瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 中了trojan.psw.win32.onlinegame已经一个月了..跪求各位大虾帮帮小弟

1   1  /  1  页   跳转

中了trojan.psw.win32.onlinegame已经一个月了..跪求各位大虾帮帮小弟

收藏
sihanxi
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-10-18
  • 来自:
发表于: 2007-10-18 18:02 | 显示全部 短消息 资料
字号: 1楼

中了trojan.psw.win32.onlinegame已经一个月了..跪求各位大虾帮帮小弟

各位大虾小弟电脑不幸中了trojan.psw.win32.onlinegame..经过无数次自己的尝试..病毒依然不能杀干净..求求各位大虾能帮帮小弟..感激不尽..日志如下

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
最后编辑2007-10-18 19:10:22
分享到:
gototop
 
sihanxi
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-10-18
  • 来自:
发表于: 2007-10-18 18:03 | 显示全部 短消息 资料
字号: 2楼

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File
    Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <StartCCC><C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Publisher]
    <Storm2Set><C:\WINDOWS\system32\rundll32.exe "d:\PROGRA~1\StormII\StormSet.dll",CheckEnv>  [(Verified)Beijing Baofeng Inc.]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe">  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{5731EA1D-6AAF-4DE9-BDDA-7B390A75B286}><C:\WINDOWS\system32\wodoor0.dll>  []
    <{32C4BAF4-0411-4000-BDFB-A6F71E669F8C}><C:\WINDOWS\system32\csdoor0.dll>  []
    <{11DB88F9-409B-475E-8FD7-411653F6D367}><C:\WINDOWS\system32\55550.dll>  []
    <{A3C95A74-638D-4C6B-A856-4B27664A7F47}><C:\WINDOWS\system32\wgdoor0.dll>  []
    <{ABD0935D-B35A-47BD-BA9A-81678DDE74DD}><C:\WINDOWS\system32\qhdoor0.dll>  []
    <{E03C23BD-35B7-49C2-BBCA-6D8CEC2507E3}><C:\WINDOWS\system32\wldoor0.dll>  []
    <{4E3FBFA4-F1CC-4B66-B333-B9F0FF4B4748}><C:\WINDOWS\system32\mydoor0.dll>  []
    <{04A0CB31-FDEB-4EB8-889B-E00ED87BCE23}><C:\WINDOWS\system32\cqdoor0.dll>  []
    <{68F7767A-090C-4BBF-A015-720ACC6706E2}><C:\WINDOWS\system32\wddoor0.dll>  []
    <{D8CC4845-441C-44F8-9053-28F2EF67655B}><C:\WINDOWS\system32\dadoor0.dll>  []
    <{08E909A4-B236-48DD-8BCC-90A604B93E68}><C:\WINDOWS\system32\tldoor0.dll>  []
    <{A120A1D0-CBCC-4F9B-A183-78B27E4C1B5C}><C:\WINDOWS\system32\dh3oor0.dll>  []
    <{EDFF29C1-5A70-4460-AC1D-16DCB4B672F0}><C:\WINDOWS\system32\rxdoor0.dll>  []
    <{6826A3DB-EA8E-4E67-880D-53D04C7C0BD8}><C:\WINDOWS\system32\qjdoor0.dll>  []
    <{3422FB0F-95EB-458A-8B56-39552017A4EF}><C:\WINDOWS\system32\mhdoor0.dll>  []
    <{781FBCC1-99C7-4AE0-95F7-66EA49E86DD7}><C:\WINDOWS\system32\zxdoor0.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4b218e3e-bc98-4770-93d3-2731b9329278}]
    <Internet Explorer><%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
Startup Folders
[腾讯QQ]
  <C:\Documents and Settings\sihanxi\Start Menu\Programs\Startup\腾讯QQ.lnk --> D:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>
gototop
 
sihanxi
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-10-18
  • 来自:
发表于: 2007-10-18 18:05 | 显示全部 短消息 资料
字号: 3楼

Services
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[卡巴斯基反病毒软件 7.0 / AVP][Stopped/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r><Kaspersky Lab>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>

==================================
Drivers
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[senfilt / senfilt][Running/Manual Start]
  <system32\drivers\senfilt.sys><Creative Technology Ltd.>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>

==================================
Browser Add-ons
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[]
  {C2626E66-D21B-E628-C1DF-1DACCFA36ED2} <C:\Program Files\Common Files\fjOs0r.dll, Microsoft Corporation>
[Web 反病毒统计]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll, Kaspersky Lab>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360safe.com>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[]
  {C2626E66-D21B-E628-C1DF-1DACCFA36ED2} <C:\Program Files\Common Files\fjOs0r.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[使用迅雷下载]
  <d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[添加到QQ表情]
  <d:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
gototop
 
sihanxi
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-10-18
  • 来自:
发表于: 2007-10-18 18:07 | 显示全部 短消息 资料
字号: 4楼

Running Processes
[PID: 592 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 828 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 968 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4162]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1012 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1024 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1172 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4162]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2511]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2516]
[PID: 1188 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1332 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1484 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1560 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4162]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2511]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2516]
    [C:\WINDOWS\system32\ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4162]
[PID: 1600 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1904 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1944 / sihanxi][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\wodoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\csdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\55550.dll]  [N/A, ]
    [C:\WINDOWS\system32\wgdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\qhdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wldoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mydoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\cqdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wddoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\dadoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\tldoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\dh3oor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\rxdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\qjdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mhdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxdoor0.dll]  [N/A, ]
gototop
 
sihanxi
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-10-18
  • 来自:
发表于: 2007-10-18 18:09 | 显示全部 短消息 资料
字号: 5楼

[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll]  [Kaspersky Lab, 7.0.0.125]
    [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 12]
    [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
    [C:\Program Files\Common Files\fjOs0r.dll]  [Microsoft Corporation, 1. 0. 0. 1]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\dfshim.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID: 280 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1744 / sihanxi][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 5, 2, 0, 5]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 5, 2, 3, 000]
    [C:\WINDOWS\system32\EDCrypt.DLL]  [Analog Devices Incorporated, 1.0.0.8]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\dh3oor0.dll]  [N/A, ]
[PID: 1768 / sihanxi][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\dh3oor0.dll]  [N/A, ]
[PID: 1824 / sihanxi][C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE]  [ATI Technologies Inc., 2.0.0.0]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9227f9d5afbed64ea65188b1ec72b524\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\8fceca83d5eab44696cc659c88389994\System.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\b5e627d61988f84da984aeee51ab8bdd\System.Drawing.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\479896121cb1854fac46ebdfc12d8083\System.Windows.Forms.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2635.38969__90ba9c70f846762e\MOM.Implementation.dll]  [ATI Technologies Inc., 2.0.2635.38969]
    [C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2613.19902__90ba9c70f846762e\LOG.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19902]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6adcf59ad796b409822c8f83e8576a6\System.Configuration.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\068d965799654e44aa81b11f66179e8e\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2613.19921__90ba9c70f846762e\MOM.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19921]
    [C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2635.38968__90ba9c70f846762e\LOG.Foundation.Implementation.dll]  [ATI Technologies Inc., 2.0.2635.38968]
    [C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2613.19922__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll]  [ATI Technologies Inc., 2.0.2613.19922]
    [C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2613.19906__90ba9c70f846762e\LOG.Foundation.Private.dll]  [ATI Technologies Inc., 2.0.2613.19906]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\wodoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\csdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\55550.dll]  [N/A, ]
    [C:\WINDOWS\system32\wgdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\qhdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wldoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mydoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\cqdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wddoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\dadoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\tldoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\dh3oor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\rxdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\qjdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mhdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxdoor0.dll]  [N/A, ]
gototop
 
sihanxi
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-10-18
  • 来自:
发表于: 2007-10-18 18:10 | 显示全部 短消息 资料
字号: 6楼

[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\ac21bd7a719c8d4a8bc74c90b547c941\System.Web.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2635.38680__90ba9c70f846762e\AEM.Server.dll]  [ATI Technologies Inc., 2.0.2635.38680]
    [C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2613.19906__90ba9c70f846762e\NEWAEM.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19906]
[PID: 388 / sihanxi][C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe]  [ATI Technologies Inc., 2.0.0.0]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9227f9d5afbed64ea65188b1ec72b524\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\8fceca83d5eab44696cc659c88389994\System.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\b5e627d61988f84da984aeee51ab8bdd\System.Drawing.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\479896121cb1854fac46ebdfc12d8083\System.Windows.Forms.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2635.38969__90ba9c70f846762e\CCC.Implementation.dll]  [ATI Technologies Inc., 2.0.2635.38969]
    [C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2613.19902__90ba9c70f846762e\LOG.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19902]
    [C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2613.19921__90ba9c70f846762e\MOM.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19921]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2613.19903__90ba9c70f846762e\CLI.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19903]
    [C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2613.19922__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll]  [ATI Technologies Inc., 2.0.2613.19922]
    [C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2635.38968__90ba9c70f846762e\LOG.Foundation.Implementation.dll]  [ATI Technologies Inc., 2.0.2635.38968]
    [C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2613.19906__90ba9c70f846762e\LOG.Foundation.Private.dll]  [ATI Technologies Inc., 2.0.2613.19906]
    [C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2635.38969__90ba9c70f846762e\MOM.Implementation.dll]  [ATI Technologies Inc., 2.0.2635.38969]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2613.19973__90ba9c70f846762e\CLI.Foundation.XManifest.dll]  [ATI Technologies Inc., 2.0.2613.19973]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\068d965799654e44aa81b11f66179e8e\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2635.38682__90ba9c70f846762e\CLI.Component.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38682]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2613.19921__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll]  [ATI Technologies Inc., 2.0.2613.19921]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2613.19908__90ba9c70f846762e\CLI.Foundation.Private.dll]  [ATI Technologies Inc., 2.0.2613.19908]
    [C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll]  [ATI Technologies Inc., 2.0.0.0]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2635.38680__90ba9c70f846762e\AEM.Server.dll]  [ATI Technologies Inc., 2.0.2635.38680]
    [C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2613.19906__90ba9c70f846762e\NEWAEM.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19906]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2613.19902__90ba9c70f846762e\AEM.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19902]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2613.19916__90ba9c70f846762e\AEM.Server.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19916]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2635.39013__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll]  [ATI Technologies Inc., 2.0.2635.39013]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2613.19946__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19946]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2613.19938__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19938]
    [C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll]  [ATI Technologies Inc., 2.0.2573.17685]
    [C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll]  [ATI Technologies Inc., 2.0.2573.17684]
    [C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2613.19934__90ba9c70f846762e\DEM.Graphics.dll]  [ATI Technologies Inc., 2.0.2613.19934]
    [C:\WINDOWS\system32\ATIDEMGX.dll]  [ATI Technologies Inc., 2.0.2617.28637]
    [C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\dh3oor0.dll]  [N/A, ]
gototop
 
sihanxi
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-10-18
  • 来自:
发表于: 2007-10-18 18:12 | 显示全部 短消息 资料
字号: 7楼

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2635.38683__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38683]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2613.19914__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19914]
    [C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll]  [ATI Technologies Inc., 2.0.2573.17685]
    [C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2613.19937__90ba9c70f846762e\DEM.OS.I0602.dll]  [ATI Technologies Inc., 2.0.2613.19937]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2613.19911__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19911]
    [C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2613.19938__90ba9c70f846762e\DEM.OS.dll]  [ATI Technologies Inc., 2.0.2613.19938]
    [C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2635.38682__90ba9c70f846762e\ATIDEMOS.dll]  [ATI Technologies Inc., 2.0.2635.38682]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2635.38702__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38702]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2613.19931__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19931]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2635.38902__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38902]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2613.19938__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll]  [ATI Technologies Inc., 2.0.2613.19938]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2613.19936__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19936]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2635.38839__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll]  [Advanced Micro Devices, Inc., 2.0.2635.38839]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2613.19922__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19922]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2613.19923__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19923]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2635.38945__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38945]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2613.19937__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19937]
    [C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2613.19938__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19938]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2635.38739__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38739]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19932]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2635.38759__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38759]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19932]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2635.38869__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38869]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19935]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2635.38846__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38846]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19935]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2635.38888__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll]  [Advanced Micro Devices, Inc., 2.0.2635.38888]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2613.19924__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19924]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2635.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll]  [Advanced Micro Devices, Inc., 2.0.2635.38839]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19935]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2635.38732__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38732]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19932]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2635.38911__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38911]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2613.19936__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19936]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2635.38846__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll]  [ATI Technologies Inc., 2.0.2635.38846]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19935]
    [C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2613.19937__90ba9c70f846762e\APM.Foundation.dll]  [ATI Technologies Inc., 2.0.2613.19937]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\ac21bd7a719c8d4a8bc74c90b547c941\System.Web.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2635.38712__90ba9c70f846762e\CLI.Component.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38712]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2613.19912__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll]  [ATI Technologies Inc., 2.0.2613.19912]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2613.19910__90ba9c70f846762e\CLI.Component.Client.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19910]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2613.19921__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19921]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2613.19944__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll]  [ATI Technologies Inc., 2.0.2613.19944]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2635.38717__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38717]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19932]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2635.38985__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38985]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2635.38918__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38918]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2635.38726__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38726]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2613.19946__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19946]
    [C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll]  [ , 1.0.0.0]
gototop
 
sihanxi
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2007-10-18
  • 来自:
发表于: 2007-10-18 18:13 | 显示全部 短消息 资料
字号: 8楼

C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode.dll]  [ATI Technologies, Inc., 9.14.0.60504]
    [C:\Program Files\Common Files\ATI Technologies\Multimedia\atidvcr.dll]  [ATI Technologies, Inc., 9.14.0.60504]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2635.38932__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38932]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2635.38740__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38740]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2635.38956__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38956]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2635.38926__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll]  [ATI Technologies Inc., 2.0.2635.38926]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2635.38692__90ba9c70f846762e\CLI.Component.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38692]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2613.19911__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19911]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2613.19916__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll]  [ATI Technologies Inc., 2.0.2613.19916]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2635.38697__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38697]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2613.19924__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll]  [ATI Technologies Inc., 2.0.2613.19924]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2635.38991__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38991]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2635.38704__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38704]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2635.38747__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38747]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2635.38870__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38870]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2635.38842__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38842]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2635.38906__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38906]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2635.38951__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38951]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2635.38834__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38834]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2635.38913__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38913]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2635.38754__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38754]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2635.38850__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38850]
    [C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2635.38733__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll]  [ATI Technologies Inc., 2.0.2635.38733]
[PID: 2732 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3312 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2876 / sihanxi][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 42]
    [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 12]
    [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
    [C:\Program Files\Common Files\fjOs0r.dll]  [Microsoft Corporation, 1. 0. 0. 1]
    [C:\WINDOWS\system32\dh3oor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mhdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\qjdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\rxdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\tldoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\dadoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wddoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\cqdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mydoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wldoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\qhdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wgdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\55550.dll]  [N/A, ]
    [C:\WINDOWS\system32\csdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wodoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
[PID: 3040 / sihanxi][C:\DOCUME~1\sihanxi\LOCALS~1\Temp\Temporary Directory 2 for sreng2.zip\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\dh3oor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mhdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\qjdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\rxdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\tldoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\dadoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wddoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\cqdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mydoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wldoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\qhdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wgdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\55550.dll]  [N/A, ]
    [C:\WINDOWS\system32\csdoor0.dll]  [N/A, ]
    [C:\WINDOWS\system32\wodoor0.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]

==================================
File Associations
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
N/A

==================================
Process Privileges Scan
Special Privilege Enabled: SeDebugPrivilege [PID = 1824, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1824, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE]
Special Privilege Enabled: SeDebugPrivilege [PID = 388, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 388, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE]

==================================
API HOOK
RVA Error:  LoadLibraryA (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA Error:  LoadLibraryExA (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA Error:  LoadLibraryExW (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA Error:  LoadLibraryW (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA Error:  GetProcAddress (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)

==================================
Hidden Process
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT