? | lsass.exe | lsass.exe
C:/WINDOWS/system32/kb11011166.dll | 2009-11-10 11:16:6
C:/WINDOWS/system32/kb210111617.dll | 2009-11-10 11:16:18
C:/WINDOWS/system32/kb510111719.dll | 2009-11-10 11:17:20
C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
C:/WINDOWS/Fonts/kb28192213.dll | 2009-11-8 19:22:13
C:/WINDOWS/Fonts/kb48192251.dll | 2009-11-8 19:22:51
C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
C:/WINDOWS/Fonts/kb410111652.dll | 2009-11-10 11:16:52
C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
C:/WINDOWS/system32/kb110172630.dll | 2009-11-10 17:26:30
C:/WINDOWS/system32/kb210172648.dll | 2009-11-10 17:26:48
C:/WINDOWS/system32/kb510172916.dll | 2009-11-10 17:29:17
C:/WINDOWS/System32/svchost.exe * 956 | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | Generic Host Process for Win32 Services | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2111) | Microsoft Corporation| ? | svchost.exe | svchost.exe
C:/WINDOWS/system32/kb11011166.dll | 2009-11-10 11:16:6
C:/WINDOWS/system32/kb210111617.dll | 2009-11-10 11:16:18
C:/WINDOWS/system32/kb510111719.dll | 2009-11-10 11:17:20
C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
C:/WINDOWS/Fonts/kb28192213.dll | 2009-11-8 19:22:13
C:/WINDOWS/Fonts/kb48192251.dll | 2009-11-8 19:22:51
C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
C:/WINDOWS/Fonts/kb410111652.dll | 2009-11-10 11:16:52
C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
C:/WINDOWS/system32/COMRes.dll | 2009-11-6 20:56:2
C:/WINDOWS/system32/kb110172630.dll | 2009-11-10 17:26:30
C:/WINDOWS/system32/kb210172648.dll | 2009-11-10 17:26:48
C:/WINDOWS/system32/kb510172916.dll | 2009-11-10 17:29:17
C:/WINDOWS/System32/conime.exe * 1996 | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | Console IME | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2105) | Microsoft Corporation| ? | Console | CONIME.EXE
C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
C:/WINDOWS/Fonts/kb28192213.dll | 2009-11-8 19:22:13
C:/WINDOWS/Fonts/kb48192251.dll | 2009-11-8 19:22:51
C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
C:/WINDOWS/Fonts/kb410111652.dll | 2009-11-10 11:16:52
C:/WINDOWS/system32/kb11011166.dll | 2009-11-10 11:16:6
C:/WINDOWS/system32/kb210111617.dll | 2009-11-10 11:16:18
C:/WINDOWS/system32/kb510111719.dll | 2009-11-10 11:17:20
C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
C:/Documents and Settings/Administrator/Application Data/Spy009.dll | 2009-11-9 2:41:52
C:/WINDOWS/system32/JMq7bpeR4Xa8eV5ftCB.inf | 2009-11-1 23:44:52
C:/WINDOWS/system32/RXNK8eR3xW8KTCWBCGTbqm.inf | 2009-11-10 11:17:32
C:/WINDOWS/system32/A2CbFrBy28J6zdXNZgqCtJ6Ae.inf | 2009-10-29 2:13:52
C:/WINDOWS/Downloaded Program Files/AnXnubyMnv58c9vaECWX.cur | 2009-10-29 2:14:2
C:/WINDOWS/Downloaded Program Files/uBwdaS5QeRv5fUyk7etsUNqVEjT.cur | 2009-10-29 2:14:20
C:/WINDOWS/Tasks/Wfayv6njQnCsg.inf | 2009-10-30 2:2:52
C:/WINDOWS/Tasks/4H5HJTHFZkxrCpehBpx4TmR.inf | 2009-10-29 1:47:10
C:/WINDOWS/system32/BtmBAnd89jc9PsPq5EKNj.inf | 2009-10-26 18:43:28
C:/WINDOWS/system32/WQVBYhAJ6ADw5qzCY8gv84KTH.inf | 2009-10-26 18:41:40
C:/WINDOWS/system32/qzp3jTZCSfSh.dll | 2009-10-26 18:41:2
C:/WINDOWS/Downloaded Program Files/rJaeKv7CcbwSzhQbDu.cur | 2009-10-26 18:41:22
C:/WINDOWS/Tasks/yGfdVUegEQm9fhY5rnN.inf | 2009-10-26 18:40:14
C:/WINDOWS/fonts/A97CRaCB.fon | 2009-10-26 18:39:42
C:/WINDOWS/system32/bWxJAeWKDxgRfhkaWEfA33C36nr.inf | 2009-10-26 18:38:54
C:/WINDOWS/system32/08223B03.dll | 2009-10-26 18:38:20
C:/WINDOWS/Downloaded Program Files/gxrSG8sdA4hAbGNQXnr9JGFu6nZ.cur | 2009-10-26 18:37:28
C:/WINDOWS/system32/FsmBY3kmWnAG5gRbwGgU.inf | 2009-10-26 18:37:12
C:/WINDOWS/Tasks/TDz5y2TEAKw2z7xkPhf9Sqj.inf | 2009-10-26 18:36:56
C:/WINDOWS/system32/2exJW3dsaTgWrf5uAPadmHN.dll | 2009-10-26 18:36:4
C:/WINDOWS/Downloaded Program Files/WUstNjhyfQfpv8PQbC.cur | 2009-10-26 18:36:22
C:/WINDOWS/Downloaded Program Files/SjRjQgREDp3P8B4rEEg.cur | 2009-10-26 18:35:20
C:/WINDOWS/Tasks/c2nH4numz9knY5zqnC.inf | 2009-10-26 18:35:34
C:/WINDOWS/system32/BhfwdJchYBNmD25PSCxza.inf | 2009-10-26 18:35:6
C:/WINDOWS/Downloaded Program Files/NnjrQW5EUm9zePgHXM2eB44E.cur | 2009-10-26 18:34:36
C:/WINDOWS/system32/PERrGx5DkqSbQdwauCRQH.dll | 2009-10-26 18:34:52
C:/Program Files/Internet Explorer/sdk2.dll | 2009-11-10 11:59:20
C:/WINDOWS/smss.exe * 2272 | 2009-11-10 17:23:42 | Microsoft(R) Windows(R) Operating System | 5.2.3790.1830 | Generic Host Process for Win32 Services | (C) Microsoft Corporation. All rights reserved. | 5.2.3790.1830 | Microsoft Corporation | | rpcs.exe | rpcs.exe
C:/WINDOWS/system32/kb11011166.dll | 2009-11-10 11:16:6
C:/WINDOWS/system32/kb210111617.dll | 2009-11-10 11:16:18
C:/WINDOWS/system32/kb510111719.dll | 2009-11-10 11:17:20
C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
C:/WINDOWS/Fonts/kb28192213.dll | 2009-11-8 19:22:13
C:/WINDOWS/Fonts/kb48192251.dll | 2009-11-8 19:22:51
C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
C:/WINDOWS/Fonts/kb410111652.dll | 2009-11-10 11:16:52
C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
C:/WINDOWS/system32/kb110172630.dll | 2009-11-10 17:26:30
C:/WINDOWS/system32/kb210172648.dll | 2009-11-10 17:26:48
C:/WINDOWS/system32/kb510172916.dll | 2009-11-10 17:29:17
C:/WINDOWS/explorer.exe * 9884 | 2007-6-1 0:0:0 | Microsoft(R) Windows(R) Operating System | 6.00.2900.5512 | Windows Explorer | (C) Microsoft Corporation. All rights reserved. | 6.00.2900.5512 (xpsp.080413-2105) | Microsoft Corporation| ? | explorer | EXPLORER.EXE
C:/WINDOWS/system32/kb110172630.dll | 2009-11-10 17:26:30
C:/WINDOWS/system32/kb210172648.dll | 2009-11-10 17:26:48
C:/WINDOWS/system32/kb510172916.dll | 2009-11-10 17:29:17
C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
C:/WINDOWS/Fonts/kb28192213.dll | 2009-11-8 19:22:13
C:/WINDOWS/Fonts/kb48192251.dll | 2009-11-8 19:22:51
C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
C:/WINDOWS/Fonts/kb410172748.dll | 2009-11-10 17:27:48
C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
C:/WINDOWS/system32/COMRes.dll | 2009-11-6 20:56:2
c:/windows/system32/wmitpfs.dll | 2009-10-30 10:38:4
C:/WINDOWS/Tasks/JJX5r8wnsqUnNxGwpwn.inf | 2009-10-26 18:34:22
C:/WINDOWS/Downloaded Program Files/NnjrQW5EUm9zePgHXM2eB44E.cur | 2009-10-26 18:34:36
C:/WINDOWS/system32/PERrGx5DkqSbQdwauCRQH.dll | 2009-10-26 18:34:52
C:/WINDOWS/system32/BhfwdJchYBNmD25PSCxza.inf | 2009-10-26 18:35:6
C:/WINDOWS/Downloaded Program Files/SjRjQgREDp3P8B4rEEg.cur | 2009-10-26 18:35:20
C:/WINDOWS/Tasks/c2nH4numz9knY5zqnC.inf | 2009-10-26 18:35:34
C:/WINDOWS/system32/SCEVFJRCmaB7.dll | 2009-10-26 18:35:50
C:/WINDOWS/system32/2exJW3dsaTgWrf5uAPadmHN.dll | 2009-10-26 18:36:4
C:/WINDOWS/Downloaded Program Files/WUstNjhyfQfpv8PQbC.cur | 2009-10-26 18:36:22
C:/WINDOWS/system32/ndxq9awMc.dll | 2009-10-26 18:36:36
C:/WINDOWS/Tasks/TDz5y2TEAKw2z7xkPhf9Sqj.inf | 2009-10-26 18:36:56
C:/WINDOWS/system32/FsmBY3kmWnAG5gRbwGgU.inf | 2009-10-26 18:37:12
C:/WINDOWS/Downloaded Program Files/gxrSG8sdA4hAbGNQXnr9JGFu6nZ.cur | 2009-10-26 18:37:28
C:/WINDOWS/Downloaded Program Files/sZaeAC74EzXJeVeJu6p.cur | 2009-10-26 18:37:42
C:/WINDOWS/system32/08223B03.dll | 2009-10-26 18:38:20
C:/WINDOWS/system32/z6FVkEF47huPzgaXee.inf | 2009-10-26 18:38:38
C:/WINDOWS/system32/bWxJAeWKDxgRfhkaWEfA33C36nr.inf | 2009-10-26 18:38:54
C:/WINDOWS/system32/122B901E.dll | 2009-10-26 18:39:10
C:/WINDOWS/Tasks/SbrmpxjdCrgRAFhz4gHh.inf | 2009-10-26 18:39:26
C:/WINDOWS/fonts/A97CRaCB.fon | 2009-10-26 18:39:42
C:/WINDOWS/fonts/SD78dgC7hD2sktQHyAu.fon | 2009-10-26 18:39:58
C:/WINDOWS/Tasks/yGfdVUegEQm9fhY5rnN.inf | 2009-10-26 18:40:14
C:/WINDOWS/system32/t9hdtMrwMeQcvYV3CMvhtNZpC.inf | 2009-10-26 18:40:30
C:/WINDOWS/system32/qzp3jTZCSfSh.dll | 2009-10-26 18:41:2
C:/WINDOWS/Downloaded Program Files/rJaeKv7CcbwSzhQbDu.cur | 2009-10-26 18:41:22
C:/WINDOWS/system32/WQVBYhAJ6ADw5qzCY8gv84KTH.inf | 2009-10-26 18:41:40
C:/WINDOWS/system32/BtmBAnd89jc9PsPq5EKNj.inf | 2009-10-26 18:43:28
C:/WINDOWS/system32/AMNCZw74h8gwd6CpYGkrZDy8.inf | 2009-10-29 2:13:48
C:/WINDOWS/Tasks/4H5HJTHFZkxrCpehBpx4TmR.inf | 2009-10-29 1:47:10
C:/WINDOWS/system32/A2CbFrBy28J6zdXNZgqCtJ6Ae.inf | 2009-10-29 2:13:52
C:/WINDOWS/Downloaded Program Files/AnXnubyMnv58c9vaECWX.cur | 2009-10-29 2:14:2
C:/WINDOWS/Downloaded Program Files/uBwdaS5QeRv5fUyk7etsUNqVEjT.cur | 2009-10-29 2:14:20
C:/WINDOWS/Tasks/Wfayv6njQnCsg.inf | 2009-10-30 2:2:52
C:/WINDOWS/system32/EMQzJJURMfVkrkEx9GJ.inf | 2009-10-30 10:32:12
C:/WINDOWS/system32/ujMhyGsS7tRV9gU2HHMkJcu7DPU.inf | 2009-11-2 1:10:32
C:/WINDOWS/system32/JMq7bpeR4Xa8eV5ftCB.inf | 2009-11-1 23:44:52
C:/WINDOWS/system32/jY8sGUnWqbZb3x2BPhY.dll | 2009-11-2 1:11:54
C:/Documents and Settings/Administrator/Application Data/Spy009.dll | 2009-11-9 2:41:52
C:/Program Files/Internet Explorer/sdk2.dll | 2009-11-10 11:59:20
C:/WINDOWS/system32/pEcFwPj48y6DADf87r.inf | 2009-11-7 11:6:12
C:/WINDOWS/system32/RXNK8eR3xW8KTCWBCGTbqm.inf | 2009-11-10 11:17:32
C:/WINDOWS/fonts/AN2Epfv2VzeHreV.fon | 2009-11-10 11:32:42
C:/WINDOWS/system32/CDuAUVkGy9.dll | 2009-11-10 11:33:4
F2 - REG: system.ini: UserInit =<C:/WINDOWS/system32/userinit.exe,>| 2007-6-1 0:0:0
O1 - Hosts: 98.126.44.146 show.qq.com
O1 - Hosts: 98.126.122.106 bbs1.qq.com
O1 - Hosts: 98.126.44.146 music.qq.com
O1 - Hosts: 98.126.44.146 minix.soso.com
O1 - Hosts: 98.126.44.146 ic.qzone.qq.com
O1 - Hosts: 98.126.44.146 adsclick.qq.com
O1 - Hosts: 98.126.122.106 adsfile.qq.com
O1 - Hosts: 98.126.122.106 adsview.qq.com
O1 - Hosts: 98.126.122.106 minigame.qq.com
O1 - Hosts: 127.1.1.1 xb520dx.kmip.net
O1 - Hosts: 127.1.1.1 dxz.974671.com
O1 - Hosts: 127.1.1.1 www.dy2004.com
O1 - Hosts: 127.1.1.1 www.114Baines.com
O1 - Hosts: 127.1.1.1 tj.3800down.com
O1 - Hosts: 127.1.1.1 a6tt4.114anhui.com
O1 - Hosts: 127.1.1.1 ak.114anhui.com
O1 - Hosts: 127.1.1.1 wwd.243542.com
O1 - Hosts: 127.1.1.1 w8.lao998.com
O1 - Hosts: 127.1.1.1 nhy7ubgv.114anhui.com
O1 - Hosts: 127.1.1.1 g6tt4.114anhui.com
O1 - Hosts: 127.1.1.1 x.qingsewuyuet.cn
O1 - Hosts: 127.1.1.1 www.114Baines.com
O1 - Hosts: 127.1.1.1 ok3.114graph.com
O1 - Hosts: 127.1.1.1 nhy7ubgv.114anhui.com
O1 - Hosts: 127.1.1.1 www.ok182.com
O1 - Hosts: 127.1.1.1 down.my227.com
O1 - Hosts: 127.1.1.1 n1xln1l1nx.3322.org
O1 - Hosts: 127.1.1.1 txt119.kmip.net
O1 - Hosts: 127.1.1.1 126.123fga.cn
O1 - Hosts: 127.1.1.1 ya.com.9d1u.cn
O1 - Hosts: 127.1.1.1 demo.jikesoft.cn
O1 - Hosts: 127.1.1.1 bmw8x.cn
O1 - Hosts: 127.1.1.1 mck.o0oq.cn
O1 - Hosts: 127.1.1.1 0.9d3f.cn
O1 - Hosts: 127.1.1.1 www.114baines.com
O1 - Hosts: 127.0.1.1 zsmdo.cn
O1 - Hosts: 127.1.1.1 wwd.976777.com
O1 - Hosts: 127.1.1.1 www.tt2sf.net
O1 - Hosts: 127.1.1.1 msn.com.9d1u.cn
O1 - Hosts: 127.1.1.1 ll.wwooaini88.com
O1 - Hosts: 127.1.1.1 jh.jhjsyehxkd.cn
O1 - Hosts: 127.1.1.1 kcs.cn
O1 - Hosts: 127.1.1.1 mck.o0oq.cn
O1 - Hosts: 127.1.1.1 x.moneyinfom.com
O1 - Hosts: 127.1.1.1 1.888888ok.com.cn
O1 - Hosts: 127.1.1.1 3w.97sesewww.cn
O1 - Hosts: 127.0.0.1 b.nmbrx.com
O1 - Hosts: 222.189.238.40 adsclick.qq.com
O1 - Hosts: 222.189.238.40 adsview.qq.com
O1 - Hosts: 222.189.238.40 bbs1.qq.com
O1 - Hosts: 222.189.238.40 ic.qzone.qq.com
O1 - Hosts: 222.189.238.40 minigame.qq.com
O1 - Hosts: 222.189.238.40 minix.soso.com
O1 - Hosts: 222.189.238.40 music.qq.com
O1 - Hosts: 222.189.238.40 show.qq.com
O1 - Hosts: 222.189.238.40 www.yxnpc.com
O1 - Hosts: 222.189.238.40 www2.im.alisoft.com
O1 - Hosts: 222.189.238.40 file.fetion.chinacache.neL
O1 - Hosts: 222.189.238.40 adsview.qq.com
O1 - Hosts: 222.189.238.40 bbs1.qq.com
O1 - Hosts: 222.189.238.40 ic.qzone.qq.com
O1 - Hosts: 222.189.238.40 minigame.qq.com
O1 - Hosts: 222.189.238.40 minix.soso.com
O1 - Hosts: 222.189.238.40 music.qq.com
O1 - Hosts: 222.189.238.40 show.qq.com
O1 - Hosts: 222.189.238.40 www.yxnpc.com
O1 - Hosts: 222.189.238.40 www2.im.alisoft.com
O1 - Hosts: 222.189.238.40 file.fetion.chinacache.net?
O1 - Hosts: 222.189.238.40 bbs1.qq.com
O1 - Hosts: 222.189.238.40 ic.qzone.qq.com
O1 - Hosts: 222.189.238.40 minigame.qq.com
O1 - Hosts: 222.189.238.40 minix.soso.com
O1 - Hosts: 222.189.238.40 music.qq.com
O1 - Hosts: 222.189.238.40 show.qq.com
O1 - Hosts: 222.189.238.40 www.yxnpc.com
O1 - Hosts: 222.189.238.40 www2.im.alisoft.com
O1 - Hosts: 222.189.238.40 file.fetion.chi
O2 - BHO CAdLogic Object - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} =C:/Program Files/Common Files/PushWare/cpush.dll | 2009-11-9 14:40:52| ? | 1.1.6.2| ?| ? | 1.1.6.2| ?| ? | softpush.dll | softpush.dll
O2 - BHO google cache - {296AB1C7-FB22-4D17-8834-064E2BA0A6F0} =C:/WINDOWS/MICROSOFT/winsys.dll | 2007-3-15 2:32:20 | | 2. 3, 0, 2 | Windows Services Module | | 2. 3, 0, 2 | Hello Loons.Fad | | | Beijing zhongguancun
O4 - HKCU/../run: [msconfigs]C:/WINDOWS/system32/TnvTy.exe
O4 - HKLM/../run: [system]C:/WINDOWS/system32/system.exe
O4 - HKLM/../run: [Trough]C:/WINDOWS/system32/TroughClient.exe 0
O4 - HKLM/../run: [RsTray]C:/WINDOWS/system32/scvhost.exe
O4 - HKLM/../run: [msconfigs]C:/WINDOWS/system32/TnvTy.exe
O4 - HKLM/../run: [aowii_19831028_game] "c:/windows/system32/jmodirwgq.exe" -at
O4 - HKLM/../run: [aowii_19831028_sogouip] "c:/windows/system32/rqtvfpyiy.exe" -at
O4 - HKLM/../run: [autorun_19831028_kingsoftgo] "c:/windows/system32/qsrvucimrd.exe" -at
At1.job
At2.job
At3.job
At4.job
At5.job
At6.job
At7.job
At8.job
At9.job
O20 - AppInit_DLLs =C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf ,C:/WINDOWS/Downloaded Program Files/uBwdaS5QeRv5fUyk7etsUNqVEjT.cur,C:/WINDOWS/Downloaded Program Files/rJaeKv7CcbwSzhQbDu.cur,C:/WINDOWS/Fonts/kb28192213.dll,C:/WINDOWS/Fonts/kb48192251.dll,C:/WINDOWS/Fonts/kb2923529.dll,C:/WINDOWS/Fonts/kb5923711.dll,C:/WINDOWS/Fonts/kb410172748.dll
O23 - 服务: AmdK8 (AmdK8 Compatible Device) - System32/drivers/amdk8.sys | 2008-1-3 17:1:23 | AMD Processor Driver | 1.3.2 | AMD Processor Driver | Copyright (C) AMD, Inc.2002-2006 | 1.3.2 (dnsrv(wmbla).060701-2226) | Advanced Micro Devices| ? | AmdK8.sys | AmdK8.sys(手动)
O23 - 服务: AsyncMac (RAS Asynchronous Media Driver) - system32/DRIVERS/asyncmac.sys (手动)
O23 - 服务: hcpidesk (hcpidesk) -C:/WINDOWS/system32/drivers/hcpidesk.sys | 2009-11-10 11:39:36(自动)
O23 - 服务: mtlrd (mtlrd) -C:/Documents and Settings/All Users/Application Data/Microsoft/Media Player/wmp/mtlrd.sys | 2009-9-25 17:18:22(自动)
O23 - 服务: MyProt (Network Monitor Protocol Driver) - system32/DRIVERS/winyyy.sys | 2009-11-9 2:57:54 | Windows (R) 2000 DDK driver | 5.1.2600.2180 | NDIS User mode I/O Driver | | 5.1.2600.2180 built by: WinDDK | Windows (R) 2000 DDK provider| ? | NDISPROT.SYS | NDISPROT.SYS(手动)
O23 - 服务: Netlogon (Net Logon) -C:/WINDOWS/system32/lsass.exe | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | LSA Shell (Export Version) | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2113) | Microsoft Corporation| ? | lsass.exe | lsass.exe(手动)
O23 - 服务: NtLmSsp (NT LM Security Support Provider) -C:/WINDOWS/system32/lsass.exe | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | LSA Shell (Export Version) | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2113) | Microsoft Corporation| ? | lsass.exe | lsass.exe(手动)
O23 - 服务: pcidump (pcidump) -C:/WINDOWS/system32/drivers/pcidump.sys (禁用)
O23 - 服务: pnpmem (pnpmem) -C:/WINDOWS/system32/drivers/pnpmem.sys | 2009-11-10 12:23:51(自动)
O23 - 服务: PolicyAgent (IPSEC Services) -C:/WINDOWS/system32/lsass.exe | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | LSA Shell (Export Version) | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2113) | Microsoft Corporation| ? | lsass.exe | lsass.exe(自动)
O23 - 服务: ProtectedStorage (Protected Storage) -C:/WINDOWS/system32/lsass.exe | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | LSA Shell (Export Version) | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2113) | Microsoft Corporation| ? | lsass.exe | lsass.exe(自动)
O23 - 服务: SamSs (Security Accounts Manager) -C:/WINDOWS/system32/lsass.exe | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | LSA Shell (Export Version) | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2113) | Microsoft Corporation| ? | lsass.exe | lsass.exe(自动)
O23 - 服务: uldfhjfh (uldfhjfh) -C:/WINDOWS/system32/drivers/uldfhjfh.sys | 2009-11-10 11:35:10(系统)
O23 - 服务: W32Time (Windows Time) -C:/WINDOWS/System32/svchost.exe -k netsvcs| 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | Generic Host Process for Win32 Services | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2111) | Microsoft Corporation| ? | svchost.exe | svchost.exe
->C:/WINDOWS/system32/Lang/tmcvomuigt.dll | 2009-11-10 11:38:48 | WinSVC | 2.8 | Time Windows | Microsoft LTD | 4.2.2.327 | Microsoft Corporation. | | 4.1.1.5 | (自动)
O23 - 服务: Windowss (Removableo) -C:/WINDOWS/system32/servets.exe | 2009-11-10 11:34:32(自动)
O23 - 服务: winhelp (winhelp) -c:/windows/system32/winhelp.exe | 2009-11-10 17:26:40(自动)
O23 - 服务: winhelp32 (winhelp32) -c:/windows/system32/winhelp32.exe | 2009-11-10 11:36:52(自动)
O23 - 服务: WinSCCOM (COM+ Windows System Server) -C:/WINDOWS/winsccoo.exe | 2009-11-10 12:0:0 | Microsoft(R) Windows(R) Operating System | 5.2.3790.1830 | Generic Host Process for Win32 Services | (C) Microsoft Corporation. All rights reserved. | 5.2.3790.1830 | Microsoft Corporation | | rpcs.exe | rpcs.exe(自动)
O23 - 服务: wmitpfs (WMITPFS Service) -C:/WINDOWS/system32/svchost.exe -k wmitpfs | 2007-6-1 0:0:0 | Microsoft? Windows? Operating System | 5.1.2600.5512 | Generic Host Process for Win32 Services | ? Microsoft Corporation. All rights reserved. | 5.1.2600.5512 (xpsp.080413-2111) | Microsoft Corporation| ? | svchost.exe | svchost.exe
->C:/WINDOWS/system32/wmitpfs.dll | 2009-10-30 10:38:4(自动)
O23 - 服务: xx (xx) -C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/~443475.ex (手动)
O24 - ShlExecHook: [B] - {A2BCFCEE-C939-433F-A32A-7353A6E720DB} =C:/WINDOWS/Tasks/JJX5r8wnsqUnNxGwpwn.inf | 2009-10-26 18:34:22
O24 - ShlExecHook: [C] - {E1639D0B-CC74-4C22-B662-F2F9367CBEFC} =C:/WINDOWS/Downloaded Program Files/NnjrQW5EUm9zePgHXM2eB44E.cur | 2009-10-26 18:34:36
O24 - ShlExecHook: [3] - {51716C09-6B08-4CCF-B526-718E912C0573} =C:/WINDOWS/system32/PERrGx5DkqSbQdwauCRQH.dll | 2009-10-26 18:34:52
O24 - ShlExecHook: [C] - {9EB86543-64B5-4CA8-9241-D672720CB0BC} =C:/WINDOWS/system32/BhfwdJchYBNmD25PSCxza.inf | 2009-10-26 18:35:6
O24 - ShlExecHook: [9] - {84639C2D-CD75-4081-B515-329AFCECBF19} =C:/WINDOWS/Downloaded Program Files/SjRjQgREDp3P8B4rEEg.cur | 2009-10-26 18:35:20
O24 - ShlExecHook: [5] - {B9D0F4D7-C809-4C27-9CB4-63201DFB3D05} =C:/WINDOWS/Tasks/c2nH4numz9knY5zqnC.inf | 2009-10-26 18:35:34
O24 - ShlExecHook: [7] - {CD478099-014D-4B3A-A4BB-B518F1019BC7} =C:/WINDOWS/system32/SCEVFJRCmaB7.dll | 2009-10-26 18:35:50
O24 - ShlExecHook: [7] - {87DE8A1A-96C5-4420-B222-EF998F697CE7} =C:/WINDOWS/system32/2exJW3dsaTgWrf5uAPadmHN.dll | 2009-10-26 18:36:4
O24 - ShlExecHook: [6] - {526EB425-7F56-4773-8D70-B8E45AA8E2B6} =C:/WINDOWS/Downloaded Program Files/WUstNjhyfQfpv8PQbC.cur | 2009-10-26 18:36:22
O24 - ShlExecHook: [0] - {23DA65D2-C696-4EE4-BEE8-B4841DEC3E30} =C:/WINDOWS/system32/ndxq9awMc.dll | 2009-10-26 18:36:36
O24 - ShlExecHook: [F] - {81EB905C-EDF8-4033-80BF-E0F4F46733DF} =C:/WINDOWS/Tasks/TDz5y2TEAKw2z7xkPhf9Sqj.inf | 2009-10-26 18:36:56
O24 - ShlExecHook: [C] - {B7F1BFDC-4B6C-4E2F-AF7A-638D2D47802C} =C:/WINDOWS/system32/FsmBY3kmWnAG5gRbwGgU.inf | 2009-10-26 18:37:12
O24 - ShlExecHook: [C] - {C53C1999-1B56-41BD-8F76-520D618F112C} =C:/WINDOWS/Downloaded Program Files/gxrSG8sdA4hAbGNQXnr9JGFu6nZ.cur | 2009-10-26 18:37:28
O24 - ShlExecHook: [5] - {F181F067-7046-4DCB-993F-200990736305} =C:/WINDOWS/Downloaded Program Files/sZaeAC74EzXJeVeJu6p.cur | 2009-10-26 18:37:42
O24 - ShlExecHook: [E] - {08223B03-1B38-4A33-A83A-A4D3CC1D6E4E} =C:/WINDOWS/system32/08223B03.dll | 2009-10-26 18:38:20
O24 - ShlExecHook: [7] - {74DA2FEC-F68F-4DC7-9A45-9174AC044427} =C:/WINDOWS/system32/z6FVkEF47huPzgaXee.inf | 2009-10-26 18:38:38
O24 - ShlExecHook: [2] - {05EDDA35-1E5B-4A77-8F68-99AB967CF632} =C:/WINDOWS/system32/bWxJAeWKDxgRfhkaWEfA33C36nr.inf | 2009-10-26 18:38:54
O24 - ShlExecHook: [C] - {122B901E-493F-4AD9-BC69-7DE8C3E52FCC} =C:/WINDOWS/system32/122B901E.dll | 2009-10-26 18:39:10
O24 - ShlExecHook: [B] - {827E2FB4-1047-43DE-848D-E12BB0C97AAB} =C:/WINDOWS/Tasks/SbrmpxjdCrgRAFhz4gHh.inf | 2009-10-26 18:39:26
O24 - ShlExecHook: [1] - {8708994F-1758-4C2C-9A3F-FA22D6CCCB41} =C:/WINDOWS/fonts/A97CRaCB.fon | 2009-10-26 18:39:42
O24 - ShlExecHook: [7] - {24144CB8-10ED-4BFC-843F-68A9F3369947} =C:/WINDOWS/fonts/SD78dgC7hD2sktQHyAu.fon | 2009-10-26 18:39:58
O24 - ShlExecHook: [E] - {6049BC02-7EDA-4C41-B4AB-D5398607C39E} =C:/WINDOWS/Tasks/yGfdVUegEQm9fhY5rnN.inf | 2009-10-26 18:40:14
O24 - ShlExecHook: [C] - {F317E464-D4A4-4C79-82E8-CABADF738C7C} =C:/WINDOWS/system32/t9hdtMrwMeQcvYV3CMvhtNZpC.inf | 2009-10-26 18:40:30
O24 - ShlExecHook: [}] - {8A6A5B34-D995-4C5D-9338-B5E264B4A87} =C:/WINDOWS/system32/nXe2grrKNzF9dxYKmqg.inf | 2009-11-10 11:41:10
O24 - ShlExecHook: [B] - {4F5EEDE5-1687-49D2-8A17-FF0B454FB37B} =C:/WINDOWS/system32/qzp3jTZCSfSh.dll | 2009-10-26 18:41:2
O24 - ShlExecHook: [3] - {6B1604E2-A839-463C-906A-27A129781E93} =C:/WINDOWS/Downloaded Program Files/rJaeKv7CcbwSzhQbDu.cur | 2009-10-26 18:41:22
O24 - ShlExecHook: [4] - {D55E3C90-C192-411F-85FC-6A8A69D0C634} =C:/WINDOWS/system32/WQVBYhAJ6ADw5qzCY8gv84KTH.inf | 2009-10-26 18:41:40
O24 - ShlExecHook: [2] - {1719B301-B494-4185-9379-242461F9CF02} =C:/WINDOWS/system32/BtmBAnd89jc9PsPq5EKNj.inf | 2009-10-26 18:43:28
O24 - ShlExecHook: [C] - {C4BD9D5C-04CA-45E6-8539-98B07D99B6BC} =C:/WINDOWS/system32/AMNCZw74h8gwd6CpYGkrZDy8.inf | 2009-10-29 2:13:48
O24 - ShlExecHook: [5] - {3373CD28-8C35-4A36-8569-672D8CA197F5} =C:/WINDOWS/Tasks/4H5HJTHFZkxrCpehBpx4TmR.inf | 2009-10-29 1:47:10
O24 - ShlExecHook: [C] - {C3634CF6-FD22-4F3D-BBB4-AE36174A868C} =C:/WINDOWS/system32/A2CbFrBy28J6zdXNZgqCtJ6Ae.inf | 2009-10-29 2:13:52
O24 - ShlExecHook: [8] - {B59F0A61-EF3E-4A2B-9E3A-4A84EDDF2308} =C:/WINDOWS/Downloaded Program Files/AnXnubyMnv58c9vaECWX.cur | 2009-10-29 2:14:2
O24 - ShlExecHook: [B] - {012B7C3C-53AF-424E-869C-7DB92D25C31B} =C:/WINDOWS/Downloaded Program Files/uBwdaS5QeRv5fUyk7etsUNqVEjT.cur | 2009-10-29 2:14:20
O24 - ShlExecHook: [B] - {012AA32F-36E6-405F-9F3F-588E0AA73FBB} =C:/WINDOWS/Tasks/Wfayv6njQnCsg.inf | 2009-10-30 2:2:52
O24 - ShlExecHook: [0] - {D36A1DF7-6582-4160-B925-59A34E39FE30} =C:/WINDOWS/system32/EMQzJJURMfVkrkEx9GJ.inf | 2009-10-30 10:32:12
O24 - ShlExecHook: [0] - {7CC109E5-B2FC-4FEE-AF04-74B2DCBD2540} =C:/WINDOWS/system32/ujMhyGsS7tRV9gU2HHMkJcu7DPU.inf | 2009-11-2 1:10:32
O24 - ShlExecHook: [5] - {7198F428-77AC-4837-AFBE-1E0393575935} =C:/WINDOWS/system32/JMq7bpeR4Xa8eV5ftCB.inf | 2009-11-1 23:44:52
O24 - ShlExecHook: [A] - {8E6D4583-0FA1-41B2-BAAA-63352E6333CA} =C:/WINDOWS/system32/jY8sGUnWqbZb3x2BPhY.dll | 2009-11-2 1:11:54
O24 - ShlExecHook: [] - {C8417122-386F-48C7-8900-C82E4694FEBC} =C:/Documents and Settings/Administrator/Application Data/Spy009.dll | 2009-11-9 2:41:52
O24 - ShlExecHook: [] - {556F0F4D-9CD8-4C91-A95B-0F88D638406A} =C:/Program Files/Internet Explorer/sdk2.dll | 2009-11-10 11:59:20
O24 - ShlExecHook: [2] - {81BC0740-6E31-4BA4-81C8-EFF9ECEB3BA2} =C:/WINDOWS/system32/pEcFwPj48y6DADf87r.inf | 2009-11-7 11:6:12
O24 - ShlExecHook: [4] - {C3BDE61A-DB4C-4a68-8A01-CD4A29B88974} =C:/WINDOWS/Fonts/kb2923529.dll | 2009-11-9 2:35:29
O24 - ShlExecHook: [3] - {F9B6B005-901D-48c8-A35D-BA745F98FBD3} =C:/WINDOWS/Fonts/kb410172748.dll | 2009-11-10 17:27:48
O24 - ShlExecHook: [1] - {001A8F88-01D3-4a02-AA3F-B98E100176F1} =C:/WINDOWS/Fonts/kb5923711.dll | 2009-11-9 2:37:11
O24 - ShlExecHook: [1] - {F8EC4F9D-F88B-41CF-BC8D-3DD1737B6451} =C:/WINDOWS/system32/RXNK8eR3xW8KTCWBCGTbqm.inf | 2009-11-10 11:17:32
O24 - ShlExecHook: [F] - {DEA30687-C84E-4588-A761-5F2749455B2F} =C:/WINDOWS/Tasks/zUzgU8WWpYntt6NfUWT.inf | 2009-11-10 11:30:6
O24 - ShlExecHook: [9] - {B8D2813F-E0ED-42C6-95DD-2969BD5DC639} =C:/WINDOWS/fonts/AN2Epfv2VzeHreV.fon | 2009-11-10 11:32:42
O24 - ShlExecHook: [2] - {93DA1E7D-7C46-4F90-8674-EC90511FCA72} =C:/WINDOWS/system32/CDuAUVkGy9.dll | 2009-11-10 11:33:4
O26 - IFEO: 360rpt.exe -> C:/WINDOWS/system32/svchost.exe
O26 - IFEO: 360Safe.exe -> C:/WINDOWS/system32/svchost.exe
O26 - IFEO: 360tray.exe -> C:/WINDOWS/system32/svchost.exe
O26 - IFEO: DrRtp.exe -> C:/WINDOWS/system32/svchost.exe
O26 - IFEO: egui.exe -> services.exe
O26 - IFEO: QQDoctor.exe -> C:/WINDOWS/system32/svchost.exe
O26 - IFEO: RStray.exe -> C:/WINDOWS/system32/svchost.exe
O29 - HKCU-Start Page = hxxp://www.7357.cn/#1008
O29 - HKLM-Start Page = hxxp://www.2298.cn/
(未完待续)
分享到:
发表评论
相关推荐
框架搭建内容合成的描述
【Godot4自学手册】第三十八节给游戏添加音效
人工智能BBSO算法,MATLAB实现,很基本的人工智能算法,里面有很多源程序 (Artificial intelligence bbso) 文件列表: BBSO\alea.m (99, 2013-11-02) BBSO\alea_normal.m (532, 2013-11-02) BBSO\alea_sphere.m (483, 2013-11-02) BBSO\BBSO.m (5647, 2015-05-03) BBSO\BSO.asv (3521, 2013-11-02) BBSO\calef.m (375, 2014-02-08) BBSO\cauchy.txt (1282, 2013-11-02) BBSO\cauchy.zip (9607, 2013-11-02) BBSO\cauchycdf.m (1225, 2013-11-02) BBSO\cauchyfit.m (5565, 2013-11-02) BBSO\cauchyinv.m (1379, 2013-11-02) BBSO\cauchypdf.m (1221, 2013-11-02) BBSO\cauchyr
人工智能神经网络.ppt
Free Download Manager 谷歌浏览器插件
用法链接:https://menghui666.blog.csdn.net/article/details/137977868?spm=1001.2014.3001.5502 基于QT+C++开发的炫酷九宫格主界面+源码 基于QT+C++开发的炫酷九宫格主界面+源码 基于QT+C++开发的炫酷九宫格主界面+源码 基于QT+C++开发的炫酷九宫格主界面+源码 基于QT+C++开发的炫酷九宫格主界面+源码 基于QT+C++开发的炫酷九宫格主界面+源码
S7200 SMART PLC远程下载教程.docx
29.基于Web的社区医院管理服务系统的设计与实现|Springboot+ Mysql+Java+ B/S结构(可运行源码(含数据库脚本)+开发文档+lw(高分毕设项目) 详细设计文档介绍链接:http://t.csdnimg.cn/NgQjJ 内容概要: 社区医院管理服务系统采用java技术,基于springboot框架,mysql数据库进行开发,实现了首页、个人中心、用户管理、医生管理、预约医生管理、就诊信息管理、诊疗方案管理、病历信息管理、健康档案管理、费用信息管理、系统管理等内容进行管理,本系统具有良好的兼容性和适应性,为用户提供更多的社区医院管理服务信息,也提供了良好的平台,从而提高系统 全套项目源码+详尽文档,一站式解决您的学习与项目需求。 适用人群: 计算机、通信、人工智能、自动化等专业的学生、老师及从业者。 使用场景及目标: 无论是毕设、期末大作业还是课程设计,一键下载,轻松部署,助您轻松完成项目。 项目代码经过调试测试,确保直接运行,节省您的时间和精力。 其他说明: 项目整体具有较高的学习借鉴价值,基础能力强的可以在此基础上修改调整,以实现不同的功能。
Ylanne_Sini_Salmi_Janna-3.pdf
七维大脑 七维大脑是一个多维度的思维模型,它强调大脑在时间管理、选择决策、行动执行和学习成长等方面的能力。这个模型为我们提供了一个全新的视角,帮助我们更深入地理解和利用大脑的功能。 首先,七维大脑中的时间维度是我们感知世界的基础,也是大脑处理信息的重要维度。大脑不仅记录事件的发生,还对其在时间轴上的位置进行编码。这种时间感知能力使我们能够区分先后顺序,预测未来事件,并在记忆中回溯过去。在日常生活中,大脑需要快速处理信息,做出决策,同时也要学会在慢节奏中放松,享受当下。 其次,选择维度体现了大脑在决策过程中的关键作用。在面对多个选项时,大脑会评估每个选项的潜在价值和风险,并结合我们的个人偏好、经验和目标来做出决策。这个过程涉及到复杂的认知和情感计算,展示了大脑在选择维度上的高度灵活性。 除了时间维度和选择维度,七维大脑还涵盖了认知功能、情感功能、行为功能、语言功能、社会功能以及自我意识功能等多个方面。认知功能使大脑能够接收和处理外界信息,产生感知觉,如视觉、听觉、触觉等,并进行记忆和思考。情感功能则让大脑能够体验并表达情感,与他人建立情感联系。行为功能使大脑能够指导身体进行各种动作
讯友网络相册是一个基于Web的应用程序,旨在为用户提供一个在线分享和浏览照片的平台。这个.rar文件包含了整个项目的所有源代码文件,是一份精心打包的源码包,非常适合作为计算机科学或软件工程专业学生的毕业设计或课程设计项目。它涵盖了前端界面设计和开发、后端逻辑处理、数据库设计与管理等多个方面。在功能上,讯友网络相册支持用户注册与登录,允许用户上传、下载、编辑和删除自己的图片。同时,它还提供了图片分类、搜索、评论和点赞等社交互动特性,使用户能够方便地管理和分享他们的数字记忆。此外,系统还可能包括管理员端的功能,用于内容审核、用户管理以及数据分析等后台操作。技术栈通常包括但不限于HTML、CSS和JavaScript用于前端开发,可能还会使用诸如React、Vue或Angular这样的现代JavaScript框架;后端则可能采用Node.js、Python(Django或Flask)、Java(Spring Boot)等语言和框架;数据库设计则可能涉及MySQL、PostgreSQL或MongoDB等数据库系统。该源码文件包为学生提供了一个实战练习的机会,通过亲自搭建和配置环境,不仅能够锻炼
FlashFXP4linux上传工具 FlashFXP提供了最简便和快速的途径来通过FTP传输任何文件,提供了一个格外稳定和强大的程序,确保你的工作能够快速和高效地完成 FlashFXP是一款功能强大的FXP/FTP软件,集成了其它优秀的FTP软件的优点 支持目录(和子目录)的文件传输,删除;支持上传,下载,以及第三方文件续传 有避免闲置断线功能,防止被FTP平台踢出;可显示或隐藏具有“隐藏”属性的文档和目录
libADLMIDI1-1.5.0-bp153.1.1.x86_64.rpm 是用于在 x86_64 架构的设备上安装的 RPM 包,具体功能如下: 名称:libADLMIDI1 版本:1.5.0 摘要:带有 OPL3 (YMF262) 模拟器的软件 MIDI 合成器库 许可证:GPL-3.0-only 和 LGPL-3.0-only 该库提供了一个基于 ADLMIDI 的软件 MIDI 合成器,它模拟了 OPL3 音源芯片(FM 合成)。它可以通过使用 ADLMIDI 库来实现多平台的 MIDI 播放和 OPL3 模拟。 该 RPM 包适用于 x86_64 架构,用于在相关设备上安装 libADLMIDI1 库文件。库文件包括: /usr/lib64/libADLMIDI.so.1 和 /usr/lib64/libADLMIDI.so.1.5.0:库文件 /usr/share/doc/packages/libADLMIDI1/AUTHORS、/usr/share/doc/packages/libADLMIDI1/README.md 等文档文件:文档文件
libADLMIDI1-1.5.0-bp153.1.1.aarch64.rpm 是用于在 aarch64 架构的设备上安装的 RPM 包,具体功能如下: 名称:libADLMIDI1 版本:1.5.0 摘要:带有 OPL3 (YMF262) 模拟器的软件 MIDI 合成器库 许可证:GPL-3.0-only 和 LGPL-3.0-only 该库提供了一个基于 ADLMIDI 的软件 MIDI 合成器,它模拟了 OPL3 音源芯片(FM 合成)。它可以通过使用 ADLMIDI 库来实现多平台的 MIDI 播放和 OPL3 模拟。 该 RPM 包适用于 aarch64 架构,用于在相关设备上安装 libADLMIDI1 库文件。库文件包括: /usr/lib64/libADLMIDI.so.1 和 /usr/lib64/libADLMIDI.so.1.5.0:库文件 /usr/share/doc/packages/libADLMIDI1/AUTHORS、/usr/share/doc/packages/libADLMIDI1/README.md 等文档文件:文档文件
PHP颜色的编程怎么写代码
android 源码学习. 资料部分来源于合法的互联网渠道收集和整理,供大家学习参考与交流。本人不对所涉及的版权问题或内容负法律责任。如有侵权,请通知本人删除。感谢CSDN官方提供大家交流的平台
1.版本:matlab2014/2019a/2021a 2.附赠案例数据可直接运行matlab程序。 3.代码特点:参数化编程、参数可方便更改、代码编程思路清晰、注释明细。 4.适用对象:计算机,电子信息工程、数学等专业的大学生课程设计、期末大作业和毕业设计。
【资源说明】 基于OpenCV+CNN的汉字手写识别系统源码+使用文档+全部资料(优秀项目).zip基于OpenCV+CNN的汉字手写识别系统源码+使用文档+全部资料(优秀项目).zip基于OpenCV+CNN的汉字手写识别系统源码+使用文档+全部资料(优秀项目).zip 【备注】 1、该项目是个人高分毕业设计项目源码,已获导师指导认可通过,答辩评审分达到95分 2、该资源内项目代码都经过测试运行成功,功能ok的情况下才上传的,请放心下载使用! 3、本项目适合计算机相关专业(如软件工程、计科、人工智能、通信工程、自动化、电子信息等)的在校学生、老师或者企业员工下载使用,也可作为毕业设计、课程设计、作业、项目初期立项演示等,当然也适合小白学习进阶。 4、如果基础还行,可以在此代码基础上进行修改,以实现其他功能,也可直接用于毕设、课设、作业等。 欢迎下载,沟通交流,互相学习,共同进步!
Wago 库文件压缩包lib libraries WagoLibMssQL 03.lib WagoLibModbus ip 01.lib WagoLibMail 02.lib WagoLibMail 01.lib WagoLibHttp 02.lib WagoLibHttp 01.lib WagoLibHART 03.lib WagoLibEthernet 01.lib WagoLib787 01.lib WagoLib Utility 01.lib WagoLib IRTRANS.lib WagoLib IPT FP 01.lib WagoLib lo Link.lib WAGO Grafik 01.lib TerminalSlave 04.lib erminalSlave 03.lib erminalSlave 02 SP.lib TerminalSlave 01.lib Stepper 02.ib Standard.lib STANDARD.HEX SMTP MAIL.lib SMS 01.lib SEW LIB 02.lib seriell sercom 01.lib Seri
重庆房价预测