瑞星卡卡安全论坛个人产品讨论区瑞星杀毒软件瑞星杀毒软件2011 我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

12   1  /  2  页   跳转

[求助] 我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

收藏
烂游戏家
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2008-12-12
  • 来自:
发表于: 2008-12-13 15:50 | 只看楼主 短消息 资料
字号: 1楼

我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

电脑的版本是 2003服务器版本。杀毒后开机有的时候开不了一直停留在出现server 2003的画面进 关闭电源,在在机可以进入,运行出现提示:之前SYSTEM文件损坏,现在已经恢复,有可能出现数据丢失。
  有的时候打开网页或运行程序时自动重起。 
      请各位高手帮帮我  谢谢老。。。

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; iCafeMedia; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )
分享到:
gototop
 
帅哥阿福
头像
雄霸杖朝狮
  • 帖子:21071
  • 注册: 2006-03-29
  • 来自:米兰
论坛8周年活动礼物祖国六十华诞09欢乐圣诞
发表于: 2008-12-13 15:53 | 短消息 资料
字号: 2楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

试试能否启动“最后一次配置”
如果这个也进入不了,估计是系统文件损坏了,建议修复系统。
╭∩╮(︶︿︶)╭∩╮
gototop
 
烂游戏家
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2008-12-12
  • 来自:
发表于: 2008-12-13 15:55 | 只看楼主 短消息 资料
字号: 3楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

可以进入系统  就是有的时候要运行程序不知道为什么就重起了
gototop
 
piao2008
头像
横据古稀狮
  • 帖子:10181
  • 注册: 2008-05-04
  • 来自:东北那嘎达
论坛8周年活动礼物
发表于: 2008-12-13 15:56 | 短消息 资料
字号: 4楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

用System Repair Engineer扫描日志,将日志作为附件上传上来。
下载页面:http://www.kztechs.com/sreng/download.html
操作方法:
1、下载后解压缩,运行SREngPS.EXE;
2、如果无法打开尝试把SREngPS.EXE改名为123.com,并复制到c:\windows目录下运行;
3、依次点击【智能扫描】-【扫描】,耐心等待,扫描结束后点击【保存报告】;
4、选择保存路径,文件名保持默认,直接点击【保存】;
5、打开保存的日志文件SREngLOG.log,完整复制全部内容,新建一个文本文档,将日志中的全部内容粘贴到“新建文本文档.txt”中;
6、将“新建文本文档.txt”作为附件上传,同时务必详细描述问题现象,如果有查杀不净的病毒务必提供病毒名和路径。
注意:扫描前请尽量关闭QQ、游戏、下载工具、媒体播放器等应用程序。
7.将SREngLOG.log日志上传到论坛的反病毒/ 反流氓软件专区,链接地址:http://bbs.ikaka.com/showforum-28.aspx
gototop
 
烂游戏家
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2008-12-12
  • 来自:
发表于: 2008-12-13 16:08 | 只看楼主 短消息 资料
字号: 5楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

[CODE]

2008-12-13,16:08:40

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition Service Pack 2 (Build 3790) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat><internat.exe>  [Microsoft Corporation]
    <Menuchk><D:\EyooManager\manager.exe>  [盛天信息技术有限公司]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><c:\windows\system32\userinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
gototop
 
烂游戏家
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2008-12-12
  • 来自:
发表于: 2008-12-13 16:10 | 只看楼主 短消息 资料
字号: 6楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat><internat.exe>  [Microsoft Corporation]
    <Menuchk><D:\EyooManager\manager.exe>  [盛天信息技术有限公司]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><c:\windows\system32\userinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
    <FBD2EC7B><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\INF\unregmp2.exe /HideWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}]
    <%IEHARDENADMIN_BASE_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenAdmin>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}]
    <%IEHARDENUSER_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <WebThunder><; d:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
gototop
 
烂游戏家
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2008-12-12
  • 来自:
发表于: 2008-12-13 16:10 | 只看楼主 短消息 资料
字号: 7楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

=================================
启动文件夹
[用户磁盘服务端]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\用户磁盘服务端.lnk --> D:\EYOOMA~1\US.exe []><N>

==================================
服务
[DNS Client / Dnscache][Stopped/Auto Start]
  <-->%SystemRoot%\System32\dnsrslvr.dll><Microsoft Corporation>
[易游节点磁盘服务 / EyooVdiskService][Running/Auto Start]
  <d:\EyooManager\NodeService.exe><Century Info & Tech Co., Ltd.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[P4P Service / P4P Service][Running/Auto Start]
  <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Information Technology Co., Ltd.>
[Borland Socket Server / SocketServer][Running/Auto Start]
  <d:\EyooManager\ScktSrvr.exe><N/A>

==================================
驱动程序
[6457aed / 6457aed][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\6457aed.sys><N/A>
[b71fe93 / b71fe93][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\b71fe93.sys><N/A>
[f28907d / f28907d][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\f28907d.sys><N/A>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Information Technology Co., Ltd.>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Information Technology Co., Ltd.>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[NPF / NPF][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\2.tmp><CACE Technologies>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Realtek RTL8169 Gigabit Ethernet Adapter NT Driver / RTL8169][Running/Manual Start]
  <system32\DRIVERS\RT8169xp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[STVDISKX / STVDISKX][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\stvdiskx.sys><B.K. Softlab>

==================================
gototop
 
烂游戏家
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2008-12-12
  • 来自:
发表于: 2008-12-13 16:11 | 只看楼主 短消息 资料
字号: 8楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {09EB15FA-17D8-4D60-8598-3F549A848DF2} <C:\PROGRA~1\INTERN~1\PLUGINS\b54321.bho, N/A>
[]
  {16FF142F-BEBD-47CE-A3A6-D52A1A2ECB54} <, >
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[BBNBHO Class]
  {7C696E52-BF38-49A8-9017-ACE15A794707} <C:\WINDOWS\system32\BBN_iCafe_071210.dll, TODO: <Company name>>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[]
  {A93061FE-464A-4E95-8E96-A54CD948B0F7} <, >
[]
  {B01DED18-9E26-4F33-B373-F59758747AFF} <, >
[]
  {BE94760C-F6D8-4D48-9B0B-FF9F5C900C31} <, >
[]
  {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <, >
[Java Plug-in 1.5.0_11]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, N/A>
[启动WEB迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[Java Plug-in 1.5.0_11]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[RavOnline Class]
  {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} <C:\WINDOWS\Downloaded Program Files\RavOLCtl.dll, Beijing Rising Information Technology Co., Ltd.>
[Java Plug-in 1.5.0_11]
  {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_11]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll, (Signed) Sun Microsystems, Inc.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
  {09EB15FA-17D8-4D60-8598-3F549A848DF2} <C:\PROGRA~1\INTERN~1\PLUGINS\b54321.bho, N/A>
[Fade]
  {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\dxtmsft.dll, (Signed) Microsoft Corporation>
[]
  {16FF142F-BEBD-47CE-A3A6-D52A1A2ECB54} <, >
[]
  {1FDF86CF-5928-4C3F-8E98-2B737A98B96E} <, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[WebThunder DapPlayer]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <d:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.5712.71.78.dll, ShenZhen Thunder Networking Technologies Ltd.>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[]
  {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <, >
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, Xunlei Networking Technologies,LTD>
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll, (Signed) Thunder Networking Technologies,LTD>
[BBNBHO Class]
  {7C696E52-BF38-49A8-9017-ACE15A794707} <C:\WINDOWS\system32\BBN_iCafe_071210.dll, TODO: <Company name>>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\msxml4.dll, N/A>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[]
  {962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, >
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[RavOnline Class]
  {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} <C:\WINDOWS\Downloaded Program Files\RavOLCtl.dll, Beijing Rising Information Technology Co., Ltd.>
[]
  {A93061FE-464A-4E95-8E96-A54CD948B0F7} <, >
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5807.112.(482).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[]
  {B01DED18-9E26-4F33-B373-F59758747AFF} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[]
  {BE94760C-F6D8-4D48-9B0B-FF9F5C900C31} <, >
[DHTML Edit Control Safe for Scripting for IE6]
  {BF3FF9A2-AC03-40A1-BA0F-F31076325AA7} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Program Files\Kingsoft\Kingsoft Internet Security\Flash.OCX, (Signed) Adobe Systems, Inc.>
[]
  {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <, >
[QuickTimeCheck Class]
  {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\Ringz Studio\Storm Codec\QTSystem\QTCheck.ocx, (Signed) Apple Computer, Inc.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5880.234.(483).dll, (Signed) Xunlei Networking Technologies,LTD>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[使用WEB迅雷下载]
  <d:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用WEB迅雷下载全部链接]
  <d:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
gototop
 
烂游戏家
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2008-12-12
  • 来自:
发表于: 2008-12-13 16:12 | 只看楼主 短消息 资料
字号: 9楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

=================================
正在运行的进程
[PID: 308][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 368][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 392][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 440][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 452][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 632][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 704][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 756][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.33]
[PID: 772][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [c:\windows\system32\sfc_os.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 824][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 948][d:\EyooManager\NodeService.exe]  [Century Info & Tech Co., Ltd., 2.0.1.700]
    [d:\EyooManager\vdiskxsvr.dll]  [B.K. Softlab, 1, 0, 1, 0]
    [d:\EyooManager\VTLIMAGE.dll]  [B.K. Softlab, 1, 0, 0, 0]
    [d:\EyooManager\VDSERVER.dll]  [B.K. Softlab, 1, 0, 2, 0]
    [d:\EyooManager\vdiskxsdk.dll]  [B.K. Softlab, 3, 1, 0, 0]
    [d:\EyooManager\shortgun2.dll]  [B.K. Softlab, 2, 1, 0, 0]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1264][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\IdleTest.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[PID: 1288][C:\Program Files\Common Files\Sogou PXP\p2psvr.exe]  [Sohu.com Inc., 2, 0, 0, 20]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\P4P\p4pipc.dll]  [Sohu.com Inc., 1, 0, 0, 11]
[PID: 1324][d:\EyooManager\ScktSrvr.exe]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1460][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1544][C:\WINDOWS\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 1556][D:\EyooManager\manager.exe]  [盛天信息技术有限公司, 4.0.8.718]
    [C:\WINDOWS\system32\rtl100.bpl]  [CodeGear, 11.0.2804.9245]
    [D:\EyooManager\msvcp60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [C:\WINDOWS\system32\vcl100.bpl]  [CodeGear, 11.0.2804.9245]
    [C:\WINDOWS\system32\dbrtl100.bpl]  [CodeGear, 11.0.2804.9245]
    [C:\WINDOWS\system32\zcomponent110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\ZCore110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\ZParseSql110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\ZDbc110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\ZPlain110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\raizecomponentsvcl100.bpl]  [Raize Software, Inc., 4.3.2.0]
    [C:\WINDOWS\system32\vclx100.bpl]  [CodeGear, 11.0.2804.9245]
    [D:\EyooManager\vdiskxsdk.dll]  [B.K. Softlab, 3, 1, 0, 0]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [d:\EyooManager\DBService.dll]  [Century Info&Tec Co,Ltd, 1.0.1.512]
    [D:\EyooManager\sqlite3.dll]  [N/A, ]
    [C:\WINDOWS\system32\Midas.dll]  [CodeGear, 11.0.2804.9245]
    [C:\WINDOWS\system32\IdleTest.dll]  [N/A, ]
[PID: 1564][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3292]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
[PID: 1584][C:\Program Files\Rising\AntiSpyware\rstray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.16]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
    [C:\Program Files\Rising\AntiSpyware\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\AntiSpyware\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.31]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\AntiSpyware\rscommon.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.1.1]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\Rising\AntiSpyware\pngdll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\Program Files\Rising\AntiSpyware\runiep.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.41]
    [C:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.6]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
[PID: 1824][D:\EyooManager\Lava.exe]  [武汉盛天信息技术有限公司, 1.0.0.1]
    [D:\EyooManager\gkimtext.DLL]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\gsbase.dll]  [Beijing Dianji Technology LTD., 1, 0, 0, 1]
    [D:\EyooManager\zlib1.dll]  [, 1.2.1]
    [D:\EyooManager\gicconn.dll]  [, 0, 95, 285, 0]
    [D:\EyooManager\gicproxy.dll]  [N/A, ]
    [D:\EyooManager\GICComm.dll]  [Beijing Dianji Technology LTD., 1, 0, 0, 1]
    [D:\EyooManager\PPFTEngine.dll]  [, 1, 0, 1, 9]
    [D:\EyooManager\sqlite3.dll]  [N/A, ]
    [D:\EyooManager\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\EyooManager\DHtmlWnd.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\EyooManager\RingCtrl.dll]  [N/A, ]
    [D:\EyooManager\resagent.dll]  [N/A, ]
    [D:\EyooManager\GKPhone.dll]  [N/A, ]
    [D:\EyooManager\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [D:\EyooManager\gkcapture.dll]  [N/A, ]
    [D:\EyooManager\VideoVer2.dll]  [N/A, ]
    [D:\EyooManager\postprocess.dll]  [N/A, ]
    [D:\EyooManager\gkftagnt.dll]  [N/A, ]
    [C:\WINDOWS\system32\IdleTest.dll]  [N/A, ]
    [D:\EyooManager\UsbPhone.dll]  [, 1, 0, 0, 1]
    [D:\EyooManager\funproxy.dll]  [N/A, ]
    [D:\EyooManager\ruibase.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\contacts.dll]  [N/A, ]
    [D:\EyooManager\zone.dll]  [N/A, ]
    [D:\EyooManager\LavaShareProxy.dll]  [N/A, ]
    [D:\EyooManager\GrantManage.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\LavaViewer.dll]  [RealVNC Ltd., 3, 3, 7, 0]
    [D:\EyooManager\HTChatMsg.dll]  [N/A, ]
    [D:\EyooManager\PPFTCtrl.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\HTFrame.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\LavaSound.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\NamecardData.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\ActMsg.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\NamecardUI.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\IPQuery.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [D:\EyooManager\WT3933A.dll]  [Watertek, 2, 0, 0, 0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\msjetoledb40.dll]  [, ]
    [D:\EyooManager\imengine.dll]  [ , 0.5 alpha build #59]
    [D:\EyooManager\mirimwnd.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\Plugins\dbx_3x.dll]  [N/A, ]
    [D:\EyooManager\Plugins\msn.dll]  [ , 0.5.0.2]
    [D:\EyooManager\Plugins\yahoo.dll]  [Gennady Feldman, 0.3.0.10]
    [D:\EyooManager\TribeApp.dll]  [N/A, ]
    [D:\EyooManager\tribepresentation.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\TribeCore.dll]  [N/A, ]
    [D:\EyooManager\TribeComm.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\MemberPresentation.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\tribechat.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\ChatGateway.dll]  [TODO: <公司名>, 1.0.0.1]
    [D:\EyooManager\tribeweb.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\tribefile.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\tribescorepresentation.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\EyooManager\YoYomanage.dll]  [武汉盛天信息技术有限公司, 4.0.5.706]
    [C:\WINDOWS\system32\rtl100.bpl]  [CodeGear, 11.0.2804.9245]
    [C:\WINDOWS\system32\vcl100.bpl]  [CodeGear, 11.0.2804.9245]
    [C:\WINDOWS\system32\raizecomponentsvcl100.bpl]  [Raize Software, Inc., 4.3.2.0]
    [C:\WINDOWS\system32\vclx100.bpl]  [CodeGear, 11.0.2804.9245]
    [C:\WINDOWS\system32\zcomponent110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\ZCore110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\ZParseSql110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\ZDbc110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\ZPlain110.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system32\dbrtl100.bpl]  [CodeGear, 11.0.2804.9245]
    [D:\EyooManager\lvpfunc.dll]  [N/A, ]
    [d:\EyooManager\DBService.dll]  [Century Info&Tec Co,Ltd, 1.0.1.512]
    [C:\WINDOWS\system32\Midas.dll]  [CodeGear, 11.0.2804.9245]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
[PID: 1452][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRA~1\INTERN~1\PLUGINS\b54321.bho]  [N/A, ]
    [C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll]  [Sun Microsystems, Inc., 5.0.110.3]
    [C:\WINDOWS\system32\BBN_iCafe_071210.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\UrlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\Program Files\Rising\AntiSpyware\UrlRule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [C:\WINDOWS\system32\IdleTest.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\Flash.OCX]  [Adobe Systems, Inc., 9,0,124,0]
[PID: 872][d:\Program Files\Thunder Network\WebThunder\WebThunder.exe]  [深圳市迅雷网络技术有限公司, 1, 13, 1, 224]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [d:\Program Files\Thunder Network\WebThunder\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [d:\Program Files\Thunder Network\WebThunder\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [d:\Program Files\Thunder Network\WebThunder\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [d:\Program Files\Thunder Network\WebThunder\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [d:\Program Files\Thunder Network\WebThunder\streammedialib.dll]  [, 1, 3, 2, 124]
    [d:\Program Files\Thunder Network\WebThunder\al.dll]  [, 1, 0, 1, 3]
    [d:\Program Files\Thunder Network\WebThunder\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [d:\Program Files\Thunder Network\WebThunder\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [d:\Program Files\Thunder Network\WebThunder\CacheServer.dll]  [, 1, 0, 0, 1]
    [d:\Program Files\Thunder Network\WebThunder\XLSafe\SafeInfo.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 2]
    [d:\Program Files\Thunder Network\WebThunder\XLSafe\RMFScan.dll]  [N/A, ]
    [d:\Program Files\Thunder Network\WebThunder\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\IdleTest.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll]  [Thunder Networking Technologies,LTD, 3, 1, 6, 81]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.6041.0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security\Flash.OCX]  [Adobe Systems, Inc., 9,0,124,0]
    [d:\Program Files\Thunder Network\WebThunder\DownAndPlay\WebDownAndPlay.dll]  [ShenZhen Thunder Networking Technologies Ltd., 1, 0, 4, 22]
    [d:\Program Files\Thunder Network\WebThunder\XLStatistic\XLStatisticAddin.dll]  [深圳市迅雷网络技术有限公司, 1, 4, 1, 5]
[PID: 364][C:\Documents and Settings\Administrator\桌面\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
[PID: 1332][C:\Documents and Settings\Administrator\桌面\SREac3013ff.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\WINDOWS\system32\IdleTest.dll]  [N/A, ]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
    [C:\Documents and Settings\Administrator\桌面\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
gototop
 
烂游戏家
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2008-12-12
  • 来自:
发表于: 2008-12-13 16:14 | 只看楼主 短消息 资料
字号: 10楼

回复:我的电脑中毒后进安全模式杀毒后,还出现问题!!!!

=================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      v.onondown.com.cn
127.0.0.2      ymsdasdw1.cn
127.0.0.3      h96b.info
127.0.0.0      xxx.zttwp.cn
127.0.0.0      www.hackerbf.cn
127.0.0.0      geekbyfeng.cn
127.0.0.0      121.14.101.68
127.0.0.0      ppp.etimes888.com
127.0.0.0      www.bypk.com
127.0.0.0      CSC3-2004-crl.verisign.com
127.0.0.1      va9sdhun23.cn
127.0.0.0      udp.hjob123.com
127.0.0.2      bnasnd83nd.cn
127.0.0.0      www.gamehacker.com.cn
127.0.0.0      gamehacker.com.cn
127.1.1.1      www.cctv-100008.cn
127.1.1.1      222.73.208.141
127.0.0.3      adlaji.cn
127.1.1.1      aiyyw.com
127.0.0.1      858656.com
127.1.1.1      bnasnd83nd.cn
127.0.0.1      my123.com
127.0.0.0      user1.12-27.net
127.0.0.1      8749.com
127.0.0.0      fengent.cn
127.0.0.1      4199.com
127.0.0.1      user1.16-22.net
127.0.0.1      7379.com
127.0.0.1      2be37c5f.3f6e2cc5f0b.com
127.0.0.1      7255.com
127.0.0.1      user1.23-12.net
127.0.0.1      3448.com
127.0.0.1      www.guccia.net
127.0.0.1      7939.com
127.0.0.1      a.o1o1o1.nEt
127.0.0.1      8009.com
127.0.0.1      user1.12-73.cn
127.0.0.1      piaoxue.com
127.0.0.1      3n8nlasd.cn
127.0.0.1      kzdh.com
127.0.0.0      www.sony888.cn
127.0.0.1      about.blank.la
127.0.0.0      user1.asp-33.cn
127.0.0.1      6781.com
127.0.0.0      www.netkwek.cn
127.0.0.1      7322.com
127.0.0.0      ymsdkad6.cn
127.0.0.1      localhost
127.0.0.0      www.lkwueir.cn
127.0.0.1      06.jacai.com
127.0.1.1      user1.23-17.net
127.0.0.1      1.jopenkk.com
127.0.0.0      upa.luzhiai.net
127.0.0.1      1.jopenqc.com
127.0.0.0      www.guccia.net
127.0.0.1      1.joppnqq.com
127.0.0.0      4m9mnlmi.cn
127.0.0.1      1.xqhgm.com
127.0.0.0      mm119mkssd.cn
127.0.0.1      100.332233.com
127.0.0.0      61.128.171.115:8080
127.0.0.1      121.11.90.79
127.0.0.0      www.1119111.com
127.0.0.1      121565.net
127.0.0.0      win.nihao69.cn
127.0.0.1      125.90.88.38
127.0.0.1      16888.6to23.com
127.0.0.1      2.joppnqq.com
127.0.0.0      puc.lianxiac.net
127.0.0.1      204.177.92.68
127.0.0.0      pud.lianxiac.net
127.0.0.1      210.74.145.236
127.0.0.0      210.76.0.133
127.0.0.1      219.129.239.220
127.0.0.0      61.166.32.2
127.0.0.1      219.153.40.221
127.0.0.0      218.92.186.27
127.0.0.1      219.153.46.27
127.0.0.0      www.fsfsfag.cn
127.0.0.1      219.153.52.123
127.0.0.0      ovo.ovovov.cn
127.0.0.1      221.195.42.71
127.0.0.0      dw.com.com
127.0.0.1      222.73.218.115
127.0.0.1      203.110.168.233:80
127.0.0.1      3.joppnqq.com
127.0.0.1      203.110.168.221:80
127.0.0.1      363xx.com
127.0.0.1      www1.ip10086.com.cm
127.0.0.1      4199.com
127.0.0.1      blog.ip10086.com.cn
127.0.0.1      43242.com
127.0.0.1      www.ccji68.cn
127.0.0.1      5.xqhgm.com
127.0.0.0      t.myblank.cn
127.0.0.1      520.mm5208.com
127.0.0.0      x.myblank.cn
127.0.0.1      59.34.131.54
127.0.0.1      210.51.45.5
127.0.0.1      59.34.198.228
127.0.0.1      www.ew1q.cn
127.0.0.1      59.34.198.88
127.0.0.1      59.34.198.97
127.0.0.1      60.190.114.101
127.0.0.1      60.190.218.34
127.0.0.0      qq-xing.com.cn
127.0.0.1      60.191.124.252
127.0.0.1      61.145.117.212
127.0.0.1      61.157.109.222
127.0.0.1      75.126.3.216
127.0.0.1      75.126.3.217
127.0.0.1      75.126.3.218
127.0.0.0      59.125.231.177:17777
127.0.0.1      75.126.3.220
127.0.0.1      75.126.3.221
127.0.0.1      75.126.3.222
127.0.0.1      772630.com
127.0.0.1      832823.cn
127.0.0.1      8749.com
127.0.0.1      888.jopenqc.com
127.0.0.1      89382.cn
127.0.0.1      8v8.biz
127.0.0.1      97725.com
127.0.0.1      9gg.biz
127.0.0.1      www.9000music.com
127.0.0.1      test.591jx.com
127.0.0.1      a.topxxxx.cn
127.0.0.1      picon.chinaren.com
127.0.0.1      www.5566.net
127.0.0.1      p.qqkx.com
127.0.0.1      news.netandtv.com
127.0.0.1      z.neter888.cn
127.0.0.1      b.myblank.cn
127.0.0.1      wvw.wokutu.com
127.0.0.1      unionch.qyule.com
127.0.0.1      www.qyule.com
127.0.0.1      it.itjc.cn
127.0.0.1      www.linkwww.com
127.0.0.1      vod.kaicn.com
127.0.0.1      www.tx8688.com
127.0.0.1      b.neter888.cn
127.0.0.1      promote.huanqiu.com
127.0.0.1      www.huanqiu.com
127.0.0.1      www.haokanla.com
127.0.0.1      play.unionsky.cn
127.0.0.1      www.52v.com
127.0.0.1      www.gghka.cn
127.0.0.1      icon.ajiang.net
127.0.0.1      new.ete.cn
127.0.0.1      www.stiae.cn
127.0.0.1      o.neter888.cn
127.0.0.1      comm.jinti.com
127.0.0.1      www.google-analytics.com
127.0.0.1      hz.mmstat.com
127.0.0.1      www.game175.cn
127.0.0.1      x.neter888.cn
127.0.0.1      z.neter888.cn
127.0.0.1      p.etimes888.com
127.0.0.1      hx.etimes888.com
127.0.0.1      abc.qqkx.com
127.0.0.1      dm.popdm.cn
127.0.0.1      www.yl9999.com
127.0.0.1      www.dajiadoushe.cn
127.0.0.1      v.onondown.com.cn
127.0.0.1      www.interoo.net
127.0.0.1      bally1.bally-bally.net
127.0.0.1      www.bao5605509.cn
127.0.0.1      www.rty456.cn
127.0.0.1      www.werqwer.cn
127.0.0.1      1.360-1.cn
127.0.0.1      user1.23-16.net
127.0.0.1      www.guccia.net
127.0.0.1      www.interoo.net
127.0.0.1      upa.netsool.net
127.0.0.1      js.users.51.la
127.0.0.1      vip2.51.la
127.0.0.1      web.51.la
127.0.0.1      qq.gong2008.com
127.0.0.1      2008tl.copyip.com
127.0.0.1      tla.laozihuolaile.cn
127.0.0.1      www.tx6868.cn
127.0.0.1      p001.tiloaiai.com
127.0.0.1      s1.tl8tl.com
127.0.0.1      s1.gong2008.com
127.0.0.1      4b3ce56f9g.3f6e2cc5f0b.com
127.0.0.1      2be37c5f.3f6e2cc5f0b.com
119.206.206.54  www.qq.com

==================================
进程特权扫描
N/A

==================================
计划任务
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT