瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 遭遇Trojan.KillAV病毒,有日志,请高手帮忙

1   1  /  1  页   跳转

遭遇Trojan.KillAV病毒,有日志,请高手帮忙

收藏
sdlily1
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2007-06-02
  • 来自:
发表于: 2007-06-02 22:55 | 只看楼主 短消息 资料
字号: 1楼

遭遇Trojan.KillAV病毒,有日志,请高手帮忙

[CODE]

2007-06-02,22:38:24

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <ibmmessages><C:\Program Files\IBM\Messages By IBM\ibmmessages.exe>  [IBM]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <S3TRAY2><S3Tray2.exe>  [(Verified)S3 Graphics, Inc.]
    <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe>  [(Verified)Synaptics, Inc.]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc.]
    <ATIModeChange><Ati2mdxx.exe>  [(Verified)ATI Technologies, Inc.]
    <BluetoothAuthenticationAgent><rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent>  [(Verified)Microsoft Corporation]
    <TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe>  [N/A]
    <BMMGAG><RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor>  [IBM Corp.]
    <BMMLREF><C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE>  [N/A]
    <QCWLICON><C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE>  [N/A]
    <TPKMAPMN><C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe>  [N/A]
    <TP4EX><tp4ex.exe>  [IBM Corporation]
    <EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe>  [IBM Corp.]
    <AGRSMMSG><AGRSMMSG.exe>  [(Verified)Agere Systems]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <tgcmd><"C:\Program Files\Support.com\bin\tgcmd.exe" /server>  [SupportSoft, Inc.]
    <StorageGuard><"c:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r>  [VERITAS Software, Inc.]
    <dla><C:\WINDOWS\system32\dla\tfswctrl.exe>  [VERITAS Software, Inc.]
    <ibmmessages><C:\Program Files\IBM\Messages By IBM\ibmmessages.exe>  [IBM]
    <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Corporation]
    <MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <Symantec NetDriver Monitor><C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer>  [(Verified)Symantec Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <NMGameX_AutoRun><C:\WINDOWS\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa>  [NMGameX]
    <WebThunder><C:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [(Verified)深圳市迅雷网络技术有限公司]
    <helper.dll><C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[新浪UC]
  <C:\Documents and Settings\liping\「开始」菜单\程序\启动\新浪UC.lnk --> C:\PROGRA~1\sina\UC\uc.exe [北京新浪信息技术有限公司]><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[IBM PM Service / IBMPMSVC][Running/Auto Start]
  <C:\WINDOWS\System32\ibmpmsvc.exe><N/A>
[Kerberos Key Distribution Centers / kkdc][Running/Auto Start]
  <C:\WINDOWS\lsass.exe -netsvcs><N/A>
[Norton AntiVirus Auto Protect Service / navapsvc][Running/Auto Start]
  <"C:\Program Files\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[ODBC Administration Service / odbcasvc][Running/Auto Start]
  <C:\WINDOWS\SYSTEM32\odbcasvc.EXE><N/A>
[QCONSVC / QCONSVC][Running/Auto Start]
  <System32\QCONSVC.EXE><N/A>
[RegSrvc / RegSrvc][Running/Auto Start]
  <C:\WINDOWS\System32\RegSrvc.exe><Intel Corporation>
[Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start]
  <C:\WINDOWS\System32\S24EvMon.exe><Intel Corporation>
[SAVScan / SAVScan][Running/Manual Start]
  <C:\Program Files\Norton AntiVirus\SAVScan.exe><Symantec Corporation>
[ScriptBlocking Service / SBService][Stopped/Auto Start]
  <C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>

==================================
驱动程序
[abp480n5 / abp480n5][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[aeaudio / aeaudio][Running/Manual Start]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
  <System32\DRIVERS\AGRSM.sys><Agere Systems>
[Aha154x / Aha154x][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[cd20xrnt / cd20xrnt][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[d347bus / d347bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt][Running/Boot Start]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[dac2w2k / dac2w2k][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[drvmcdb / drvmcdb][Running/Boot Start]
  <\SystemRoot\system32\drivers\drvmcdb.sys><VERITAS Software, Inc.>
[drvnddm / drvnddm][Running/Auto Start]
  <system32\drivers\drvnddm.sys><VERITAS Software, Inc.>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[IBMPMDRV / IBMPMDRV][Running/Manual Start]
  <System32\DRIVERS\ibmpmdrv.sys><IBM Corp.>
[IBMTPCHK / IBMTPCHK][Running/System Start]
  <System32\drivers\IBMBLDID.SYS><N/A>
[ini910u / ini910u][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[Lucent Technologies Soft Modem / LucentSoftModem][Stopped/Manual Start]
  <System32\DRIVERS\LTSM.sys><Lucent Technologies>
[mraid35x / mraid35x][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070530.041\NAVENG.Sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070530.041\NavEx15.Sys><Symantec Corporation>
[NSC Infrared Device Driver / NSCIRDA][Running/Manual Start]
  <System32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[PMEM / PMEM][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\PMEMNT.SYS><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
最后编辑2007-06-03 17:05:26.733000000
分享到:
gototop
 
sdlily1
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2007-06-02
  • 来自:
发表于: 2007-06-02 22:58 | 只看楼主 短消息 资料
字号: 2楼

[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[WLAN Transport / s24trans][Running/Auto Start]
  <System32\DRIVERS\s24trans.sys><Intel Corporation>
[S3SSavage / S3SSavage][Stopped/Manual Start]
  <System32\DRIVERS\s3ssavm.sys><S3 Graphics, Inc.>
[SAVRT / SAVRT][Running/Manual Start]
  <\??\C:\Program Files\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL][Running/System Start]
  <\??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[SIS AGP Bus Filter / sisagp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Smapint / Smapint][Running/System Start]
  <System32\drivers\Smapint.sys><Microsoft Corporation>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sparrow / Sparrow][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sscdbhk5 / sscdbhk5][Running/System Start]
  <system32\drivers\sscdbhk5.sys><VERITAS Software, Inc.>
[ssrtln / ssrtln][Running/System Start]
  <system32\drivers\ssrtln.sys><VERITAS Software, Inc.>
[symc810 / symc810][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[sym_hi / sym_hi][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
  <System32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TDSMAPI / TDSMAPI][Running/System Start]
  <System32\drivers\TDSMAPI.SYS><N/A>
[tfsnboio / tfsnboio][Running/Auto Start]
  <system32\dla\tfsnboio.sys><VERITAS Software, Inc.>
[tfsncofs / tfsncofs][Running/Auto Start]
  <system32\dla\tfsncofs.sys><VERITAS Software, Inc.>
[tfsndrct / tfsndrct][Running/Auto Start]
  <system32\dla\tfsndrct.sys><VERITAS Software, Inc.>
[tfsndres / tfsndres][Running/Auto Start]
  <system32\dla\tfsndres.sys><VERITAS Software, Inc.>
[tfsnifs / tfsnifs][Running/Auto Start]
  <system32\dla\tfsnifs.sys><VERITAS Software, Inc.>
[tfsnopio / tfsnopio][Running/Auto Start]
  <system32\dla\tfsnopio.sys><VERITAS Software, Inc.>
[tfsnpool / tfsnpool][Running/Auto Start]
  <system32\dla\tfsnpool.sys><VERITAS Software, Inc.>
[tfsnudf / tfsnudf][Running/Auto Start]
  <system32\dla\tfsnudf.sys><VERITAS Software, Inc.>
[tfsnudfa / tfsnudfa][Running/Auto Start]
  <system32\dla\tfsnudfa.sys><VERITAS Software, Inc.>
[TosIde / TosIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[TPPWR / TPPWR][Running/System Start]
  <System32\drivers\Tppwr.sys><IBM Corp.>
[TSMAPIP / TSMAPIP][Running/System Start]
  <System32\drivers\TSMAPIP.SYS><N/A>
[IBM PS/2 TrackPoint Filter Driver / TwoTrack][Stopped/Manual Start]
  <System32\DRIVERS\TwoTrack.sys><IBM Corporation>
[ultra / ultra][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation>
[Intel(R) PRO/Wireless 7100 Adapter 驱动程序 / w70n51][Running/Manual Start]
  <System32\DRIVERS\w70n51.sys><Intel? Corporation>

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Flashget Catch Url Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, www.flashget.com>
[IEHandle Class]
  {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} <C:\WINDOWS\System32\TPHANDLE.dll, 江苏科建教育软件有限责任公司>
[DriveLetterAccess]
  {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, VERITAS Software, Inc.>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[快车(FlashGet)]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[BitComet工具栏]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <C:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[mcieplugin Class]
  {7F4EFFAE-D81B-4EA9-93DA-297F95268D35} <C:\WINDOWS\Downloaded Program Files\mcieplugin.dll, >
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINDOWS\Downloaded Program Files\safein.dll, Beijing eChannels Century Technology Co.,Ltd>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\sina\UC\mail\DHTMLED.OCX, Microsoft Corporation>
[Flashget Catch Url Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, www.flashget.com>
[IEHandle Class]
  {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} <C:\WINDOWS\System32\TPHANDLE.dll, 江苏科建教育软件有限责任公司>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[BitComet工具栏]
  {3F1ABCDB-A875-46C1-8345-B72A4567E486} <C:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[DriveLetterAccess]
  {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, VERITAS Software, Inc.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[AutoLive]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, >
[mcieplugin Class]
  {7F4EFFAE-D81B-4EA9-93DA-297F95268D35} <C:\WINDOWS\Downloaded Program Files\mcieplugin.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINDOWS\Downloaded Program Files\safein.dll, Beijing eChannels Century Technology Co.,Ltd>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[iChatX Object]
gototop
 
sdlily1
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2007-06-02
  • 来自:
发表于: 2007-06-02 22:59 | 只看楼主 短消息 资料
字号: 3楼

{C07405FD-84D1-4A25-94E8-68609EA8335B} <C:\Program Files\iChat视频控件\ichatx.dll, 深圳市东方博雅科技有限公司>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\System32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[快车(FlashGet)]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[safeInput Class]
  {ECCBA953-80E5-11D3-9285-0080ADB811C5} <C:\WINDOWS\Downloaded Program Files\safein.dll, Beijing eChannels Century Technology Co.,Ltd>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[&使用快车(FlashGet)下载]
  <C:\PROGRA~1\FlashGet\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <C:\PROGRA~1\FlashGet\jc_all.htm, N/A>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 784][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 856][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 928][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 940][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1120][C:\WINDOWS\System32\ibmpmsvc.exe]  [N/A, N/A]
[PID: 1192][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1256][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1396][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1488][C:\WINDOWS\System32\S24EvMon.exe]  [Intel Corporation , 3.1.8.0]
[PID: 1532][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1636][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2028][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 556][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\dla\tfswshx.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\tfswapi.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\dla\tfswcres.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 1, 1004]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [C:\PROGRA~1\3721\ske\contmenu.dll]  [N/A, N/A]
[PID: 756][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 764][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\WINDOWS\system32\SynTPAPI.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 804][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe]  [N/A, N/A]
    [C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Oemdspif.dll]  [ATI Technologies, Inc., 4.12.0007]
[PID: 812][C:\WINDOWS\system32\RunDll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\tppwrw32.dll]  [IBM Corp., 1, 0, 0, 0]
[PID: 824][C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\QCON.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\MerlinC201.dll]  [Novatel Wireless Inc., 1, 0, 0, 1]
    [C:\WINDOWS\system32\SbrngAPI.dll]  [Intel Corporation, 1, 0, 0, 5]
    [C:\WINDOWS\system32\PfMgrApi.dll]  [Intel Corporation, 1, 0, 0, 1]
    [C:\WINDOWS\system32\PsRegApi.dll]  [Intel Corporation, 4, 0, 0, 1]
    [C:\WINDOWS\system32\WConfig.DLL]  [Intel Corporation, 1, 0, 0, 2]
    [C:\WINDOWS\system32\WiFiAdap.DLL]  [Intel Corporation, 1, 0, 0, 1]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\WINDOWS\system32\S24MUDLL.dll]  [Intel Corporation, 5.0.1.0]
[PID: 836][C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe]  [N/A, N/A]
    [C:\Program Files\ThinkPad\Utilities\TpKmapHk.dll]  [N/A, N/A]
[PID: 860][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe]  [IBM Corp., 1, 0, 0, 0]
[PID: 904][C:\WINDOWS\AGRSMMSG.exe]  [Agere Systems, 2.1.20 2.1.20 10/18/2002 10:07:17]
[PID: 1216][C:\Program Files\Support.com\bin\tgcmd.exe]  [SupportSoft, Inc., 5,8,136,0]
    [C:\Program Files\Support.com\bin\2052\tglocale.dll]  [N/A, N/A]
    [C:\Program Files\Support.com\bin\sdcmon.dll]  [SupportSoft, Inc., 5,8,136,0]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
[PID: 1324][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe]  [N/A, N/A]
[PID: 1336][C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe]  [IBM Corporation, 1.06]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 1348][C:\WINDOWS\system32\dla\tfswctrl.exe]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\tfswapi.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\dla\tfswcres.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 1372][C:\Program Files\IBM\Messages By IBM\ibmmessages.exe]  [IBM, 1.058]
    [C:\WINDOWS\system32\AIBMRUNL.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 1568][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 2.1.10.2]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 1.90.14.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 1.90.14.0]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 2.1.10.2]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 2.1.10.2]
    [C:\WINDOWS\system32\SYMREDIR.dll]  [Symantec Corporation, 5.5.1.6]
    [C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL]  [Symantec Corporation, 10.0.2.610]
    [C:\PROGRA~1\NORTON~1\DEFALERT.DLL]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\NAVAPW32.DLL]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\apwutil.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\SAVRT32.DLL]  [Symantec Corporation, 9.2.1.14]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Norton AntiVirus\NavEmail.dll]  [Symantec Corporation, 10.0.2.610]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Norton AntiVirus\NAVOPTRF.DLL]  [Symantec Corporation, 10.00.109]
    [C:\Program Files\Norton AntiVirus\apwcmdnt.dll]  [Symantec Corporation, 10.00.13]
gototop
 
sdlily1
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2007-06-02
  • 来自:
发表于: 2007-06-02 23:01 | 只看楼主 短消息 资料
字号: 4楼


    [C:\Program Files\Common Files\Symantec Shared\LiveReg\iraLSCl2.dll]  [Symantec Corporation, 2.4.0.2044]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraVcLc3.dll]  [Symantec Corporation, 2.4.0.2044]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\PROGRA~1\NORTON~1\NAVOpts.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\N32Exclu.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\S32NAVO.DLL]  [Symantec Corporation, 5.3.0.182]
    [C:\Program Files\Norton AntiVirus\NAVError.dll]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\Norton AntiVirus\NAVAPSCR.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
[PID: 1592][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3208]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 1620][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 1852][C:\WINDOWS\System32\Ati2evxx.exe]  [N/A, N/A]
[PID: 1860][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.1.10.2]
[PID: 532][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688][C:\WINDOWS\lsass.exe]  [N/A, N/A]
[PID: 1296][C:\Program Files\Norton AntiVirus\navapsvc.exe]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\Norton AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.2.1.14]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.1.10.2]
[PID: 500][C:\WINDOWS\SYSTEM32\odbcasvc.EXE]  [N/A, N/A]
[PID: 2296][C:\WINDOWS\System32\QCONSVC.EXE]  [N/A, N/A]
[PID: 2408][C:\WINDOWS\System32\RegSrvc.exe]  [Intel Corporation, 4, 0, 0, 1]
[PID: 2504][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2736][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 2.1.10.2]
    [C:\PROGRA~1\NORTON~1\NAVEVENT.DLL]  [Symantec Corporation, 10.00.13]
[PID: 2720][C:\WINDOWS\System32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2936][C:\Program Files\Norton AntiVirus\SAVScan.exe]  [Symantec Corporation, 9.2.1.14]
    [C:\Program Files\Norton AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.2.1.14]
    [C:\Program Files\Common Files\Symantec Shared\ccScan.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  [Symantec Corporation, 51.2.0.12]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070530.041\ecmsvr32.dll]  [Symantec Corporation, 71.2.0.12]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070530.041\NAVEX32a.DLL]  [Symantec Corporation, 20071.2.0.18]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070530.041\NAVENG32.DLL]  [Symantec Corporation, 20071.2.0.18]
    [C:\Program Files\Norton AntiVirus\NAVAP32.DLL]  [Symantec Corporation, 9.2.1.14]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\DECSDK.DLL]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll]  [Symantec Corporation, 3.02.14.08]
[PID: 3848][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 920][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [c:\program files\google\googletoolbar3.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\TPHANDLE.dll]  [江苏科建教育软件有限责任公司, 5, 0, 10, 10]
    [C:\WINDOWS\system32\dla\tfswshx.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\tfswapi.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\dla\tfswcres.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\FlashGet\getflash.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\PUTIWBX.IME]  [中华佛典宝库, 6.0.2005.02]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 1, 1004]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
[PID: 300][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 2248][C:\WINDOWS\uda.exe]  [N/A, N/A]
[PID: 3772][C:\PROGRA~1\FlashGet\flashget.exe]  [FlashGet.com, 1, 8, 0, 1001]
    [C:\PROGRA~1\FlashGet\FGBTCORE.dll]  [N/A, 1, 0, 0, 23]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
[PID: 2232][C:\Program Files\Thunder Network\WebThunder\WebThunder.exe]  [深圳市迅雷网络技术有限公司, 1, 7, 3, 109]
gototop
 
sdlily1
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2007-06-02
  • 来自:
发表于: 2007-06-02 23:02 | 只看楼主 短消息 资料
字号: 5楼

[C:\Program Files\Thunder Network\WebThunder\taskmanage.dll]  [Thunder Networking Technologies,LTD, 1, 7, 2, 107]
    [C:\Program Files\Thunder Network\WebThunder\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 79]
    [C:\Program Files\Thunder Network\WebThunder\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\WebThunder\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 79]
    [C:\Program Files\Thunder Network\WebThunder\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Thunder Network\WebThunder\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 3, 0, 228]
    [C:\Program Files\Thunder Network\WebThunder\iEmbedShell.dll]  [ , 1, 0, 0, 17]
    [C:\Program Files\Thunder Network\WebThunder\iEmbed09.dll]  [ , 3, 3, 0, 78]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
[PID: 1048][C:\Program Files\3721\ske\TrojanAssistant.exe]  [Yahoo! CN, 2.1.2.1003]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\3721\ske\fsk.dll]  [3721.com, 2, 1, 2, 1030]
    [C:\Program Files\3721\ske\wmpns.dll]  [---, 2, 5, 7, 1011]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
[PID: 1960][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 1, 1004]
[PID: 1312][C:\Program Files\Windows NT\Accessories\wordpad.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
[PID: 2892][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
[PID: 1696][C:\DOCUME~1\liping\LOCALS~1\Temp\Rar$EX01.828\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]
gototop
 
sdlily1
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2007-06-02
  • 来自:
发表于: 2007-06-03 10:37 | 只看楼主 短消息 资料
字号: 6楼

自己抬一抬,请高手出手.
gototop
 
sdlily1
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2007-06-02
  • 来自:
发表于: 2007-06-03 17:05 | 只看楼主 短消息 资料
字号: 7楼

没人出手吗?还是问题太弱?
再抬!
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT