system.exe,alien32.exe,ftsKetNt.7ps,SysKetNt.Sys, iexpe.exe等1
2024-04-11 20:25:56
system.exe,alien32.exe,ftsKetNt.7ps,SysKetNt.Sys, iexpe.exe等1
endurer 原创
2009-01-05 第1版
昨天中午,一位网友说他电脑中IE首页被强制修改为hxxp://www.35029.com,输入法无法切换,请偶帮忙检修。
使用pe_xscan 扫描log并分析,发现如下可疑项(进程模块部分有省略):
pe_xscan 08-12-29 by Purple Endurer 2008-12-5 6:20:15 Windows XP Service Pack 2(5.1.2600) MSIE:6.0.2900.2180 管理员用户组 正常模式
[System Process] 0 2008-12-5 5:44:14 2008-12-4 9:52:46 2008-12-4 17:26:54 2008-12-4 9:50:52 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 C:/WINDOWS/System32/csrss.exe 536 2004-8-16 8:39:14 Microsoft? Windows? Operating System 5.1.2600.2180 Client Server Runtime Process ? Microsoft Corporation. All rights reserved. 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Corporation ? CSRSS.Exe CSRSS.Exe 2008-12-5 3:30:7 2006-2-14 14:24:46 C:/WINDOWS/System32/winlogon.exe 560 2004-8-16 8:39:24 Microsoft(R) Windows(R) Operating System 5.1.2600.2180 Windows NT Logon Application (C) Microsoft Corporation. All rights reserved. 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Corporation ? winlogon WINLOGON.EXE 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-12-5 5:44:14 2008-12-4 9:52:46 2008-12-4 17:26:34 2008-12-5 5:46:50 2008-12-5 5:46:16 2008-12-5 5:46:4 2008-12-4 9:49:48 2008-12-5 5:44:36 2008-12-4 17:26:54 2008-12-4 9:50:52 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 C:/WINDOWS/System32/services.exe 604 2004-8-16 8:39:24 Microsoft(R) Windows(R) Operating System 5.1.2600.2180 Services and Controller app (C) Microsoft Corporation. All rights reserved. 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Corporation ? services.exe services.exe 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-12-5 5:44:14 2008-12-4 9:52:46 2008-12-4 17:26:34 2008-12-5 5:46:50 2008-12-5 5:46:16 2008-12-5 5:46:4 2008-12-4 9:49:48 2008-12-5 5:44:36 2008-12-4 17:26:54 2008-12-4 9:50:52 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 C:/WINDOWS/System32/lsass.exe 616 2004-8-16 8:39:16 Microsoft? Windows? Operating System 5.1.2600.2180 LSA Shell (Export Version) ? Microsoft Corporation. All rights reserved. 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Corporation ? lsass.exe lsass.exe 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-12-5 5:44:14 2008-12-4 9:52:46 2008-12-4 17:26:34 2008-12-5 5:46:50 2008-12-5 5:46:16 2008-12-5 5:46:4 2008-12-4 9:49:48 2008-12-5 5:44:36 2008-12-4 17:26:54 2008-12-4 9:50:52 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 C:/WINDOWS/System32/svchost.exe 788 2004-8-16 8:39:24 Microsoft? Windows? Operating System 5.1.2600.2180 Generic Host Process for Win32 Services ? Microsoft Corporation. All rights reserved. 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Corporation ? svchost.exe svchost.exe 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-12-5 5:44:14 2008-12-4 9:52:46 2008-12-4 17:26:34 2008-12-5 5:46:50 2008-12-5 5:46:16 2008-12-5 5:46:4 2008-12-4 9:49:48 2008-12-5 5:44:36 2008-12-4 17:26:54 2008-12-4 9:50:52 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 2008-8-14 21:42:28 C:/WINDOWS/system32/spcss.dll 2006-2-14 14:24:46 Microsoft? Windows? Operating System 5.1.2600.2846 Distributed COM Services ? Microsoft Corporation. All rights reserved. 5.1.2600.2846 (xpsp.060213-1526) Microsoft Corporation ? rpcss.dll rpcss.dll F2 - REG: system.ini: UserInit = <>F3 - REG: win.ini: load=O2 - BHO BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} = 2008-11-11 7:9:54 O2 - BHO - {7D182ECE-BFD3-4482-902F-035F4CE9A3C4} = 2008-12-4 17:19:22 O2 - BHO - {EF8EFC85-0038-479B-BB0E-B0A52A15CECA} = 2008-12-4 9:54:44 O3 - IE工具栏: - {B580CF65-E151-49C3-B73F-70B13FCA8E86} = 2008-11-11 7:9:54 O4 - HKLM/../Run: [HBService32]O4 - HKLM/../Policies/Explorer/Run: [nwiz]O18 - 协议: qyl(Data Pluggable Protocol) - {C79BF22F-25C4-4D3D-8183-14149EAB9C0C} - 2008-1-24 19:4:36O20 - AppInit_DLLs = ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,O21 - SSODL - 1BE1B1E8(E) - {1BE1B1E8-63AB-4B1B-B3FE-EE1675C8C408} = 2008-8-14 21:42:28 O21 - SSODL - D83334D5(8) - {D83334D5-7CDD-428C-8D1F-1805D1DD155A} = 2008-8-14 21:42:28 O21 - SSODL - 9998A2F1(F) - {9998A2F1-52FB-4330-B3B6-4F0BBD80F00F} = 2008-8-14 21:42:28 O21 - SSODL - B2D304CA(F) - {B2D304CA-5F88-4FB1-87CA-FF4A72E24F02} = 2008-8-14 21:42:28 O21 - SSODL - CA66726A(9) - {CA66726A-245F-4B1A-ADB9-299F0E5A2676} = 2008-8-14 21:42:28 O21 - SSODL - 515E5B45(1) - {515E5B45-71DE-4DB4-AF59-81187BC1A60F} = 2008-8-14 21:42:28 O21 - SSODL - ED931691(A) - {ED931691-2379-4685-961D-FA92630111CC} = 2008-8-14 21:42:28 O21 - SSODL - D38C7BBA(3) - {D38C7BBA-15B4-47C4-BA2C-4355BE46220C} = 2008-8-14 21:42:28 O21 - SSODL - 03A1D295(5) - {03A1D295-333C-4A8B-A948-85F5C9A51E45} = 2008-8-14 21:42:28 O21 - SSODL - 143CE310(7) - {143CE310-9E32-40F6-982F-C7AE1AD85D7B} = 2008-8-14 21:42:28 O21 - SSODL - F21511FC(F) - {F21511FC-3FB3-4753-80CE-DF2BA4109ECB} = 2008-8-14 21:42:28 O21 - SSODL - 5A0F83A6(B) - {5A0F83A6-2DC9-4756-9EA6-1BEF240872D6} = 2008-8-14 21:42:28 O21 - SSODL - 41F8FCF3(D) - {41F8FCF3-0590-47AA-82B8-9D5CB81D757D} = 2008-8-14 21:42:28 O21 - SSODL - 7C0DFD7B(C) - {7C0DFD7B-9330-45A7-B73D-9CEE56002905} = 2008-8-14 21:42:28 O21 - SSODL - 518F57D3(A) - {518F57D3-E6E4-4BCC-89FF-CA01A0B9630C} = 2008-8-14 21:42:28 O21 - SSODL - 63F62981(1) - {63F62981-B224-44CB-A4D6-915DF9DC2792} = 2008-8-14 21:42:28 O21 - SSODL - 56D809D2(D) - {56D809D2-CD6A-47E4-98AC-FDB84960CCDF} = 2008-8-14 21:42:28 O21 - SSODL - AF73E0FB(D) - {AF73E0FB-F97E-44C9-A525-2D8083B090FB} = 2008-8-14 21:42:28 O21 - SSODL - 2A5479B5(E) - {2A5479B5-5B77-42C3-9E10-6EF25FA1E9D2} = 2008-8-14 21:42:28 O21 - SSODL - 1BDB68CE(9) - {1BDB68CE-E522-4E88-906C-E9DCEC79684F} = 2008-8-14 21:42:28 O21 - SSODL - 64DDF481(C) - {64DDF481-B0C5-4A54-8D79-4C1537AEA648} =O21 - SSODL - F7902582(4) - {F7902582-CAE9-4DD6-B478-B4C27B274221} = 2008-8-14 21:42:28 O21 - SSODL - 7F99099C(7) - {7F99099C-3F42-4F2E-B487-77F74AE419D2} = 2008-8-14 21:42:28 O21 - SSODL - 03B54254(D) - {03B54254-E3B2-48EF-9873-CDBA3BE868B1} =O21 - SSODL - E531B068(5) - {E531B068-8EEE-453E-AD96-3573EDBB5464} = 2008-8-14 21:42:28 O21 - SSODL - C9B17E4E(0) - {C9B17E4E-14D1-48F6-A892-406CCF8D80A9} = 2008-8-14 21:42:28 O21 - SSODL - 0C008684(7) - {0C008684-73DA-4651-AE4D-8753889720F0} = 2008-8-14 21:42:28 O21 - SSODL - 405BF191(B) - {405BF191-0B75-40F0-8419-2B8673A17646} = 2008-8-14 21:42:28 O21 - SSODL - F5AFAFA3(F) - {F5AFAFA3-51DE-4122-8297-5F3A26036C3F} = 2008-8-14 21:42:28 O21 - SSODL - 4E0FA2F2(F) - {4E0FA2F2-23FD-4CEA-81C7-CFF52055A357} = 2008-8-14 21:42:28 O21 - SSODL - C6098E7C(C) - {C6098E7C-9DF8-4050-99D5-FC179842648E} = 2008-8-14 21:42:28 O21 - SSODL - 715989E4(4) - {715989E4-F1B1-476A-8916-54F1DAD1B5BC} = 2008-8-14 21:42:28 O21 - SSODL - 957E8C5A(B) - {957E8C5A-7DFD-4024-A7F4-ABA78DFF6916} = 2008-8-14 21:42:28 O21 - SSODL - F1BF7C7A(5) - {F1BF7C7A-5341-40AC-A748-F554B11C8922} = 2008-8-14 21:42:28 O21 - SSODL - 8D668351(E) - {8D668351-A384-4DCF-BE57-7E6C6EA29C54} = 2008-8-14 21:42:28 O21 - SSODL - EFE5D671(F) - {EFE5D671-281A-44DB-B093-6F315B0EEFEB} = 2008-8-14 21:42:28 O21 - SSODL - CE544718(1) - {CE544718-D00D-4066-8445-21064C08227D} = 2008-8-14 21:42:28 O21 - SSODL - 1D2317A1(A) - {1D2317A1-325C-469B-B6E5-FA6ED43B4F43} = 2008-8-14 21:42:28 O21 - SSODL - FE9441A0(E) - {FE9441A0-7186-4D64-8980-4EA69C01AD45} = 2008-8-14 21:42:28 O21 - SSODL - 75F56ED4(C) - {75F56ED4-7AF8-4F8C-ABBB-8C734A6F69E2} = 2008-8-14 21:42:28 O21 - SSODL - 4A7C6D50(C) - {4A7C6D50-5BA2-420A-B9F9-CCEDEFDA2EDD} = 2008-8-14 21:42:28 O21 - SSODL - 9CF1EEA8(B) - {9CF1EEA8-2EE2-40DA-B3C2-DB17FE31E70A} = 2008-8-14 21:42:28 O21 - SSODL - 78549EA1(0) - {78549EA1-53D5-42EA-817A-F0887953B9FD} = 2008-8-14 21:42:28 O21 - SSODL - 1325C941(6) - {1325C941-260C-488E-AE52-16612486890F} = 2008-8-14 21:42:28 O21 - SSODL - 19A916DC(6) - {19A916DC-58AA-4E47-9095-567527D0FD73} = 2008-8-14 21:42:28 O21 - SSODL - C406A026(4) - {C406A026-243E-486C-873F-84F8FCDA3670} = 2008-8-14 21:42:28 O21 - SSODL - 58E4F255(A) - {58E4F255-C6AC-4C0A-8202-8A623BFBFD4A} = 2008-8-14 21:42:28 O21 - SSODL - 6027FB67(5) - {6027FB67-872E-4389-8DDF-95A33EBCF4FF} = 2008-8-14 21:42:28 O21 - SSODL - 52C1B2E2(A) - {52C1B2E2-8635-4454-8A61-EA9BFDFA15E6} = 2008-8-14 21:42:28 O21 - SSODL - AAF7C3FD(E) - {AAF7C3FD-6C92-4031-925E-AE7D32CE04D4} = 2008-8-14 21:42:28 O21 - SSODL - 0E88951F(6) - {0E88951F-CAB9-4590-9B85-E6B5C2AB84A7} = 2008-8-14 21:42:28 O21 - SSODL - AEA214BF(9) - {AEA214BF-0530-474C-821D-49FD7F11DDDF} = 2008-8-14 21:42:28 O21 - SSODL - B188DCF7(B) - {B188DCF7-19D5-429F-A28E-EBF79F454DD4} = 2008-8-14 21:42:28 O21 - SSODL - 97FEF446(D) - {97FEF446-831B-434E-9F88-5DE1C61D722F} = 2008-8-14 21:42:28 O21 - SSODL - 9AB77B8C(0) - {9AB77B8C-B9C1-4CD8-8C32-000385AB62AC} = 2008-8-14 21:42:28 O21 - SSODL - AC8EEE47(3) - {AC8EEE47-4BB8-4210-A8BF-1357848B60CF} = 2008-8-14 21:42:28 O21 - SSODL - EB8F6190(B) - {EB8F6190-8635-435C-AE1A-AB92826A2B5C} = 2008-8-14 21:42:28 O21 - SSODL - 727ED075(0) - {727ED075-7F18-475E-ABC9-90BA952815AD} = 2008-8-14 21:42:28 O21 - SSODL - FDB30DD7(9) - {FDB30DD7-8A50-4410-A1CC-095C9D916C89} = 2008-8-14 21:42:28 O21 - SSODL - 5CBCDC25(A) - {5CBCDC25-6ECF-4B35-BF7A-FA2600154328} = 2008-8-14 21:42:28 O21 - SSODL - B8DFE7B0(B) - {B8DFE7B0-764D-46FC-85D9-5B6544DB586B} = 2008-8-14 21:42:28 O21 - SSODL - F68EF44D(3) - {F68EF44D-E585-4BA1-AA28-03AB65954236} = 2008-8-14 21:42:28 O21 - SSODL - E5437B5A(7) - {E5437B5A-3179-490E-AAB7-079B492D1B76} = 2008-8-14 21:42:28 O21 - SSODL - 0247AA90(3) - {0247AA90-6140-42CD-9227-F3A81E926100} = 2008-8-14 21:42:28 O21 - SSODL - 986F4AAC(8) - {986F4AAC-D856-4DA6-92B7-28FE500AF71F} = 2008-8-14 21:42:28 O21 - SSODL - 5D4913C9(9) - {5D4913C9-ABB4-48E1-AC85-89B4C93AC936} = 2008-8-14 21:42:28 O21 - SSODL - 9F5602BA(B) - {9F5602BA-A701-459E-989F-1BC6A773D9F4} = 2008-8-14 21:42:28 O21 - SSODL - AD8D7C15(B) - {AD8D7C15-F896-46FE-A25B-6B517F916A3E} = 2008-8-14 21:42:28 O21 - SSODL - CB91C558(0) - {CB91C558-8657-48F8-BC17-3075822B42C7} = 2008-8-14 21:42:28 O21 - SSODL - AEC603F1(9) - {AEC603F1-C0C4-47C2-8B10-6912C8B84367} = 2008-8-14 21:42:28 O21 - SSODL - 31BDF495(6) - {31BDF495-8A6D-4485-BE76-C69517456E68} = 2008-8-14 21:42:28 O21 - SSODL - 189F36EE(B) - {189F36EE-F3D8-4205-99A3-CB03E00D672E} = 2008-8-14 21:42:28 O21 - SSODL - 75548A73(4) - {75548A73-9F97-40E0-B4DB-6447DD3F739F} = 2008-8-14 21:42:28 O21 - SSODL - 521B449B(2) - {521B449B-5819-4969-8196-424AD06D4988} = 2008-8-14 21:42:28 O21 - SSODL - 92BFE0C2(B) - {92BFE0C2-0F39-4033-924D-8B8A4192695A} = 2008-8-14 21:42:28 O21 - SSODL - 62434D8C(6) - {62434D8C-DE20-4150-B52D-66A9E704B1B7} = 2008-8-14 21:42:28 O21 - SSODL - 7650CBC7(7) - {7650CBC7-36C2-49D8-9FFF-679E1DE97D7B} = 2008-8-14 21:42:28 O21 - SSODL - 89F95F77(A) - {89F95F77-B8A8-4B65-B9B3-FAC09F44DE46} = 2008-8-14 21:42:28 O23 - 服务: 38C2A (38C2A) -(自动) O23 - 服务: aliimz () - (手动) O23 - 服务: BdGuard (BdGuard) - 2008-11-17 22:9:2(引导) O23 - 服务: c6424110 (c6424110) - 2008-12-4 9:54:22(手动) O23 - 服务: dd3133sdd2 (dasd1s2d2) - -r 2008-11-9 3:55:52(禁用) O23 - 服务: dd3143sdd2 (dasd4s2d2) - -r 2008-11-11 7:6:50(禁用) O23 - 服务: dd3asdf33sdd2 (dasdf33s2d2) - -r 2008-11-11 7:6:50(禁用) O23 - 服务: W32Time (Windows Time) C:/WINDOWS/system32/svchost.exe -k netsvcs 2004-8-16 8:39:24 - 2008-12-4 8:35:22(自动) O24 - ShlExecHook: [8] - {1BE1B1E8-63AB-4B1B-B3FE-EE1675C8C408} = 2008-8-14 21:42:28 O24 - ShlExecHook: [A] - {D83334D5-7CDD-428C-8D1F-1805D1DD155A} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {9998A2F1-52FB-4330-B3B6-4F0BBD80F00F} = 2008-8-14 21:42:28 O24 - ShlExecHook: [2] - {B2D304CA-5F88-4FB1-87CA-FF4A72E24F02} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {CA66726A-245F-4B1A-ADB9-299F0E5A2676} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {515E5B45-71DE-4DB4-AF59-81187BC1A60F} = 2008-8-14 21:42:28 O24 - ShlExecHook: [C] - {ED931691-2379-4685-961D-FA92630111CC} = 2008-8-14 21:42:28 O24 - ShlExecHook: [C] - {D38C7BBA-15B4-47C4-BA2C-4355BE46220C} = 2008-8-14 21:42:28 O24 - ShlExecHook: [E] - {08223B03-1B38-4A33-A83A-A4D3CC1D6E4E} =O24 - ShlExecHook: [6] - {4FBFD5A4-5FE8-4444-8BD9-FD0FAFA64F96} =O24 - ShlExecHook: [] - {EF8EFC85-0038-479B-BB0E-B0A52A15CECA} = 2008-12-4 9:54:44 O24 - ShlExecHook: [5] - {03A1D295-333C-4A8B-A948-85F5C9A51E45} = 2008-8-14 21:42:28 O24 - ShlExecHook: [B] - {143CE310-9E32-40F6-982F-C7AE1AD85D7B} = 2008-8-14 21:42:28 O24 - ShlExecHook: [B] - {F21511FC-3FB3-4753-80CE-DF2BA4109ECB} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {5A0F83A6-2DC9-4756-9EA6-1BEF240872D6} = 2008-8-14 21:42:28 O24 - ShlExecHook: [D] - {41F8FCF3-0590-47AA-82B8-9D5CB81D757D} = 2008-8-14 21:42:28 O24 - ShlExecHook: [5] - {7C0DFD7B-9330-45A7-B73D-9CEE56002905} = 2008-8-14 21:42:28 O24 - ShlExecHook: [C] - {518F57D3-E6E4-4BCC-89FF-CA01A0B9630C} = 2008-8-14 21:42:28 O24 - ShlExecHook: [2] - {63F62981-B224-44CB-A4D6-915DF9DC2792} = 2008-8-14 21:42:28 O24 - ShlExecHook: [] - {7D182ECE-BFD3-4482-902F-035F4CE9A3C4} = 2008-12-4 17:19:22 O24 - ShlExecHook: [F] - {56D809D2-CD6A-47E4-98AC-FDB84960CCDF} = 2008-8-14 21:42:28 O24 - ShlExecHook: [B] - {AF73E0FB-F97E-44C9-A525-2D8083B090FB} = 2008-8-14 21:42:28 O24 - ShlExecHook: [2] - {2A5479B5-5B77-42C3-9E10-6EF25FA1E9D2} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {1BDB68CE-E522-4E88-906C-E9DCEC79684F} = 2008-8-14 21:42:28 O24 - ShlExecHook: [8] - {64DDF481-B0C5-4A54-8D79-4C1537AEA648} =O24 - ShlExecHook: [1] - {F7902582-CAE9-4DD6-B478-B4C27B274221} = 2008-8-14 21:42:28 O24 - ShlExecHook: [2] - {7F99099C-3F42-4F2E-B487-77F74AE419D2} = 2008-8-14 21:42:28 O24 - ShlExecHook: [1] - {03B54254-E3B2-48EF-9873-CDBA3BE868B1} =O24 - ShlExecHook: [4] - {E531B068-8EEE-453E-AD96-3573EDBB5464} = 2008-8-14 21:42:28 O24 - ShlExecHook: [9] - {C9B17E4E-14D1-48F6-A892-406CCF8D80A9} = 2008-8-14 21:42:28 O24 - ShlExecHook: [0] - {0C008684-73DA-4651-AE4D-8753889720F0} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {405BF191-0B75-40F0-8419-2B8673A17646} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {F5AFAFA3-51DE-4122-8297-5F3A26036C3F} = 2008-8-14 21:42:28 O24 - ShlExecHook: [7] - {4E0FA2F2-23FD-4CEA-81C7-CFF52055A357} = 2008-8-14 21:42:28 O24 - ShlExecHook: [E] - {C6098E7C-9DF8-4050-99D5-FC179842648E} = 2008-8-14 21:42:28 O24 - ShlExecHook: [C] - {715989E4-F1B1-476A-8916-54F1DAD1B5BC} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {957E8C5A-7DFD-4024-A7F4-ABA78DFF6916} = 2008-8-14 21:42:28 O24 - ShlExecHook: [2] - {F1BF7C7A-5341-40AC-A748-F554B11C8922} = 2008-8-14 21:42:28 O24 - ShlExecHook: [4] - {8D668351-A384-4DCF-BE57-7E6C6EA29C54} = 2008-8-14 21:42:28 O24 - ShlExecHook: [B] - {EFE5D671-281A-44DB-B093-6F315B0EEFEB} = 2008-8-14 21:42:28 O24 - ShlExecHook: [D] - {CE544718-D00D-4066-8445-21064C08227D} = 2008-8-14 21:42:28 O24 - ShlExecHook: [3] - {1D2317A1-325C-469B-B6E5-FA6ED43B4F43} = 2008-8-14 21:42:28 O24 - ShlExecHook: [5] - {FE9441A0-7186-4D64-8980-4EA69C01AD45} = 2008-8-14 21:42:28 O24 - ShlExecHook: [2] - {75F56ED4-7AF8-4F8C-ABBB-8C734A6F69E2} = 2008-8-14 21:42:28 O24 - ShlExecHook: [D] - {4A7C6D50-5BA2-420A-B9F9-CCEDEFDA2EDD} = 2008-8-14 21:42:28 O24 - ShlExecHook: [A] - {9CF1EEA8-2EE2-40DA-B3C2-DB17FE31E70A} = 2008-8-14 21:42:28 O24 - ShlExecHook: [D] - {78549EA1-53D5-42EA-817A-F0887953B9FD} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {1325C941-260C-488E-AE52-16612486890F} = 2008-8-14 21:42:28 O24 - ShlExecHook: [3] - {19A916DC-58AA-4E47-9095-567527D0FD73} = 2008-8-14 21:42:28 O24 - ShlExecHook: [0] - {C406A026-243E-486C-873F-84F8FCDA3670} = 2008-8-14 21:42:28 O24 - ShlExecHook: [A] - {58E4F255-C6AC-4C0A-8202-8A623BFBFD4A} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {6027FB67-872E-4389-8DDF-95A33EBCF4FF} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {52C1B2E2-8635-4454-8A61-EA9BFDFA15E6} = 2008-8-14 21:42:28 O24 - ShlExecHook: [4] - {AAF7C3FD-6C92-4031-925E-AE7D32CE04D4} = 2008-8-14 21:42:28 O24 - ShlExecHook: [7] - {0E88951F-CAB9-4590-9B85-E6B5C2AB84A7} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {AEA214BF-0530-474C-821D-49FD7F11DDDF} = 2008-8-14 21:42:28 O24 - ShlExecHook: [4] - {B188DCF7-19D5-429F-A28E-EBF79F454DD4} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {97FEF446-831B-434E-9F88-5DE1C61D722F} = 2008-8-14 21:42:28 O24 - ShlExecHook: [C] - {9AB77B8C-B9C1-4CD8-8C32-000385AB62AC} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {AC8EEE47-4BB8-4210-A8BF-1357848B60CF} = 2008-8-14 21:42:28 O24 - ShlExecHook: [C] - {EB8F6190-8635-435C-AE1A-AB92826A2B5C} = 2008-8-14 21:42:28 O24 - ShlExecHook: [D] - {727ED075-7F18-475E-ABC9-90BA952815AD} = 2008-8-14 21:42:28 O24 - ShlExecHook: [9] - {FDB30DD7-8A50-4410-A1CC-095C9D916C89} = 2008-8-14 21:42:28 O24 - ShlExecHook: [8] - {5CBCDC25-6ECF-4B35-BF7A-FA2600154328} = 2008-8-14 21:42:28 O24 - ShlExecHook: [B] - {B8DFE7B0-764D-46FC-85D9-5B6544DB586B} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {F68EF44D-E585-4BA1-AA28-03AB65954236} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {E5437B5A-3179-490E-AAB7-079B492D1B76} = 2008-8-14 21:42:28 O24 - ShlExecHook: [0] - {0247AA90-6140-42CD-9227-F3A81E926100} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {986F4AAC-D856-4DA6-92B7-28FE500AF71F} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {5D4913C9-ABB4-48E1-AC85-89B4C93AC936} = 2008-8-14 21:42:28 O24 - ShlExecHook: [4] - {9F5602BA-A701-459E-989F-1BC6A773D9F4} = 2008-8-14 21:42:28 O24 - ShlExecHook: [E] - {AD8D7C15-F896-46FE-A25B-6B517F916A3E} = 2008-8-14 21:42:28 O24 - ShlExecHook: [7] - {CB91C558-8657-48F8-BC17-3075822B42C7} = 2008-8-14 21:42:28 O24 - ShlExecHook: [7] - {AEC603F1-C0C4-47C2-8B10-6912C8B84367} = 2008-8-14 21:42:28 O24 - ShlExecHook: [8] - {31BDF495-8A6D-4485-BE76-C69517456E68} = 2008-8-14 21:42:28 O24 - ShlExecHook: [E] - {189F36EE-F3D8-4205-99A3-CB03E00D672E} = 2008-8-14 21:42:28 O24 - ShlExecHook: [F] - {75548A73-9F97-40E0-B4DB-6447DD3F739F} = 2008-8-14 21:42:28 O24 - ShlExecHook: [8] - {521B449B-5819-4969-8196-424AD06D4988} = 2008-8-14 21:42:28 O24 - ShlExecHook: [A] - {92BFE0C2-0F39-4033-924D-8B8A4192695A} = 2008-8-14 21:42:28 O24 - ShlExecHook: [7] - {62434D8C-DE20-4150-B52D-66A9E704B1B7} = 2008-8-14 21:42:28 O24 - ShlExecHook: [B] - {7650CBC7-36C2-49D8-9FFF-679E1DE97D7B} = 2008-8-14 21:42:28 O24 - ShlExecHook: [6] - {89F95F77-B8A8-4B65-B9B3-FAC09F44DE46} = 2008-8-14 21:42:28O26 - IFEO: 360rpt.exe ntsd -dO26 - IFEO: 360safe.exe TASKMAN.EXEO26 - IFEO: 360safebox.exe TASKMAN.EXEO26 - IFEO: 360safeup.exe TASKMAN.EXEO26 - IFEO: 360tray.exe TASKMAN.EXEO26 - IFEO: adam.exe ntsd -dO26 - IFEO: AgentSvr.exe ntsd -dO26 - IFEO: AntiArp.exe ntsd -dO26 - IFEO: AppSvc32.exe ntsd -dO26 - IFEO: arswp.exe ntsd -dO26 - IFEO: AST.exe ntsd -dO26 - IFEO: autoruns.exe ntsd -dO26 - IFEO: avcenter.exe ntsd -dO26 - IFEO: avconsol.exe ntsd -dO26 - IFEO: avgnt.exe ntsd -dO26 - IFEO: avgrssvc.exe ntsd -dO26 - IFEO: AvMonitor.exe ntsd -dO26 - IFEO: avp.com ntsd -dO26 - IFEO: avp.exe TASKMAN.EXEO26 - IFEO: CCenter.exe TASKMAN.EXEO26 - IFEO: ccSvcHst.exe ntsd -dO26 - IFEO: DrvAnti.exe ntsd -dO26 - IFEO: EGHOST.exe ntsd -dO26 - IFEO: egui.exe TASKMAN.EXEO26 - IFEO: ekrn.exe TASKMAN.EXEO26 - IFEO: esslibupdate.exe TASKMAN.EXEO26 - IFEO: extdb.exe TASKMAN.EXEO26 - IFEO: FileDsty.exe ntsd -dO26 - IFEO: filemon.exe ntsd -dO26 - IFEO: FTCleanerShell.exe ntsd -dO26 - IFEO: FYFireWall.exe ntsd -dO26 - IFEO: GFRing3.exe ntsd -dO26 - IFEO: GFUpd.exe ntsd -dO26 - IFEO: HijackThis.exe ntsd -dO26 - IFEO: IceSword.exe ntsd -dO26 - IFEO: iparmo.exe ntsd -dO26 - IFEO: Iparmor.exe ntsd -dO26 - IFEO: isPwdSvc.exe ntsd -dO26 - IFEO: kabaload.exe ntsd -dO26 - IFEO: KASMain.exe ntsd -dO26 - IFEO: KASTask.exe ntsd -dO26 - IFEO: KAV32.exe ntsd -dO26 - IFEO: KAVDX.exe ntsd -dO26 - IFEO: KAVPF.exe ntsd -dO26 - IFEO: KAVPFW.exe ntsd -dO26 - IFEO: KAVSetup.exe ntsd -dO26 - IFEO: KAVStart.exe ntsd -dO26 - IFEO: KISLnchr.exe ntsd -dO26 - IFEO: KMailMon.exe ntsd -dO26 - IFEO: KMFilter.exe ntsd -dO26 - IFEO: KPFW32.exe ntsd -dO26 - IFEO: KPFW32X.exe ntsd -dO26 - IFEO: KPfwSvc.exe ntsd -dO26 - IFEO: Kregex.exe ntsd -dO26 - IFEO: KRepair.com ntsd -dO26 - IFEO: KsLoader.exe ntsd -dO26 - IFEO: KvDetect.exe ntsd -dO26 - IFEO: KvfwMcl.exe ntsd -dO26 - IFEO: kvol.exe ntsd -dO26 - IFEO: kvolself.exe ntsd -dO26 - IFEO: KVSrvXP.exe ntsd -dO26 - IFEO: kvupload.exe ntsd -dO26 - IFEO: kvwsc.exe ntsd -dO26 - IFEO: KvXP.kxp ntsd -dO26 - IFEO: KWatch.exe ntsd -dO26 - IFEO: KWatch9x.exe ntsd -dO26 - IFEO: KWatchX.exe ntsd -dO26 - IFEO: MagicSet.exe ntsd -dO26 - IFEO: mcconsol.exe ntsd -dO26 - IFEO: McNASvc.exe ntsd -dO26 - IFEO: McProxy.exe ntsd -dO26 - IFEO: Mcshield.exe ntsd -dO26 - IFEO: mcsysmon.exe ntsd -dO26 - IFEO: mmqczj.exe ntsd -dO26 - IFEO: mmsk.exe ntsd -dO26 - IFEO: MpfSrv.exe ntsd -dO26 - IFEO: Navapsvc.exe ntsd -dO26 - IFEO: Navapw32.exe ntsd -dO26 - IFEO: NAVSetup.exe ntsd -dO26 - IFEO: nod32.exe ntsd -dO26 - IFEO: nod32krn.exe TASKMAN.EXEO26 - IFEO: nod32kui.exe TASKMAN.EXEO26 - IFEO: NPFMntor.exe ntsd -dO26 - IFEO: PFW.exe ntsd -dO26 - IFEO: PFWLiveUpdate.exe ntsd -dO26 - IFEO: ProcessSafe.exe ntsd -dO26 - IFEO: procexp.exe ntsd -dO26 - IFEO: QHSET.exe ntsd -dO26 - IFEO: QQKav.exe ntsd -dO26 - IFEO: ras.exe TASKMAN.EXEO26 - IFEO: Rav.exe TASKMAN.EXEO26 - IFEO: RavMon.exe TASKMAN.EXEO26 - IFEO: RavMonD.exe TASKMAN.EXEO26 - IFEO: RavStub.exe TASKMAN.EXEO26 - IFEO: RavTask.exe TASKMAN.EXEO26 - IFEO: RawCopy.exe ntsd -dO26 - IFEO: RegClean.exe ntsd -dO26 - IFEO: regmon.exe ntsd -dO26 - IFEO: RegTool.exe ntsd -dO26 - IFEO: rfwcfg.exe TASKMAN.EXEO26 - IFEO: rfwmain.exe TASKMAN.EXEO26 - IFEO: rfwProxy.exe TASKMAN.EXEO26 - IFEO: rfwsrv.exe TASKMAN.EXEO26 - IFEO: rfwstub.exe TASKMAN.EXEO26 - IFEO: RsAgent.exe ntsd -dO26 - IFEO: Rsaupd.exe TASKMAN.EXEO26 - IFEO: RsMain.exe TASKMAN.EXEO26 - IFEO: rsnetsvr.exe TASKMAN.EXEO26 - IFEO: RSTray.exe TASKMAN.EXEO26 - IFEO: rstrui.exe ntsd -dO26 - IFEO: Rtvscan.exe ntsd -dO26 - IFEO: runiep.exe TASKMAN.EXEO26 - IFEO: safebank.exe TASKMAN.EXEO26 - IFEO: safeboxTray.exe TASKMAN.EXEO26 - IFEO: safeboxup.exe TASKMAN.EXEO26 - IFEO: safelive.exe ntsd -dO26 - IFEO: scan32.exe ntsd -dO26 - IFEO: ScanFrm.exe TASKMAN.EXEO26 - IFEO: shcfg32.exe ntsd -dO26 - IFEO: SmartUp.exe TASKMAN.EXEO26 - IFEO: SREng.exe ntsd -dO26 - IFEO: SuperKiller.exe ntsd -dO26 - IFEO: symlcsvc.exe ntsd -dO26 - IFEO: SysSafe.exe ntsd -dO26 - IFEO: taskmgr.exe ntsd -dO26 - IFEO: TrojanDetector.exe ntsd -dO26 - IFEO: Trojanwall.exe ntsd -dO26 - IFEO: TrojDie.exe ntsd -dO26 - IFEO: UIHost.exe ntsd -dO26 - IFEO: UmxAgent.exe ntsd -dO26 - IFEO: UmxAttachment.exe ntsd -dO26 - IFEO: UmxCfg.exe ntsd -dO26 - IFEO: UmxFwHlp.exe ntsd -dO26 - IFEO: UmxPol.exe ntsd -dO26 - IFEO: UpFile.exe TASKMAN.EXEO26 - IFEO: upiea.exe ntsd -dO26 - IFEO: UpLive.exe ntsd -dO26 - IFEO: USBCleaner.exe ntsd -dO26 - IFEO: vsstat.exe ntsd -dO26 - IFEO: webscanx.exe ntsd -dO26 - IFEO: WoptiClean.exe ntsd -dO26 - IFEO: zxsweep.exe ntsd -dO29 - HKCU-Start Page = O29 - HKLM-Start Page =
(未完待续)
system.exe,alien32.exe,ftsKetNt.7ps,SysKetNt.Sys, iexpe.exe等1相关推荐
- 磁碟机变种简单分析(lsass.exe、smss.exe、dnsq.dll、NetApi000.sys)
from: http://bbs.xcdx169.net/redirect.php?tid=56034&goto=lastpost&sid=NrNn1c 磁碟机变种简单分析(lsass ...
- dwshd.sys,EASYDOWNS.sys,HBKernel32.sys,QQPlatform.exe,RDPWD.sys,easy2.exe等
dwshd.sys,EASYDOWNS.sys,HBKernel32.sys,QQPlatform.exe,RDPWD.sys,easy2.exe等 endurer 原创 2008-11-25 第1版 ...
- winyyy.sys,hcpidesk.sys,mtlrd.sys,uldfhjfh.sys,servets.exe等1
winyyy.sys,hcpidesk.sys,mtlrd.sys,uldfhjfh.sys,servets.exe等1 endurer 原创 2009-11-19 第1版 一位朋友的电脑最近开机速度 ...
- matlab7 fig exe 阴影,Matlab 生成完全独立运行的 EXE文件的问题请教
如何将matlab gui文件编辑成exe可执行文件 我现在用Matlab M文件写了一个计算程序,当输入一些数时,通过程序,计算出一些结果.(比如我的 程序是sum=(a+b+c)/d,即给定a,b ...
- pyinstaller打包生成的exe文件并使用python终止后台的exe程序运行
pyinstaller打包生成的exe文件并使用python终止后台的exe程序运行 目录 pyinstaller打包生成的exe文件并使用python终止后台的exe程序运行 #pyinstalle ...
- cidaemon.exe是什么进程及如何关闭cidaemon.exe进程
问题描述: 这段时间机器总是出现一个奇怪的问题:cidaemon.exe进程占用CUP率98%以上,大大影响了电脑的正常使用.资源管理器中出现多个cidaemon.exe进程,强制结束占用cpu率最 ...
- 此spoolsv.exe(木马程序)非彼spoolsv.exe(系统进程)
原文地址为: 此spoolsv.exe(木马程序)非彼spoolsv.exe(系统进程) 在网上查资料时,不知何时中招了,而且是悄无声息的,直到有很多广告之类的东西跳出来之后,我才感觉到问题的严重.于 ...
- 登录Windows后自动注销,原来中了pcidump.sys,scvhost.exe,SoundxVolumns.dll,kav32.exe等
今天上午,一位同事的电脑出现登录Windows后自动注销的故障,用 WinPE 检查发现c:/windows/system32/userinit.exe丢失,从其它电脑中复制了一个userinit.e ...
- c0nima.exe,systemKb.sys,mppds.exe,c0nime.exe这些都是病毒产生的文件
从昨天晚上开始,我的机子就中病毒了,这个病毒总体说来还是不叫仁慈的,没有什么破坏(对我而已),只是把我的瑞星监控给停止了,以及静音!其他的就是在c:/winnt下生成几个文件,下面是我求救时写的文章: ...
最新文章
- jmeter吞吐量图形显示_Jmeter系列(43)- 详解 Jmeter 图形化 HTML 压测报告之 Charts 模块...
- orgman set触发的pricing set创建逻辑
- ASP.NET Core 3.0:将会拥有更少的依赖
- NVIDIA开源了基于PyTorch的3D深度学习的综合库
- 过山车99java游戏_过山车乐园游戏下载
- swift. 扩展类添加属性_Swift快速为类扩展属性
- mysql procedure
- cameraman matlab 自带图,[转载]【MATLAB】MATLAB的自带数据及可生成数据的函数——图片形式...
- 数据分析训练营还有这些内容(Spark)
- python :编写装饰器
- ORACEL使用脚本来修改表结构
- log4j MDC用户操作日志追踪配置
- python中怎么统计英文字符的个数_python 输入一行字符,分别统计出其中英文字母,空格,数字和其他字符的个数用python代码输入一行字符...
- 【小程序】自定义组件设置样式失效使用外部样式类解决
- Springboot+Vue实现仿课堂派
- 2022-2027年中国发动机行业市场调研及未来发展趋势预测报告
- html图片标签img的介绍以及基本用法详解
- 5G科普——CU和DU分离
- 质数(素数)的几种求法
- 人间真实:最烂代码排行榜!!!