瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x

1   1  /  1  页   跳转

有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x

收藏
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 19:47 | 显示全部 短消息 资料
字号: 1楼

有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x

有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x病毒,我都不知道怎么清除,真的好烦 啊?都不知道那是什么东西,现在电脑一卡一卡的,我把QQ。游戏都电影 都删光了,居然查出瑞星那个文件也感染了病毒,我都不知道怎么搞才好,有人帮我吗?/

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
分享到:
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 20:06 | 显示全部 短消息 资料
字号: 2楼

回复 2F mopery 的帖子

[CODE]

2008-05-28,20:03:26

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Microsoft Windows Publisher]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Publisher]
    <amd_dc_opt><C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe>  [AMD]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <tsnpstd3><C:\WINDOWS\tsnpstd3.exe>  []
    <FixCamera><C:\WINDOWS\FixCamera.exe>  []
    <snpstd3><C:\WINDOWS\vsnpstd3.exe>  []
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <dionpis><C:\WINDOWS\dionpis.exe>  []
    <anistio><C:\WINDOWS\anistio.exE>  []
    <dbhlp32><C:\WINDOWS\dbhlp32.exe>  []
    <fmsjhif><C:\WINDOWS\fmsjhif.exe>  []
    <hefcndy><C:\WINDOWS\hefcndy.exe>  []
    <isndntio><C:\WINDOWS\isndntio.exe>  []
    <wipicdec><C:\WINDOWS\wipicdec.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><SysDaJHv.dll,msosdohs00.dll,msosmhfp00.dll,msoscqit00.dll,msosptfs00.dll,msosfmsq00.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <{DC3D30AE-0380-4151-8934-EE98A34B0370}><C:\WINDOWS\system32\mfdesy.dll>  []
    <{28EB3777-3E23-4E72-8449-A992D09D24C3}><C:\WINDOWS\system32\zgfdet.dll>  []
    <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\system32\zrexgx.dll>  []
    <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\system32\sgrefg.dll>  []
    <{1DB3C525-5271-46F7-887A-D4E1ADAA7632}><C:\WINDOWS\system32\hfrdzx.dll>  []
    <{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\system32\hhrdxd.dll>  []
    <{F99DEFDD-200B-4410-B572-E90883D527D2}><C:\WINDOWS\system32\wrqszl.dll>  []
    <{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}><C:\WINDOWS\system32\wyrsdj.dll>  []
    <{84143967-B645-4BFF-B873-DA1DC886E9A7}><C:\WINDOWS\system32\cedafb.dll>  []
    <{B29583D8-033A-4B9F-8553-7C5458F3FB8E}><C:\WINDOWS\system32\jdsaex.dll>  []
    <{73AE86E6-7F03-4C3B-8980-FB1DA157D3C7}><C:\WINDOWS\system32\fmcvxy.dll>  []
    <{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}><C:\WINDOWS\system32\jhrcar.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]

==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\QQGAME\Accel.exe [N/A]><N>

==================================
服务
[3ware Controller Service / 3wareSrv][Stopped/Disabled]
  <C:\WINDOWS\System32\3wareSrv.exe><N/A>
[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Human Interface Device Access / HidServ][Stopped/Boot Start]
  <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[COM+ Windows System / WinINI][Running/Auto Start]
  <C:\WINDOWS\system32\winini.exe><Microsoft Corporation>

==================================
驱动程序
[aaatimeo / aaatimeo][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aaatimeo.sys><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[AFAMgt / AFAMgt][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\afamgt.sys><Adaptec, Inc.>
[Aha154x / Aha154x][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aha154x.sys><Microsoft Corporation>
[ahcix86 / ahcix86][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ahcix86.sys><ATI Technologies Inc.>
[AliIde / AliIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[amdbusdr / amdbusdr][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\amdbusdr.sys><AMD>
[AMD EIDE 驱动程衼E / amdeide][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\AmdEide.sys><AMD>
[AMD Processor Driver / AmdK8][Running/System Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[AMD Low Level Device Driver / AmdLLD][Running/Manual Start]
  <system32\DRIVERS\AmdLLD.sys><AMD, Inc.>
[asc3350p / asc3350p][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[SiI-3112 SATALink  Controller / ASH1205][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ASH1205.sys><Silicon Image, Inc.>
[ata1200a / ata1200a][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ata1200a.sys><Adaptec, Inc.>
[atiide / atiide][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\atiide.sys><ATI Technologies Inc.>
[Promise driver accelerator / bb-run][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
[cd20xrnt / cd20xrnt][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cercsr6.sys><Adaptec, Inc.>
[CmdIde / CmdIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Cpq32fs2 / Cpq32fs2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\Cpq32fs2.sys><Hewlett-Packard Company>
[cqit / cqit][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp19C.tmp><N/A>
[Promise Removable Disk Control Driver / dontgo][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[fmsq / fmsq][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp1A0.tmp><N/A>
[fttxr52P / fttxr52P][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\fttxr52P.sys><Promise Technology, Inc.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HpCISSm2 / HpCISSm2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\HpCISSm2.sys><Hewlett-Packard Company>
[hptmv6 / hptmv6][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\hptmv6.sys><HighPoint Technologies, Inc.>
[Intel  RAID Controller / iaStor55][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor55.sys><Intel Corporation>
[Intel RAID  Controller / iaStor70][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor70.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[msfpfis64 / msfpfis64][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\msosmsfpfis64.sys><N/A>
[msp2p32 / msp2p32][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\msosmsp2p32.sys><N/A>
[mv61xx / mv61xx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mv61xx.sys><Marvell Semiconductor, Inc.>
[mvSata / mvSata][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mvsata.sys><Marvell Semiconductors Inc.>
[Network Monitor Protocol Driver / Ndisprot][Running/Manual Start]
  <system32\DRIVERS\winsys.sys><Windows (R) 2000 DDK provider>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvatabus / nvatabus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[nvgts / nvgts][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvgts.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[ptfs / ptfs][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp19E.tmp><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql2100 / ql2100][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql2100.sys><QLogic Corporation>
[ql2200 / ql2200][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql2200.sys><QLogic Corporation>
[rr172x / rr172x][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr172x.sys><HighPoint Technologies, Inc.>
[rr174x / rr174x][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr174x.sys><HighPoint Technologies, Inc.>
[rr2340 / rr2340][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr2340.sys><HighPoint Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink External Device Filter / SiRemFil][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[sisraidx / sisraidx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisraidx.sys><Silicon Integrated Systems Corp.>
[USB PC Camera (SNPSTD3) / SNPSTD3][Running/Manual Start]
  <system32\DRIVERS\snpstd3.sys><Sonix Co. Ltd.>
[TosIde / TosIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\toside.sys><Microsoft Corporation>
[ViBus / ViBus][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ViBus.sys><VIA Technologies, Inc.>
[videX32 / videX32][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\videX32.sys><VIA Technologies, Inc.>
[VIA SATA IDE Device Driver / ViPrt][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ViPrt.sys><VIA Technologies, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[VIA SATA IDE Hot-plug Driver / xfilt][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <E:\Platform\GameClient.exe, N/A>
[DLoader Class]
  {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} <C:\WINDOWS\Downloaded Program Files\downloader.dll, Sina Com>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 608 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 712 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 776 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 928 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 20:07 | 显示全部 短消息 资料
字号: 3楼

回复:有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x

[PID: 1000 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1104 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1184 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1300 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1456 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
[PID: 1748 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\system32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\system32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\fmsjhif.dll]  [N/A, ]
    [C:\WINDOWS\system32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.11.6928]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.11.6928]
    [C:\WINDOWS\system32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.6928]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\WINDOWS\system32\wipicdec.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 2028 / Administrator][C:\WINDOWS\tsnpstd3.exe]  [, 1, 1, 5, 10]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\vsnpstd3.dll]  [ , 1, 0, 2, 0]
[PID: 240 / Administrator][C:\WINDOWS\FixCamera.exe]  [, 1, 0, 1, 1]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
[PID: 360 / Administrator][C:\WINDOWS\vsnpstd3.exe]  [, 1, 1, 5, 11]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
[PID: 440 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.22]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
[PID: 2996 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.6928]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.6928]
[PID: 3416 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3488 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
[PID: 3780 / SYSTEM][C:\WINDOWS\system32\winini.exe]  [Microsoft Corporation, 5.2.3790.1830]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
[PID: 7340 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
[PID: 10192 / Administrator][c:\net.exe]  [N/A, ]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
[PID: 10636 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 11832 / SYSTEM][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
[PID: 4064 / Administrator][C:\Program Files\KWMUSIC\KwMV.exe]  [N/A, ]
    [C:\Program Files\KWMUSIC\KwLogSvr.dll]  [N/A, ]
    [C:\Program Files\KWMUSIC\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\KWMUSIC\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\Program Files\KWMUSIC\lidx.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
[PID: 3144 / Administrator][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.7]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 20:08 | 显示全部 短消息 资料
字号: 4楼

回复:有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x

[C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
[PID: 5752 / Administrator][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3424]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\wipicdec.dll]  [N/A, ]
    [C:\WINDOWS\system32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\system32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\fmsjhif.dll]  [N/A, ]
    [C:\WINDOWS\system32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\system32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\system32\dionpis.dll]  [N/A, ]
[PID: 11144 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\wipicdec.dll]  [N/A, ]
    [C:\WINDOWS\system32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\system32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\fmsjhif.dll]  [N/A, ]
    [C:\WINDOWS\system32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\system32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\system32\dionpis.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
[PID: 4592 / Administrator][C:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.7.441]
    [C:\Program Files\Thunder\Program\BugReport.dll]  [迅雷网络, 1, 0, 1, 4]
    [C:\Program Files\Thunder\Program\ThunderEx.dll]  [, 1, 2, 3, 20]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\Program Files\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [C:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [C:\Program Files\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [C:\Program Files\Thunder\Program\streammedialib.dll]  [, 1, 3, 2, 118]
    [C:\Program Files\Thunder\Program\al.dll]  [, 1, 0, 1, 3]
    [C:\Program Files\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [C:\Program Files\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [C:\Program Files\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [C:\Program Files\Thunder\Program\FloatBar.dll]  [Giganology Inc., 1, 0, 0, 2]
    [C:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 8, 26]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\wipicdec.dll]  [N/A, ]
    [C:\WINDOWS\system32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\system32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\fmsjhif.dll]  [N/A, ]
    [C:\WINDOWS\system32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\system32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\system32\dionpis.dll]  [N/A, ]
    [C:\Program Files\Thunder\Program\iTargetAD.dll]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 5, 0, 16]
    [C:\Program Files\Thunder\Program\XLCommunityEx.dll]  [N/A, ]
    [C:\Program Files\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [C:\Program Files\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 16]
    [C:\Program Files\Thunder\Components\DownloadStat\DownloadStat.dll]  [深圳市迅雷网络技术有限公司, 1, 3, 1, 4]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.8164]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 4392 / Administrator][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
[PID: 5172 / Administrator][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\wipicdec.dll]  [N/A, ]
[PID: 2644 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrqszl.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\zrexgx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\wipicdec.dll]  [N/A, ]
    [C:\Documents and Settings\Administrator\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 712, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2028, C:\WINDOWS\TSNPSTD3.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 240, C:\WINDOWS\FIXCAMERA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2996, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3780, C:\WINDOWS\SYSTEM32\WININI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4064, C:\PROGRAM FILES\KWMUSIC\KWMV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4592, C:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 5172, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 20:14 | 显示全部 短消息 资料
字号: 5楼

回复:有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x

然后怎么做啊?
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 20:14 | 显示全部 短消息 资料
字号: 6楼

回复:有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x

我按照你说的把那东西扫描了 也复制传上来了 然后我该怎么做呢?
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 20:15 | 显示全部 短消息 资料
字号: 7楼

回复:有谁帮我吗?我用瑞星查毒 查了100多个Win32.Downloader.x

快给我回复啊 真不好意思 我真的很急~!~!
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 21:57 | 显示全部 短消息 资料
字号: 8楼

回复 9F mopery 的帖子

按照你的方法试了 但查到还有三个病毒 帮我看看 谢谢!!
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 21:58 | 显示全部 短消息 资料
字号: 9楼

回复 9F mopery 的帖子

iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.8164]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 3.2.0.0]
    [C:\Program Files\SogouInput\Plugin\SgImeWord.dll]  [Sogou.com Inc., 3.2.0.0]
    [C:\WINDOWS\system32\WINWB86.IME]  [Microsoft Corporation, 4.00.950]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
[PID: 460 / Administrator][C:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.7.441]
    [C:\Program Files\Thunder\Program\BugReport.dll]  [迅雷网络, 1, 0, 1, 4]
    [C:\Program Files\Thunder\Program\ThunderEx.dll]  [, 1, 2, 3, 20]
    [C:\Program Files\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [C:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [C:\Program Files\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [C:\Program Files\Thunder\Program\streammedialib.dll]  [, 1, 3, 2, 118]
    [C:\Program Files\Thunder\Program\al.dll]  [, 1, 0, 1, 3]
    [C:\Program Files\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [C:\Program Files\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [C:\Program Files\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [C:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 8, 26]
    [C:\Program Files\Thunder\Program\iTargetAD.dll]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 5, 0, 16]
    [C:\Program Files\Thunder\Program\XLCommunityEx.dll]  [N/A, ]
    [C:\Program Files\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [C:\Program Files\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 16]
gototop
 
shengge123456
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2008-05-28
  • 来自:
发表于: 2008-05-28 21:59 | 显示全部 短消息 资料
字号: 10楼

回复 9F mopery 的帖子

[C:\Program Files\Thunder\Components\DownloadStat\DownloadStat.dll]  [深圳市迅雷网络技术有限公司, 1, 3, 1, 4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3092 / Administrator][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
[PID: 2192 / Administrator][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[PID: 2028 / Administrator][C:\Documents and Settings\Administrator\桌面\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\Documents and Settings\Administrator\桌面\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1 c0mo.com
127.0.0.1 gxgxy.net
127.0.0.1 fg.pvs360.com
127.0.0.1 cw.pvs360.com
127.0.0.1 ta.pvs360.com
127.0.0.1 dl.pvs360.com
127.0.0.1 ok.sl8cjs.cn
127.0.0.1 nc.mskess.com
127.0.0.1 idc.windowsupdeta.cn
127.0.0.1 pvs360.com
127.0.0.1 sl8cjs.cn
127.0.0.1 windowsupdeta.cn
127.0.0.1 up.22x44.com
127.0.0.1 my.531jx.cn
127.0.0.1 nx.51ylb.cn
127.0.0.1 llboss.com
127.0.0.1 down.malasc.cn
127.0.0.1 d2.llsging.com
127.0.0.1 171817.171817.com
127.0.0.1 wg.47255.com
127.0.0.1 www.tomwg.com
127.0.0.1 tp.shpzhan.cn
127.0.0.1 1.joppnqq.com
127.0.0.1 xx.exiao01.com
127.0.0.1 www.22aaa.com
127.0.0.1 ilove.com
127.0.0.1 xxx.mmma.biz
127.0.0.1 www.868wg.com
127.0.0.1 2.joppnqq.com
127.0.0.1 1.jopanqc.com
127.0.0.1 yu.8s7.net
127.0.0.1 1.jopmmqq.com
127.0.0.1 cao.kv8.info
127.0.0.1 xtx.kv8.info
127.0.0.1 new.749571.com
127.0.0.1 xxx.vh7.biz
127.0.0.1 1.jopenkk.com
127.0.0.1 d.93se.com
127.0.0.1 3.joppnqq.com
127.0.0.1 xxx.j41m.com
127.0.0.1 1.jopenqc.com
127.0.0.1 xxx.m111.biz
127.0.0.1 down.18dd.net
127.0.0.1 www.333292.com
127.0.0.1 qqq.hao1658.com
127.0.0.1 qqq.dzydhx.com
127.0.0.1 www.exiao01.com
127.0.0.1 www.cike007.cn

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 716, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2032, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1884, C:\WINDOWS\TSNPSTD3.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1992, C:\WINDOWS\FIXCAMERA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 460, C:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2192, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT