瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 求命啊,Trojan.PSW.Win32系列病毒应该怎么解决

123   3  /  3  页   跳转

求命啊,Trojan.PSW.Win32系列病毒应该怎么解决

收藏
whnld1693
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-12-14
  • 来自:
发表于: 2008-12-14 14:48 | 短消息 资料
字号: 21楼

回复: 求命啊,Trojan.PSW.Win32系列病毒应该怎么解决

[PID: 824 / Administrator][D:\QQ\TXPlatform.exe]  [Tencent, 1, 5, 225, 0]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]  [腾讯, 5, 0, 4, 15]
[PID: 372 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 7.00.6000.20935 (vista_ldr.081013-1507)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\TENCENT\SSPlus\SAddr1.dll]  [腾讯, 5, 1, 3, 12]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll]  [TENCENT, 3, 0, 5, 14]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\TBAddr.dll]  [TENCENT, 3, 0, 1, 12]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\QQMail.dll]  [TENCENT, 3, 0, 5, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Shuqian.dll]  [TENCENT, 3, 0, 6, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Wenwen.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Weather.dll]  [TENCENT, 3, 0, 2, 11]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Paipai.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Qzone.dll]  [TENCENT, 3, 0, 5, 11]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\MusicBox.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Hot.dll]  [TENCENT, 3, 0, 5, 12]
    [D:\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [D:\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx]  [Adobe Systems, Inc., 10,0,12,36]
    [C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5807.94.(29).dll]  [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5807, 94]
    [C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5871.223.(29).dll]  [Xunlei Networking Technologies,LTD, 2, 1, 5871, 223]
    [C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work]  [Xunlei Networking Technologies,LTD, 2, 1, 8, 90]
    [C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\ATL71.DLL]  [Microsoft Corporation, 7.10.6041.0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 1792 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.20935 (vista_ldr.081013-1507)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\TENCENT\SSPlus\SAddr1.dll]  [腾讯, 5, 1, 3, 12]
    [C:\Program Files\Tencent\QQToolbar\IEBar.dll]  [TENCENT, 3, 0, 5, 14]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll]  [TENCENT, 3, 0, 5, 14]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\TBAddr.dll]  [TENCENT, 3, 0, 1, 12]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\QQMail.dll]  [TENCENT, 3, 0, 5, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Shuqian.dll]  [TENCENT, 3, 0, 6, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Wenwen.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Weather.dll]  [TENCENT, 3, 0, 2, 11]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Paipai.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Qzone.dll]  [TENCENT, 3, 0, 5, 11]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\MusicBox.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Hot.dll]  [TENCENT, 3, 0, 5, 12]
    [D:\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [D:\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\UrlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [D:\360\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1005]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 3.6.0.1653]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx]  [Adobe Systems, Inc., 10,0,12,36]
[PID: 3796 / Administrator][C:\Program Files\Rising\Rav\rav.exe]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 72]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommon.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\ravpagem.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 9]
    [C:\Program Files\Rising\Rav\htmllib.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.17]
    [C:\Program Files\Rising\Rav\ravpagew.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 89]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [C:\Program Files\Rising\Rav\fakescan.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.14]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.39]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.5]
    [C:\Program Files\Rising\Rav\SysMail.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.11]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\mvengine.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\posttrt.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 25]
    [C:\Program Files\Rising\Rav\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [C:\Program Files\Rising\Rav\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22]
    [C:\Program Files\Rising\Rav\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6]
    [C:\Program Files\Rising\Rav\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 0]
    [C:\Program Files\Rising\Rav\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8]
    [C:\Program Files\Rising\Rav\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32]
    [C:\Program Files\Rising\Rav\scanpack.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10]
    [C:\Program Files\Rising\Rav\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [C:\Program Files\Rising\Rav\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [C:\Program Files\Rising\Rav\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22]
    [C:\Program Files\Rising\Rav\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [C:\Program Files\Rising\Rav\extole.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13]
    [C:\Program Files\Rising\Rav\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.9]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.36]
    [C:\Program Files\Rising\Rav\scriptci.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4]
    [C:\Program Files\Rising\Rav\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\Program Files\Rising\Rav\uroutine.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27]
    [C:\Program Files\Rising\Rav\ur004.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\Program Files\Rising\Rav\ur023.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
[PID: 1160 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 7.00.6000.20935 (vista_ldr.081013-1507)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\TENCENT\SSPlus\SAddr1.dll]  [腾讯, 5, 1, 3, 12]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll]  [TENCENT, 3, 0, 5, 14]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\TBAddr.dll]  [TENCENT, 3, 0, 1, 12]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\QQMail.dll]  [TENCENT, 3, 0, 5, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Shuqian.dll]  [TENCENT, 3, 0, 6, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Wenwen.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Weather.dll]  [TENCENT, 3, 0, 2, 11]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Paipai.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Qzone.dll]  [TENCENT, 3, 0, 5, 11]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\MusicBox.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Hot.dll]  [TENCENT, 3, 0, 5, 12]
    [D:\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [D:\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx]  [Adobe Systems, Inc., 10,0,12,36]
    [C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5807.94.(29).dll]  [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5807, 94]
    [C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5871.223.(29).dll]  [Xunlei Networking Technologies,LTD, 2, 1, 5871, 223]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 3.6.0.1653]
    [C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work]  [Xunlei Networking Technologies,LTD, 2, 1, 8, 90]
    [C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\ATL71.DLL]  [Microsoft Corporation, 7.10.6041.0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 3728 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 7.00.6000.20935 (vista_ldr.081013-1507)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\TENCENT\SSPlus\SAddr1.dll]  [腾讯, 5, 1, 3, 12]
    [C:\Program Files\Tencent\QQToolbar\IEBar.dll]  [TENCENT, 3, 0, 5, 14]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll]  [TENCENT, 3, 0, 5, 14]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\TBAddr.dll]  [TENCENT, 3, 0, 1, 12]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\QQMail.dll]  [TENCENT, 3, 0, 5, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Shuqian.dll]  [TENCENT, 3, 0, 6, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Wenwen.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Weather.dll]  [TENCENT, 3, 0, 2, 11]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Paipai.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Qzone.dll]  [TENCENT, 3, 0, 5, 11]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\MusicBox.dll]  [TENCENT, 3, 0, 3, 10]
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Hot.dll]  [TENCENT, 3, 0, 5, 12]
    [D:\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [D:\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\UrlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\Program Files\Rising\AntiSpyware\UrlRule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [D:\360\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1005]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx]  [Adobe Systems, Inc., 10,0,12,36]
[PID: 2752 / Administrator][D:\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]  [腾讯, 5, 0, 4, 15]
[PID: 1524 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.469\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
[PID: 2660 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.469\SRE20a24b8d.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]  [腾讯, 5, 0, 4, 15]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.469\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
gototop
 
whnld1693
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-12-14
  • 来自:
发表于: 2008-12-14 14:49 | 短消息 资料
字号: 22楼

回复: 求命啊,Trojan.PSW.Win32系列病毒应该怎么解决

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1      localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1632, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 608, C:\WINDOWS\SYSTEM32\STACSV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2752, D:\WINRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1524, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX00.469\SRENGLDR.EXE]
==================================
计划任务
[已启用] SogouImeMgr.job
        D:\搜狗\SOGOUI~1\360~1.165\PinyinRepair.exe
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

[/CODE]
gototop
 
夲號ヱ被ジ盜
头像
叱咤花甲狮
  • 帖子:7083
  • 注册: 2008-08-21
  • 来自:昆仑琼华派
论坛8周年活动礼物就爱不长大论坛9周年纪念冰激凌10温馨圣诞十周年国庆61周年十一周年勋章
发表于: 2008-12-14 15:42 | 短消息 资料
字号: 23楼

回复:求命啊,Trojan.PSW.Win32系列病毒应该怎么解决

一个MSN的木马
具体什么名说下
gototop
 
<<上一主题|下一主题>>
123   3  /  3  页   跳转
页面顶部
Powered by Discuz!NT