‹‹ 上一主题 | 下一主题 ››
发新话题
打印

中毒了,trojan.horse 和 backdoor.formador 杀毒软件已经光荣牺牲

有你更精彩

中级会员

Rank: 7Rank: 7Rank: 7

积分
341 
威望
0 点 
金币
237 枚 
银币
1037 枚 
1楼 发表于 2007-12-1 22:17 只看该作者

中毒了,trojan.horse 和 backdoor.formador 杀毒软件已经光荣牺牲

从昨天开始可以正常上网页,但所有需要帐号密码的地方全都连不上了(如网游、邮箱等,中国和外国的邮箱都打不开,试了HOTMAIL,163、SINA、SOHU)到输密码的地方都行,输完密码就“该页无法显示”)。只有QQ和论坛还能上

换了遨游、IE 和 GREENBROWER 几个浏览器试都不行。本来以为是我网络有问题,借了别人一台本本连上我的网线一试,什么都正常了。一直设置为随电脑启动的诺顿竟然他自己给关上了。本来一直开着的自动保护什么的也关了,我点TURN ON 没反应(明年7月才到期的),提示我诺顿需要卸载后重装。我用它扫描了一下,果然扫出三个病毒(有一个病毒的路径竟然是我在这里下的XDELBOX),都不能REPAIR。可能中的还不只这些。

请教这里的高手怎么解决?我把扫描的进程和扫描的截图放上来。起程太多了,要分几楼。先谢谢大家了!!

[CODE]

2007-11-30,17:07:42

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <Weather><; C:\Program Files\AWS\WeatherBug\Weather.exe 1>  [N/A]
    <Vbuzzer Messenger><; D:\vbuzzer\vbuzzer.exe>  [N/A]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe">  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]

==================================
Startup Folders
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><H>
[腾讯QQ]
  <C:\Documents and Settings\Owner\Start Menu\Programs\Startup\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ.exe [TENCENT]><N>

==================================
Services
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Automatic LiveUpdate Scheduler / Automatic LiveUpdate Scheduler][Running/Auto Start]
  <"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <D:\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Network Proxy / 无党派人士roxy][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\无党派人士roxy.exe"><Symantec Corporation>
[Symantec Password Validation / 无党派人士wdSvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\无党派人士wdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"><Macrovision Corporation>
[ISSVC / ISSVC][Running/Auto Start]
  <"C:\Program Files\Norton Internet Security\ISSVC.exe"><Symantec Corporation>
[LiveUpdate / LiveUpdate][Stopped/Manual Start]
  <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation>
[Norton AntiVirus Auto-Protect Service / navapsvc][Running/Auto Start]
  <"C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><N/A>
[SAVScan / SAVScan][Stopped/Manual Start]
  <"C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe"><Symantec Corporation>
[ScriptBlocking Service / SBService][Stopped/Auto Start]
  <C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec SPBBCSvc / SPBBCSvc][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[Symantec Core LC / Symantec Core LC][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\无党派人士D-LC\symlcsvc.exe"><Symantec Corporation>

==================================
Drivers
[Service for WDM 3D Audio Driver / ALCXSENS][Stopped/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\D:\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[cnprov / cnprov][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cnprov.sys><N/A>
[d347bus / d347bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt][Running/Boot Start]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[fasttx2k / fasttx2k][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV][Running/Manual Start]
  <System32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Stopped/Manual Start]
  <System32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[ialm / ialm][Stopped/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[Agere Modem Driver / ltmodem5][Running/Manual Start]
  <System32\DRIVERS\ltmdmnt.sys><Agere Systems>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071128.002\NAVENG.Sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071128.002\NavEx15.Sys><Symantec Corporation>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Creative PC-CAM 350 (Still Image) / P1060BLK][Running/Manual Start]
  <System32\DRIVERS\P1060Blk.sys><Creative Technology Ltd.>
[Creative PC-CAM 350 (Video) / P1060VID][Running/Manual Start]
  <system32\DRIVERS\P1060vid.sys><Creative Technology Ltd.>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
  <\SystemRoot\System32\drivers\prodrv06.sys><Protection Technology>
[StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\prohlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
  <\SystemRoot\System32\drivers\prosync1.sys><Protection Technology>
[Ps2 / Ps2][Running/Manual Start]
  <System32\DRIVERS\PS2.sys><Hewlett-Packard Company>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139][Stopped/Manual Start]
  <System32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[SAVRT / SAVRT][Running/Manual Start]
  <\??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL][Running/System Start]
  <\??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp01.sys><Protection Technology>
[SiS315 / SiS315][Stopped/Manual Start]
  <System32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiS AGP Filter / SISAGP][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[SiSkp / SiSkp][Running/System Start]
  <System32\DRIVERS\srvkp.sys><Silicon Integrated Systems Corporation>
[SPBBCDrv / SPBBCDrv][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[SAMSUNG Mobile USB Device 1.0 driver (WDM) / ss_bus][Stopped/Manual Start]
  <system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl][Stopped/Manual Start]
  <system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm][Stopped/Manual Start]
  <system32\DRIVERS\ss_mdm.sys><MCCI>
[Alcor Micro Corp - 9360 / SunkFilt][Running/Manual Start]
  <\??\C:\WINDOWS\System32\Drivers\sunkfilt.sys><Alcor Micro Corp.>
[HP && Alcor Micro Corp for Phison / Sunkfiltp][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys><N/A>
[SYMDNS / SYMDNS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMFW / SYMFW][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation>
[SYMIDS / SYMIDS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMIDS.SYS><Symantec Corporation>
[SYMIDSCO / SYMIDSCO][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20071127.002\symidsco.sys><Symantec Corporation>
[symlcbrd / symlcbrd][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\symlcbrd.sys><Symantec Corporation>
[SYMNDIS / SYMNDIS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMNDIS.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <System32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[VIA AGP Filter / viaagp1][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viagfx / viagfx][Running/Manual Start]
  <System32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\D:\Program Files\按键精灵\hknms.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Stopped/Manual Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Stopped/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>
levis,李维斯

收藏10个帖子点亮QQ新图标,超酷!点击下面按钮即可 收藏到QQ书签

TOP

宝来.小云

中级会员

Rank: 7Rank: 7Rank: 7

积分
229 
威望
0 点 
金币
139 枚 
银币
895 枚 
2楼 发表于 2007-12-1 22:17 只看该作者
==================================
Browser Add-ons
[TOL24]
  {345ff7d8-2364-4ef7-889b-7d3c1d0bd342} <http://www.TOL24.com, N/A>
[BitComet Button]
  {461CC20B-FB6E-4f16-8FE8-C29359DB100E} <D:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll, BitComet>
[&Research]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQIEHelper.dll, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Norton Internet Security]
  {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, N/A>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, N/A>
[EWA Control]
  {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\Program Files\Tencent\qqlive\QQLiveInstaller.dll, N/A>
[MiniBugTransporterX Class]
  {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} <, N/A>
[WebGameLoader Class]
  {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} <C:\WINDOWS\Downloaded Program Files\ReflexiveWebGameLoader.dll, >
[AtlAtomadersCtlAttrib Class]
  {64D01C7F-810D-446E-A07E-16C764235644} <C:\WINDOWS\Downloaded Program Files\Atomaders.dll, Kraisoft Entertainment>
[MJLauncherCtrl Class]
  {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} <C:\WINDOWS\Downloaded Program Files\mjolauncher.dll, MumboJumbo Online>
[MSN Games - Installer]
  {B8BE5E93-A60C-4D26-A2DC-220313175592} <C:\WINDOWS\Downloaded Program Files\ZIntro.ocx, Microsoft Corporation>
[HGPlugin9USA Class]
  {CD995117-98E5-4169-9920-6C12D4C0B548} <C:\WINDOWS\Downloaded Program Files\HGPlugin9USA.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[SproutLauncherCtrl Class]
  {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} <C:\WINDOWS\Downloaded Program Files\SproutWebLauncher.dll, Sprout Games, LLC>
[SCEWebLauncherCtl Object]
  {DAF5D9A2-D982-4671-83E4-0398706A5F6A} <C:\WINDOWS\Downloaded Program Files\SCEWebLauncher.Ocx, Silver Creek Entertainment>
[PopCapLoader Object]
  {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} <C:\WINDOWS\Downloaded Program Files\popcaploader.dll, N/A>
[QuickTime Object]
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\WINDOWS\System32\QTPlugin.ocx, Apple Computer, Inc.>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, N/A>
[Norton Internet Security]
  {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, N/A>
[EWA Control]
  {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\Program Files\Tencent\qqlive\QQLiveInstaller.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <D:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll, BitComet>
[WebGameLoader Class]
  {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} <C:\WINDOWS\Downloaded Program Files\ReflexiveWebGameLoader.dll, >
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, N/A>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[AtlAtomadersCtlAttrib Class]
  {64D01C7F-810D-446E-A07E-16C764235644} <C:\WINDOWS\Downloaded Program Files\Atomaders.dll, Kraisoft Entertainment>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin07.dll, Thunder Networking Technologies,LTD>
[MJLauncherCtrl Class]
  {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} <C:\WINDOWS\Downloaded Program Files\mjolauncher.dll, MumboJumbo Online>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[LiveMediaOcx Control]
  {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} <C:\PROGRA~1\Tencent\qqlive\QQLive.ocx, N/A>
[CNisExtBho Class]
  {9ECB9560-04F9-4BBC-943D-298DDF1699E1} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, N/A>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[MSN Games - Installer]
  {B8BE5E93-A60C-4D26-A2DC-220313175592} <C:\WINDOWS\Downloaded Program Files\ZIntro.ocx, Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\MSADC\msadco.dll, Microsoft Corporation>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, N/A>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[HGPlugin9USA Class]
  {CD995117-98E5-4169-9920-6C12D4C0B548} <C:\WINDOWS\Downloaded Program Files\HGPlugin9USA.dll, N/A>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\System32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[SproutLauncherCtrl Class]
  {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} <C:\WINDOWS\Downloaded Program Files\SproutWebLauncher.dll, Sprout Games, LLC>
[SCEWebLauncherCtl Object]
  {DAF5D9A2-D982-4671-83E4-0398706A5F6A} <C:\WINDOWS\Downloaded Program Files\SCEWebLauncher.Ocx, Silver Creek Entertainment>
[PopCapLoader Object]
  {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} <C:\WINDOWS\Downloaded Program Files\popcaploader.dll, N/A>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[??我是骗子,快去举报我!??]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[??我是骗子,快去举报我!?????]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[我是骗子,快去举报我!???????]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[Add to QQ Customized Panel]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[Add to QQ Emoticons]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[Add to Vbuzzer RSS list]
  <, N/A>
[E&xport to Microsoft Excel]
  <res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000, N/A>
[Send the Picture by QQ MMS]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[ê1ó?Kugoo????]
  <, N/A>
[使用网际快车下载]
  <D:\网络工具\网际快车\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\网络工具\网际快车\FlashGet\jc_all.htm, N/A>
[查看 Exif 信息(&V)]
  <res://C:\Program Files\Exif Show\ExShow.dll/EXSHOW.HTML, N/A>
[添加到QQ表情]

TOP

dahuzi3938

中级会员

Rank: 7Rank: 7Rank: 7

积分
212 
威望
0 点 
金币
134 枚 
银币
776 枚 
3楼 发表于 2007-12-1 22:17 只看该作者
==================================
Running Processes
[PID: 604][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 676][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 764][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 916][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1000][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1152][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1200][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1692][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\dopdfmn5.dll]  [Softland, 5.3.243]
    [C:\WINDOWS\system32\E_SL2068.DLL]  [SEIKO EPSON CORPORATION, 2, 11, 0, 0]
    [C:\WINDOWS\system32\hpzsnt08.dll]  [HP, 2,223,0,0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\VbPrintProcesser.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.2969]
[PID: 1820][D:\AVG Anti-Spyware 7.5\guard.exe]  [GRISOFT s.r.o., 7, 5, 1, 22]
    [D:\AVG Anti-Spyware 7.5\engine.dll]  [GRISOFT s.r.o., 4, 2, 0, 19]
[PID: 1932][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\P1060SWA.DLL]  [Creative Technology Ltd., 1.00.01.00]
    [C:\WINDOWS\System32\P1060Wia.dll]  [Creative Technology Ltd., 1.00.01.00]
    [C:\WINDOWS\System32\CtCamMgr.dll]  [Creative Technology Ltd., 1.03.02.00]
    [C:\WINDOWS\System32\P1060Hwx.dll]  [Creative Technology Ltd., 1.00.05]
    [C:\WINDOWS\System32\P1060If.dll]  [Creative Technology Ltd., 1.00.05]
    [C:\WINDOWS\System32\P1060Raw.dll]  [Creative Technology Ltd., 1.00.05]
    [C:\WINDOWS\System32\p1060m01.dll]  [N/A, N/A]
[PID: 624][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [D:\AVG Anti-Spyware 7.5\context.dll]  [GRISOFT s.r.o., 7, 5, 1, 36]
[PID: 2168][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2308][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2564][C:\Program Files\Tencent\QQ.exe]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQBaseClassInDll.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQHelperDll.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\BasicCtrlDll.dll]  [TENCENT, 7, 1, 518, 1751]
    [C:\Program Files\Tencent\QQAPI.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\LoginCtrl.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\LoginCtrlRes.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQRes.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\WizardCtrl.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQMainFrame.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\UnReadMsgMgr.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\CQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\NewSkin.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\MailSummary.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQSpace.dll]  [TENCENT, 7,1,518,1751]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQKnowledgeSearch.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQGroupMng.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQAllInOne.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [C:\Program Files\Tencent\CameraDll.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQSysMsgMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\UserDefinedHead.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQPlugin.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQConfigPlugin.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQAvatar.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQCustomFace.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QRingMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\LongConnection.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQPet.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\PhoneAPI.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\Program Files\Tencent\BQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\CommercesMng.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\PersonalDesktop.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 310]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 10.1r11]
    [C:\Program Files\Tencent\QQSceneMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 1, 9, 97]
    [C:\Program Files\Tencent\ImageOle.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQLiveQMng.dll]  [TENCENT, 7,1,518,1751]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\Program Files\Tencent\GroupConnection.dll]  [TENCENT, 7,1,518,1751]
[PID: 2836][C:\Program Files\Tencent\TIMPlatform.exe]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 2284][C:\Program Files\Tencent\QQ.exe]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQBaseClassInDll.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQHelperDll.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\BasicCtrlDll.dll]  [TENCENT, 7, 1, 518, 1751]
    [C:\Program Files\Tencent\QQAPI.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\LoginCtrl.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\LoginCtrlRes.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQRes.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQMainFrame.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\UnReadMsgMgr.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\CQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\NewSkin.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\MailSummary.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQSpace.dll]  [TENCENT, 7,1,518,1751]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQKnowledgeSearch.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQGroupMng.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQAllInOne.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [C:\Program Files\Tencent\CameraDll.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQSysMsgMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\UserDefinedHead.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQPlugin.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQConfigPlugin.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQAvatar.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQCustomFace.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QRingMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQPet.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\LongConnection.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\PhoneAPI.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\Program Files\Tencent\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 310]
    [C:\Program Files\Tencent\BQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\CommercesMng.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\PersonalDesktop.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\GroupConnection.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQSceneMng.dll]  [N/A, N/A]
[PID: 3252][C:\Program Files\Tencent\QQexternal.exe]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\BasicCtrlDll.dll]  [TENCENT, 7, 1, 518, 1751]
    [C:\Program Files\Tencent\QQHelperDll.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQBaseClassInDll.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Tencent\QQRes.dll]  [TENCENT, 7,1,518,1751]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 11.0.16.2]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 11.0.16.2]
    [C:\Program Files\Common Files\Symantec Shared\ccL30.dll]  [Symantec Corporation, 103.0.9.2]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.0.9.2]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 10.1r11]
[PID: 2784][D:\arswpwindows助手\arswp\arswp.exe]  [ArSwp.com, 2, 5, 0, 1128]
    [D:\arswpwindows助手\arswp\plugin\ArFix.dll]  [ArSwp.Com, 2, 5, 0, 0]
[PID: 1672][C:\Program Files\Microsoft Office\Office\WINWORD.EXE]  [Microsoft Corporation, 9.0.2823]
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\OfficeAV.dll]  [Symantec Corporation, 103.0.3.8]
    [C:\Program Files\Common Files\Symantec Shared\ccL30.dll]  [Symantec Corporation, 103.0.9.2]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_DU11ZE.DLL]  [SEIKO EPSON Corporation, 1.2.0]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_DMAI11.DLL]  [SEIKO EPSON Corporation, 0.2.0.10]
[PID: 3164][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 11.0.16.2]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 11.0.16.2]
    [C:\Program Files\Common Files\Symantec Shared\ccL30.dll]  [Symantec Corporation, 103.0.9.2]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.0.9.2]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 10.1r11]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 1572][D:\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]

==================================
File Associations
.TXT  Error. [NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
API HOOK
N/A

==================================

TOP

Diaw

中级会员

Rank: 7Rank: 7Rank: 7

积分
190 
威望
0 点 
金币
116 枚 
银币
740 枚 
4楼 发表于 2007-12-1 22:17 只看该作者
还有啊,我的诺顿被自动LOG OFF了,我不知道 LOG ON 的用户名和密码,好像装的时候没让设这些。重新开机还是LOG OFF的。卸载都不行,郁闷啊!!有办法硬卸吗?

TOP

pamm

中级会员

Rank: 7Rank: 7Rank: 7

积分
191 
威望
0 点 
金币
117 枚 
银币
739 枚 
5楼 发表于 2007-12-1 22:17 只看该作者
关闭IE用下面的工具全选,清理系统临时文件和IE临时文件夹      
http://hzqedison.mm9mm.com/hanhua/ATF-Cleaner-cn.exe
xdelbox删除下面文件(按住鼠标左键向下拖动,用鼠标从第一行拖动从上往下到最后一行,右键复制,或者(添入“文件路径”点击“添加”路径),在xdelbox窗口空白处点右键-从剪贴板导入,在抑制再生前打钩,在要删除文件上点击右键,选择立刻重启删除,如果有提示不用理会,确定。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等))。
C:\WINDOWS\system32\drivers\cnprov.sys

运行 SREngPS.EXE在"启动项目->服务->"驱动程序"选中"隐藏微软服务" 然后将下面名称的服务
"删除服务"->"设置"->"否" (注意: 按"否"是确认删除服务,按"是"为取消操作)

[cnprov / cnprov][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cnprov.sys><N/A>

Windows清理助手升级查一下:
http://www.arswp.com/download/arswp2/arswp2.zip
楼主把杀毒软件报的路径描述出来。方便清除病毒。

TOP

木钟无仁

中级会员

Rank: 7Rank: 7Rank: 7

积分
159 
威望
0 点 
金币
98 枚 
银币
611 枚 
6楼 发表于 2007-12-1 22:17 只看该作者
谢谢楼上回答

不过 C:\WINDOWS\system32\drivers\cnprov.sys 在XDELBOX 里提示文件不存在

[cnprov / cnprov][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cnprov.sys><N/A>
没找到


病毒路径:
[Trojan.avxpsw.ext]
C:\WINDOWS\SYSTEM32\RSFUNSER.INI

[Trojan Files]
C:\WINDOWS\SYSTEM32\CONIME\

病毒症状依然还存在

TOP

阿翠

中级会员

Rank: 7Rank: 7Rank: 7

积分
336 
威望
0 点 
金币
230 枚 
银币
1057 枚 
7楼 发表于 2007-12-1 22:17 只看该作者
我考虑重装C盘了,搞不定

TOP

吖桃

中级会员

Rank: 7Rank: 7Rank: 7

积分
323 
威望
0 点 
金币
228 枚 
银币
953 枚 
8楼 发表于 2007-12-2 08:10 只看该作者
不错啊! 一个字牛啊!

TOP

‹‹ 上一主题 | 下一主题 ››
发新话题