 论坛首页 >> 木马专家2009 专区 >> 用户问题解答 >> 返回 >> [求助]病毒怎么杀 |
   |
 wangdi8  用户等级:论坛游民 注册:2009-10-8 12:47:42 |
木马专家2009 系统报告 2009年10月8日12时44分59秒 版本20091005 操作系统:Microsoft Windows XP Service Pack 2 IE版本号:6.0.2900.2180 计算机物理内存:1012MB 当前空闲内存:659MB ───────────────────────────────────── [进程名] 进程路径 [识别信息] ───────────────────────────────────── [System] [系统核心进程] [SMSS.EXE] \SystemRoot\System32\smss.exe [系统核心管理程序] [CSRSS.EXE] C:\WINDOWS\system32\csrss.exe [系统服务器进程] [WINLOGON.EXE] C:\WINDOWS\system32\winlogon.exe [系统用户登录管理] [SERVICES.EXE] C:\WINDOWS\system32\services.exe [系统核心服务程序] [LSASS.EXE] C:\WINDOWS\system32\lsass.exe [系统IP安全管理程序] [SVCHOST.EXE] C:\WINDOWS\system32\svchost.exe [Windows 2000/XP 系统核心进程] [SVCHOST.EXE] C:\WINDOWS\system32\svchost.exe [Windows 2000/XP 系统核心进程] [SVCHOST.EXE] C:\WINDOWS\System32\svchost.exe [Windows 2000/XP 系统核心进程] [SVCHOST.EXE] C:\WINDOWS\system32\svchost.exe [Windows 2000/XP 系统核心进程] [SVCHOST.EXE] C:\WINDOWS\system32\svchost.exe [Windows 2000/XP 系统核心进程] [SPOOLSV.EXE] C:\WINDOWS\system32\spoolsv.exe [系统内存打印程序] [EXPLORER.EXE] C:\WINDOWS\explorer.exe [Windows 系统资源管理器] [SVCHOST.EXE] C:\WINDOWS\system32\svchost.exe [Windows 2000/XP 系统核心进程] [AsfIpMon.exe] C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [Broadcom ASF IP and SMBIOS Mailbox Monitor] [IcbcDaemon.exe] C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe [未知项目] [SVCHOST.EXE] C:\WINDOWS\system32\svchost.exe [Windows 2000/XP 系统核心进程] [UPHCLEAN.EXE] C:\Program Files\UPHClean\uphclean.exe [XP关机加速补丁] [ALG.EXE] C:\WINDOWS\System32\alg.exe [系统管理进程] [CONIME.EXE] C:\WINDOWS\system32\conime.exe [系统输入法管理] [IEXPLORE.EXE] C:\program files\internet explorer\iexplore.exe [Internet Explorer 浏览器] [MMZJ.EXE] C:\Program Files\T Expert 2009\mmzj.exe [木马专家2009 专业木马查杀软件] [IEXPLORE.EXE] C:\program files\internet explorer\iexplore.exe [Internet Explorer 浏览器] [IEXPLORE.EXE] C:\program files\internet explorer\iexplore.exe [Internet Explorer 浏览器] [WMIPRVSE.EXE] C:\WINDOWS\system32\wbem\wmiprvse.exe [WMI系统接口程序] [WUAUCLT.EXE] C:\WINDOWS\system32\wuauclt.exe [系统服务进程] [SVCHOST.EXE] C:\WINDOWS\system32\svchost.exe [Windows 2000/XP 系统核心进程] [AGB.exe] D:\Antiy Labs\AGB7\AGB.exe [AGB.exe] [ATray.exe] C:\Program Files\Antiy Labs\ASoft\ATray.exe [ATray] ───────────────────────────────────── [启动项名] 程序路径 [识别信息] ───────────────────────────────────── [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [XP高级文字支持] [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC [XP高级文字服务] [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName [XP高级文字服务] [IgfxTray] ; C:\WINDOWS\system32\igfxtray.exe [显卡控制] [HotKeysCmds] ; C:\WINDOWS\system32\hkcmd.exe [键盘热键模块] [Persistence] ; C:\WINDOWS\system32\igfxpers.exe [persistence Module] [RTHDCPL] ; RTHDCPL.EXE [丢失项目] [SkyTel] ; SkyTel.EXE [丢失项目] [SoundMan] ; SOUNDMAN.EXE [丢失项目] [AlcWzrd] ; ALCWZRD.EXE [丢失项目] [Alcmtr] ; ALCMTR.EXE [丢失项目] [SoundMAXPnP] ; C:\Program Files\Analog Devices\Core\smax4pnp.exe [SMax4PNP] [木马专家] ; C:\Program Files\T Expert 2009\mmzj.exe [木马专家启动项] [ctfmon.exe] ; C:\WINDOWS\system32\ctfmon.exe [系统输入法控制] [{AEB6717E-7E19-11d0-97EE-00C04FD91972}] shell32.dll [Windows Shell Common Dll] [{9C20D654-5AF8-4DB7-A125-1A17D7065C73}] C:\WINDOWS\system32\QQyQ7452eAVkMqdNR.inf [可疑项目] [{6049BC02-7EDA-4C41-B4AB-D5398607C39E}] C:\WINDOWS\Tasks\yGfdVUegEQm9fhY5rnN.inf [丢失项目] [{B7F1BFDC-4B6C-4E2F-AF7A-638D2D47802C}] C:\WINDOWS\system32\FsmBY3kmWnAG5gRbwGgU.inf [丢失项目] [{23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}] C:\WINDOWS\system32\ndxq9awMc.dll [丢失项目] [{2EF0D734-21FD-4225-A1A2-BCD296182AAF}] C:\WINDOWS\system32\2EF0D734.dll [丢失项目] [{87DE8A1A-96C5-4420-B222-EF998F697CE7}] C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll [丢失项目] [{20CFDC59-228C-481F-80B6-404BCFA16B13}] C:\WINDOWS\system32\Je9hR9NedWPyAckEN42c.inf [丢失项目] [{C20C5A13-4DD7-40D9-90B4-700BAB0BBBE9}] C:\WINDOWS\system32\S5kSrtwDf35EW9f2kBDF.inf [丢失项目] [{A2BCFCEE-C939-433F-A32A-7353A6E720DB}] C:\WINDOWS\Tasks\JJX5r8wnsqUnNxGwpwn.inf [丢失项目] [{D36A1DF7-6582-4160-B925-59A34E39FE30}] C:\WINDOWS\system32\EMQzJJURMfVkrkEx9GJ.inf [丢失项目] [{7488E47D-E8F3-41C0-B2DA-9B2BD8803A80}] C:\WINDOWS\Tasks\EfEPEaD4ZpVMUXrDbS.inf [丢失项目] [{B6C3510F-2666-496B-A46F-6EEFD6328C2B}] C:\WINDOWS\Tasks\txPsQUxAThX8QTR6s6Yn.inf [丢失项目] [{8708994F-1758-4C2C-9A3F-FA22D6CCCB41}] C:\WINDOWS\fonts\A97CRaCB.fon [丢失项目] [{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}] C:\WINDOWS\system32\122B901E.dll [丢失项目] [{CD478099-014D-4B3A-A4BB-B518F1019BC7}] C:\WINDOWS\system32\SCEVFJRCmaB7.dll [丢失项目] [{CE38B9E6-AF0C-4B93-AFAB-A20C2311FFD0}] C:\WINDOWS\system32\X5T4kV8DNmMbdRXAUx82K.inf [丢失项目] [{B7D21764-31A1-4B15-B975-8AAA398CE07F}] C:\WINDOWS\system32\FXNEE8UE86dAU4wwQSW.inf [丢失项目] [{0DCB6565-A9F9-41CA-97E1-65F4A6345F3E}] C:\WINDOWS\Tasks\2VeFNvQbcyFhKUaXTVE9.inf [丢失项目] [{3DCB9005-ABA0-47F8-8C40-49ABC04AE5EE}] C:\WINDOWS\system32\W8MvNsbGCCW52XyxV8wQ.inf [丢失项目] [{B9D0F4D7-C809-4C27-9CB4-63201DFB3D05}] C:\WINDOWS\Tasks\c2nH4numz9knY5zqnC.inf [丢失项目] [{E16EA4C8-040B-4A12-A0F5-783963AD665D}] C:\WINDOWS\system32\P6VyQtQJUYa3rFan7J.inf [丢失项目] [{1719B301-B494-4185-9379-242461F9CF02}] C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.inf [丢失项目] [{93DA1E7D-7C46-4F90-8674-EC90511FCA72}] C:\WINDOWS\system32\CDuAUVkGy9.dll [丢失项目] [{8A6A5B34-D995-4C5D-9338-B5E264B4A87}] C:\WINDOWS\system32\nXe2grrKNzF9dxYKmqg.inf [丢失项目] [{51716C09-6B08-4CCF-B526-718E912C0573}] C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll [丢失项目] [{BB4491A2-D11A-4c6b-91C0-B53246A3122B}] C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll [中国工商银行IE浏览器BHO组件] ───────────────────────────────────── [服务名] 服务路径 [识别信息] ───────────────────────────────────── [Broadcom ASF IP and SMBIOS Mailbox Monitor] C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [Broadcom ASF IP and SMBIOS Mailbox Monitor] [DCOM Server Process Launcher] C: [] [ICBC Daemon Service] C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe [] [Remote Procedure Call (RPC)] C: [] [User Profile Hive Cleanup] C:\Program Files\UPHClean\uphclean.exe [User Profile Hive Cleanup Service] ───────────────────────────────────── 系统驱动相关信息 [识别信息] ───────────────────────────────────── ptilink.sys [Parallel Technologies DirectParallel IO Library] cinemst2.sys [CineMaster C 1.2 WDM Main Driver] cpqdap01.sys [Compaq PA-1 Player Driver] nikedrv.sys [NikeDrv Usb Driver] rio8drv.sys [Rio8Drv.sys Usb Driver] riodrv.sys [RioDrv Usb Driver] bregdrv.sys [bregdrv] tsbvcap.sys [WDM Toshiba Tecra Video Capture Driver] vdmindvd.sys [CineMaster C WDM DVD Minidriver] EfiMon.sys [360Efimon Driver] bfsdrv.sys [bfsdrv] hookport.sys [360安全卫士 - HookPort] usbintel.sys [Universal Serial Bus Camera Driver] secdrv.sys [Macrovision SECURITY Driver] windrvr.sys [WinDriver Device Driver 4.33] RtkHDAud.sys [Realtek(r) High Definition Audio Function Driver] igxpmp32.sys [Intel Graphics Miniport Driver] ADIHdAud.sys [High Definition Audio Function Driver] senfilt.sys [Sensaura WDM 3D Audio Driver] b57xp32.sys [Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver.] 360SelfProtection.sys [360安全卫士 - SelfProtection] AntiyFW.sys [AntiyFW] SafeboxKrnl.sys [360安全卫士 - 保险箱] 360AntiARP.sys [360AntiARP] ProtoDrv.sys [360AntiARP] ───────────────────────────────────── Internet Explorer 浏览器相关信息 ───────────────────────────────────── [IE当前首页 HKCU] http://www.360ho.cn/ [IE当前首页 HKLM] http://www.360ho.cn/ ----- Hosts表内容 ----- ───────────────────────────────────── 系统中发现可疑项目请点击可疑文件上报. |
 枫  用户等级:精灵王 注册:2005-1-9 15:11:13 |
请根据软件自动提示上报可疑文件,关注第二天的软件更新(正式版用户) 另:你的软件并没有升级至最新版本. ------------------签名------------------- 论坛管理员 Beyond工作室 |
| *快速回复 默认支持UBB,如果你不希望 支持UBB或要其它功能你可 以用高级回复进行编辑 |