右下角总是有弹出广告，肯定是流氓，可是360和瑞兴都没有反应，请高手帮忙！！

我这就去，谢谢 Ltangelic

弹出广告的是插件．．看看３６０的系统插件都有什么？？？？

或者用这个试试

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:53, on 2008-1-7
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\StormII\stormliv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360safe\safemon\safemon.dll
O2 - BHO: (no name) - {C5E87A05-F463-4841-B19E-DD3EC3862368} - C:\Program Files\Internet Explorer\IEXPLORE32.Sys (file missing)
O2 - BHO: (no name) - {EE12D60D-AD9A-4095-B839-3BE6862679FD} - C:\Program Files\Internet Explorer\IEXPLORE32.Dat (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?SystemRoot%\Installer\{AC76BA86-2052-0000-7760-100000000002}\SC_Acrobat.exe
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 查看 Exif 信息(&V) - res://C:\Program Files\Exif Show\ExShow.dll/EXSHOW.HTML
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 转换为 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 转换为现有 PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 转换选定的链接为 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: 转换选定的链接为现有 PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: 转换选项为 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 转换选项为现有 PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 转换链接目标为 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 转换链接目标为现有 PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: 创建移动收藏... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\tddownload\jifeng1.2.16\jifeng(sina.com)-1.2.16\ipacc_v2.dll
O10 - Unknown file in Winsock LSP: f:\tddownload\jifeng1.2.16\jifeng(sina.com)-1.2.16\ipacc_v2.dll
O10 - Unknown file in Winsock LSP: f:\tddownload\jifeng1.2.16\jifeng(sina.com)-1.2.16\ipacc_v2.dll
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA Class) - https://img.alipay.com/download/1101/aliedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{62EFD8A5-DB53-48D7-A801-C78E2B3BBD24}: NameServer = 61.128.192.68 61.128.128.68
O18 - Filter hijack: text/html - {4AE8C5E7-A00C-4735-A5BF-657201FC97BE} - c:\devices.dll
O23 - Service: Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - C:\Program Files\StormII\stormliv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

--
End of file - 7864 bytes

不好意思，我动作慢点，您什么时候有空都行

另外感谢ahomeman长老，正在扫描，也许能行

360查出过一次，但杀不掉，然后就再也没查到过

没想到这么复杂，更没想到，Ltangelic  大侠会这么不怕麻烦的帮忙，不知道该说什么好。。。。。。

C:\Program Files\StormII\stormliv.exe   是暴风影音的升级程序
C:\PROGRA~1\MI3AA1~1\rapimgr.exe  是多普打手机同步程序


https://img.alipay.com/download/1101/aliedit.cab  看上去像支付宝，可是打不开，不知道是什么东西
两个软件正在下载，有了结果我会立即上传，

感谢！！！！！

还有就是帖子里的图片都不能显示

中毒了，还有域劫持。先修复以下，暂时卸载瑞星，改用卡巴和AVG分别杀毒，重启后再次扫描看看。
修复前请先下载WinsockXPFix.rar (594.84 KB) 和LSPFix.rar (177.08 KB) ，用语解决修复010项后不能上网的问题。

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360safe\safemon\safemon.dll
O2 - BHO: (no name) - {C5E87A05-F463-4841-B19E-DD3EC3862368} - C:\Program Files\Internet Explorer\IEXPLORE32.Sys (file missing)
O2 - BHO: (no name) - {EE12D60D-AD9A-4095-B839-3BE6862679FD} - C:\Program Files\Internet Explorer\IEXPLORE32.Dat (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?SystemRoot%\Installer\{AC76BA86-2052-0000-7760-100000000002}\SC_Acrobat.exe

O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 查看 Exif 信息(&V) - res://C:\Program Files\Exif Show\ExShow.dll/EXSHOW.HTML

O8 - Extra context menu item: 转换选定的链接为 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: 转换选定的链接为现有 PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: 转换选项为 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 转换选项为现有 PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 转换链接目标为 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 转换链接目标为现有 PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: 创建移动收藏... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\tddownload\jifeng1.2.16\jifeng(sina.com)-1.2.16\ipacc_v2.dll
O10 - Unknown file in Winsock LSP: f:\tddownload\jifeng1.2.16\jifeng(sina.com)-1.2.16\ipacc_v2.dll
O10 - Unknown file in Winsock LSP: f:\tddownload\jifeng1.2.16\jifeng(sina.com)-1.2.16\ipacc_v2.dll
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA Class) - https://img.alipay.com/download/1101/aliedit.cab

O18 - Filter hijack: text/html - {4AE8C5E7-A00C-4735-A5BF-657201FC97BE} - c:\devices.dll
O23 - Service: Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - C:\Program Files\StormII\stormliv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

你插件太多了．．．．．
建议用恶意软件清理工具试试．．．．

请Ltangelic
把Spybot Search and Destroy 使用情况汇报官方:
Spybot Search and Destroy 在多台CPU1.8G电脑测试使用,往往会出现CPU使用率100%导致死机!

[ 本帖最后由 gaoyunfon 于 2008-1-8 17:50 编辑 ]

谢谢各位，图还是看不见，看链接也不行，看来是我电脑的问题

另外，卡巴司机我安装了，但激不活，又不知道是什么原因

我运行了spybot，结果找到些问题，然后清除了，广告没有再出现，但是再运行spybot，他还说有问题

我正上传文件分析

我的回复周期有点长，请各位高手原谅

文件上传时，显示：Bigger than max permited size / Mayor del tamaño máximo permitido

这两天机器被别人用过，现在qq不见了，360扫出来两个恶意插件： nvsys     和伪iexplore木马程序

刚刚杀掉

瑞星也被干掉了，不知道下次我还上不上得来

引用:

原帖由 alloys 于 2008-1-11 20:05 发表
瑞星也被干掉了，不知道下次我还上不上得来

用阿顺版主的办法早搞好了!
LZ试一下吧，先卸了瑞星然后安装卡巴和AVG(先升级),再在安全模式下修复阿顺版主列出的项目,然后分别用卡巴和AVG对全盘分别杀毒。
注意:
1.HijackThis 用电脑家园的HijackThis1991 汉化版, 不用2.0以上版本。因后面要用到该版本咐带的工具。
2.HijackThis的“修复”即是从注册表中删除相应的条目，因你的域劫持修复010项目后将不能上网。
所以; 要用HijackThis1991汉化版咐带LSPFix.exe ，以解决修复不能上网的问题。
至于LSPFix.exe的用法很简单，阿顺版主有介绍的帖子你可先看一下。

[ 本帖最后由 5628816 于 2008-1-12 12:04 编辑 ]

引用:

原帖由 Ltangelic 于 2008-1-12 13:56 发表
5628816，请看以下：

任何想帮助 alloys的好心人，

首先，很感谢你们愿意帮忙，我相信 alloys 会非常感激。但本人有一个要求，希望你们有任何帮助的建议，都可以发短消息给我。我知道这样可能会让你们觉 ...

你干脆说; 任何人(包括版主在内)发帖需经你审核同意得了 !!

C:\WINDOWS\RTHDCPL.EXE   太大不能上传

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE  分析结果在下面
C:\WINDOWS\system32\nvsvc32.exe       分析结果在下面
C:\Program Files\Exif Show\ExShow.dll/EXSHOW.HTML     没找到这个文件
c:\devices.dll      没找到这个文件



反病毒引擎 版本 最后更新 扫描结果
AhnLab-V3 2008.1.9.11 2008.01.09 -
AntiVir 7.6.0.46 2008.01.09 -
Authentium 4.93.8 2008.01.09 -
Avast 4.7.1098.0 2008.01.08 -
AVG 7.5.0.516 2008.01.09 -
BitDefender 7.2 2008.01.09 -
CAT-QuickHeal 9.00 2008.01.07 -
ClamAV 0.91.2 2008.01.09 -
DrWeb 4.44.0.09170 2008.01.09 -
eSafe 7.0.15.0 2008.01.08 -
eTrust-Vet 31.3.5444 2008.01.09 -
Ewido 4.0 2008.01.08 -
FileAdvisor 1 2008.01.09 -
Fortinet 3.14.0.0 2008.01.09 -
F-Prot 4.4.2.54 2008.01.08 -
F-Secure 6.70.13030.0 2008.01.09 -
Ikarus T3.1.1.20 2008.01.09 -
Kaspersky 7.0.0.125 2008.01.09 -
McAfee 5202 2008.01.08 -
Microsoft 1.3109 2008.01.09 -
NOD32v2 2776 2008.01.09 -
Norman 5.80.02 2008.01.08 -
Panda 9.0.0.4 2008.01.08 -
Prevx1 V2 2008.01.09 -
Rising 20.26.21.00 2008.01.09 -
Sophos 4.24.0 2008.01.09 -
Sunbelt 2.2.907.0 2008.01.09 -
Symantec 10 2008.01.09 -
TheHacker 6.2.9.184 2008.01.08 -
VBA32 3.12.2.5 2008.01.07 -
VirusBuster 4.3.26:9 2008.01.09 -
Webwasher-Gateway 6.6.2 2008.01.09 -
附加信息
File size: 322120 bytes
MD5: 11f714f85530a2bd134074dc30e99fca
SHA1: 34ea5694ae49339c04e28b78f838378957378dda
PEiD: -


    .

反病毒引擎 版本 最后更新 扫描结果
AhnLab-V3 2008.1.12.10 2008.01.11 -
AntiVir 7.6.0.46 2008.01.11 -
Authentium 4.93.8 2008.01.12 -
Avast 4.7.1098.0 2008.01.11 -
AVG 7.5.0.516 2008.01.11 -
BitDefender 7.2 2008.01.12 -
CAT-QuickHeal 9.00 2008.01.11 -
ClamAV 0.91.2 2008.01.11 -
DrWeb 4.44.0.09170 2008.01.11 -
eSafe 7.0.15.0 2008.01.10 -
eTrust-Vet 31.3.5451 2008.01.11 -
Ewido 4.0 2008.01.11 -
FileAdvisor 1 2008.01.12 -
Fortinet 3.14.0.0 2008.01.12 -
F-Prot 4.4.2.54 2008.01.11 -
F-Secure 6.70.13030.0 2008.01.11 -
Ikarus T3.1.1.20 2008.01.12 -
Kaspersky 7.0.0.125 2008.01.12 -
McAfee 5205 2008.01.11 -
Microsoft 1.3109 2008.01.12 -
NOD32v2 2785 2008.01.11 -
Norman 5.80.02 2008.01.11 -
Panda 9.0.0.4 2008.01.11 -
Prevx1 V2 2008.01.12 -
Rising 20.26.50.00 2008.01.12 -
Sophos 4.24.0 2008.01.12 -
Sunbelt 2.2.907.0 2008.01.12 -
Symantec 10 2008.01.12 -
TheHacker 6.2.9.186 2008.01.11 -
VBA32 3.12.2.5 2008.01.12 -
VirusBuster 4.3.26:9 2008.01.11 -
Webwasher-Gateway 6.6.2 2008.01.12 -
附加信息
File size: 163908 bytes
MD5: 35f41ab3fdb5d07a9771e4581353cde8
SHA1: a416a784240c137f20be347ef8e3a9a370bb0f5d
PEiD: Armadillo v1.71