1   1  /  1  页   跳转

sre扫描日志,急求杀毒方法

收藏
dreams0
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-06
  • 来自:
发表于: 2007-05-18 10:18 | 只看楼主 短消息 资料
字号: 1楼

sre扫描日志,急求杀毒方法

2007-05-18,10:02:57

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <360Safetray><c:\360safe\safemon\360tray.exe>  [奇虎网]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Publisher]
    <avast!><; C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe>  [(Verified)ALWIL Software]
    <BluetoothAuthenticationAgent><; rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent>  [(Verified)Microsoft Windows Publisher]
    <IntelWireless><"C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless>  [Intel Corporation]
    <Thunder><"f:\Program Files\Thunder Network\Thunder\Thunder.exe" /s>  []
    <cmdbcs><C:\WINDOWS\cmdbcs.exe>  []
    <upxdnd><C:\WINDOWS\upxdnd.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <360Safe><Rundll32.exe C:\360safe\AntiAdwa.dll,KillAdware>  [360Safe.com]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[Intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[局域网通讯协议 / Hello World][Stopped/Auto Start]
  <C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.EXE><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Intel(R) PROSet/Wireless SSO Service / WLANKEEPER][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe><Intel(R) Corporation>

==================================
驱动程序
[AEGIS Protocol (IEEE 802.1x) v3.6.0.0 / AegisP][Running/Auto Start]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
  <system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HSF_DPV / HSF_DPV][Running/Manual Start]
  <system32\DRIVERS\HSX_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
  <system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[Intel(R) Wireless WiFi Link 适配器驱动程序(适用于 Windows XP 32 位) / NETw4x32][Stopped/Manual Start]
  <system32\DRIVERS\NETw4x32.sys><Intel Corporation>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[WLAN 传输 / s24trans][Running/Auto Start]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
  <system32\drivers\sthda.sys><SigmaTel, Inc.>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
  <system32\DRIVERS\UIUSYS.SYS><N/A>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSX_CNXT.sys><Conexant Systems, Inc.>
[495500 / 495500][Running/System Start]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <f:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <c:\360safe\safemon\safemon.dll, >
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <f:\Program Files\Thunder Network\Thunder\Thunder.exe, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <f:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <f:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <f:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <f:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <c:\360safe\safemon\safemon.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[使用迅雷下载]
  <f:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <f:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[添加到QQ表情]
  <f:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
最后编辑2007-05-19 09:08:37
分享到:
gototop
 
dreams0
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-06
  • 来自:
发表于: 2007-05-18 10:20 | 只看楼主 短消息 资料
字号: 2楼

正在运行的进程
[PID: 412][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 696][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 768][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 948][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 992][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1084][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe]  [Intel Corporation, 11.1.0.4]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 11.1.0.2  ]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 11, 1, 0, 4]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 11, 1, 0, 1]
    [C:\Program Files\Intel\Wireless\Bin\DbEngine.dll]  [Intel Corporation, 11, 1, 0, 1  ]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [Intel Corporation, 11.1.0.2  ]
    [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll]  [Intel Corporation, 11.1.0.9]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 11.1.0.2]
[PID: 1564][C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe]  [Intel Corporation, 11.1.0.2]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 11, 1, 0, 1]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [Intel Corporation, 11.1.0.2  ]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 11, 1, 0, 4]
    [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll]  [Intel Corporation, 11.1.0.9]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 11.1.0.2]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
    [C:\Program Files\Intel\Wireless\Bin\FrWrkCHS.dll]  [Intel Corporation, 11.1.0.2]
    [C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll]  [Intel Corporation, 11.1.0.30]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 11.1.0.2  ]
    [C:\Program Files\Intel\Wireless\Bin\DbEngine.dll]  [Intel Corporation, 11, 1, 0, 1  ]
    [C:\Program Files\Intel\Wireless\Bin\IntWACHS.dll]  [Intel Corporation, 11.1.0.30]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1732][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2840][c:\360safe\safemon\360tray.exe]  [奇虎网, 3, 3, 0, 1005]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [c:\360safe\safemon\SafeKrnl.dll]  [奇虎网, 3, 2, 0, 1001]
    [c:\360safe\AntiAdwa.dll]  [360Safe.com, 3, 3, 0, 1004]
[PID: 1484][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
[PID: 1572][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8469]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8469]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 2820][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\WINWB86.IME]  [Microsoft Corporation, 4.00.950]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx]  [Adobe Systems, Inc., 9,0,45,0]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3100 (xpsp_sp2_gdr.070309-0025)]
[PID: 3396][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3492][C:\WINDOWS\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
[PID: 2284][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 2736][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3696][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3608][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 2024][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 2492][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
gototop
 
dreams0
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-06
  • 来自:
发表于: 2007-05-18 10:20 | 只看楼主 短消息 资料
字号: 3楼

[PID: 2976][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3748][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3744][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3192][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 2468][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3028][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 1548][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 1560][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3728][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3508][C:\WINDOWS\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
[PID: 1328][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [f:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 2]
    [f:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[PID: 3116][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 3992][C:\Documents and Settings\Only you\桌面\shortcut\123.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [c:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1      mmm.caifu18.net
127.0.0.1      www.18dmm.com
127.0.0.1      d.qbbd.com
127.0.0.1      www.5117music.com
127.0.0.1      www.union123.com
127.0.0.1      www.wu7x.cn
127.0.0.1      www.54699.com
127.0.0.1      www1.6tan.com
127.0.0.1      www2.6tan.com
127.0.0.1      www.97725.com
127.0.0.1      down.97725.com
127.0.0.1      ip.315hack.com
127.0.0.1      ip.54liumang.com
127.0.0.1      www.41ip.com
127.0.0.1      xulao.com
127.0.0.1      www.heixiou.com
127.0.0.1      www.9cyy.com
127.0.0.1      www.hunll.com
127.0.0.1      www.down.hunll.com
127.0.0.1      do.77276.com
127.0.0.1      www.baidulink.com
127.0.0.1      adnx.yygou.cn
127.0.0.1      222.73.220.45
127.0.0.1      www.f5game.com
127.0.0.1      www.guazhan.cn
127.0.0.1      wm,103715.com
127.0.0.1      www.my6688.cn
127.0.0.1      i.96981.com
127.0.0.1      d.77276.com
127.0.0.1      www1.cw988.cn
127.0.0.1      cool.47555.com
127.0.0.1      www.asdwc.com
127.0.0.1      55880.cn
127.0.0.1      61.152.169.234
127.0.0.1      cc.wzxqy.com
127.0.0.1      www.54699.com
127.0.0.1      t.gcuj.com
127.0.0.1      www.puma163.com
127.0.0.1      ceoww.com
127.0.0.1      boolom.com
127.0.0.1      adult-novel.cn
127.0.0.1      ll.chinasese.net
127.0.0.1      www.tellumore.com
127.0.0.1      www.o1wg.com
127.0.0.1      www.qq756.com
127.0.0.1      ll.chinasese.net

==================================
API HOOK
入口点错误:CreateProcessA (危险等级: 一般,  被下面模块所HOOK: c:\360safe\safemon\safemon.dll)
入口点错误:CreateProcessW (危险等级: 一般,  被下面模块所HOOK: c:\360safe\safemon\safemon.dll)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
dreams0
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-06
  • 来自:
发表于: 2007-05-18 10:46 | 只看楼主 短消息 资料
字号: 4楼

在线等啊..哪位大哥帮帮忙啊....
gototop
 
dreams0
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-06
  • 来自:
发表于: 2007-05-18 11:11 | 只看楼主 短消息 资料
字号: 5楼

不能沉啊,在线等啊..哪位大哥快帮帮忙啊....
gototop
 
dreams0
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-06
  • 来自:
发表于: 2007-05-19 09:18 | 只看楼主 短消息 资料
字号: 6楼

GHOST还是不能杀掉,等大哥们帮忙解决啊。。。
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT