瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】a.exe 1.exe 1.vbs瑞星查不出,删了又来 附日志和瑞星记录

1   1  /  1  页   跳转

【求助】a.exe 1.exe 1.vbs瑞星查不出,删了又来 附日志和瑞星记录

收藏
一夕语
头像
拙长孩提狮
  • 帖子:72
  • 注册: 2003-11-05
  • 来自:
发表于: 2007-09-24 13:08 | 只看楼主 短消息 资料
字号: 1楼

【求助】a.exe 1.exe 1.vbs瑞星查不出,删了又来 附日志和瑞星记录

[CODE]

2007-09-24,12:44:44

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <360Safetray><C:\杀毒软件\360安全卫士\safemon\360Tray.exe /start>  [奇虎网]
    <VMSnap3><C:\WINDOWS\VMSnap3.EXE>  [ZSMCSNAP]
    <Domino><C:\WINDOWS\Domino.EXE>  [Vimicro]
    <WangWang><D:\PROGRA~1\ALISOFT\WANGWANG\WANGWANG.EXE>  [阿里巴巴软件(上海)有限公司]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [N/A]
    <Display Device Driver><msupdate.exe>  []
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[服务管理器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>
[宽带连接]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\宽带连接.lnk -->  [N/A]><N>

==================================
服务
[维护网络正常配置和位置信息,如果服务停止,连接将不可用。 / 0][Running/Auto Start]
  <C:\WINDOWS\system32\browser.txt><N/A>
[BoBoTurbo / BoBoTurbo][Running/Auto Start]
  <C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe><广州易播信息科技有限公司>
[DC0M Server Process Launcher / DcomLauncn][Stopped/Auto Start]
  <C:\Program Files\Common Files\Microsoft Shared\MSINFO\rejoice91.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlagent.exe><Microsoft Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\QQ2006\npkcrypt.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[vmfilter303 / vmfilter303][Running/Manual Start]
  <system32\drivers\vmfilter303.sys><Vimicro Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[ANC USB PC Camera (Vimicro301 Neptune) / ZSMC303][Running/Manual Start]
  <System32\Drivers\usbVM303.sys><Vimicro Corporation>



[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

附件附件:

下载次数:679
文件类型:application/octet-stream
文件大小:
上传时间:2007-9-24 13:08:48
描述:



最后编辑2007-09-24 21:21:31
分享到:
gototop
 
一夕语
头像
拙长孩提狮
  • 帖子:72
  • 注册: 2003-11-05
  • 来自:
发表于: 2007-09-24 13:11 | 只看楼主 短消息 资料
字号: 2楼

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\杀毒软件\360安~1\safemon\safemon.dll, >
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\PROGRA~1\ALISOFT\WANGWANG\WangWangX4.dll, 阿里巴巴软件(上海)有限公司>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <c:\杀毒软件\360安全卫士\live.dll, 360safe.com>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\杀毒软件\360安~1\safemon\safemon.dll, >
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[查看 Exif 信息(&V)]
  <res://C:\Program Files\Exif Show\ExShow.dll/EXSHOW.HTML, N/A>

==================================
正在运行的进程
[PID: 452 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 516 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 540 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 584 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 596 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 744 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 932 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1012 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1044 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1064 / SYSTEM][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 84]
    [C:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Program Files\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
    [C:\Program Files\Rising\Rav\RsVM.dll]  [, 19, 0, 0, 22]
    [C:\Program Files\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 57]
    [C:\Program Files\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\ExtMail.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Program Files\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\Rav\ScanElf.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[PID: 1160 / SYSTEM][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 35]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
    [c:\program files\rising\rfw\psapi.dll]  [Microsoft Corporation, 4.00]
    [c:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [c:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1308 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1396 / SYSTEM][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1524 / SYSTEM][C:\WINDOWS\system32\browser.txt]  [N/A, ]

附件附件:

下载次数:655
文件类型:application/octet-stream
文件大小:
上传时间:2007-9-24 13:11:00
描述:
gototop
 
一夕语
头像
拙长孩提狮
  • 帖子:72
  • 注册: 2003-11-05
  • 来自:
发表于: 2007-09-24 13:12 | 只看楼主 短消息 资料
字号: 3楼

[PID: 1544 / SYSTEM][C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe]  [广州易播信息科技有限公司, 1, 1, 903, 2]
[PID: 1904 / SYSTEM][C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\PROGRA~1\MICROS~4\MSSQL\binn\OPENDS60.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\PROGRA~1\MICROS~4\MSSQL\binn\UMS.DLL]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\PROGRA~1\MICROS~4\MSSQL\binn\SQLSORT.DLL]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\PROGRA~1\MICROS~4\MSSQL\binn\Resources\2052\sqlevn70.RLL]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\PROGRA~1\MICROS~4\MSSQL\binn\SSNETLIB.dll]  [Microsoft Corporation, 2000.080.0766.00]
    [C:\PROGRA~1\MICROS~4\MSSQL\binn\SSNMPN70.dll]  [Microsoft Corporation, 2000.080.0534.00]
    [C:\PROGRA~1\MICROS~4\MSSQL\binn\SSmsLPCn.dll]  [Microsoft Corporation, 2000.080.0760.00]
[PID: 120 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9136]
[PID: 228 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 344 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2860 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINDOWS\system32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.9]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Tencent\QQ\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2936 / Administrator][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2960 / Administrator][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.9136]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9136]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2968 / Administrator][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 58]
[PID: 3136 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3272 / Administrator][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3288 / Administrator][C:\杀毒软件\360安全卫士\safemon\360Tray.exe]  [奇虎网, 3, 6, 2, 1002]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\杀毒软件\360安全卫士\safemon\SafeKrnl.dll]  [奇虎网, 3, 6, 0, 1001]
    [C:\杀毒软件\360安全卫士\AntiAdwa.dll]  [360Safe.com, 3, 6, 1, 1001]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3312 / Administrator][C:\WINDOWS\VMSnap3.EXE]  [ZSMCSNAP, 3, 6, 818, 7]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\VM303Prp.Ax]  [Vimicro, 3, 6, 411, 13]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3320 / Administrator][C:\WINDOWS\Domino.EXE]  [Vimicro, 4, 2, 1124, 6]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
[PID: 3328 / Administrator][D:\PROGRA~1\ALISOFT\WANGWANG\WANGWANG.EXE]  [阿里巴巴软件(上海)有限公司, 5, 6, 0, 2]
    [D:\PROGRA~1\ALISOFT\WANGWANG\AliViewCtrl.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 2]
    [D:\PROGRA~1\ALISOFT\WANGWANG\VLNetwork.dll]  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 6]
    [D:\PROGRA~1\ALISOFT\WANGWANG\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [D:\PROGRA~1\ALISOFT\WANGWANG\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [D:\PROGRA~1\ALISOFT\WANGWANG\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [D:\PROGRA~1\ALISOFT\WANGWANG\AliViewMedia.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 2]
    [D:\PROGRA~1\ALISOFT\WANGWANG\VideoCap.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 4]
    [D:\PROGRA~1\ALISOFT\WANGWANG\VLAudio.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 5]
    [D:\PROGRA~1\ALISOFT\WANGWANG\JsmShow.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 4]
    [D:\PROGRA~1\ALISOFT\WANGWANG\AliSkin.dll]  [阿里巴巴软件(上海)有限公司, 1.0.0.1]
    [D:\PROGRA~1\ALISOFT\WANGWANG\PngLib.dll]  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1]
    [D:\PROGRA~1\ALISOFT\WANGWANG\zlib.dll]  [, 1.2.3]
    [D:\PROGRA~1\ALISOFT\WANGWANG\ww_network.dll]  [, 2, 0, 0, 4]
    [D:\PROGRA~1\ALISOFT\WANGWANG\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [D:\PROGRA~1\ALISOFT\WANGWANG\Ali_Res.DLL]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\aliedit\aliedit.dll]  [, 1, 1, 0, 3]
    [D:\PROGRA~1\ALISOFT\WANGWANG\WangWangX4.dll]  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1]
    [D:\PROGRA~1\ALISOFT\WANGWANG\RICHED32.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\PROGRA~1\ALISOFT\WANGWANG\RICHED20.dll]  [Microsoft Corporation, 5.30.23.1221]
    [D:\PROGRA~1\ALISOFT\WANGWANG\RichOne.dll]  [阿里巴巴软件(上海)有限公司, 1.0.0.1]
    [D:\PROGRA~1\ALISOFT\WANGWANG\TBProgress.dll]  [阿里巴巴软件(上海)有限公司, 1.0.0.1]
    [D:\PROGRA~1\ALISOFT\WANGWANG\MessageNotify.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3508 / Administrator][C:\WINDOWS\system32\msupdate.exe]  [N/A, ]
[PID: 3544 / Administrator][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 4.0.0.18]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3572 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3656 / Administrator][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\WINDOWS\system32\odbcbcp.dll]  [Microsoft Corporation, 2000.085.1117.00 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.0382.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
gototop
 
一夕语
头像
拙长孩提狮
  • 帖子:72
  • 注册: 2003-11-05
  • 来自:
发表于: 2007-09-24 13:12 | 只看楼主 短消息 资料
字号: 4楼

[C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3784 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\00066DC0.IME]  [LongWen Corporation, 3.8.200]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3157 (xpsp_sp2_gdr.070614-0013)]
[PID: 2784 / Administrator][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
    [C:\Program Files\Tencent\QQ\CoralQQ.dll]  [Coral Team, 5.0.2 Build 20070716]
    [C:\Program Files\Tencent\QQ\kql.dll]  [Coral Team, 5.0.2 build 20070703]
    [C:\Program Files\Tencent\QQ\mfc42.dll]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\Tencent\QQ\ipsearcher.dll]  [, 1.0.0.5]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Tencent\QQ\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Tencent\QQ\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [C:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [TENCENT, 7,0,365,1701]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQFileTransfer.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQSettingCtrl.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 320]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Tencent\QQ\QQLiveQMng.dll]  [TENCENT, 7,0,365,1701]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TENCENT, 7,0,365,1701]
    [C:\WINDOWS\system32\00066DC0.IME]  [LongWen Corporation, 3.8.200]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 1, 9, 95]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[PID: 912 / Administrator][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [TENCENT, 7,0,365,1701]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 3476 / Administrator][C:\Program Files\Tencent\QQ\qqpet\QQPenguin\QQPenguin.exe]  [腾讯公司, 2, 56, 101, 1]
    [C:\Program Files\Tencent\QQ\qqpet\QQPenguin\Pnet.dll]  [N/A, ]
    [C:\WINDOWS\system32\odbcbcp.dll]  [Microsoft Corporation, 2000.085.1117.00 (xpsp_sp2_rtm.040803-2158)]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Tencent\QQ\qqpet\QQPenguin\QQPetResDownloadPet.dll]  [, 6, 1, 101, 1]
    [C:\Program Files\Tencent\QQ\qqpet\QQPenguin\QQPetCommunity.dll]  [, 6, 3, 103, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3804 / Administrator][E:\杀毒工具\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\杀毒软件\360安全卫士\safemon\safemon.dll]  [, 3, 6, 2, 1002]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [E:\杀毒工具\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1    www.symantec.com
127.0.0.1    securityresponse.symantec.com
127.0.0.1    symantec.com
127.0.0.1    www.sophos.com
127.0.0.1    sophos.com
127.0.0.1    www.mcafee.com
127.0.0.1    mcafee.com
127.0.0.1    liveupdate.symantecliveupdate.com
127.0.0.1    www.viruslist.com
127.0.0.1    viruslist.com
127.0.0.1    viruslist.com
127.0.0.1    f-secure.com
127.0.0.1    www.f-secure.com
127.0.0.1    kaspersky.com
127.0.0.1    kaspersky-labs.com
127.0.0.1    www.avp.com
127.0.0.1    www.kaspersky.com
127.0.0.1    avp.com
127.0.0.1    www.networkassociates.com
127.0.0.1    networkassociates.com
127.0.0.1    www.ca.com
127.0.0.1    ca.com
127.0.0.1    mast.mcafee.com
127.0.0.1    my-etrust.com
127.0.0.1    www.my-etrust.com
127.0.0.1    download.mcafee.com
127.0.0.1    dispatch.mcafee.com
127.0.0.1    secure.nai.com
127.0.0.1    nai.com
127.0.0.1    www.nai.com
127.0.0.1    update.symantec.com
127.0.0.1    updates.symantec.com
127.0.0.1    us.mcafee.com
127.0.0.1    liveupdate.symantec.com
127.0.0.1    customer.symantec.com
127.0.0.1    rads.mcafee.com
127.0.0.1    trendmicro.com
127.0.0.1    pandasoftware.com
127.0.0.1    www.pandasoftware.com
127.0.0.1    www.trendmicro.com
127.0.0.1    www.grisoft.com
127.0.0.1    www.microsoft.com
127.0.0.1    microsoft.com
127.0.0.1    www.virustotal.com
127.0.0.1    virustotal.com

==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 3288, C:\杀毒软件\360安全卫士\SAFEMON\360TRAY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3312, C:\WINDOWS\VMSNAP3.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3320, C:\WINDOWS\DOMINO.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3328, D:\PROGRA~1\ALISOFT\WANGWANG\WANGWANG.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3508, C:\WINDOWS\SYSTEM32\MSUPDATE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3544, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3656, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
    [1740] C:\WINDOWS\system32\mmc.exe

==================================


[/CODE]
gototop
 
一夕语
头像
拙长孩提狮
  • 帖子:72
  • 注册: 2003-11-05
  • 来自:
发表于: 2007-09-24 19:05 | 只看楼主 短消息 资料
字号: 5楼

又来了一个windows\system32\boot.vbe
gototop
 
圈圈毛
头像
初生襁褓狮
  • 帖子:39
  • 注册: 2007-09-24
  • 来自:
发表于: 2007-09-24 21:32 | 短消息 资料
字号: 6楼

升级病毒库了在安全模式下查杀,看看能搞定不!不行在建议您咨询瑞星客服 请他们协助解决问题  瑞星客户服务中心:http://csc.rising.com.cn
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT