★★★精华帖：狂人透视辅助。★★有木马★★_CSOL辅助工具

415160

ZxID：2073523

等级: 下士

举报只看楼主使用道具楼主发表于: 2010-01-23 0

帖子里面老版HS里面，有木马~！

直接下载老版HS压缩包，打开不要解压，直接能看见USP10.DLL文件

不知道USP10.DLL是什么东西自己去百度

打赏收藏新鲜事

回复引用

鲜花[0]　

鸡蛋[0]

飞机纯爷们

ZxID：2136910

等级: 元老

仙剑我心中永恒的经典唯一的不受污染之地，我心中的仙剑梦

举报只看该作者沙发发表于: 2010-01-23 0

狂人辅助是没的 USP。DLL。。。叫这个名字的就是病毒那就牛B 了

回复引用

鲜花[0]　

鸡蛋[0]

qq619318500

ZxID：7912204

等级: 中将

举报只看该作者板凳发表于: 2010-01-23 0

那木马是犇牛。牛X得很当年我在猴岛下载G就中过
只有重新安装系统才能解决
如果真有大家小心了

回复引用

鲜花[0]　

鸡蛋[0]

415160

ZxID：2073523

等级: 下士

举报只看该作者地板发表于: 2010-01-23 0

那个狂人辅助也是水货，输密码那里直接弹出来了，试了N次了，再加上HS里面带的4X牛病毒，直接删帖子吧~！

回复引用

鲜花[0]　

鸡蛋[0]

小猪在猴岛

ZxID：7951943

等级: 中将

欠别人一个债，换来自己的爱！

举报只看该作者 4楼发表于: 2010-01-23 0

各位高手：

usp10.dll病毒，杀不死，一直查一直有，似乎是点击了一个伪装成TENCENT系统消息的对话框后就中标了

非常感谢您留心我这份系统诊断报告，小菜鸟十万火急等待您的帮助！

该诊断报告由360安全卫士提供 http://www.360.cn

诊断时间: 2009-02-23 22:10:46

诊断平台: Microsoft Windows XP Service Pack 2

IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180

计算机物理内存:1023.17MB - 当前可用内存:448.74MB

100 - 未知 - Process: hpnra.exe [Hewlett-Packard Network Registry Agent] - C:\WINDOWS\system32\hpnra.exe

100 - 未知 - Process: QQDoctorRtp.exe [QQ医生实时保护] - D:\Program Files\QQ\QQDoctor\QQDoctorRtp.exe

100 - 未知 - Process: TosBtMng.exe [TosBtMng] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

100 - 未知 - Process: AppleMobileDeviceService.exe [Apple Mobile Device Service] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

100 - 未知 - Process: QvodTerminal.exe [QvodTerminal] - E:\QVODPlayer\QvodTerminal.exe

100 - 未知 - Process: SeaPort.exe [Microsoft SeaPort Search Enhancement Broker] - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

100 - 未知 - Process: TosA2dp.exe [TosA2dp] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

100 - 未知 - Process: TosBtHid.exe [] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

100 - 未知 - Process: TosBtBty.exe [] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe

100 - 未知 - Process: TosBtHSP.exe [TosBtHSP] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

100 - 未知 - Process: TosBtSrv.exe [TOSHIBA Bluetooth Service] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

100 - 未知 - Process: TosAVRC.exe [TosAVRC] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

100 - 未知 - Process: TosOBEX.exe [tosOBEX] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

100 - 未知 - Process: tosBtProc.exe [TosBtProc] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

100 - 未知 - Process: 36739 [] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\36739

100 - 未知 - Process: 107550 [] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\107550

100 - 未知 - Process: 409054 [] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\409054

100 - 未知 - Process: 522108 [] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\522108

100 - 未知 - Process: tracert.exe [TCP/IP Traceroute Command] - C:\WINDOWS\system32\tracert.exe

100 - 未知 - Process: tracert.exe [TCP/IP Traceroute Command] - C:\WINDOWS\system32\tracert.exe

100 - 未知 - Process: tracert.exe [TCP/IP Traceroute Command] - C:\WINDOWS\system32\tracert.exe

100 - 未知 - Process: tracert.exe [TCP/IP Traceroute Command] - C:\WINDOWS\system32\tracert.exe

100 - 未知 - Process: tracert.exe [TCP/IP Traceroute Command] - C:\WINDOWS\system32\tracert.exe

100 - 未知 - Process: tracert.exe [TCP/IP Traceroute Command] - C:\WINDOWS\system32\tracert.exe

100 - 未知 - Process: PinyinUp.exe [搜狗输入法网络更新程序] - C:\Program Files\SogouInput\4.0.0.2088\PinyinUp.exe

100 - 未知 - Process: PinyinUp.exe [搜狗输入法网络更新程序] - C:\Program Files\SogouInput\4.0.0.2088\PinyinUp.exe

100 - 未知 - Process: ImeUtil.exe [搜狗拼音输入法辅助工具] - C:\Program Files\SogouInput\4.0.0.2088\ImeUtil.exe

100 - 未知 - Process: ScdReg.exe [搜狗拼音输入法细胞词库安装程序] - C:\Program Files\SogouInput\4.0.0.2088\scdreg.exe

O2 - 未知 - BHO: (浏览器辅助对象(BHO)) - [无效的CLSID:{0C43A48C-12A8-405D-A38F-451EA13D6470}] - {0C43A48C-12A8-405D-A38F-451EA13D6470} -

O2 - 未知 - BHO: (浏览器辅助对象(BHO)) - [无效的CLSID:{80168013-E05A-4A05-88E9-6687C2D17362}] - {80168013-E05A-4A05-88E9-6687C2D17362} - C:\Program Files\Internet Explorer\PowerDo.Rel

O3 - 未知 - Toolbar: (&Windows Live Toolbar) - [Windows Live Toolbar Core] - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - 未知 - HKLM\..\Run: [HP Network Registry Agent] [Hewlett-Packard Network Registry Agent] C:\WINDOWS\system32\hpnra.exe

O4 - 未知 - HKLM\..\Run: [QQDoctorRTP] [QQ医生实时保护] "D:\Program Files\QQ\QQDoctor\QQDoctorRtp.exe"

O4 - 未知 - HKLM\..\RunOnce: [ak360Kill_r] [] "D:\软件\360compkill\SuperKiller.exe" -checksafe

O4 - 未知 - Startup folder: [Bluetooth Manager.lnk] [] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Bluetooth Manager.lnk

O8 - 未知 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - 未知 - Extra context menu item: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm

O9 - 未知 - Extra button: 在 Windows Live Writer 中写入日志(&B)(HKLM) - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Rsvp 1.0 Service Provider] [{9D60A9E0-337A-11D0-BD88-0000C082E69A}]C:\WINDOWS\system32\rsvpsp.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Rsvp 1.0 Service Provider] [{9D60A9E0-337A-11D0-BD88-0000C082E69A}]C:\WINDOWS\system32\rsvpsp.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll

O16 - 未知 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA) - [url=https://img.alipay.com/download/1101/aliedit.cabhttps://img.alipay.com/download/1101/aliedit.cab[/color[/url]]

O18 - 未知 - Protocol: Cor MIME Filter, CorFltr, CorFltr 1 - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll

O18 - 未知 - Protocol: Cor MIME Filter, CorFltr, CorFltr 1 - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll

O18 - 未知 - Protocol: Cor MIME Filter, CorFltr, CorFltr 1 - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll

O18 - 未知 - Protocol: AP Class Install Handler filter - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: WebView MIME Filter - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll

O18 - 未知 - Protocol: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

O18 - 未知 - Protocol: Microsoft HTML About Pluggable Protocol - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll

O18 - 未知 - Protocol: CDL: Asychronous Pluggable Protocol Handler - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: DVD: 可插入协议 - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll

O18 - 未知 - Protocol: file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: ftp: Asychronous Pluggable Protocol Handler - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: gopher: Asychronous Pluggable Protocol Handler - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: http: Asychronous Pluggable Protocol Handler - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: https: Asychronous Pluggable Protocol Handler - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll

O18 - 未知 - Protocol: Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll

O18 - 未知 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - 未知 - Protocol: file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: Microsoft HTML Mailto Pluggable Protocol - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll

O18 - 未知 - Protocol: MHTML Asychronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll

O18 - 未知 - Protocol: mk: Asychronous Pluggable Protocol Handler - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll

O18 - 未知 - Protocol: Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll

O18 - 未知 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - 未知 - Protocol: Microsoft HTML Resource Pluggable Protocol - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll

O18 - 未知 - Protocol: Microsoft HTML Resource Pluggable Protocol - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll

O18 - 未知 - Protocol: TV: 可插入协议 - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll

O18 - 未知 - Protocol: Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll

O18 - 未知 - Protocol: WiaProtocol - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll

O18 - 未知 - Protocol: Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll

O23 - 未知 - Service: Apple Mobile Device [给 Apple 移动设备提供接口。] - "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" - (running)

O23 - 未知 - Service: Bonjour Service [Bonjour 允许 iTunes 和 Safari 等应用程序在局域网上广告和发现服务。运行 Bonjour 可让您连接到 Apple TV 等硬件设备以及 iTunes 共享和 AirTunes 等软件服务。如果您禁用 Bonjour，则任何明确依赖它的网络服务都将无法开启。] - "C:\Program Files\Bonjour\mDNSResponder.exe" - (running)

O23 - 未知 - Service: ccosm [Contrl Center of Storm Media] - C:\Program Files\StormII\stormliv.exe /asservice - (running)

O23 - 未知 - Service: iPod Service [iPod 硬件管理服务] - "C:\Program Files\iPod\bin\iPodService.exe" - (not running)

O23 - 未知 - Service: Qvod Terminal [Qvod Terminal] - - (running)

O23 - 未知 - Service: SeaPort [SeaPort] - "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" - (running)

O23 - 未知 - Service: TOSHIBA Bluetooth Service [TOSHIBA Bluetooth Service] - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe - (running)

O30 - 未知 - HKLM\..\Winlogon: [Userinit] [Userinit Logon Application] C:\WINDOWS\system32\userinit.exe

O30 - 未知 - HKLM\..\Winlogon: [Shell] [Windows Explorer] Explorer.exe

O30 - 未知 - HKLM\..\Winlogon: [UIHost] [Windows Logon UI] logonui.exe

=======================================

100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量，ms-dos驱动名称类似lpt1以及com，调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe

100 - 安全 - Process: csrss.exe [客户端服务子系统，用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base

100 - 安全 - Process: WINLOGON.EXE [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe

100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe

100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe

100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch

100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss

100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs

100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService

100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序，用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe

100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell，包括开始菜单、任务栏，桌面和文件管理。] - C:\WINDOWS\Explorer.EXE

100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe

100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService

100 - 安全 - Process: mDNSResponder.exe [苹果公司出品的bonjour for windows 软件，可通过连接电脑和智能设备创建即时网络。] - C:\Program Files\Bonjour\mDNSResponder.exe

100 - 安全 - Process: stormliv.exe [暴风影音的应用程序] - C:\Program Files\StormII\stormliv.exe

100 - 安全 - Process: nvsvc32.exe [nvidia driver helper service在nvida显卡驱动中被安装。] - C:\WINDOWS\system32\nvsvc32.exe

100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc

100 - 安全 - Process: wdfmgr.exe [windows media player播放器相关程序。] - C:\WINDOWS\system32\wdfmgr.exe

100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe

100 - 安全 - Process: SuperKiller.exe [] - D:\软件\360compkill\SuperKiller.exe

100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe

O2 - 安全 - BHO: (Search Helper) - [Microsoft Search Helper Extention相关文件。] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - 安全 - BHO: (Windows Live 登录帮助程序) - [windows live多用户登陆助手相关插件。] - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - 安全 - BHO: (Windows Live Toolbar Helper) - [Windows Live Toolbar Beta Core相关文件。] - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - 安全 - HKLM\..\Run: [NvCplDaemon] [是NVIDIA显示卡相关动态链接库文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] D:\My Documents\360safe\safemon\360Tray.exe /start

O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe

O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe - (running)

=======================================

O31 - 未知 - Notify: crypt32chain - C:\WINDOWS\system32\crypt32.dll - Microsoft Corporation - Crypto API32 - 5.131.2600.3272 - 591360 - ee83196b070266c67e9c6bba82987b4f

O31 - 未知 - Notify: cryptnet - C:\WINDOWS\system32\cryptnet.dll - Microsoft Corporation - Crypto Network Related API - 5.131.2600.2180 - 63488 - 742dac6208524b5b633675bdb1a09c0c

O31 - 未知 - Notify: cscdll - C:\WINDOWS\system32\cscdll.dll - Microsoft Corporation - Offline Network Agent - 5.1.2600.2180 - 99840 - 57b10583d5b880a93a82f525b817f867

O31 - 未知 - Notify: ScCertProp - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.2180 - 89088 - d4732d5f6fb51d07c8c115b658fa84de

O31 - 未知 - Notify: Schedule - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.2180 - 89088 - d4732d5f6fb51d07c8c115b658fa84de

O31 - 未知 - Notify: sclgntfy - C:\WINDOWS\system32\sclgntfy.dll - Microsoft Corporation - Secondary Logon Service Notification DLL - 5.1.2600.2180 - 18944 - 58001a3833a25dbd7460a69cb69c8fe2

O31 - 未知 - Notify: SensLogn - C:\WINDOWS\system32\WlNotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.2180 - 89088 - d4732d5f6fb51d07c8c115b658fa84de

O31 - 未知 - Notify: termsrv - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.2180 - 89088 - d4732d5f6fb51d07c8c115b658fa84de

O31 - 未知 - Notify: wlballoon - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.2180 - 89088 - d4732d5f6fb51d07c8c115b658fa84de

O31 - 未知 - SODL: {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.3453 - 8312832 -

O31 - 未知 - SODL: {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.3453 - 8312832 -

O31 - 未知 - SODL: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.2180 - 265728 - fefe188339f412ffaaf800b5ba7dbc84

O31 - 未知 - SODL: {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll - Microsoft Corporation - Systray shell service object - 5.1.2600.2180 - 121344 - 08488e3e73787c1e7b59f0d5c1b8c554

O31 - 未知 - SODL: {D4F56C93-FAC5-4CB5-85E9-A485F2D71F6E} - C:\WINDOWS\system32\dkflmcpj.dll - - - - 0 -

O31 - 未知 - SODL: {E7D71E65-59A9-45DF-BD5D-F62E7086F93A} - C:\WINDOWS\system32\endnheml.dll - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{319CF2B5-5A33-45DE-AEF9-0CBC27E8F373} - - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{85243D73-50E3-4672-B260-CF0D1A171DD7} - - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{C21D7A99-71E2-4A23-A196-76B2721FDBE4} - - - - - 0 -

O31 - 未知 - SODL: {1C471072-D9ED-40E2-8736-5F6D65FD5F57} - C:\WINDOWS\system32\hcknhgni.dll - - - - 0 -

O31 - 未知 - SODL: {FE1C4CFF-CECF-4212-95D2-6E54D2381B28} - C:\WINDOWS\system32\fehckcff.dll - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{5E12F286-8683-4A64-990A-6D49A5137DA3} - - - - - 0 -

O31 - 未知 - SODL: {F8395411-853C-419B-9AD6-05998EE05146} - C:\WINDOWS\system32\fojplkhh.dll - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{3F9C29B3-29E9-4D61-9A77-DA53B6207906} - - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{80002D53-BF15-4D27-BB91-227953B3E798} - - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{B057960A-5C85-4D95-8B67-27B761AD0251} - - - - - 0 -

O31 - 未知 - SODL: {ACE220C3-8DCC-4063-BEE0-4BCF989DE48C} - C:\WINDOWS\system32\aceiigcj.dll - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{921BA2FE-D7D8-4D8B-8E30-81B507A63A4D} - - - - - 0 -

O31 - 未知 - SODL: 无效的CLSID：{57D00685-2F49-467E-8ADB-08044002CEE1} - - - - - 0 -

O31 - 未知 - SODL: {E2811B88-02F0-449A-8118-07B55CE919B6} - C:\WINDOWS\system32\eiohhboo.dll - - - - 0 -

O31 - 未知 - SODL: {396056C6-D4D5-4F73-9626-284FEB75C35E} - C:\WINDOWS\system32\jpmglmcm.dll - - - - 0 -

O31 - 未知 - SODL: {88C61FCB-55A1-4049-BDC2-C8DD2FE65D40} - C:\WINDOWS\system32\oocmhfcb.dll - - - - 0 -

O31 - 未知 - SODL: {6681775E-F764-42F7-BD8E-6344A1A837A5} - C:\WINDOWS\system32\mmohnnle.dll - - - - 0 -

O31 - 未知 - SEApproved: {00022613-0000-0000-C000-000000000046} - C:\WINDOWS\system32\mmsys.cpl - Microsoft Corporation - Control Panel Drivers Applet - 5.1.2600.2180 - 600064 - 085232434a439a6a680380372632f2d4

O31 - 未知 - SEApproved: {176d6597-26d3-11d1-b350-080036a75b03} - C:\WINDOWS\system32\icmui.dll - Microsoft Corporation - Microsoft Color Matching System User Interface DLL - 5.1.2600.0 - 54784 - 25e23917a19873e24457d9bd433108e8

O31 - 未知 - SEApproved: {1F2E5C40-9550-11CE-99D2-00AA006E086C} - C:\WINDOWS\system32\rshx32.dll - Microsoft Corporation - Security Shell Extension - 5.1.2600.2180 - 37888 - 1bc85eebac41ed1ecbb37ef02181a202

O31 - 未知 - SEApproved: {3EA48300-8CF6-101B-84FB-666CCB9BCD32} - C:\WINDOWS\system32\docprop.dll - Microsoft Corporation - OLE DocFile Property Page - 5.1.2600.0 - 46080 - b6f75dd82f6a3596ef934b0e648f4199

O31 - 未知 - SEApproved: {40dd6e20-7c17-11ce-a804-00aa003ca9f6} - C:\WINDOWS\system32\ntshrui.dll - Microsoft Corporation - Shell extensions for sharing - 5.1.2600.2180 - 137216 - 6fd08f1ef02456a30f14b8b37e78cd05

O31 - 未知 - SEApproved: {41E300E0-78B6-11ce-849B-444553540000} - C:\WINDOWS\system32\themeui.dll - Microsoft Corporation - Windows Theme API - 6.0.2900.2180 - 371200 - 65096cf4a9d1281e362e65e52a505eb8

O31 - 未知 - SEApproved: {42071712-76d4-11d1-8b24-00a0c9068ff3} - C:\WINDOWS\system32\deskadp.dll - Microsoft Corporation - Advanced display adapter properties - 6.0.2600.0 - 16384 - 2df0148bcdf1a691e47ae5fe7a3220c0

O31 - 未知 - SEApproved: {42071713-76d4-11d1-8b24-00a0c9068ff3} - C:\WINDOWS\system32\deskmon.dll - Microsoft Corporation - Advanced display monitor properties - 6.0.2600.0 - 16896 - 1ae273152358333693595948a63c0ea7

O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 -

O31 - 未知 - SEApproved: {4E40F770-369C-11d0-8922-00A024AB2DBB} - C:\WINDOWS\system32\dssec.dll - Microsoft Corporation - Directory Service Security UI - 5.1.2600.2180 - 48640 - 65d1b98f7f3cf1650700e6e67a600d6e

O31 - 未知 - SEApproved: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - C:\WINDOWS\system32\SlayerXP.dll - Microsoft Corporation - Compatibility Tab Shell Extension DLL - 5.1.2600.2180 - 24576 - 3de5dac9fbba388890dbe070bc9bab8a

O31 - 未知 - SEApproved: {56117100-C0CD-101B-81E2-00AA004AE837} - C:\WINDOWS\system32\shscrap.dll - Microsoft Corporation - Shell scrap object handler - 5.1.2600.2180 - 25600 - a082c5ad1601962de5c59e95ec426a6b

O31 - 未知 - SEApproved: {59099400-57FF-11CE-BD94-0020AF85B590} - C:\WINDOWS\system32\diskcopy.dll - Microsoft Corporation - Windows DiskCopy - 6.0.2600.0 - 1501696 - dd9a5ae9be5964086f98030f2765c5e6

O31 - 未知 - SEApproved: {59be4990-f85c-11ce-aff7-00aa003ca9f6} - C:\WINDOWS\system32\ntlanui2.dll - Microsoft Corporation - Network object shell UI - 5.1.2600.0 - 14336 - 36feaeb24262211c77548bd118eb82d6

O31 - 未知 - SEApproved: {5DB2625A-54DF-11D0-B6C4-0800091AA605} - C:\WINDOWS\System32\icmui.dll - Microsoft Corporation - Microsoft Color Matching System User Interface DLL - 5.1.2600.0 - 54784 - 25e23917a19873e24457d9bd433108e8

O31 - 未知 - SEApproved: {675F097E-4C4D-11D0-B6C1-0800091AA605} - C:\WINDOWS\system32\icmui.dll - Microsoft Corporation - Microsoft Color Matching System User Interface DLL - 5.1.2600.0 - 54784 - 25e23917a19873e24457d9bd433108e8

O31 - 未知 - SEApproved: 无效的CLSID：Shell extensions for file compression - - - - - 0 -

O31 - 未知 - SEApproved: {77597368-7b15-11d0-a0c2-080036af3f03} - C:\WINDOWS\system32\printui.dll - Microsoft Corporation - Print UI DLL - 5.1.2600.2180 - 524288 - a524c4b0210e299c3f602b48ea0c7be8

O31 - 未知 - SEApproved: {7988B573-EC89-11cf-9C00-00AA00A14F56} - C:\WINDOWS\system32\dskquoui.dll - Microsoft Corporation - Windows Shell Disk Quota UI DLL - 5.1.2600.0 - 144384 - 43c63e2827663aca2d8af934fa2e8b19

O31 - 未知 - SEApproved: 无效的CLSID：加密上下文菜单 - - - - - 0 -

O31 - 未知 - SEApproved: {88895560-9AA2-1069-930E-00AA0030EBC8} - C:\WINDOWS\system32\hticons.dll - Hilgraeve, Inc. - HyperTerminal Applet Library - 5.1.2600.0 - 44544 - 455e63cc325be7a6d87059b0e457bcc9

O31 - 未知 - SEApproved: {BD84B380-8CA2-1069-AB1D-08000948F534} - C:\WINDOWS\system32\fontext.dll - Microsoft Corporation - Windows Font Folder - 5.1.2600.2180 - 375808 - edbfdd6bcfa8208ef2b05d0e6c2a760a

O31 - 未知 - SEApproved: {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - C:\WINDOWS\system32\icmui.dll - Microsoft Corporation - Microsoft Color Matching System User Interface DLL - 5.1.2600.0 - 54784 - 25e23917a19873e24457d9bd433108e8

O31 - 未知 - SEApproved: {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} - C:\WINDOWS\system32\rshx32.dll - Microsoft Corporation - Security Shell Extension - 5.1.2600.2180 - 37888 - 1bc85eebac41ed1ecbb37ef02181a202

O31 - 未知 - SEApproved: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} - C:\WINDOWS\system32\ntshrui.dll - Microsoft Corporation - Shell extensions for sharing - 5.1.2600.2180 - 137216 - 6fd08f1ef02456a30f14b8b37e78cd05

O31 - 未知 - SEApproved: {f92e8c40-3d33-11d2-b1aa-080036a75b03} - C:\WINDOWS\system32\deskperf.dll - Microsoft Corporation - Advanced display performance properties - 5.1.2600.0 - 18432 - 82f4dd2113aff745c63abdba3ecf2c56

O31 - 未知 - SEApproved: {7444C717-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll - Microsoft Corporation - Crypto Shell Extensions - 5.131.2600.2180 - 52736 - d8bb430edcd5f3b77b8f67b164f4a7ad

O31 - 未知 - SEApproved: {7444C719-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll - Microsoft Corporation - Crypto Shell Extensions - 5.131.2600.2180 - 52736 - d8bb430edcd5f3b77b8f67b164f4a7ad

O31 - 未知 - SEApproved: {7007ACC7-3202-11D1-AAD2-00805FC1270E} - C:\WINDOWS\system32\NETSHELL.dll -

回复引用

鲜花[0]　

鸡蛋[0]

小猪在猴岛

ZxID：7951943

等级: 中将

欠别人一个债，换来自己的爱！

举报只看该作者 5楼发表于: 2010-01-23 0

我草这也太全了吧这G怎么有点像某某人做的挂啊

回复引用

鲜花[0]　

鸡蛋[0]

小猪在猴岛

ZxID：7951943

等级: 中将

欠别人一个债，换来自己的爱！

举报只看该作者 6楼发表于: 2010-01-23 0

这G就是飞机本人做的挂吧！

回复引用

鲜花[0]　

鸡蛋[0]

小猪在猴岛

ZxID：7951943

等级: 中将

欠别人一个债，换来自己的爱！

举报只看该作者 7楼发表于: 2010-01-23 0

a-squared 4.5.0.50 2010.01.23 -
AhnLab-V3 5.0.0.2 2010.01.22 -
AntiVir 7.9.1.146 2010.01.22 -
Antiy-AVL 2.0.3.7 2010.01.22 -
Authentium 5.2.0.5 2010.01.23 W32/Agent.CM.gen!Eldorado
Avast 4.8.1351.0 2010.01.22 -
AVG 9.0.0.730 2010.01.23 BackDoor.FlyAgent.D
BitDefender 7.2 2010.01.23 -
CAT-QuickHeal 10.00 2010.01.22 Trojan.Agent.gen
ClamAV 0.94.1 2010.01.22 Trojan.Agent-64034
Comodo 3680 2010.01.23 -
DrWeb 5.0.1.12222 2010.01.23 -
eSafe 7.0.17.0 2010.01.21 -
eTrust-Vet 35.2.7255 2010.01.22 Win32/SillyAutorun.ALB
F-Prot 4.5.1.85 2010.01.22 W32/Agent.CM.gen!Eldorado
F-Secure 9.0.15370.0 2010.01.23 -
Fortinet 4.0.14.0 2010.01.23 -
GData 19 2010.01.23 -
Ikarus T3.1.1.80.0 2010.01.23 Virus.Win32.OnLineGames
Jiangmin 13.0.900 2010.01.23 -
K7AntiVirus 7.10.952 2010.01.22 -
Kaspersky 7.0.0.125 2010.01.23 -
McAfee 5869 2010.01.22 BackDoor-DRV.gen.c
McAfee+Artemis 5869 2010.01.22 BackDoor-DRV.gen.c
McAfee-GW-Edition 6.8.5 2010.01.23 -
Microsoft 1.5405 2010.01.23 -
NOD32 4798 2010.01.22 a variant of Win32/Packed.FlyStudio
Norman 6.04.03 2010.01.23 -
nProtect 2009.1.8.0 2010.01.23 -
Panda 10.0.2.2 2010.01.22 -
PCTools 7.0.3.5 2010.01.23 -
Prevx 3.0 2010.01.23 High Risk Cloaked Malware
Rising 22.31.04.04 2010.01.22 -
Sophos 4.50.0 2010.01.23 -
Sunbelt 3.2.1858.2 2010.01.23 -
Symantec 20091.2.0.41 2010.01.23 -
TheHacker 6.5.0.9.160 2010.01.23 Trojan/Downloader.Flystudio.gen
TrendMicro 9.120.0.1004 2010.01.23 -
VBA32 3.12.12.1 2010.01.21 -
ViRobot 2010.1.22.2151 2010.01.22 -
VirusBuster 5.0.21.0 2010.01.22 Backdoor.DRV.Gen