帮我诊断一下。经常有应用程序错误~内存不能为written

1941 · 2008-11-6 14:29:12

系统诊断报告
本报告由<Windows木马清道夫>提供 http://www.fygsoft.com
报告生成时间：[2008-11-06 14:24:58]

操作系统为：WindowsXP  5.1.2600.2  Service Pack 2
Internet Explorer版本为：V7.0.5730.13 Build:75730
总共内存为：1023M 剩余内存为：572M

进程模块信息：
1 (安全进程)：C:\WINDOWS\system32\smss.exe 命令行: \SystemRoot\System32\smss.exe
2 (安全进程)：c:\WINDOWS\system32\csrss.exe 命令行: C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
3 未知进程：c:\WINDOWS\system32\WINLOGON.EXE 命令行: winlogon.exe
4    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
5 (安全进程)：c:\WINDOWS\system32\services.exe 命令行: C:\WINDOWS\system32\services.exe
6    - 未知模块：c:\WINDOWS\AppPatch\acadproc.dll
7 (安全进程)：c:\WINDOWS\system32\lsass.exe 命令行: C:\WINDOWS\system32\lsass.exe
8    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
9 (安全进程)：c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost -k DcomLaunch
10    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
11 (安全进程)：c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost -k rpcss
12    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
13 (安全进程)：c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\System32\svchost.exe -k netsvcs
14    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
15 (安全进程)：c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost.exe -k NetworkService
16    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
17 (安全进程)：c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost.exe -k LocalService
18    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
19 (安全进程)：c:\WINDOWS\system32\spoolsv.exe 命令行: C:\WINDOWS\system32\spoolsv.exe
20    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
21 未知进程：d:\新建文件夹 (2)\Storm Codec\stormliv.exe 命令行: D:\新建文~2\STORMC~1\stormliv.exe /asservice
22    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
23 未知进程：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\Apache.exe 命令行: "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice
24    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libapr.dll
25    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libaprutil.dll
26    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libapriconv.dll
27    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libhttpd.dll
28    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_access.so
29    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_actions.so
30    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_alias.so
31    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_auth.so
32    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\nv_common.dll
33    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_cgi.so
34    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_env.so
35    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_expires.so
36    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_headers.so
37    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_include.so
38    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_log_config.so
39    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_mime.so
40    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_negotiation.so
41    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_rewrite.so
42    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_setenvif.so
43    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_ssl.so
44    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\ssleay32.dll
45    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libeay32.dll
46 未知进程：c:\program files\nvidia corporation\networkaccessmanager\bin\nSvcLog.exe 命令行: "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe"
47    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\bin\nv_common.dll
48    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\bin\nmi.dll
49    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\bin\msvcp60.dll
50    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
51 未知进程：c:\WINDOWS\system32\nvsvc32.exe 命令行: C:\WINDOWS\system32\nvsvc32.exe
52    - 未知模块：c:\WINDOWS\system32\nvapi.dll
53    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
54 未知进程：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\Apache.exe 命令行: "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -d "C:/Program Files/NVIDIA Corporation/NetworkAccessManager/Apache Group/Apache2" -D SSL
55    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libapr.dll
56    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libaprutil.dll
57    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libapriconv.dll
58    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libhttpd.dll
59    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_access.so
60    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_actions.so
61    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_alias.so
62    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_auth.so
63    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\nv_common.dll

Aky小四 · 2008-11-7 15:06:16

这个问题很复杂。。。。　　

一般都是兼容性的问题。

1941 · 2008-11-7 14:21:29

贱人！

?帲疲幔茫濉 · 2008-11-6 19:16:23

真好 [:S63]

1941 · 2008-11-6 14:37:07

现在经常出现 0x7ffa0eb8指令引用的 0x7ffa0eb8内存。该内存不能为written。
这个是前两天我的系统重做以后经常出现的，我在集线器上我做主机联网，然后这个出来，然后全体断网。这次做系统的时候的我驱动在家里，我都是在网上下的驱动。
但是以前没做系统的时候经常又内存不能为read

1941 · 2008-11-6 14:31:57

network\Thunder\components\InMedia\XLIPC.dll
182    - 未知模块：c:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx
183    - 未知模块：c:\program files\thunder network\Thunder\components\InMedia\mediaaddin17.dll
184 (安全进程)：c:\WINDOWS\system32\msiexec.exe 命令行: C:\WINDOWS\system32\msiexec.exe /V
185    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
186 未知进程：d:\木马清道夫\fyganalyze.exe 命令行: D:\木马清道夫\FygAnalyze.exe
187    - 未知模块：d:\木马清道夫\FTCMon.dll
188    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
189    - 未知模块：d:\木马清道夫\psapi.dll

启动信息：
190 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<amd_dc_opt><C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe>
191 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>
192 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<RTHDCPL><RTHDCPL.EXE>
193 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Alcmtr><ALCMTR.EXE>
194 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Windows木马防火墙><D:\木马清道夫\Trojanwall.exe>
195 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
196 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Shell><Explorer.exe>
197 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,>
198 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>
199 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>
200 [C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\desktop.ini>
201 [C:\Documents and Settings\All Users\「开始」菜单\程序\启动\]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\desktop.ini>

IE辅助对象BHO信息：
202 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
<{01443AEC-0FD1-40fd-9C87-E93D1494C233}><D:\Thunder\ComDlls\TDAtOnce_Now.dll>
203 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
<{889D2FEB-5411-4565-8998-1DD2C5261283}><D:\Thunder\ComDlls\xunleiBHO_Now.dll>

IE右键菜单信息：
204 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
<使用迅雷下载><D:\Thunder\Program\geturl.htm>
205 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
<使用迅雷下载全部链接><D:\Thunder\Program\getallurl.htm>
206 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
<导出到 Microsoft Office Excel(&X)><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>
207 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
<添加到QQ表情><D:\QQ\AddEmotion.htm>

IE工具栏项信息：
208 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
<{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}><C:\Program Files\Thunder Network\Thunder\Thunder.exe>

ActiveX对象DPF信息：
209 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
<Microsoft XML Parser for Java><>
210 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
<{F3E70CEA-956E-49CC-B444-73AFE593AD7F}><C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.181.(36).dll>

网络服务SPI信息：
无可疑

映像劫持IFEO信息：
211 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
<Your Image File Name Here without a path><C:\WINDOWS\system32\ntsd -d>

系统服务信息：
212 [ ASP.NET State Service | aspnet_state | 停用 ]
  c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
213 [ Contrl Center of Storm Media | ccosm | 启动 ]
  d:\新建文~2\stormc~1\stormliv.exe
214 [ COM+ System Application | COMSysApp | 停用 ]
  c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235}
215 [ Forceware Web Interface | ForcewareWebInterface | 启动 ]
  c:\program files\nvidia corporation\networkaccessmanager\apache group\apache2\bin\apache.exe
216 [ Human Interface Device Access | HidServ | 停用 ]
  c:\windows\system32\svchost.exe - c:\windows\system32\hidserv.dll
217 [ ForceWare IP service | nSvcIp | 启动 ]
  c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcip.exe
218 [ ForceWare user log service | nSvcLog | 启动 ]
  c:\program files\nvidia corporation\networkaccessmanager\bin\nsvclog.exe
219 [ NVIDIA Display Driver Service | NVSvc | 启动 ]
  c:\windows\system32\nvsvc32.exe
220 [ Office Source Engine | ose | 停用 ]
  c:\program files\common files\microsoft shared\source engine\ose.exe
221 [ MS Software Shadow Copy Provider | SwPrv | 停用 ]
  c:\windows\system32\dllhost.exe /processid:{736153b1-b3b4-4faf-b875-c5aa11ccfbf6}

系统驱动信息：
222 [ BeatTrojanHelperOne | BeatTrojanHelperOne | 启动 ]
  d:\木马清除大师2008\beattrojanhelperone.sys
223 [ npkcrypt | npkcrypt | 停用 ]
  c:\program files\qq2006\npkcrypt.sys
224 [ nv | nv | 启动 ]
  c:\windows\system32\drivers\nv4_mini.sys
225 [ TCP/IP Protocol Driver | Tcpip | 启动 ]
  c:\windows\system32\drivers\tcpip.sys
226 [ FTCProtect | FTCProtect | 启动 ]
  c:\windows\system32\drivers\ftcprotect.sys
227 [ FTCProTime | FTCProTime | 启动 ]
  c:\windows\system32\drivers\ftcprotime.sys
228 [ FTCkillfile | FTCkillfile | 停用 ]
  c:\windows\system32\drivers\ftckillfile.sys

已经加载的驱动信息：
229 C:\WINDOWS\system32\drivers\nv4_mini.sys
230 C:\WINDOWS\system32\drivers\tcpip.sys
231 C:\WINDOWS\system32\nv4_disp.dll
232 d:\木马清除大师2008\beattrojanhelperone.sys
233 C:\WINDOWS\system32\drivers\ftcprotect.sys
234 C:\WINDOWS\system32\drivers\ftcprotime.sys

==============================================

1941 · 2008-11-6 14:30:54

network\Thunder\components\InMedia\XLIPC.dll
182    - 未知模块：c:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx
183    - 未知模块：c:\program files\thunder network\Thunder\components\InMedia\mediaaddin17.dll
184 (安全进程)：c:\WINDOWS\system32\msiexec.exe 命令行: C:\WINDOWS\system32\msiexec.exe /V
185    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
186 未知进程：d:\木马清道夫\fyganalyze.exe 命令行: D:\木马清道夫\FygAnalyze.exe
187    - 未知模块：d:\木马清道夫\FTCMon.dll
188    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
189    - 未知模块：d:\木马清道夫\psapi.dll

启动信息：
190 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<amd_dc_opt><C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe>
191 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>
192 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<RTHDCPL><RTHDCPL.EXE>
193 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Alcmtr><ALCMTR.EXE>
194 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Windows木马防火墙><D:\木马清道夫\Trojanwall.exe>
195 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
196 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Shell><Explorer.exe>
197 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,>
198 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>
199 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>
200 [C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\desktop.ini>
201 [C:\Documents and Settings\All Users\「开始」菜单\程序\启动\]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\desktop.ini>

IE辅助对象BHO信息：
202 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
<{01443AEC-0FD1-40fd-9C87-E93D1494C233}><D:\Thunder\ComDlls\TDAtOnce_Now.dll>
203 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
<{889D2FEB-5411-4565-8998-1DD2C5261283}><D:\Thunder\ComDlls\xunleiBHO_Now.dll>

IE右键菜单信息：
204 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
<使用迅雷下载><D:\Thunder\Program\geturl.htm>
205 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
<使用迅雷下载全部链接><D:\Thunder\Program\getallurl.htm>
206 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
<导出到 Microsoft Office Excel(&X)><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>
207 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
<添加到QQ表情><D:\QQ\AddEmotion.htm>

IE工具栏项信息：
208 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
<{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}><C:\Program Files\Thunder Network\Thunder\Thunder.exe>

ActiveX对象DPF信息：
209 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
<Microsoft XML Parser for Java><>
210 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
<{F3E70CEA-956E-49CC-B444-73AFE593AD7F}><C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.181.(36).dll>

网络服务SPI信息：
无可疑

映像劫持IFEO信息：
211 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
<Your Image File Name Here without a path><C:\WINDOWS\system32\ntsd -d>

系统服务信息：
212 [ ASP.NET State Service | aspnet_state | 停用 ]
  c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
213 [ Contrl Center of Storm Media | ccosm | 启动 ]
  d:\新建文~2\stormc~1\stormliv.exe
214 [ COM+ System Application | COMSysApp | 停用 ]
  c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235}
215 [ Forceware Web Interface | ForcewareWebInterface | 启动 ]
  c:\program files\nvidia corporation\networkaccessmanager\apache group\apache2\bin\apache.exe
216 [ Human Interface Device Access | HidServ | 停用 ]
  c:\windows\system32\svchost.exe - c:\windows\system32\hidserv.dll
217 [ ForceWare IP service | nSvcIp | 启动 ]
  c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcip.exe
218 [ ForceWare user log service | nSvcLog | 启动 ]
  c:\program files\nvidia corporation\networkaccessmanager\bin\nsvclog.exe
219 [ NVIDIA Display Driver Service | NVSvc | 启动 ]
  c:\windows\system32\nvsvc32.exe
220 [ Office Source Engine | ose | 停用 ]
  c:\program files\common files\microsoft shared\source engine\ose.exe
221 [ MS Software Shadow Copy Provider | SwPrv | 停用 ]
  c:\windows\system32\dllhost.exe /processid:{736153b1-b3b4-4faf-b875-c5aa11ccfbf6}

系统驱动信息：
222 [ BeatTrojanHelperOne | BeatTrojanHelperOne | 启动 ]
  d:\木马清除大师2008\beattrojanhelperone.sys
223 [ npkcrypt | npkcrypt | 停用 ]
  c:\program files\qq2006\npkcrypt.sys
224 [ nv | nv | 启动 ]
  c:\windows\system32\drivers\nv4_mini.sys
225 [ TCP/IP Protocol Driver | Tcpip | 启动 ]
  c:\windows\system32\drivers\tcpip.sys
226 [ FTCProtect | FTCProtect | 启动 ]
  c:\windows\system32\drivers\ftcprotect.sys
227 [ FTCProTime | FTCProTime | 启动 ]
  c:\windows\system32\drivers\ftcprotime.sys
228 [ FTCkillfile | FTCkillfile | 停用 ]
  c:\windows\system32\drivers\ftckillfile.sys

已经加载的驱动信息：
229 C:\WINDOWS\system32\drivers\nv4_mini.sys
230 C:\WINDOWS\system32\drivers\tcpip.sys
231 C:\WINDOWS\system32\nv4_disp.dll
232 d:\木马清除大师2008\beattrojanhelperone.sys
233 C:\WINDOWS\system32\drivers\ftcprotect.sys
234 C:\WINDOWS\system32\drivers\ftcprotime.sys

==============================================

1941 · 2008-11-6 14:30:14

64    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_cgi.so
65    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_env.so
66    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_expires.so
67    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_headers.so
68    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_include.so
69    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_log_config.so
70    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_mime.so
71    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_negotiation.so
72    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_rewrite.so
73    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_setenvif.so
74    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\modules\mod_ssl.so
75    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\ssleay32.dll
76    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\apache group\Apache2\bin\libeay32.dll
77 未知进程：c:\program files\nvidia corporation\networkaccessmanager\bin\nSvcIp.exe 命令行: "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe"
78    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\bin\nv_common.dll
79    - 未知模块：c:\program files\nvidia corporation\networkaccessmanager\bin\nv_common_firewall.dll
80    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
81 (安全进程)：c:\WINDOWS\system32\alg.exe 命令行: C:\WINDOWS\System32\alg.exe
82    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
83 (安全进程)：c:\WINDOWS\explorer.exe 命令行: C:\WINDOWS\Explorer.EXE
84    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
85    - 未知模块：c:\WINDOWS\system32\BROWSELC.DLL
86    - 未知模块：c:\program files\thunder network\Thunder\ComDlls\tdatonce_now.dll
87    - 未知模块：c:\program files\thunder network\Thunder\ComDlls\xunleibho_now.dll
88    - 未知模块：c:\program files\thunder network\Thunder\components\resworker\DsBho_00.dll
89    - 未知模块：c:\program files\thunder network\Thunder\components\resworker\dataprocessor_00.dll
90    - 未知模块：c:\program files\WinRAR\RarExt.dll
91    - 未知模块：c:\WINDOWS\system32\nvcpl.dll
92    - 未知模块：c:\WINDOWS\system32\nvrszhc.dll
93    - 未知模块：c:\WINDOWS\system32\nvapi.dll
94    - 未知模块：d:\QQ\qdshm.dll
95    - 未知模块：d:\木马清道夫\FTCMon.dll
96    - 未知模块：d:\木马清道夫\ftccommenu.dll
97 (安全进程)：c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\System32\svchost.exe -k HTTPFilter
98    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
99 (安全进程)：c:\WINDOWS\RTHDCPL.exe 命令行: "C:\WINDOWS\RTHDCPL.EXE"
100    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
101    - 未知模块：d:\木马清道夫\FTCMon.dll
102 (安全进程)：c:\WINDOWS\system32\ctfmon.exe 命令行: "C:\WINDOWS\system32\ctfmon.exe"
103    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
104    - 未知模块：d:\木马清道夫\FTCMon.dll
105 (安全进程)：c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost.exe -k imgsvc
106    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
107 (安全进程)：c:\WINDOWS\system32\conime.exe 命令行: C:\WINDOWS\system32\conime.exe
108    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
109    - 未知模块：d:\木马清道夫\FTCMon.dll
110 未知进程：d:\木马清道夫\ftcleaner.exe 命令行: D:\木马清道夫\FTCleaner.exe
111    - 未知模块：d:\木马清道夫\MSVBVM60.DLL
112    - 未知模块：d:\木马清道夫\VB6CHS.DLL
113    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
114    - 未知模块：d:\木马清道夫\ftcapi.dll
115    - 未知模块：d:\木马清道夫\ftcapi3.dll
116    - 未知模块：d:\木马清道夫\ftcapi2.dll
117    - 未知模块：d:\木马清道夫\FTCMon.dll
118 未知进程：d:\Thunder\Program\Thunder5.exe 命令行: "D:\Thunder\Program\Thunder5.exe" /ed9865ea
119    - 未知模块：d:\Thunder\Program\bugreport.dll
120    - 未知模块：d:\木马清道夫\FTCMon.dll
121    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
122    - 未知模块：d:\Thunder\Program\taskmanager.dll
123    - 未知模块：d:\Thunder\Program\download_interface.dll
124    - 未知模块：d:\Thunder\Program\msvcp71.dll
125    - 未知模块：d:\Thunder\Program\msvcr71.dll
126    - 未知模块：d:\Thunder\Program\asyn_frame.dll
127    - 未知模块：d:\Thunder\Program\atl71.dll
128    - 未知模块：d:\Thunder\Program\emule_id.dll
129    - 未知模块：d:\Thunder\Program\backend_agent.dll
130    - 未知模块：d:\Thunder\Program\ptl.dll
131    - 未知模块：d:\Thunder\Program\xl_stat.dll
132    - 未知模块：d:\Thunder\Program\fs.dll
133    - 未知模块：d:\Thunder\Program\XLNet.dll
134    - 未知模块：d:\Thunder\Program\itargetad.dll
135    - 未知模块：d:\Thunder\Program\BHOStub.dll
136    - 未知模块：d:\Thunder\components\downandplay\downandplay.dll
137    - 未知模块：c:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx
138    - 未知模块：d:\Thunder\Program\p2p_upload.dll
139    - 未知模块：d:\Thunder\Program\p2p.dll
140    - 未知模块：d:\Thunder\Program\xldc.dll

141    - 未知模块：d:\Thunder\Program\stream.dll
142    - 未知模块：d:\Thunder\Program\p2sp.dll
143    - 未知模块：d:\Thunder\Program\down_dispatcher.dll
144    - 未知模块：d:\Thunder\Program\p2p_local_res.dll
145    - 未知模块：d:\Thunder\Program\al.dll
146    - 未知模块：d:\Thunder\components\InMedia\iembedshell.dll
147    - 未知模块：c:\program files\thunder network\Thunder\components\InMedia\iEmbed17.dll
148    - 未知模块：c:\program files\thunder network\Thunder\components\InMedia\playerhelper.dll
149    - 未知模块：c:\program files\thunder network\Thunder\components\InMedia\XLIPC.dll
150    - 未知模块：d:\Thunder\components\p4pclient\p4pclient.dll
151    - 未知模块：d:\Thunder\components\community\xlcommunity.dll
152    - 未知模块：d:\Thunder\Program\registerdll.dll
153    - 未知模块：d:\Thunder\Program\msvcirt.dll
154    - 未知模块：d:\Thunder\Program\imdt.dll
155    - 未知模块：d:\Thunder\components\Security\thundersafe.dll
156    - 未知模块：d:\Thunder\components\Security\configmanager.dll
157    - 未知模块：d:\Thunder\components\Security\safemanager.dll
158    - 未知模块：d:\Thunder\Plugins\xlsafehost\xlsafehost.dll
159    - 未知模块：d:\Thunder\Plugins\xlsafehost\thunderrav\bin\rsscan.dll
160    - 未知模块：d:\Thunder\components\Search\XLSearch.dll
161    - 未知模块：d:\Thunder\Program\liveupdate.dll
162    - 未知模块：d:\Thunder\components\xlsoftbase\xlsoftwarebase.dll
163    - 未知模块：d:\Thunder\Plugins\kankantop\kankantop.dll
164    - 未知模块：d:\Thunder\components\explorerhelper\explorerhelper.dll
165    - 未知模块：d:\Thunder\ComDlls\thunderagent_now.dll
166    - 未知模块：d:\Thunder\ComDlls\xunleibho_now.dll
167    - 未知模块：c:\program files\thunder network\Thunder\ComDlls\tdatonce_now.dll
168    - 未知模块：d:\Thunder\ComDlls\tdatonce_now.dll
169    - 未知模块：d:\Thunder\components\Tips\tipsclient.dll
170    - 未知模块：d:\Thunder\components\VPShell\VPShell.dll
171    - 未知模块：d:\Thunder\components\userexperience\userexperience.dll
172    - 未知模块：d:\Thunder\components\resworker\DsXlCom.dll
173    - 未知模块：d:\Thunder\components\resworker\dataprocessor_00.dll
174    - 未知模块：d:\Thunder\components\resworker\mediaworker.dll
175    - 未知模块：d:\Thunder\components\Tips\XLIPC.dll
176    - 未知模块：d:\Thunder\components\downloadstat\downloadstat.dll
177    - 未知模块：d:\Thunder\Program\bd.dll
178 未知进程：c:\program files\thunder network\Thunder\components\InMedia\thunderminisite.exe 命令行: "C:\Program Files\Thunder Network\Thunder\Components\InMedia\ThunderMinisite.exe" /T
179    - 未知模块：d:\木马清道夫\FTCMon.dll
180    - 未知模块：c:\WINDOWS\system32\UXTHEME.DLL
181    - 未知模块：c:\program files\thunder