收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 软件区 解疑答难区 病毒求助
12
返回列表 发新帖
楼主: wbaaa123
 收起左侧

[已解决] 病毒求助

 关闭 [复制链接]
wbaaa123
 楼主| 发表于 2007-11-29 12:25:13 | 显示全部楼层
[c:\windows\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WZCSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2977 (xpsp.060818-0034)]
    [c:\windows\system32\WZCSvc.DLL]  [Microsoft Corporation, 5.1.2600.2977 (xpsp.060818-0034)]
    [c:\windows\system32\WMI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\wbem\wmisvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VSSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\HNETCFG.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\ipnathlp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\MSWSOCK.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, ]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\browser.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\wbemcomn.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\Wbem\wbemcore.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\System32\Wbem\esscli.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\Wbem\FastProx.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\wmiutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\repdrvfs.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\wmiprvsd.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NCObjAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\wbemess.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\wbem\ncprov.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xactsrv.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETRAP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\wbemsvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_qfe.070416-1259)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_qfe.070619-1301)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp.050725-1531)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.2995 (xpsp.060913-0019)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [c:\windows\system32\dnsrslvr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\ESET\pr_imon.dll]  [N/A, ]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, ]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 856 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_qfe.070416-1259)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_qfe.070619-1301)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp.050725-1531)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.2995 (xpsp.060913-0019)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\lmhsvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1280 / Alexander][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_qfe.070416-1259)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052)]
    [C:\WINDOWS\system32\BROWSEUI.dll]  [Microsoft Corporation, 6.00.2900.2995 (xpsp.060913-0019)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_qfe.070619-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp.050725-1531)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.2995 (xpsp.060913-0019)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\SHDOCVW.dll]  [Microsoft Corporation, 6.00.2900.2987 (xpsp.060901-0211)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp.060817-0113)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [F:\MICROS~2\Office12\GRA8E1~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [F:\MICROS~2\Office12\GrooveUtil.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [F:\MICROS~2\Office12\GrooveNew.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\MSImg32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\themeui.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msutb.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3194 (xpsp_sp2_qfe.070810-1448)]
    [C:\WINDOWS\system32\LINKINFO.dll]  [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)]
    [C:\WINDOWS\system32\ntshrui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\MICROS~2\Office12\GR99D3~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\msxml3.dll]  [Microsoft Corporation, 8.90.1101.0]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 3.1.4000.4039]
回复

举报

wbaaa123
 楼主| 发表于 2007-11-29 12:26:38 | 显示全部楼层
[C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp.050725-1531)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.2995 (xpsp.060913-0019)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\AST\AST.dll]  [DSW Lab, 1.0.0.5]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 308 / Alexander][F:\AST\AST.exe]  [DSW Lab, 1, 8, 6, 0]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_qfe.070416-1259)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_qfe.070619-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.2995 (xpsp.060913-0019)]
    [F:\AST\dbghelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\AST\common.dll]  [DSW Lab, 1.4.0.7]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1228]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3194 (xpsp_sp2_qfe.070810-1448)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp.050725-1531)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\AST\aScanCom.dll]  [DSW Lab, 2.1.1.27]
    [F:\AST\AST.dll]  [DSW Lab, 1.0.0.5]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [F:\AST\AutoRun.dll]  [ DSW Lab, 2.2.2.1]
    [F:\AST\EngineSDK.dll]  [DSW Lab, 2.2.1.23]
    [F:\AST\FileAnalyser.dll]  [DSW Lab , 1.0.1.7]
    [C:\WINDOWS\system32\Wintrust.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\AST\KillModule.dll]  [DSW Lab, 1.2.2.1]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\AST\ManagerProcess.dll]  [DSW Lab, 1.3.4.1]
    [F:\AST\ManagerService.dll]  [DSW Lab, 1.0.6.0]
    [F:\AST\Monitor.dll]  [DSW Lab, 1.7.8.12]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp.060817-0113)]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
    [F:\AST\PortAssociate.dll]  [DSW Lab, 1.0.3.0]
    [F:\AST\smart.dll]  [DSW Lab, 1.0.0.17]
    [F:\AST\SSDT.dll]  [DSW Lab, 1.0.2.1]
    [F:\AST\StateViewer.dll]  [DSW Lab, 1.0.0.1]
    [F:\AST\TIERepair.dll]  [Secward , 1.2.2.0]
    [F:\AST\tRubbishClear.dll]  [Secward , 1.5.2.2]
    [F:\AST\tSecurityOptimize.dll]  [DSW Lab, 1.1.0.6]
    [F:\AST\unarc.dll]  [DSW Lab, 1.2.5]
    [F:\AST\zDiagnosticTool.dll]  [Secward , 1.2.1.0]
    [F:\AST\MScaner.dll]  [DSW Lab, 1.0.0.11]
    [F:\AST\SKEngine.dll]  [DSW Lab, 1.6.5.10]
    [F:\AST\sm.dll]  [DSW Lab, 1.0.0.1]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [F:\MICROS~2\Office12\GRA8E1~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [F:\MICROS~2\Office12\GrooveUtil.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [F:\MICROS~2\Office12\GrooveNew.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\userenv.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cryptnet.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SensApi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [F:\ESET\pr_imon.dll]  [N/A, ]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\MPRAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mshtml.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\msls31.dll]  [Microsoft Corporation, 3.10.349.0]
    [C:\WINDOWS\system32\MLANG.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\msimtf.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\AVP7\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\jscript.dll]  [Microsoft Corporation, 5.7.0.5730]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
[PID: 372 / Alexander][C:\WINDOWS\system32\NOTEPAD.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_qfe.070416-1259)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.2995 (xpsp.060913-0019)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_qfe.070619-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp.050725-1531)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\AST\AST.dll]  [DSW Lab, 1.0.0.5]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3194 (xpsp_sp2_qfe.070810-1448)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2960 / Alexander][F:\Tools\Sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_qfe.070416-1259)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_qfe.070619-1301)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.2995 (xpsp.060913-0019)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\oledlg.dll]  [Microsoft Corporation, 1.0 (xpsp_sp2_gdr.061016-0148)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp.050725-1531)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
回复

举报

wbaaa123
 楼主| 发表于 2007-11-29 12:26:54 | 显示全部楼层
[C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1228]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\AST\AST.dll]  [DSW Lab, 1.0.0.5]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3194 (xpsp_sp2_qfe.070810-1448)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\Tools\Sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\RASAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp.060817-0113)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\ESET\pr_imon.dll]  [N/A, ]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, ]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\LINKINFO.dll]  [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)]
    [C:\WINDOWS\system32\ntshrui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\cryptnet.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SensApi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Cabinet.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\MICROS~2\Office12\GRA8E1~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [F:\MICROS~2\Office12\GrooveUtil.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [F:\MICROS~2\Office12\GrooveNew.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\WINDOWS\system32\MSImg32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Winsta.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\utildll.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
==================================
文件关联
N/A

==================================
Winsock 提供者
NOD32 protected [MSAFD Tcpip [TCP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(, N/A)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(, N/A)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(, N/A)
RSVP UDP Service Provider
    C:\WINDOWS\system32\TcpIpDogR0.dll(, N/A)
RSVP TCP Service Provider
    C:\WINDOWS\system32\TcpIpDogR0.dll(, N/A)
NOD32
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1552, F:\ESET\NOD32.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1640, F:\TOOLS\WSYSCHECK\WSYSCHECK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1640, F:\TOOLS\WSYSCHECK\WSYSCHECK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1740, F:\DR.COM\ISHARE_USER.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 308, F:\AST\AST.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 308, F:\AST\AST.EXE]

==================================
API HOOK
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: F:\AST\AST.dll)

==================================
隐藏进程
N/A

==================================


[/CODE]
回复

举报

wbaaa123
 楼主| 发表于 2007-11-29 12:31:09 | 显示全部楼层
[CODE]
2007-11-29,12:28:32
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
    浏览器加载项
    文件关联
    HOSTS 文件

启动项目
注册表
N/A
==================================
启动文件夹
N/A
==================================
服务
N/A
==================================
驱动程序
N/A
==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <F:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Send to OneNote from Internet Explorer button]
  {2670000A-7350-4f3c-8081-5663EE0C6C49} <F:\MICROS~2\Office12\ONBttnIE.dll, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[Java Plug-in]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
  {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <F:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Yahoo! Companion BHO]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <F:\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Microsoft Web Test Recorder Helper]
  {62355041-605D-4469-84FD-5D66ED67A7E3} <F:\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO.dll, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Groove GFS Browser Helper]
  {72853161-30C5-4D22-B7F9-0BBC1D38A37E} <F:\MICROS~2\Office12\GRA8E1~1.DLL, Microsoft Corporation>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Java Plug-in]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[IEPluserObj Class]
  {8B88F674-E6E9-4D1D-B6C9-7944C0F15C38} <C:\WINDOWS\system32\IEPluser.dll, by AnGi`` at 2006/11/15>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx, Adobe Systems, Inc.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[&Yahoo! Companion]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <, N/A>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[使用迅雷下载]
  <F:\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <F:\Thunder\Program\getallurl.htm, N/A>
==================================
正在运行的进程
N/A
==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1       localhost
127.0.0.1 89382.cn
127.0.0.1 97725.com
127.0.0.1 43242.com
127.0.0.1 gualeifafksajof.43242.com
127.0.0.1 jiaofei123.140.tofor.com
127.0.0.1 ben666888.www1.910idc.com
127.0.0.1 pchorne.com
127.0.0.1 www.ctv163.com
127.0.0.1 www.aiaiso.com
127.0.0.1 cool.47555.com
127.0.0.1 guajfskajiw.43242.com
127.0.0.1 www.3448.com
127.0.0.1 pkdown.3322.org
127.0.0.1 ddos2.sz45.com
127.0.0.1 www.113678.com
127.0.0.1 www.1861.sh
127.0.0.1 www.x44.cn
127.0.0.1 www.799789.com
127.0.0.1 www.zhengdian.com
127.0.0.1 www.9000music.com
127.0.0.1 girlchinese.com
127.0.0.1 www.yibinren.com
127.0.0.1 www.mtv51.com
127.0.0.1 [url=http://www.163[1].com]www.163[1].com[/url]
127.0.0.1 www.37021.com
127.0.0.1 www.cnqb.net
127.0.0.1 www.qq3344.com
127.0.0.1 www.qq3344.net
127.0.0.1 youlove.3322.net
127.0.0.1 www.58589.com
127.0.0.1 tty.yyun.net
127.0.0.1 www.ftlink.net
127.0.0.1 home.kimo.com.tw
127.0.0.1 www.pixpox.com
127.0.0.1 www.k163.com
127.0.0.1 www.dj3344.com
127.0.0.1 www.yysky.net
127.0.0.1 61.145.117.212
127.0.0.1 ResponseMedia-ad.flycast.com
127.0.0.1 Suissa-ad.flycast.com
127.0.0.1 UGO.eu-adcenter.net
127.0.0.1 VNU.eu-adcenter.net
127.0.0.1 a32.g.a.yimg.com
127.0.0.1 ad-adex3.flycast.com
127.0.0.1 ad.adsmart.net
127.0.0.1 ad.ca.doubleclick.net
127.0.0.1 ad.de.doubleclick.net
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad.fr.doubleclick.net
127.0.0.1 ad.jp.doubleclick.net
127.0.0.1 ad.linkexchange.com
127.0.0.1 ad.linksynergy.com
127.0.0.1 ad.nl.doubleclick.net
127.0.0.1 ad.no.doubleclick.net
127.0.0.1 ad.preferences.com
127.0.0.1 ad.sma.punto.net
127.0.0.1 ad.uk.doubleclick.net
127.0.0.1 ad.webprovider.com
127.0.0.1 ad08.focalink.com
127.0.0.1 adcontroller.unicast.com
127.0.0.1 adcreatives.imaginemedia.com
127.0.0.1 adforce.ads.imgis.com
127.0.0.1 adforce.imgis.com
127.0.0.1 adfu.blockstackers.com
127.0.0.1 adimage.blm.net
127.0.0.1 adimages.earthweb.com
127.0.0.1 adimg.egroups.com
127.0.0.1 admedia.xoom.com
127.0.0.1 adpick.switchboard.com
127.0.0.1 adremote.pathfinder.com
127.0.0.1 ads.admaximize.com
127.0.0.1 ads.bfast.com
127.0.0.1 ads.clickhouse.com
127.0.0.1 ads.enliven.com
127.0.0.1 ads.fairfax.com.au
127.0.0.1 ads.fool.com
127.0.0.1 ads.freshmeat.net
127.0.0.1 ads.hollywood.com
127.0.0.1 ads.i33.com
127.0.0.1 ads.infi.net
127.0.0.1 ads.jwtt3.com
127.0.0.1 ads.link4ads.com
127.0.0.1 ads.lycos.com
127.0.0.1 ads.madison.com
127.0.0.1 ads.mediaodyssey.com
127.0.0.1 ads.msn.com
127.0.0.1 ads.ninemsn.com.au
127.0.0.1 ads.seattletimes.com
127.0.0.1 ads.smartclicks.com
127.0.0.1 ads.smartclicks.net
127.0.0.1 ads.sptimes.com
127.0.0.1 ads.tripod.com
127.0.0.1 ads.web.aol.com
127.0.0.1 ads.x10.com
127.0.0.1 ads.xtra.co.nz
127.0.0.1 ads.zdnet.com
127.0.0.1 ads01.focalink.com
127.0.0.1 ads02.focalink.com
127.0.0.1 ads03.focalink.com
127.0.0.1 ads04.focalink.com
127.0.0.1 ads05.focalink.com
127.0.0.1 ads06.focalink.com
127.0.0.1 ads08.focalink.com
127.0.0.1 ads09.focalink.com
127.0.0.1 ads1.activeagent.at
127.0.0.1 ads10.focalink.com
127.0.0.1 ads11.focalink.com
127.0.0.1 ads12.focalink.com
127.0.0.1 ads14.focalink.com
127.0.0.1 ads16.focalink.com
127.0.0.1 ads17.focalink.com
127.0.0.1 ads18.focalink.com
127.0.0.1 ads19.focalink.com
127.0.0.1 ads2.zdnet.com
127.0.0.1 ads20.focalink.com
127.0.0.1 ads21.focalink.com
127.0.0.1 ads22.focalink.com
127.0.0.1 ads23.focalink.com
127.0.0.1 ads24.focalink.com
127.0.0.1 ads25.focalink.com
127.0.0.1 ads3.zdnet.com
127.0.0.1 ads5.gamecity.net
127.0.0.1 adserv.iafrica.com
127.0.0.1 adserv.quality-channel.de
127.0.0.1 adserver.dbusiness.com
127.0.0.1 adserver.garden.com
127.0.0.1 adserver.janes.com
127.0.0.1 adserver.merc.com
127.0.0.1 adserver.monster.com
127.0.0.1 adserver.track-star.com
127.0.0.1 adserver1.ogilvy-interactive.de
127.0.0.1 adtegrity.spinbox.net
127.0.0.1 antfarm-ad.flycast.com
127.0.0.1 au.ads.link4ads.com
127.0.0.1 banner.media-system.de
127.0.0.1 banner.orb.net
127.0.0.1 banner.relcom.ru
127.0.0.1 banners.easydns.com
127.0.0.1 banners.looksmart.com
127.0.0.1 banners.wunderground.com
127.0.0.1 barnesandnoble.bfast.com
127.0.0.1 beseenad.looksmart.com
127.0.0.1 bizad.nikkeibp.co.jp
127.0.0.1 bn.bfast.com
127.0.0.1 c3.xxxcounter.com
127.0.0.1 califia.imaginemedia.com
127.0.0.1 cds.mediaplex.com
127.0.0.1 click.avenuea.com
127.0.0.1 click.go2net.com
127.0.0.1 click.linksynergy.com
127.0.0.1 cookies.cmpnet.com
127.0.0.1 cornflakes.pathfinder.com
127.0.0.1 counter.hitbox.com
127.0.0.1 crux.songline.com
127.0.0.1 erie.smartage.com
127.0.0.1 etad.telegraph.co.uk
127.0.0.1 fp.valueclick.com
127.0.0.1 gadgeteer.pdamart.com
127.0.0.1 gm.preferences.com
127.0.0.1 gp.dejanews.com
127.0.0.1 hg1.hitbox.com
127.0.0.1 image.click2net.com
127.0.0.1 image.eimg.com
127.0.0.1 images2.nytimes.com
127.0.0.1 jobkeys.ngadcenter.net
127.0.0.1 kansas.valueclick.com
127.0.0.1 leader.linkexchange.com
127.0.0.1 liquidad.narrowcastmedia.com
127.0.0.1 ln.doubleclick.net
127.0.0.1 m.doubleclick.net
127.0.0.1 macaddictads.snv.futurenet.com
127.0.0.1 maximumpcads.imaginemedia.com
127.0.0.1 media.preferences.com
127.0.0.1 mercury.rmuk.co.uk
127.0.0.1 mojofarm.sjc.mediaplex.com
127.0.0.1 nbc.adbureau.net
127.0.0.1 newads.cmpnet.com
127.0.0.1 ng3.ads.warnerbros.com
127.0.0.1 ngads.smartage.com
127.0.0.1 nsads.hotwired.com
127.0.0.1 ntbanner.digitalriver.com
127.0.0.1 ph-ad05.focalink.com
127.0.0.1 ph-ad07.focalink.com
127.0.0.1 ph-ad16.focalink.com
127.0.0.1 ph-ad17.focalink.com
127.0.0.1 ph-ad18.focalink.com
127.0.0.1 realads.realmedia.com
127.0.0.1 redherring.ngadcenter.net
127.0.0.1 redirect.click2net.com
127.0.0.1 regio.adlink.de
127.0.0.1 retaildirect.realmedia.com
127.0.0.1 s2.focalink.com
127.0.0.1 sh4sure-images.adbureau.net
127.0.0.1 spin.spinbox.net
127.0.0.1 static.admaximize.com
127.0.0.1 stats.superstats.com
127.0.0.1 sview.avenuea.com
127.0.0.1 thinknyc.eu-adcenter.net
127.0.0.1 tracker.clicktrade.com
127.0.0.1 tsms-ad.tsms.com
127.0.0.1 v0.extreme-dm.com
127.0.0.1 v1.extreme-dm.com
127.0.0.1 van.ads.link4ads.com
127.0.0.1 view.accendo.com
127.0.0.1 w113.hitbox.com
127.0.0.1 w25.hitbox.com
127.0.0.1 web2.deja.com
127.0.0.1 webads.bizservers.com
127.0.0.1 www.PostMasterBannerNet.com
127.0.0.1 www.ad-up.com
127.0.0.1 www.admex.com
127.0.0.1 www.alladvantage.com
127.0.0.1 www.burstnet.com
127.0.0.1 www.commission-junction.com
127.0.0.1 www.eads.com
127.0.0.1 www.freestats.com
127.0.0.1 www.imaginemedia.com
127.0.0.1 www.netdirect.nl
127.0.0.1 www.oneandonlynetwork.com
127.0.0.1 www.targetshop.com
127.0.0.1 www.teknosurf2.com
127.0.0.1 www.teknosurf3.com
127.0.0.1 www.valueclick.com
127.0.0.1 www.websitefinancing.com
127.0.0.1 www2.burstnet.com
127.0.0.1 www4.trix.net
127.0.0.1 www80.valueclick.com
127.0.0.1 z.extreme-dm.com
127.0.0.1 z0.extreme-dm.com
127.0.0.1 z1.extreme-dm.com
127.0.0.1 ads.rediff.com
127.0.0.1 ads.indya.com
127.0.0.1 ads.adflight.com
127.0.0.1 ads.beguide.net
127.0.0.1 ads.mediaturf.net
127.0.0.1 ad1.adcept.net
127.0.0.1 ad2.adcept.net
127.0.0.1 ad3.adcept.net
127.0.0.1 ads.fortunecity.com
127.0.0.1 www.139cn.com
127.0.0.1 www.7liao.com
127.0.0.1 chat.51liao.net
127.0.0.1 www.51liao.net
127.0.0.1 www.7liao.net
127.0.0.1 www.6see.com
127.0.0.1 bliao.com
127.0.0.1 www.bliao.com
127.0.0.1 hao123.net
127.0.0.1 www.hao123.net
127.0.0.1 www.hao222.net
127.0.0.1 www.hao222.com
127.0.0.1 www.v111.com
127.0.0.1 music.v111.com
127.0.0.1 www.qq165.com
127.0.0.1 www.xicu.com
127.0.0.1 www.haodx.com
127.0.0.1 www.haohz.com
127.0.0.1 www.dj99.com
127.0.0.1 www.dj99.net
127.0.0.1 www.yqdj.com
127.0.0.1 www.qq530.com
127.0.0.1 www.tt67.com
127.0.0.1 ad.t2t2.com
127.0.0.1 www.yexr.com
127.0.0.1 chat.9see.com
127.0.0.1 www.ok816.com
127.0.0.1 www.3399.net
127.0.0.1 www.ads8.com
127.0.0.1 www.5566.net
127.0.0.1 www.t2t2.com
127.0.0.1 popad.qq.com
127.0.0.1 v.jsdownload.com
127.0.0.1 www.linktoad.com
127.0.0.1 club.homeway.com.cn
127.0.0.1 sms1.ctn.com.cn
127.0.0.1 sms2.ctn.com.cn
127.0.0.1 sms3.ctn.com.cn
127.0.0.1 www.331122.com
127.0.0.1 mmpic.uni.cc
127.0.0.1 www.love34.com
127.0.0.1 www.free-movie.org
127.0.0.1 www.skyhits.com
127.0.0.1 www.rd18.com
127.0.0.1 tadsweb.tencent.com
127.0.0.1 www.vlike.com
127.0.0.1 www.chinasee.net
127.0.0.1 www.japansky.net
127.0.0.1 www.225.com.cn
127.0.0.1 ads.china.com
127.0.0.1 www.yes521.com
127.0.0.1 www.today6.com
127.0.0.1 www.h2004.com
127.0.0.1 www.movie4.com
127.0.0.1 www.rm88.com
127.0.0.1 www.qq300.com
127.0.0.1 www.qq500.com
127.0.0.1 www.av126.com
127.0.0.1 www.kissmm.com
127.0.0.1 www.cn808.net
127.0.0.1 www.hao168.com
127.0.0.1 www.mm91.com
127.0.0.1 www.huole.com
127.0.0.1 www.kan69.com
127.0.0.1 ulinkdir.tom.com
127.0.0.1 cpc.sohu.com
127.0.0.1 images.sohu.com
127.0.0.1 adv.pconline.com.cn
127.0.0.1 goto.sohu.com
127.0.0.1 images2.sohu.com
127.0.0.1 www.sexy-books.com
127.0.0.1 www.xxbooks.com
127.0.0.1 www.18it.com
127.0.0.1 www.cnxxx.com
127.0.0.1 www.18-girl.net
127.0.0.1 ad.tom.com
127.0.0.1 ad4.sina.com.cn
127.0.0.1 sina.allyes.com
127.0.0.1 adtaobao.allyes.com
127.0.0.1 smarttrade.allyes.com
127.0.0.1 tom.allyes.com
127.0.0.1 szwindow.allyes.com
127.0.0.1 eachnetmember.allyes.com
127.0.0.1 iplus.allyes.com
127.0.0.1 sinatest.allyes.com
127.0.0.1 casting9.allyes.com
127.0.0.1 yinsha.allyes.com
127.0.0.1 stockstar.allyes.com
127.0.0.1 www.001x.com
127.0.0.1 www.hksexweb.com
127.0.0.1 www.99adultx.com
127.0.0.1 www2.xfreehosting.com
127.0.0.1 www1.xfreehosting.com
127.0.0.1 www.w555.net
127.0.0.1 www.excitecity.com
127.0.0.1 www.0xing.com
127.0.0.1 sba.3322.net
127.0.0.1 www.zgxl.net
127.0.0.1 www.qqpic.com
127.0.0.1 webspacecn.com
127.0.0.1 www.yeapple.com
127.0.0.1 manage.link8.com
127.0.0.1 www.web888.org
127.0.0.1 www.432.cn
127.0.0.1 www.kan123.com
127.0.0.1 www.3tom.com
127.0.0.1 www.sotop.com
127.0.0.1 www3.7789.com
127.0.0.1 www.66036.com
127.0.0.1 www1.66036.com
127.0.0.1 www2.66036.com
127.0.0.1 www3.66036.com
127.0.0.1 www4.66036.com
127.0.0.1 www5.66036.com
127.0.0.1 www6.66036.com
127.0.0.1 www7.66036.com
127.0.0.1 www8.66036.com
127.0.0.1 www9.66036.com
127.0.0.1 www10.66036.com
127.0.0.1 tj4.7789.com
127.0.0.1 tj5.7789.com
127.0.0.1 tj6.7789.com
127.0.0.1 tj7.7789.com
127.0.0.1 www.7789.com
127.0.0.1 count.zhao123.com
127.0.0.1 count1.zhao123.com
127.0.0.1 count2.zhao123.com
127.0.0.1 count3.zhao123.com
回复

举报

wbaaa123
 楼主| 发表于 2007-11-29 12:31:28 | 显示全部楼层
127.0.0.1 count4.zhaocount.com
127.0.0.1 count5.zhaocount.com
127.0.0.1 count6.zhaocount.com
127.0.0.1 count7.zhaocount.com
127.0.0.1 count8.zhaocount.com
127.0.0.1 count9.zhaocount.com
127.0.0.1 count10.zhaocount.com
127.0.0.1 count11.zhaocount.com
127.0.0.1 tj1.mytongji.com
127.0.0.1 count1.99count.com
127.0.0.1 www.99count.com
127.0.0.1 bar.baidu.com
127.0.0.1 www2.7789.com
127.0.0.1 www.guang.org
127.0.0.1 www.dlmovie.com
127.0.0.1 www.91look.com
127.0.0.1 www.kan51.com
127.0.0.1 www.mewo.com
127.0.0.1 coolsite21.com
127.0.0.1 www.t3j4.com
127.0.0.1 www.yun8.com
127.0.0.1 film.yun8.com
127.0.0.1 www.wo123.com
127.0.0.1 www.da123.com
127.0.0.1 www.1ya.cn
127.0.0.1 www.sleazydream.com
127.0.0.1 www.easypic2.com
127.0.0.1 serv.sexushost.com
127.0.0.1 www.xfreehosting.com
127.0.0.1 www.888txt.com
127.0.0.1 asiafriendfinder.com
127.0.0.1 www3.cool168.com
127.0.0.1 www2.cool168.com
127.0.0.1 www1.cool168.com
127.0.0.1 www.happy8.cn
127.0.0.1 www.topsex2k.com
127.0.0.1 topxxx.sexushost.com
127.0.0.1 www.cool168.com
127.0.0.1 www.s6.cn
127.0.0.1 popme.163.com
127.0.0.1 adclient.163.com
127.0.0.1 fadama.com
127.0.0.1 www.66vv.com
127.0.0.1 www.qqee.com
127.0.0.1 www.sohu123.com
127.0.0.1 www.xgmm.com
127.0.0.1 www.7t7t.com
127.0.0.1 www.cnimg.com
127.0.0.1 cdn2.cnnic.cn
127.0.0.1 cool.vv66.com
127.0.0.1 www.vv66.com
127.0.0.1 www.freepicturepage.com
127.0.0.1 www.snasty.com
127.0.0.1 www.yourcage.com
127.0.0.1 www.shagadelic.com
127.0.0.1 hualiao.net
127.0.0.1 www.qq163.com
127.0.0.1 www.qq163.net
127.0.0.1 www.superdown.com
127.0.0.1 web.114.com.cn
127.0.0.1 www.114.com.cn
127.0.0.1 www.91f.cn
127.0.0.1 wwww.tthao.com
127.0.0.1 www.91f.org
127.0.0.1 www.v23.com
127.0.0.1 auto.search.msn.com
127.0.0.1 x2.51link.com
127.0.0.1 www.dosboy.com
127.0.0.1 x1.51link.com
127.0.0.1 www.textlink.cn
127.0.0.1 stat.textclick.com
127.0.0.1 www.easyhere.com
127.0.0.1 www.xxx168.com
127.0.0.1 ally.263.net
127.0.0.1 www.hualiao.net
127.0.0.1 www.xchina.com
127.0.0.1 www.sex.com
127.0.0.1 www.3xcn.com
127.0.0.1 www.20girl.com
127.0.0.1 www.x365x.com
127.0.0.1 chat.263.net
127.0.0.1 chat.yinsha.com
127.0.0.1 chat.tom.com
127.0.0.1 chat.xilu.com
127.0.0.1 www.aliao.com
127.0.0.1 chat.163.com
127.0.0.1 www.haoliao.com
127.0.0.1 www.liaoliao.com
127.0.0.1 www.haoliao.net
127.0.0.1 www.haoliao.cn
127.0.0.1 www.qqliao.com
127.0.0.1 www.qliao.com
127.0.0.1 www.loveliao.com
127.0.0.1 www.mmliao.com
127.0.0.1 chat.qq.com
127.0.0.1 vchat.xaonline.com
127.0.0.1 www.loveliao.net
127.0.0.1 www.sogua.com
127.0.0.1 www.99music.net
127.0.0.1 www.yzskdj.com
127.0.0.1 music.feifa.com
127.0.0.1 www.aisex.com
127.0.0.1 www.movie-down.com
127.0.0.1 www2.movie-down.com
127.0.0.1 www.tt90.com
127.0.0.1 www.tt78.com
127.0.0.1 www.tiankong.net
127.0.0.1 www.qqchat.cn
127.0.0.1 www.9see.com
127.0.0.1 www.woliao.net
127.0.0.1 www.woliao.com
127.0.0.1 www.kuro.com.cn
127.0.0.1 www.wangzhiku.com
127.0.0.1 hothack.home.chinaren.com
127.0.0.1 www.777888.com
127.0.0.1 www.5dsoft.com
127.0.0.1 www.wokoo.net
127.0.0.1 movie.sx.zj.cn
127.0.0.1 xyxy68.8u8.net
127.0.0.1 www.youmiss.com
127.0.0.1 www.cctv8.net
127.0.0.1 www.kuliao.com
127.0.0.1 www.yyqy.com
127.0.0.1 www.sunvod.com
127.0.0.1 www.t168.com
127.0.0.1 www.coolcdrom.com
127.0.0.1 www.girl008.com
127.0.0.1 xajh.15888.net
127.0.0.1 www.51bug.com
127.0.0.1 www.wplune.com
127.0.0.1 www.777888.net
127.0.0.1 pollen.my001.net
127.0.0.1 www.yule21.com
127.0.0.1 www.fish3000.com
127.0.0.1 www.666e.com
127.0.0.1 qm.8ok.com
127.0.0.1 www.guosir.ccoo.com
127.0.0.1 www.163mm.com
127.0.0.1 www.cnooo.com
127.0.0.1 www.es158.com
127.0.0.1 www.aisa-girl.net
127.0.0.1 www.boliwu.com
127.0.0.1 www.89005.com
127.0.0.1 www.cctv1.net
127.0.0.1 www.play.cn.gs
127.0.0.1 newyouth.3322.net
127.0.0.1 chinabdkx.363.net
127.0.0.1 www.zknew.com
127.0.0.1 www.dhchao.com
127.0.0.1 www.top666.net
127.0.0.1 www.amoisonic.com
127.0.0.1 www.markguide.com
127.0.0.1 www.xyxc.ccoo.com
127.0.0.1 www.flyingwalk.com
127.0.0.1 www.yezine.net
127.0.0.1 www.mmgirls.com
127.0.0.1 www.wa***.net
127.0.0.1 www.net5w.com
127.0.0.1 www.fbstu.com
127.0.0.1 www.qlwl.com
127.0.0.1 www.yinshang.com
127.0.0.1 www.ncunet.com
127.0.0.1 www.555666.net
127.0.0.1 www.fm1058.cc
127.0.0.1 meim.y365.com
127.0.0.1 www.qq520.net
127.0.0.1 jjkafei.longcity.net
127.0.0.1 chow.yesky.net
127.0.0.1 oicq.hk.st
127.0.0.1 www.my288.com
127.0.0.1 www.laws-online.net
127.0.0.1 www.hj168.net
127.0.0.1 16888.6to23.com
127.0.0.1 www.love520.net
127.0.0.1 www.qq520.com
127.0.0.1 www.ezhgc.com
127.0.0.1 www.eastedu.com.cn
127.0.0.1 www.435000.com
127.0.0.1 sdik.8ok.net
127.0.0.1 feiying.coolwww.net
127.0.0.1 zhongxuesheng.myrice.com
127.0.0.1 www.yes9999.com   
127.0.0.1 www.nnptt.com
127.0.0.1 vod.hengshui.com
127.0.0.1 tv.megajoy.com
127.0.0.1 www.h444.net
127.0.0.1 update.myxq.com
127.0.0.1 www.qq168.net  
127.0.0.1 www.777888.com  
127.0.0.1 www.5dsoft.com  
127.0.0.1 movie.sx.zj.cn   
127.0.0.1 www.yeapple.com  
127.0.0.1 winzheng.126.com
127.0.0.1 www.boliwo.com
127.0.0.1 www.pk.com
127.0.0.1 www.unionsky.cn
127.0.0.1 www.allyes.com
127.0.0.1 www.xxx.com
127.0.0.1 204.177.92.68
127.0.0.1 www.fassia.net        
127.0.0.1 www.jinpin.net        
127.0.0.1 www.happy666.net
127.0.0.1 www.myxq.com
127.0.0.1 dvd.qq92.com
127.0.0.1 www.16yi.com
127.0.0.1 www.ye77.com
127.0.0.1 www.7sese.com
127.0.0.1 www.1yin.net
127.0.0.1 www.77ttt.com
127.0.0.1 www.7mao.com
127.0.0.1 www.mydj2005.com
127.0.0.1 www.vv78.com
127.0.0.1 www.v119.com
127.0.0.1 100.332233.com
127.0.0.1 www.cashbackbuddy.com
127.0.0.1 www.10uu.com
127.0.0.1 fly950.nease.net
127.255.255.255 serial.alcohol-soft.com

==================================
进程特权扫描
N/A

==================================
API HOOK
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: F:\AST\AST.dll)

==================================
隐藏进程
N/A

==================================


[/CODE]
回复

举报

wbaaa123
 楼主| 发表于 2007-11-29 12:33:20 | 显示全部楼层
这回够完整了吧,只不过你们要辛苦了
回复

举报

wbaaa123
 楼主| 发表于 2007-11-29 14:24:29 | 显示全部楼层
嗯?怎么没人了呢?都被吓跑了?
回复

举报

wbaaa123
 楼主| 发表于 2007-12-4 11:06:55 | 显示全部楼层
呜,帖子沉下去了。
好吧,这两天考试,是我的原因,现在叙述一下状况:

Autoruns检测到一个可疑驱动NetGroup Packet Filter Driver (npf.sys)据说是“发ARP欺骗包的驱动程序”的病毒。

Dr.web和KAV7只检测到
木马程序 Trojan-Downloader.JS.IstBar.az 文件: F:\Portable Offline Browser\Download\u.keyrun.com\vo.js
这是我用脱机浏览器Portable Offline Browser下载的网页。

另我也发现了这些未知驱动,但没被杀软报警,我也搞不清他们的用处
Changer.sys
i2omgmt.sys
lbrtfdc.sys
PCIDump.sys
PDCOMP.sys
PDFRAME.sys
PDRELI.sys
PDRFRAME.sys
WDICA.sys

有谁知到告诉我一下。

又 无法弄清npf.sys是由什么病毒产生的,谁知道,请一并告诉我。

关于硬盘读写速度减慢近10倍的原因(传输500M需5分钟),我推测是没加载一些驱动造成的(我的是SATA硬盘)或丢失系统文件(*.dll)的原因

删除u.keyrun.com\vo.js和npf.sys后,我还原Windows文件夹后恢复正常。

注:npf.sys驱动在没联网的情况下又自动生成,还没找到原因。

还有SSM的规则为什么无法导入(SSM2.4.0.619)提示 access violation at 004043EA in module 'SysSafe.exe'.Read of address 00000001或00000026
随后弹出
Invalid class typecast
总之,我的任何以前导出的规则文件都导入失败。
另 有没有人能发一下依据Oceanzd大大《组类别升级设置(高级篇)》基础规则文件(仅系统进程、服务、驱动、注册表规则即可)。
这样既容易推广SSM,也节省我这样初级使用者的时间。
最后祝 兄弟姐妹们 学习进步,工作愉快!!
回复

举报

伊の星
发表于 2007-12-4 11:57:13 | 显示全部楼层
楼主辛苦了,
可以将报告压缩为附件上传吗??
至于ssm的规则,因为每个人的机子环境不一样,
所以最好自己编辑。
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-26 11:00 , Processed in 0.103532 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表