我的电脑也感染灰鸽子病毒了,,(病毒名称是Backdoor.GPigeon.up )

用瑞星杀完,在开电脑又出来了,我下边发的是日志报告吗/希望电脑高手帮帮忙!在此万分感谢！


自启动项
HKEY_LOCAL_MACHINE Software\Microsoft\Windows\Currentversion\Run
IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
SoundMan = SOUNDMAN.EXE
IgfxTray = C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe
SysExplr = C:\Program Files\Herosoft\Hero 9\SysExplr.EXE
StormCodec_Helper = "D:\我的工具\播放软件\暴风影音\Storm Codec\StormSet.exe" /S /opti
MINI_BFYY = D:\我的工具\播放软件\暴风影音\Storm Downloader\StormDownloader.exe
RavTimer = D:\我的工具\系统工具\瑞星杀~1\瑞星杀~1\RISING\RAV\RAVTIMER.EXE
RavMon = D:\我的工具\系统工具\瑞星杀~1\瑞星杀~1\RISING\RAV\RAVMON.EXE -SYSTEM
RfwMain = "D:\我的工具\系统工具\瑞星杀毒软件\瑞星防火墙\Rising\Rfw\rfwmain.exe" -Startup
helper.dll = C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32

HKEY_CURRENT_USER Software\Microsoft\Windows\Currentversion\Run
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
shell32.dll = C:\WINDOWS\system32\ctfmon.exe

HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
PostBootReminder = %SystemRoot%\system32\SHELL32.dll
CDBurn = %SystemRoot%\system32\SHELL32.dll
WebCheck = %SystemRoot%\system32\webcheck.dll
SysTray = C:\WINDOWS\system32\stobject.dll

HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
%SystemRoot%\system32\browseui.dll= Browseui 预加载程序
%SystemRoot%\system32\browseui.dll= 组件类别缓存程序


SYSTEM.INI BOOT SHELL Explorer.exe
SYSTEM.INI BOOT SCRNSAVE.EXE C:\WINDOWS\system32\ssmyst.scr


其他相关项
HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion\Winlogon DefaultUserName ----> Administrator
HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion\Winlogon AltDefaultUserName ----> Administrator
HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit ----> C:\WINDOWS\system32\userinit.exe,


Hosts
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost



进程列表

[System Process]
System
C:\WINDOWS\SOUNDMAN.EXE (Made by Realtek Semiconductor Corp.)
D:\我的工具\播放软件\暴风影音\Storm Downloader\StormDownloader.exe (Made by 深圳市三代科技开发有限公司)

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
d:\我的工具\系统工具\瑞星杀毒软件\瑞星防火墙\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Herosoft\Hero 9\SysExplr.EXE
D:\我的工具\系统工具\瑞星杀~1\瑞星杀~1\RISING\RAV\RAVTIMER.EXE
D:\我的工具\系统工具\瑞星杀毒软件\瑞星防火墙\Rising\Rfw\rfwmain.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
D:\我的工具\系统工具\瑞星杀毒软件\瑞星杀毒程序\RISING\RAV\CCENTER.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\conime.exe
D:\我的工具\系统工具\瑞星杀毒软件\瑞星杀毒程序\RISING\RAV\Ravmond.exe
D:\我的工具\系统工具\瑞星杀毒软件\瑞星杀毒程序\RISING\RAV\RavStub.exe
d:\我的工具\系统工具\瑞星杀毒软件\瑞星杀毒程序\rising\rav\RAVMON.EXE
D:\我的工具\系统工具\瑞星听诊器\RavDetect.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

进程详细信息


C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\xunleibho_v4.dll

ulWj@Y
90u29p
90u29p
90u29p
@@AAf91u
PSVSSSW
PPPPPPPQPPP
SPSSSSSS
t%8^lt 9^x
TYPELIB
Delete
NoRemove
ForceRemove
--------------------------------------------------
--------------------------
---------------------------
Cookie
---------------------------
------------------------------
.?AVCObject@@
.?AV?$CArray@UHyperLinkInfoITEM@CHyperLinkInfo@@AA
.?AVCHyperLinkInfo@@
thunder://
Software\Sandai Technologies Inc.\Thunder\Paramete
MMThunder
MutexThunder
UM_SWITCH_INST
.?AVCInstanceManager@@
Thunder.exe"
MainAppPath
.?AVCLinerRegKey@@
.?AVCMonitorFile@@
Software\Sandai Technologies Inc.\Thunder\Paramete
Config_Monitor
MonitoringIE
\Thunder.ini
IESuffixs
.asf;.avi;.exe;.iso;.mp3;.mpeg;.mpga;.ra;.rar;.rm;
CallThunder
#*05#*
#*04#*
#*03#*
#*02#*
#*01#*
#32770
thunder
IsInvalid
Software\Sandai Technologies Inc.\ThunderOem\
mmst://
mms://
https://
http://
ftp://
.?AVCOemSeq@@
ThunderOemArray
Software\Sandai Technologies Inc.\ThunderOem
IsMiniVer
-----------------
----------------
-------------------
----------------
OnDragEnter
Cookie
.?AVCCmdTarget@@
.?AVCWinThread@@
.?AVCWinApp@@
.?AVCXunleibhoApp@@
----------------------------Load BHO Dll----------
----------------------------Unload BHO Dll--------
.?AV?$CComObjectCached@VCComClassFactory@ATL@@@ATL
.?AVCComObjectRootBase@ATL@@
.?AV?$CComObjectRootEx@VCComMultiThreadModel@ATL@@
.?AUIUnknown@@
.?AUIClassFactory@@
.?AVCComClassFactory@ATL@@
.?AUIObjectWithSite@@
.?AV?$IObjectWithSiteImpl@VCThunderIEHelper@@@ATL@
.?AUIDispatch@@
.?AUIThunderIEHelper@@
.?AV?$IDispatchImpl@UIThunderIEHelper@@$1?IID_IThu
.?AV?$CComCoClass@VCThunderIEHelper@@$1?CLSID_Thun
.?AV?$CComObjectRootEx@VCComSingleThreadModel@ATL@
.?AVCThunderIEHelper@@
.?AV?$CComObject@VCThunderIEHelper@@@ATL@@
CThunderIEHelper()
.?AUIDownloadManager@@
.?AV?$CComCoClass@VCDownloadManager@@$1?CLSID_Down
.?AVCDownloadManager@@
.?AV?$CComObject@VCDownloadManager@@@ATL@@
.?AV?$CComAggObject@VCDownloadManager@@@ATL@@
.?AV?$IObjectWithSiteImpl@VCCatchRightClick@@@ATL@
.?AUICatchRightClick@@
.?AV?$IDispatchImpl@UICatchRightClick@@$1?IID_ICat
.?AV?$CComCoClass@VCCatchRightClick@@$1?CLSID_Catc
.?AVCCatchRightClick@@
.?AV?$CComObject@VCCatchRightClick@@@ATL@@
CThunderIEHelper Create
=sR]1t
.?AV?$CComAggObject@VCThunderIEHelper@@@ATL@@
.?AV?$CComContainedObject@VCThunderIEHelper@@@ATL@
.?AV?$CComContainedObject@VCDownloadManager@@@ATL@
.?AV?$CComContainedObject@VCCatchRightClick@@@ATL@
.?AV?$CComAggObject@VCCatchRightClick@@@ATL@@
HKEY_CURRENT_CONFIG
HKEY_DYN_DATA
HKEY_PERFORMANCE_DATA
HKEY_USERS
HKEY_LOCAL_MACHINE
HKEY_CURRENT_USER
HKEY_CLASSES_ROOT
UnRegisterTypeLib
oleaut32.dll
.?AV_com_error@@
.?AVCNoTrackObject@@
.?AVAFX_MODULE_STATE@@
.?AV_AFX_DLL_MODULE_STATE@@
.?AVtype_info@@
REGISTRY
Module


C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL

SUVWPQ
D$ ,pL
PQhPpL
\$Ht-W
L$@_^][d
L$,PQQ
D$@PWUV
Apartment
ThreadingModel
CLSID\%s
CLSID\%s\InprocServer32
Interface
TypeLib
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
%%%2.2X
Internet Explorer_Server
{62EED7C6-9F02-42f9-B634-98E2899E147B}
YDragSearch
DragSearch
selsearch
Software\Yahoo\Assistant\Assist
mailto:%s
mailto:
SetWindowTheme
UxTheme.dll
DRAGWNDINFO
DragWnd
DragSearch_Main
ToolbarWindow32
http://www.yisou.com/search?source=toolbar_yassist
http://www.yisou.com/search?source=toolbar_yassist
selsearchie
dragdrop
.?AV_com_error@@
.?AVtype_info@@
C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
REGISTRY
Module
XAction


D:\我的工具\播放软件\暴风影音\Storm Downloader\StormDownloader.exe

D:\我的工具\播放软件\暴风影音\Storm Downloader\StormDownloader.exe (made by 深圳市三代科技开发有限公司)

SUVWh^
D$$U+D$ P
D$(+D$ P
L$(_^]d
j WWWj
SSSSShH
tQ9^,uLj
j PPPj
QQSVW3
t%8^lt 9^x
SVHWt+-
90u29p
j7SSSSS
RQQWRRRj
~TWh0LH
BQPjJP
QSUVWj
F$_^][Y
QQSUVW
_^][YY
jCPPPPPV
GTFSPV
tnHtdHtZHtPHtF
tgHt`HtVHtLHtP
Yt89~(
;0t-9u
WVVVVj
8A|J9u
QSSSSSSSP
F8t4j(
YPht)J
YPhL)J
YPh()J
YPht(J
YPhT(J
YPh`+J
YPhL+J
YPh@+J
YPh0+J
YPh +J
L$0_^][d
YPhh-J
YPh`,J
YPhH,J
YPh,/J
YPh$/J
YPhx.J
YPhd.J
YPh\.J
YPhL.J
YPh4.J
YPh .J
YPh\/J
tDh8/J
YPh8/J
YPh,/J
YPh,0J
YPh,/J
YPh$/J
YPh\0J
YPht+J
YPhX1J
YPhD2J
YPh02J
YPhD2J
YPh02J
YPh,4J
YPhd4J
YPhP4J
YPh@6J
YPh|5J
YPh`5J
YPhH5J
YPh45J
YPh02J
YPhl6J
YPhX6J
YPh 8J
YPhp+J
YPh8;J
YPh$;J
~$XPWS
9FDtf9F@
YPhX=J
YPhD=J
YPh8=J
YPh(=J
YPh,/J
YPhx.J
YPhd.J
YPhh=J
YPh\.J
L$ _^][d
YPh$/J
YPh\@J
YPhP@J
YPhL@J
YPhH@J
YPh@@J
YPh0@J
tA8]$t
YPhDBJ
YPh(CJ
YPhDDJ
PVh TC
YPhpEJ
YPh|HJ
YPh@IJ
YPh4IJ
YPh IJ
YPhtIJ
YPhhIJ
YPh|JJ
YPh\JJ
YPhHJJ
YPh8JJ
YPh0JJ
YPh(JJ
YPh\JJ
YPhHJJ
YPh\%J
YPhTKJ
~4;~8t
~d9~du
9_8uW9_@uR
tC9FTt
8A]u$8D$
u!8AIt
Ad9Qpt
YPhlRJ
YPhPSJ
YPhHSJ
YPh@SJ
YPh@TJ
YPh4TJ
u[FFGG9u
9 t%9u
YPh(ZJ
8A|G9u
8A|J9u
8A|J9u
$8^Ht$
L$ _^][d
YPh|iJ
YPh,/J
L$ _^][d
YPh$/J
N,tDj
8^:u"8^9t
F0;F4~
t}@C;F
uv@C;F
99u&9H
D$$RPQ
L$P_^][d
L$x_^][d
L$0_^][d
L$hPWV
tu;D$ wo
sGRPSS
;~ tBS
;~ t0S
;~ t4S
U8;UPw
U4;ULs
EP9E w
u ;uPw
EP9E8w
EL9E4s
9U(rX;
~(;~,t0
w(;w,t
~(;~,t=
w(;w,t
w(;w,t
vH;N|sC
w(;w,t
~(;~,t
;s,tQW
s(;s,t1
~(;~,th
~(;~,t
w(;w,t
w(;w,t

[Wh8NJ
;F u@;V$u;
;F u2;V$u-
.?AV?$CWinDataExchange@VCApplicationDlg@@@WTL@@
.?AVCUpdateUIBase@WTL@@
.?AV?$CUpdateUI@VCApplicationDlg@@@WTL@@
.?AV?$CDialogImplBaseT@VCWindow@ATL@@@ATL@@
.?AV?$CAxDialogImpl@VCApplicationDlg@@VCWindow@ATL
.?AVCApplicationDlg@@
.?AVCMessageMap@ATL@@
.?AVCWindow@ATL@@
.?AV?$CWindowImplRoot@VCWindow@ATL@@@ATL@@
.?AV?$CWindowImplBaseT@VCWindow@ATL@@V?$CWinTraits
.?AV?$CWindowImpl@VCHyperLink@WTL@@VCWindow@ATL@@V
.?AV?$CHyperLinkImpl@VCHyperLink@WTL@@VCWindow@ATL
.?AVCHyperLink@WTL@@
.?AVCIdleHandler@WTL@@
.?AVCMessageFilter@WTL@@
init ApplicationDlg end
Translate strings into special language
init ApplicationDlg begin
explorer
/n ,/select ,%s
Rundll32.exe
Shell32.dll,OpenAs_RunDLL %s
;;;;;;;;0
UpdateUrl
Mini_BackBone_Cls
BackWnd
DftDownloadToDirectory
.?AV?$CFileDialogImpl@VCFileDialog@WTL@@@WTL@@
.?AVCFileDialog@WTL@@
/VERYSILENT
ThunderUrl
finish
start task
create task fail
create task finish
create task...
a continue task had start
start a continue task
start a update task complete
start a update task...
IDC_PIC_LOGO
IDC_PARTNER
IDCANCEL
IDC_OPEN_DIRECTORY
IDC_OPEN_FILE
IDC_CLOSE_DIALOG_WHEN_FINISHED
IDC_PROGRESS_ACCELERATION
IDC_LBL_ACCELERATION
IDC_TRANSFER_SPEED
IDC_LBL_TRANSFER_SPEED
IDC_DIRECTORY
IDC_LBL_DOWNLOAD_TO
IDC_UPGRADE_PROMPT
IDC_TIME_REMAINED
IDC_LBL_TIME_REMAINED
IDC_PROGRESS_TOTAL_RATE
IDC_LBL_URL_INFO
IDC_LBL_STATUS
IDC_LBL_FINISHED_DOWNLOAD
IDC_ANIMATION
IDC_ICO_FINISHED
DOWNLOAD_DIALOG
english
IsOemVer
IsMiniVer
ThunderOem\
ThunderOemArray
ThunderOem
Thunder.exe
MainAppPath
Thunder\Parameter
tooltips_class32
Anchor Color Visited
Anchor Color
Software\Microsoft\Internet Explorer\Settings
static
Floating point (%%e, %%f, %%g, and %%G) is not sup
Software\Sandai Technologies Inc.\
UWM_START_TASK
.?AV?$CSingleton@VCAppSettings@@@@
.?AVCAppSettings@@
CloseDialogWhenFinsihed
PartnerUrl
about:blank
c:\download\
LogLevel
\lang\lang.ini
English
WMU_WHERE_ARE_YOU-{885D4B75-6606-4add-A8DE-EEEDC04
.?AV?$CWindowImpl@VCBackBoneWnd@@VCWindow@ATL@@V?$
.?AVCBackBoneWnd@@
.?AV?$CSingleton@VCBackBoneWnd@@@@
error bho data
.?AV?$CBitmapT@$00@WTL@@
.?AVCBitmapEx@@
.?AV?$CSingleton@VCCopyDataManager@@@@
.?AVCCopyDataManager@@
origin url invalid
.?AVCCriSection@@
.?AVCDialogFont@@
.?AVCLayoutSettings@@
height
*** END OF APPLICATION ***
.?AVios_base@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ofstream@DU?$char_traits@D@std@@@std@@
*** START OF APPLICATION ***
Error in CLogFile::Open()
Cannot create or open file: '%s'
%02d:%02d:%02d.%03d
%02d/%02d/%02d
*** CLEARED LOGFILE ***
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_iostream@DU?$char_traits@D@std@@@std@@
.?AVstrstream@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@
.?AVstrstreambuf@std@@
An exception occurred in the main thread
See log file for more information.
Mini Thunder error handler
Stack Trace:
Exception caught by MainExceptionHandler():
Exception : %.8x
Address : %.8x
Access Type : %s
Access Address : %.8x
\StringFileInfo\%04x%04x\PrivateBuild
\VarFileInfo\Translation
TDUpdate.exe
MiniExeName
IsUpdate
AutoRun
MiniKey
DownloadUI
contexts
geturl.htm
Software\Microsoft\Internet Explorer\MenuExt\
MenuExt\
RemoveRegisterMenuExt
bye for now
destroy CAppSettings done.
destroy CAppSettings...
destroy CTaskManager done.
destroy CTaskManager...
destroy CResourceManager done.
destroy CResourceManager...
exit threadmanager
enter threadmanager...
init bho
init CTaskManager done.
mini.sdx
init CTaskManager start...
Settings
Version
init atl stuff
enable exception catch
Mini.Log
history.cfg
thunder.ini
_Mutex
{MINI-FACE350A-B49A-5190-AB4B-FUCK79A48351}
ERROR: Ini file lost!!!
Terminate app!
Thunder.ini
ERROR: Language file lost!!!
Terminate app!
ERROR: lang.ini file lost!!!
Terminate app!
AtlAxWin
WM_ATLGETCONTROL
WM_ATLGETHOST
.?AVCComObjectRootBase@ATL@@
.?AV?$CComObjectRootEx@VCComSingleThreadModel@ATL@
.?AUIUnknown@@
.?AV?$CComPolyObject@VCAxHostWindow@ATL@@@ATL@@
.?AUIDispatch@@
.?AUIAxWinAmbientDispatch@@
.?AV?$IDispatchImpl@UIAxWinAmbientDispatch@@$1?IID
.?AUIDocHostUIHandler@@
.?AUIAdviseSink@@
.?AUIServiceProvider@@
.?AUIObjectWithSite@@
.?AV?$IObjectWithSiteImpl@VCAxHostWindow@ATL@@@ATL
.?AUIParseDisplayName@@
.?AUIOleContainer@@
.?AUIOleControlSite@@
.?AUIOleWindow@@
.?AUIOleInPlaceSite@@
.?AUIOleInPlaceSiteEx@@
.?AUIOleInPlaceSiteWindowless@@
.?AUIOleClientSite@@
.?AUIAxWinHostWindow@@
.?AV?$CWindowImpl@VCAxHostWindow@ATL@@VCWindow@2@V
.?AV?$CComCoClass@VCAxHostWindow@ATL@@$1?GUID_NULL
.?AVCAxHostWindow@ATL@@
.?AV?$CComContainedObject@VCAxHostWindow@ATL@@@ATL
F#32770
.?AV?$CComObjectRootEx@VCComMultiThreadModel@ATL@@
.?AUIEnumUnknown@@
.?AV?$CComEnumImpl@UIEnumUnknown@@$1?IID_IEnumUnkn
.?AV?$CComEnum@UIEnumUnknown@@$1?IID_IEnumUnknown@
.?AV?$CComObject@V?$CComEnum@UIEnumUnknown@@$1?IID
.?AUIOleInPlaceUIWindow@@
.?AUIOleInPlaceFrame@@
.?AV?$CWindowImpl@VCAxFrameWindow@ATL@@VCWindow@2@
.?AVCAxFrameWindow@ATL@@
.?AV?$CComObject@VCAxFrameWindow@ATL@@@ATL@@
FAXWIN Frame Window
ATL:%8.8X
.?AV?$CWindowImpl@VCAxUIWindow@ATL@@VCWindow@2@V?$
.?AVCAxUIWindow@ATL@@
.?AV?$CComObject@VCAxUIWindow@ATL@@@ATL@@
AXWIN UI Window
{1C979311-E6C0-4972-98EC-9F54989073DB}
Software\Microsoft\Windows\CurrentVersion\Run\
Software\Microsoft\Internet Explorer\
UWM_NEW_DOWNLOAD
Exception caught by ThreadExceptionHandler():
Exception : %.8x
Address : %.8x
Access Type : %s
Access Address : %.8x
.?AVCMessageLoop@WTL@@
application exit
got a add thread request
MaxThreadCount
.?AV?$CSingleton@VCResourceManager@@@@
.?AVCResourceManager@@
Error:
File not exist:
Lang\Default.tbl
[yufeng]%s%s
.?AVCTaskItem@@
create task completed
%.2fGB
%.2fMB
%.2fKB
.?AVCTaskItemList@@
.?AV?$CSingleton@VCTaskManager@@@@
.?AVCTaskManager@@
.?AVCTopWindow@@
thunder
mailto
gopher
.?AV?$CSingleton@VCUrlManager@@@@
.?AVCUrlManager@@
thunder://
.?AVurl_object_ex@@
.?AVurl_object@@
.?AVexception@@
.?AVruntime_error@std@@
buffer data format error, task_record can't unseri
thunder-download-history.txt
.?AVtask_history@@
.?AVlogic_error@std@@
.?AVlock_error@boost@@
configure.ini
.?AVsetting@@
.?AVbad_cast@std@@
.?AVbad_lexical_cast@boost@@
.?AV?$basic_string@DU?$char_traits@D@std@@V?$alloc
bad cast
bad lexical cast: source type value could not be i
http://
ftp://
mms://
https://
mmst://
unknown url type
index.html
not legal url
unknown
.?AVfile_ex@@
.?AVio_exception@@
.?AVfile_exception@@
error
open file:
while write file,only part data write success
write file error
while read file, only success read part data
read file error
set file pos error
set file length error
get file length error
flush file error
rename file error
remove file error
Error during reading hash value
Error during CryptHashData
Error during CryptBeginHash
A cryptographic service handle could not be acquir
Could not create a new key container
127.0.0.1
0.0.0.0
255.255.255.0
have not digital char, can't convet to unsigned __
PeerID
Software\Sandai Technologies Inc.\Thunder\Paramete
LANG%x
CHN_PRC
, error code:
.?AVpeerid@@
Virtual
PartnerID
get hub agent instance failure
.?AVtask_factory@@
.td.cfg
io_buffer
is not continued task
hub4u.sandai.net
TDPingServiceStartMutex
.?AVtask@@
.?AVtask_msg_receiver@@
task_main_thread
ModuleFileName not have path segment
GetModuleFileName call error, code:
SOFTWARE\Sandai Technologies Inc.\ThunderOem\
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
newtdupt.exe
RegQueryValueEx call error, code:
param :
RegCreateKeyEx call error, code:
RegSetValueEx call error, code:
.?AVautoupdate_dispatcher@@
can't create dir:
ThunderUpdateMutex
TDUpdate.dat
UpdateInfaceFile
.?AVCRecord@@
.?AVCPackageRecord@@
%.4d/%.2d/%.2d/%.2d/%.2d/%.2d
Update
hub4t.sandai.net
.?AVhub_agent@@
.?AVhub_agent_exception@@
peer_updated
retry_interval
hub_agent
check_interval
Can't get setting instance!
local_tcp_server
tcp_server_port
udp_port
udp_server
server
.?AVcommand_recv_exception@@
.?AVcommand_send_exception@@
.?AVcommand_connect_exception@@
.?AVcommand_decode_exception@@
Receive no response from HUB!
Response not fully received.
Failed in sending query to HUB!
Can't connect HUB!
connect_mode
proxy_type
socks5
http_proxy
.?AVcancel_exception@@
Failed in receive response!
Failed in send command
Can't connect to HUB!
.?AVcommand@@
.?AVcmd_register@@
REGISTER
.?AVcommand_buffer_underflow_exception@@
No hw details.
No hw details length.
No mem size.
No os details.
No os details length.
No os patch.
No os patch length.
No os type.
No system details.
No system details length.
No screen.
No screen length.
No lang.
No lang length.
No net type.
No user details.
No user details length.
No user name.
No user name length.
No thunder info.
No thunder info length.
No IP.
No IP length.
No Peer ID.
Buffer length underflow:
No Peer ID length.
.?AVcommand_buffer_overflow_exception@@
; Buffer length is:
Not enough space to encode command parameters. Par
HW Details:
Mem size:
OS Details:
OS Patch:
OS type:
System details:

Screen resolution:
System language:
Network type:
User details:
User name:
Thunder Version:
Internal IP:
Peer ID:
.?AVcmd_quit@@
No enough space to put command
.?AVcmd_insert@@
INSERT
No _redirection_url.
No _redirection_url length.
No _download_total_time.
No _file_suffix.
No _file_suffix length.
No _bcid.
No _bcid_len.
No _full_cid_type.
No _full_cid_part_size.
No _full_content_id.
No _full_content_id_len.
No refurl.
No refurl length.
No ahchor.
No ahchor length.
No _finish_time.
No _start_time.
No _size_by_other.
No _size_by_peer.
No _size_by_server.
No peer id.
No peer id length.
No _file_size.
No filename.
No filename length.
No _content_id.
No _content_id_len.
No url.
No url length.
: No enough space!
_redirection_url:
_download_total_time:
_file_suffix:
_bcid:
_full_cid_type:
FullContentIDPartSize:
FullContentID:
ReferenceURL:
Description:
FinishTime:
StartTime:
SizeByOther:
SizeByPeer:
SizeByServer:
PeerID:
File size:
File:
ContentID:
.?AVcmd_delete@@
DELETE
No _file_path.
No _file_path len.
No URL.
No URL length.
No _by_what.
: No enough space to put command!
FileSize:
FilePath:
.?AVcmd_update@@
UPDATE
No old file.
No old file length.
No file.
No file length.
OldFile:
.?AVcmd_query@@
No _max_peer_res.
No _max_server_res.
No _is_nated.
No CID.
No CID length.
_file_size:
MaxPeerRc:
MaxServerRc:
Not Nated
Nated:
Version:
.?AVcmd_updatepeer@@
UPDATEPEER
No new peer id.
No new peer id length.
NewPeerID:
.?AVs_peer_info@@
Not enough space to encode s_rc_info
No m_failure_blocks.
No m_download_bytes.
No m_peer_id.
No m_peer_id len.
m_failure_blocks:
m_download_bytes:
m_peer_id:
.?AVs_url_change_info@@
Not enough space to encode s_url_change_info
No m_file_size.
No m_url_sequence.
m_file_size:
m_url_sequence:
.?AVs_url_info@@
Not enough space to encode s_url_info
No m_property.
No m_redi_url.
No m_redi_url len.
No m_url.
No m_url len.
m_property:
m_redi_url:
m_url:
.?AVs_rc_info@@
No m_full_cid_type.
No m_full_cid_part_size.
No m_full_cid.
No m_full_cid_len.
No m_content_id.
No m_cid_len.
m_full_cid_type:
m_full_cid_part_size:
m_full_cid:
m_content_id:
.?AVcmd_report_download@@
REPORTDW
Not enough space to encode command cmd_report_down
No m_ptr_peer_infos
No len m_ptr_peer_infos
No m_peer_info_num.
No m_ptr_change_infos
No len m_ptr_change_infos
No m_url_change_info_num.
No m_ptr_url_infos
No len m_ptr_url_infos
No m_url_info_num.
No m_ptr_new_rc_info.
No m_ptr_new_rc_info len.
No m_ptr_old_rc_info.
No m_ptr_old_rc_info len.
No m_download_status.
m_ptr_peer_infos
m_peer_info_num:
m_ptr_change_infos
m_url_change_info_num:
m_ptr_url_infos
m_url_info_num:
m_ptr_new_rc_info:
m_ptr_old_rc_info:
m_download_status:
.?AVcommand_protocol_exception@@
Receive buffer too small
Invalid protocol number:
Too small buffer to receive command
Connection: Keep-Alive
Content-Length:
Proxy-Authorization: Basic
Host:
/ HTTP/1.1
POST http://
password
.?AVcommand_encode_exception@@
Parameters length not compatible with encoded leng
Not enough space to encode command. Comamnd length
while expecting
Received command
No command name.
No command name length.
No command length.
No sequence number.
Invalid protocol version :
No protocol version.
Parameterss:
Commands:
Sequence:
.?AVcmd_response@@
.?AVcmd_register_response@@
REGISTERRESP
No m_peer_udp_port.
No m_peer_tcp_port.
No m_hub_udp_port.
No m_hub_udp_ip.
No m_hub_udp_ip length.
No m_hub_tcp_port.
No m_hub_tcp_ip.
No m_hub_tcp_ip length.
No _is_succ.
:No enough space to encode!
m_peer_udp_port:
m_peer_tcp_port:
m_hub_udp_port:
m_hub_udp_ip:
m_hub_tcp_port:
m_hub_tcp_ip:
Result:
.?AVcmd_quit_response@@
QUITRESP
.?AVcmd_insert_response@@
INSERTRESP
.?AVcmd_delete_response@@
DELETERESP
.?AVcmd_update_response@@
UPDATERESP
.?AVcmd_query_response@@
QUERYRESP
No _bcid
No _bcid_len
No _origin_url_use_policy
No _full_cid_times_verified
No _full_cid_type
No _full_cid_part_size
No _full_content_id
No _full_content_id_len
No serverRes
No length serverRes
No _server_num
No peerRes
No length peerRes
No _peer_num.
_origin_url_use_policy:
_full_cid_times_verified:
ServerRes[
ServerRes num:
PeerRes[
PeerRes num:
File Size:
.?AVcmd_updatepeer_response@@
UPDATEPEERRESP
.?AVcmd_report_download_response@@
REPORTDWRESP
base64 code table have not index:
.?AVserver_res@@
Class server_res: no enough space for encoding!
No _refer_url.
No _refer_url length.
No _connect_type.
ReferURL:
ConnectType:
URL_USE_UNLIMITED
URL_USE_SINGLE_THREAD;
URL_USE_LAST;
.?AVpeer_res@@
Class peer_res: no enough space for encoding!
No _external_ip.
No _external_ip length.
No _port.
No ip.
No ip length.
No file name.
No file name length.
_external_ip:
Port:
isNated:
.?AVdownload_task@@
user use null string as filename
try to delete download_task objectbut task is ste
download_task object can't been reused,but it occu
try to stop a unstart download_task
.?AVfilename_notifier@@
.?AVtask_strategy@@
.?AVnewtask_strategy@@
url....
handle connector end at legal state:
handle datafull at legal state:
handle onethread_worker_finished at legal state:
handle res query end at legal state: hub_return_0_
hubreturn
handle time out at legal state:
handle worker_finish at legal state:
.?AW4state@task_strategy@@
.?AVoneres_strategy@@
post_do at legal state:
.?AVoldtask_strategy@@
.?AVhandler@@
.?AVevent_handler@@
.?AVconnetor_handler@@
not register connector handler, but to remove it
.?AVdatafull_handler@@
.?AVexit_handler@@
.?AVres_query_handler@@
.?AVonethread_handler@@
.?AVtimeout_handler@@
dispatch
sample_period
autoupdate_host
biz4.sandai.net
resource
min_file_size
init_wait_hub
peer read:
other read:
origin read:
download bytes:
resource:
download valid bytes statistic, count:
urls:
block no:
check error info, error block count:
bad_response_size
download 3part data url, count:
peerid:
peer info, count:
size:
size changed url info, count:
usable
url property:
failure blocks:
download bytes(statistic):
redirect to:
: url:
url info, url count:
Config_General
EnableFullHash
nolimit
download_try
retry_times
wait_seconds
.?AVresource_query_controller@@
.?AVquery_controller_imp@@
cid_verify_count
redirect_interval
bcid len from hub is illegal
max_query_times
.?AVevent_reactor@@
already has os_wait_max event_handles, can't add h
remove a event_handler, but it not exist in event
WaitForMultipleObjects call error, code:
event_reactor run() been called at not have event_
not have .td postfix
.?AVerror_statistic@@
.?AVdownload_msg_receiver@@
.?AVmsg_receiver_imp@@
.?AVworker_event_handler@@
.?AVworker_control_imp@@
.?AVworker_control@@
stop a download_worker, but it not in worker_contr
WaitForMultipleObjects call error
.?AVresource@@
.?AVserver_resource@@
this type of url is not supported now
anonymous
pigs@microsoft.com
peer://
.?AVpeer_resource@@
.?AVdownload_client@@
.?AVftp_client@@
.?AVsocket_exception@@
.?AVdownload_client_exception@@
.?AVftp_client_exception@@
.?AVftp_recv_exception@@
Can't read before data connection made!
error code:
Fail in ftp read. Call recv return
.?AVftp_login_exception@@
.?AVftp_toomanyusers_exception@@
.?AVftp_send_exception@@
.?AVftp_get_file_size_exception@@
.?AVftp_connect_exception@@
Can't build data transfer connection!
Can't get file size!
Not support HTTP-GET or HTTP-Connect proxy!
Already connected. Call disconnect first.
Create data socket failed.
Error in receive data from server:
) with code=
Failed in login to ftp server(
Receive exception error!
Send command error!
.?AVnot_support_range@@
Error in exec PASV command
not support range!
Ftp site
TYPE I
.?AVfile_not_exist@@
exist!
File not
not exist!
Error in exec PASV command:
Error in receiving data for file size.
TYPE A
Not support HTTP-GET Proxy!
.?AVhttp_client@@
not opened,can't close
Connection: close
Cache-Control: no-cache
Pragma: no-cache
Cookie:
Authorization: Basic
Range: bytes=

晕倒 这么复杂 建议用hijackthis1.99.1扫描上来 谢谢