打印

[求助] 我的机器上有68可疑文件

13081609806

新兵

积分: 1
威望: 2
元宝: 0
铜钱: 2

1楼大中小发表于 2008-7-3 20:37 只看该作者

我的机器上有68可疑文件

我的机器上有68可疑文件

FilePath,type,key,md5
c:\windows\system32\winsrv.dll, Process_Module ,csrss.exe,e95e0717ffa2dbcd970fb443b0f9a65c
c:\windows\system32\user32.dll, Process_Module ,csrss.exe,61973f67976ba2d42b6dc8f6148369e7
c:\windows\system32\authz.dll, Process_Module ,winlogon.exe,5e3269f53888e601a600c0daf8cda014
c:\windows\system32\shlwapi.dll, Process_Module ,winlogon.exe,0426d85372a992ee4a5e371dc7bf35c6
c:\windows\system32\sfc_os.dll, Process_Module ,winlogon.exe,e90ed53d006a0353aa3e18c18fa8736a
c:\windows\system32\ole32.dll, Process_Module ,winlogon.exe,14edf961ed1e80fe98d41f0dbda5e18e
c:\windows\system32\uxtheme.dll, Process_Module ,winlogon.exe,1433842f6fc3492c9823ea1c6cbc2937
c:\windows\system32\lsasrv.dll, Process_Module ,lsass.exe,d482b89c9078bacc1e28c729e1e6e933
c:\windows\system32\rpcss.dll, Process_Module ,svchost.exe,9e30259b3a12562e1fefec92d5f7d8fa
c:\windows\system32\wininet.dll, Process_Module ,svchost.exe,924c7efc90f19d3ac99e7b18f1b928de
c:\windows\system32\srvsvc.dll, Process_Module ,svchost.exe,4dcc809bc8b41527f4b1e266388873ab
c:\windows\system32\urlmon.dll, Process_Module ,svchost.exe,92ab3e7303aa2ac39b2da5538fceb449
c:\windows\system32\browseui.dll, Process_Module ,Explorer.EXE,ff3f006cb03c4fe622dbeec1a3d16c34
c:\windows\system32\shdocvw.dll, Process_Module ,Explorer.EXE,9eaa8025ecde6f8d280b81e0e85fea2c
c:\windows\system32\mlang.dll, Process_Module ,Explorer.EXE,e343f3e33276fc45da8b5d170adc48ad
c:\program files\nero\nero 7\nero backitup\mfc71u.dll, Process_Module ,Explorer.EXE,7b93c623333f121dc9e689ccb1b7a733
c:\program files\nero\nero 7\nero backitup\msvcr71.dll, Process_Module ,Explorer.EXE,86f1895ae8c5e8b17d99ece768a70732
c:\program files\nero\nero 7\nero backitup\msvcp71.dll, Process_Module ,Explorer.EXE,561fa2abb31dfa8fab762145f81667c2
c:\program files\nero\nero 7\incd\mfc71.dll, Process_Module ,Explorer.EXE,f35a584e947a5b401feb0fe01db4a0d7
d:\winzip\wzshlstb.dll, Process_Module ,Explorer.EXE,66da6f6a67d238721a3fceb70c8dc2d0
c:\program files\thunder network\thunder\components\resworker\dsbho_00.dll, Process_Module ,Explorer.EXE,34f15c1c81bf245ca4a3a608de5a8997
c:\program files\thunder network\thunder\components\resworker\dataprocessor_00.dll, Process_Module ,Explorer.EXE,f462175a7d673278b670a4d527cbdf95
c:\program files\kingsoft\kingsoft internet security 2008\mfc80u.dll, Process_Module ,Explorer.EXE,ccc2e312486ae6b80970211da472268b
c:\program files\kingsoft\kingsoft internet security 2008\msvcr80.dll, Process_Module ,Explorer.EXE,e4fece18310e23b1d8fee993e35e7a6f
c:\program files\kingsoft\kingsoft internet security 2008\msvcp80.dll, Process_Module ,Explorer.EXE,4c8a880eabc0b4d462cc4b2472116ea1
c:\program files\nero\nero 7\incd\msvcr71.dll, Process_Module ,NBHGui.exe,86f1895ae8c5e8b17d99ece768a70732
c:\program files\nero\nero 7\incd\msvcp71.dll, Process_Module ,NBHGui.exe,561fa2abb31dfa8fab762145f81667c2
c:\program files\kingsoft\kingsoft internet security 2008\kaeplat.dll, Process_Module ,KWatch.EXE,e0b0dd227770fe70978f8824d47275bc
c:\program files\kingsoft\kingsoft internet security 2008\kaeplata.dll, Process_Module ,KWatch.EXE,0e6b4e69a8805ef56c39c4830dae535d
c:\program files\kingsoft\kingsoft internet security 2008\kaesgnld.dll, Process_Module ,KWatch.EXE,f0e24992c2d7932dda78424fa8025ee5
c:\program files\kingsoft\kingsoft internet security 2008\kaearcha.dat, Process_Module ,KWatch.EXE,44a8649897224526a946f7464eb5226f
c:\program files\kingsoft\kingsoft internet security 2008\kaeolea.dat, Process_Module ,KWatch.EXE,58f6f59898a832327dd6025e86eacfb6
c:\program files\kingsoft\kingsoft internet security 2008\kaecorea.dat, Process_Module ,KWatch.EXE,ea452ff0ddbb2685b3e159cd82b915c0
c:\program files\kingsoft\kingsoft internet security 2008\kaentrya.dat, Process_Module ,KWatch.EXE,613c61a2211e83f880a1919eedb3e7c9
c:\program files\kingsoft\kingsoft internet security 2008\kaengine.dat, Process_Module ,KWatch.EXE,da439af8a420261063232501d758c19e
c:\program files\kingsoft\kingsoft internet security 2008\kaecore.dat, Process_Module ,KWatch.EXE,67ffdfd9b9c6b3cf7b92ef5b6e920546
c:\program files\kingsoft\kingsoft internet security 2008\kaeunpack.dat, Process_Module ,KWatch.EXE,06f03f4ad3af9fc1a77fabb77900de08
c:\program files\kingsoft\kingsoft internet security 2008\karchive.dat, Process_Module ,KWatch.EXE,08dda501bebe622999cb340875fe9002
c:\program files\kingsoft\kingsoft internet security 2008\kunpamgr.dat, Process_Module ,KWatch.EXE,cb7854f1943b4d164034c18b5ba13954
c:\program files\kingsoft\kingsoft internet security 2008\kaext2.dat, Process_Module ,KWatch.EXE,941841d3b9f9d10f26d3aeef9da9e2bb
c:\program files\kingsoft\kingsoft internet security 2008\kaextend.dat, Process_Module ,KWatch.EXE,ba48738314e4902d28aa672ab91a9a40
c:\program files\kingsoft\kingsoft internet security 2008\kaecall2.dll, Process_Module ,KMailMon.EXE,8671819c11282f2844551bd63b6f3ec2
c:\program files\kingsoft\kingsoft internet security 2008\kaconfig.dll, Process_Module ,KPFW32.EXE,d1a284b27ac722d707a9990768dd6ebf
c:\program files\kingsoft\kingsoft internet security 2008\filtlist.dll, Process_Module ,KPFW32.EXE,12fea598f9adbc3ceb2942a0d6b7d280
d:\火星浏览器\ge.exe, Process_Module ,GE.exe,7e71427e577c5bc30ca91650db35ed37
c:\windows\system32\mscoree.dll, Process_Module ,GE.exe,8c54138d0271ed4e9c16d8534ff707e4
c:\windows\microsoft.net\framework\v1.1.4322\mscorie.dll, Process_Module ,GE.exe,e6dd8cf865b35e9b9b668fbbc4896810
c:\windows\microsoft.net\framework\v1.1.4322\msvcr71.dll, Process_Module ,GE.exe,86f1895ae8c5e8b17d99ece768a70732
c:\windows\microsoft.net\framework\v1.1.4322\mscorld.dll, Process_Module ,GE.exe,00bdbe46b81bbb88131c69136302e479
c:\windows\system32\iepeers.dll, Process_Module ,GE.exe,2e2115f921c86dc7cade75899dc4b664
c:\program files\kingsoft\kingsoft internet security 2008\riched20.dll, Process_Module ,kav32.exe,a0bc687a49542c40eb60b7308f454e8a
c:\docume~1\admini~1\locals~1\temp\rar$ex00.609\suscan.exe, Process_Module ,Suscan.exe,d346b63a687548a436ce688e7756ff5f
c:\docume~1\admini~1\locals~1\temp\rar$ex00.609\kaeautorunex.dll, Process_Module ,Suscan.exe,4539771145a1d9012c6d29c8bd3b21aa
c:\windows\soundman.exe, RegValueInfo ,HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KASDisabled,REM SOUNDMAN.EXE
c:\program files\quicktime\qttask.exe, RegValueInfo ,HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KASDisabled,REM "C:\Program Files\QuickTime\qttask.exe" -atboottime
c:\program files\thunder network\thunder\thunder.exe, RegValueInfo ,HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KASDisabled,REM "C:\Program Files\Thunder Network\Thunder\Thunder.exe" /s
c:\program files\windows media player\wmplayer.exe, RegValueInfo ,HKEY_CLASSES_ROOT\ASFFile\shell\open\command,"C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:7 /Open "%L"
c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe, RegKeyInfo ,HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state\%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe,e1a1206a4fb19b675e947b29ccd25fba
c:\windows\system32\drivers\alcxsens.sys, RegKeyInfo ,HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALCXSENS\C:\WINDOWS\system32\drivers\ALCXSENS.SYS,d3fb0a70fa3e3a62f1b2faa88daabae8
c:\windows\inf\unregmp2.exe, RegKeyInfo ,HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\C:\WINDOWS\inf\unregmp2.exe /ShowWMP,a3856708a7eb0400ee5fba695ace2df6
c:\windows\system32\mscories.dll, RegKeyInfo ,HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install,f0e0877264cc833f4160c4556b092901
c:\program files\messenger\msmsgs.exe, RegKeyWithCLSIDInfo ,HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683},C:\Program Files\Messenger\msmsgs.exe
c:\windows\system32\inetcomm.dll, RegKeyWithCLSIDInfo ,HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mhtml,{05300401-BCBC-11d0-85E3-00C04FD85AB4}
c:\program files\thunder network\thunder\program\geturl.htm, Other ,使用迅雷下载,4303ac002a8f60e22510b046d28cc9d7
c:\program files\thunder network\thunder\program\getallurl.htm, Other ,使用迅雷下载全部链接,46c51e0c98da9d15bf6390014d090b03
c:\program files\internet explorer\plugins\npqtplugin.dll, RiskFile ,npqtplugin.dll,414c3eede19ab68f10ae6b98cb7fa523
c:\program files\internet explorer\plugins\npqtplugin2.dll, RiskFile ,npqtplugin2.dll,359522af09fc088f5d8f68381f70f6b5
c:\program files\internet explorer\plugins\npqtplugin3.dll, RiskFile ,npqtplugin3.dll,8af702f62da01d1b37f1a38035760049
c:\program files\internet explorer\plugins\npqtplugin4.dll, RiskFile ,npqtplugin4.dll,c6e707e8e9198c33ce3abf5001622986
c:\program files\internet explorer\plugins\npqtplugin5.dll, RiskFile ,npqtplugin5.dll,98c32fe5bd575b13bdd6c347fcbb28a4
c:\program files\internet explorer\plugins\npqtplugin6.dll, RiskFile ,npqtplugin6.dll,6ca6d643f830cbcd23dc67e07d84505e
c:\windows\system32\drivers\editpro.sys, RiskFile ,editpro.sys,ead88eee1ce30f613158c5cb0148a8a0
d:\rarext.dll.0.tmp, RiskFile ,RarExt.dll.0.tmp,db85440d8d5cfede55eab0f44edfb16f
操作系统版本 : Microsoft Windows XP
引擎版本 : 2008.01.14.15
病毒库版本 : 2008.06.12.17
扫描时间：2008年7月3日 20时34分29秒
加载配置信息失败
加载MD5列表失败
共扫描到73个可疑文件
73个文件复制成功, 0个文件复制失败

[ 本帖最后由 13081609806 于 2008-7-3 12:39 编辑 ]