瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】如何删除RootKit.Agent.pg病毒

1   1  /  1  页   跳转

【求助】如何删除RootKit.Agent.pg病毒

收藏
amanda0919
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-01-25
  • 来自:
发表于: 2007-01-25 20:09 | 只看楼主 短消息 资料
字号: 1楼

【求助】如何删除RootKit.Agent.pg病毒

[CODE]

2007-01-25,19:30:54

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <igfxtray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc.]
    <RavTask><"D:\瑞星2006\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <runeip><D:\瑞星2006\Rising\卡卡助手\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"D:\瑞星2006\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    <WinlogonNotify: IntelWireless><C:\Program Files\Intel\Wireless\Bin\LgNotify.dll>  [Intel Corporation]
最后编辑2007-01-25 20:32:21
分享到:
gototop
 
amanda0919
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-01-25
  • 来自:
发表于: 2007-01-25 20:16 | 只看楼主 短消息 资料
字号: 2楼

==================================
启动文件夹
N/A

==================================
服务
[Security Machine Manager / BRGNS][Stopped/Auto Start]
  <C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\MBZBX.DLL,Export 1087><N/A>
[Volume Optimization / ClipArt][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\lcmtz.dll><Microsoft Corporation>
[EvtEng / EvtEng][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NICCONFIGSVC / NICCONFIGSVC][Running/Auto Start]
  <C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe><Dell Inc.>
[RegSrvc / RegSrvc][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <d:\瑞星2006\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <d:\瑞星2006\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"D:\瑞星2006\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"D:\瑞星2006\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[WLANKEEPER / WLANKEEPER][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe><Intel? Corporation>
[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>

==================================
驱动程序
[AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP][Running/Auto Start]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[APPDRV / APPDRV][Running/System Start]
  <\SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS><Dell Inc>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Stopped/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\D:\瑞星2006\Rising\Rav\ExpScan.sys><>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
  <\??\D:\瑞星2006\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\D:\瑞星2006\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\D:\瑞星2006\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\D:\瑞星2006\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
  <system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
  <system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Stopped/Manual Start]
  <system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel Wireless Connection Agent Miniport for Win XP / IWCA][Running/Manual Start]
  <system32\DRIVERS\iwca.sys><Intel Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\D:\瑞星2006\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\d:\瑞星2006\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[ocpm / ocpmx][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ocpmx.sys><N/A>
[OMCI / OMCI][Running/System Start]
  <\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS><Dell Computer Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\D:\瑞星2006\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\D:\瑞星2006\Rising\Rav\RSPPSYS.sys><Rising>
[WLAN 传输 / s24trans][Running/Auto Start]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
  <system32\drivers\sthda.sys><SigmaTel, Inc.>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[CHINA USB MODEM Composite Device driver (WDM) / td_cbus][Running/Manual Start]
  <system32\DRIVERS\td_cbus.sys><MCCI>
[CHINA USB MODEM Filter / td_cmdfl][Running/Manual Start]
  <system32\DRIVERS\td_cmdfl.sys><MCCI>
[CHINA USB MODEM Drivers / td_cmdm][Running/Manual Start]
  <system32\DRIVERS\td_cmdm.sys><MCCI>
[CHINA USB MODEM Diagnostic Serial Port (WDM) / td_cserd][Running/Manual Start]
  <system32\DRIVERS\td_cserd.sys><MCCI>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
  <system32\drivers\UIUSys.sys><N/A>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Stopped/Manual Start]
  <system32\DRIVERS\w29n51.sys><Intel? Corporation>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
  <system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
  <system32\DRIVERS\wudfrd.sys><Microsoft Corporation>
gototop
 
amanda0919
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-01-25
  • 来自:
发表于: 2007-01-25 20:17 | 只看楼主 短消息 资料
字号: 3楼

==================================
浏览器加载项
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\讯雷\Thunder.exe, Thunder Networking Technologies,LTD>
[豪杰超级解霸9]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <D:\豪杰超级解霸9\STHSDVD.EXE, herosoft>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\QQ2006\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? <D:\QQ2006\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683}? <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Java Plug-in 1.4.2_03]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[Java Plug-in 1.4.2_03]
  {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} <C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[实用搜索工具条2.0]
  {03465FF5-00AE-411A-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\QQ2006\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\讯雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Java Plug-in 1.4.2_03]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[&使用迅雷下载]
  <D:\讯雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\讯雷\Program\GetAllUrl.htm, N/A>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <D:\QQ2006\AddToNetDisk.htm, N/A>
[使用超级解霸播放]
  <D:\豪杰超级解霸9\MPURLGET.HTM, N/A>
[添加到QQ自定义面板]
  <D:\QQ2006\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\QQ2006\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\QQ2006\SendMMS.htm, N/A>
[翻译英文字词(&T)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html, N/A>
gototop
 
amanda0919
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-01-25
  • 来自:
发表于: 2007-01-25 20:36 | 只看楼主 短消息 资料
字号: 4楼

==================================
正在运行的进程
[PID: 376][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 440][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 464][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Intel\Wireless\Bin\LgNotify.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.4410]
[PID: 508][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 664][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 744][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780][D:\瑞星2006\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 800][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 832][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 9, 0, 2, 11]
[PID: 928][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe]  [Intel Corporation , 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 9, 0, 2, 11]
[PID: 972][C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe]  [Intel? Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll]  [Intel Corporation, 9, 0, 2, 11]
[PID: 1028][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1060][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1076][D:\瑞星2006\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
    [D:\瑞星2006\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\瑞星2006\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星2006\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [D:\瑞星2006\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\瑞星2006\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\瑞星2006\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\瑞星2006\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [D:\瑞星2006\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [D:\瑞星2006\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [D:\瑞星2006\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\瑞星2006\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\瑞星2006\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [D:\瑞星2006\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\瑞星2006\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\瑞星2006\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\瑞星2006\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [D:\瑞星2006\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\瑞星2006\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
    [D:\瑞星2006\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [D:\瑞星2006\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [D:\瑞星2006\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [D:\瑞星2006\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [D:\瑞星2006\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
    [D:\瑞星2006\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [D:\瑞星2006\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [D:\瑞星2006\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [D:\瑞星2006\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [D:\瑞星2006\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [D:\瑞星2006\Rising\Rav\RsVM.dll]  [N/A, 19, 0, 0, 15]
    [D:\瑞星2006\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
    [D:\瑞星2006\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [D:\瑞星2006\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[PID: 1172][d:\瑞星2006\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
    [d:\瑞星2006\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [d:\瑞星2006\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [d:\瑞星2006\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
    [d:\瑞星2006\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [d:\瑞星2006\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [d:\瑞星2006\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1292][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1448][D:\瑞星2006\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [D:\瑞星2006\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星2006\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1548][C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll]  [Intel Corporation, 9, 0, 2, 11]
    [C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll]  [Intel Corporation, 9, 0, 2, 11]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1724][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\WINDOWS\system32\wbpox.dll]  [N/A, N/A]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [D:\讯雷\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\WNWBIO.IME]  [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.4410]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4410]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4410]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4410]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4410]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
gototop
 
amanda0919
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-01-25
  • 来自:
发表于: 2007-01-25 20:39 | 只看楼主 短消息 资料
字号: 5楼

[PID: 1788][d:\瑞星2006\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [d:\瑞星2006\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 31]
    [d:\瑞星2006\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [d:\瑞星2006\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [d:\瑞星2006\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [d:\瑞星2006\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1952][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 8.2.4.6 08Mar06]
    [C:\WINDOWS\system32\SynCOM.dll]  [Synaptics, Inc., 8.2.4.6 08Mar06]
    [C:\WINDOWS\system32\SynTPAPI.dll]  [Synaptics, Inc., 8.2.4.6 08Mar06]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1996][D:\瑞星2006\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [D:\瑞星2006\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\瑞星2006\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2036][D:\瑞星2006\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [D:\瑞星2006\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [D:\瑞星2006\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\瑞星2006\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\瑞星2006\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星2006\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 132][D:\瑞星2006\Rising\卡卡助手\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 4]
    [D:\瑞星2006\Rising\卡卡助手\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 224][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3427]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 260][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 484][D:\瑞星2006\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [D:\瑞星2006\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 624][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3424]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1116][C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe]  [Dell Inc., 7, 0, 7, 0]
[PID: 948][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe]  [Intel Corporation, 9, 0, 2, 11]
[PID: 2332][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2412][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3044][D:\国泰君安\国泰君安大智慧\internet\hypwise.exe]  [N/A, N/A]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3064][D:\国泰君安\国泰君安大智慧\internet\hypmain.exe]  [GreatWise, 5.4.5.3002]
    [D:\国泰君安\国泰君安大智慧\internet\borlndmm.dll]  [Inprise Corporation, 5.0.6.18]
    [D:\国泰君安\国泰君安大智慧\internet\tcpip.dll]  [, 1, 0, 0, 1]
    [D:\国泰君安\国泰君安大智慧\wt\gtja\fy\bin\flyingfish.dll]  [N/A, N/A]
    [D:\国泰君安\国泰君安大智慧\internet\investdll.dll]  [, 1, 0, 0, 3]
    [D:\国泰君安\国泰君安大智慧\internet\wgdll.dll]  [N/A, N/A]
    [D:\国泰君安\国泰君安大智慧\internet\zlib.dll]  [N/A, N/A]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3616][d:\瑞星2006\rising\rfw\RfwCfg.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 1, 41]
    [d:\瑞星2006\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 31]
    [d:\瑞星2006\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [d:\瑞星2006\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [d:\瑞星2006\rising\rfw\ProxyCtr.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [d:\瑞星2006\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [d:\瑞星2006\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [d:\瑞星2006\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1732][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [c:\program files\google\googletoolbar1.dll]  [Google Inc., 3, 0, 131, 0]
    [C:\Program Files\superutilbar\superutilbar.dll]  [www.shiyongsousuo.com, 2, 1, 8, 24]
    [C:\WINDOWS\system32\KakaTool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 2, 6]
    [D:\QQ2006\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [D:\讯雷\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 3272][D:\QQ2006\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [D:\QQ2006\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [D:\QQ2006\QQAPI.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [D:\QQ2006\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [D:\QQ2006\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [D:\QQ2006\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [D:\QQ2006\QQMainFrame.dll]  [N/A, N/A]
    [D:\QQ2006\CQQApplication.dll]  [N/A, N/A]
    [D:\QQ2006\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\QQSpace.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\QQAllInOne.dll]  [N/A, N/A]
    [D:\QQ2006\GroupLive.dll]  [N/A, N/A]
    [D:\QQ2006\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [D:\QQ2006\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\QQPlugin.dll]  [N/A, N/A]
    [D:\QQ2006\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\QQSysMsgMng.dll]  [N/A, N/A]
    [D:\QQ2006\QRingMng.dll]  [N/A, N/A]
    [D:\QQ2006\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\QQ2006\VPortal.dll]  [, 1, 0, 0, 4]
    [D:\QQ2006\QQAvatar.dll]  [N/A, N/A]
    [D:\QQ2006\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\QQ2006\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\QQ2006\QQPet.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\BQQApplication.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [D:\QQ2006\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\QQ2006\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\QQ2006\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [D:\QQ2006\QQSceneMng.dll]  [N/A, N/A]
    [D:\QQ2006\QQPhoneHelper.dll]  [腾讯科技(深圳)有限公司, 2, 1, 3, 30]
gototop
 
amanda0919
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-01-25
  • 来自:
发表于: 2007-01-25 20:40 | 只看楼主 短消息 资料
字号: 6楼

[PID: 3376][D:\QQ2006\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [D:\QQ2006\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 1000][C:\WINDOWS\regedit.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3432][D:\瑞星2006\Rising\Rav\Rav.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [D:\瑞星2006\Rising\Rav\PlugIn\RsPgScan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\瑞星2006\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星2006\Rising\Rav\RavUI.Dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [D:\瑞星2006\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [D:\瑞星2006\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [D:\瑞星2006\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [D:\瑞星2006\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\瑞星2006\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\RavQu.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\瑞星2006\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [D:\瑞星2006\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[PID: 3356][D:\讯雷\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.4.0.226]
    [D:\讯雷\Program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
    [D:\讯雷\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 0, 0, 1]
    [D:\讯雷\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [D:\讯雷\Program\log4cplus.dll]  [, 1, 0, 2, 1]
    [D:\讯雷\Program\asyn_dns.dll]  [N/A, N/A]
    [D:\讯雷\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
    [D:\讯雷\Program\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
    [D:\讯雷\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 1, 0, 18]
    [D:\讯雷\Program\FloatBar.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [D:\讯雷\Components\InMedia\iEmbedShell.dll]  [ , 1, 0, 0, 11]
    [D:\讯雷\Components\InMedia\iEmbed04.dll]  [ , 2, 3, 0, 37]
    [D:\讯雷\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 10]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [D:\讯雷\Program\iTargetAd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 59]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [D:\瑞星2006\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3764][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [c:\program files\google\googletoolbar1.dll]  [Google Inc., 3, 0, 131, 0]
    [C:\Program Files\superutilbar\superutilbar.dll]  [www.shiyongsousuo.com, 2, 1, 8, 24]
    [C:\WINDOWS\system32\KakaTool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 2, 6]
    [D:\QQ2006\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [D:\讯雷\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 3500][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3520][D:\sreng\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [D:\瑞星2006\Rising\卡卡助手\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [D:\sreng\Plugins\SRECXTMG.SRE]  [Smallfrogs Studio, 1, 5, 0, 55]
gototop
 
amanda0919
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-01-25
  • 来自:
发表于: 2007-01-25 20:41 | 只看楼主 短消息 资料
字号: 7楼

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[E:\]
[autorun]
Shellexecute=copy.exe

==================================
HOSTS 文件
127.0.0.1 www.qq3344.com
127.0.0.1 www.dj3344.com
127.0.0.1 www.yysky.net
127.0.0.1 www.qq168.net
127.0.0.1 www.777888.com
127.0.0.1 www.5dsoft.com
127.0.0.1 www.wokoo.net
127.0.0.1 www.coolcdrom.com
127.0.0.1 www.mtv51.com
127.0.0.1 www.yibinren.com
127.0.0.1 yeapple.com
127.0.0.1 movie.sx.zj.cn
127.0.0.1 www.cctv8.net
127.0.0.1 www.kuliao.com
127.0.0.1 www.yyqy.com
127.0.0.1 www.sunvod.com
127.0.0.1 www.t168.com
127.0.0.1 www.boliwo.com
127.0.0.1 www.zhengdian.com
127.0.0.1 girlchinese.com
127.0.0.1 www.37021.com
127.0.0.1 www.cnqb.net
127.0.0.1 www.58589.com
127.0.0.1 www.pixpox.com
127.0.0.1 www.k163.com
127.0.0.1 www.pk.com
127.0.0.1 www.xxx.com
127.0.0.1 www.ehomeday.com
127.0.0.1 www.jinpin.net
127.0.0.1 www.es158.com
127.0.0.1 www.aisa-girl.net
127.0.0.1 www.boliwu.com
127.0.0.1 www.cctv1.net
127.0.0.1 www.play.cn.gs
127.0.0.1 www.nnptt.com
127.0.0.1 vod.hengshui.com
127.0.0.1 tv.megajoy.com
127.0.0.1 www.my288.com
127.0.0.1 www.youmiss.com
127.0.0.1 www.laws-online.net
127.0.0.1 www.435000.com
127.0.0.1 www.eastedu.com.cn
127.0.0.1 www.ezhgc.com
127.0.0.1 www.mmgirls.com
127.0.0.1 www.qq520.com
127.0.0.1 www.love520.net
127.0.0.1 www.hj168.net
127.0.0.1 www.wwmmww.com
127.0.0.1 www.wo265.com
127.0.0.1 www.9911.com
127.0.0.1 36920.com
127.0.0.1 www.piaoxue.com

==================================
API HOOK
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT