急急急！很想知道计算机是不是已经中了灰鸽子。 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛急急急！很想知道计算机是不是已经中了灰鸽子。

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

急急急！很想知道计算机是不是已经中了灰鸽子。

水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	发表于： 2007-07-09 09:55 \| 只看楼主短消息资料字号：小中大 1楼急急急！很想知道计算机是不是已经中了灰鸽子。无意中看了一些介绍病毒的消息才知道现在居然能被远程启动摄像头。每天开机第一件事就事升级瑞星，然后杀毒。不知道这样管用吗？还有，有没有人知道怎么样能确认自己的机器是不是“肉鸡”？现在网络犯太可恶！！ 2007-07-09 13:58:25.403000000
水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	分享到：

菜花小鸟初生襁褓狮帖子:3 注册: 2007-07-09 来自:	发表于： 2007-07-09 10:18 \| 短消息资料字号：小中大 2楼不管用，免杀的杀不到，要人为判断，有没有开什么可以端口，灰鸽子默认是8000，当然是可以改的，看看服务项多了什么~~
菜花小鸟初生襁褓狮帖子:3 注册: 2007-07-09 来自:

水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	发表于： 2007-07-09 13:19 \| 只看楼主短消息资料字号：小中大 3楼谢谢提醒，虽然我看不太懂。担心中。。。
水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:

Leoooo 大版主帖子:2163 注册: 2007-06-05 来自:	发表于： 2007-07-09 13:23 \| 短消息资料字号：小中大 4楼 http://download.rising.com.cn/for_down/kakatool/kakasetupv4.exe下载卡卡上网安全助手4.0 1 运行瑞星卡卡上网安全助手 2 诊断求助=》电脑诊断日志 3 选择"忽略系统文件"、"文件详细信息"、"文件名相似分析"3个选项 4 开始扫描＝》导出信息，导成txt格式（也可以是htm格式方便自己看，不过论坛不能上传htm格式） 5 把日志中的报告完整拷贝贴上来，不要修改（一次发不完请分次发上来） 6 扫日志的时候尽量把不必要的软件关闭如QQ TM等 7 把扫描出来的可疑文件上传给瑞星http://up.rising.com.cn/webmail/uploadnew.htm
Leoooo 大版主帖子:2163 注册: 2007-06-05 来自:

水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	发表于： 2007-07-09 13:49 \| 只看楼主短消息资料字号：小中大 5楼瑞星卡卡电脑诊断日志 v1.20 (2007-7-9 13:18:54) 北京瑞星科技股份有限公司注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + Win32 Services + HKLM\System\CurrentControlSet\Services Ati HotKey Poller [AM] 1. c:\windows\system32\ati2evxx.exe .text,.rdata,.data,.rsrc, 6A 60 68 18 98 45 00 E8 F6 2E 00 00 83 65 FC 00 ATI Smart [A ] 2. c:\windows\system32\ati2sgag.exe ATI Smart .text,.rdata,.data,.rsrc, 6A 60 68 80 80 41 00 E8 39 2F 00 00 83 65 FC 00 iPod Service [AM] 3. c:\program files\ipod\bin\ipodservice.exe Apple Inc. iPodService Module .text,.rdata,.data,.rsrc, E8 5D 86 00 00 E9 16 FE FF FF CC CC 55 8B EC 57 MDM [AM] 4. c:\program files\common files\microsoft shared\vs7debug\mdm.exe Microsoft Corporation Machine Debug Manager .text,.data,.rsrc, 55 8B EC 6A FF 68 00 5E 40 00 68 70 B0 42 00 64 RsCCenter [A ] 5. c:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 C8 26 41 00 68 D8 AB 40 00 64 RsRavMon [A ] 6. c:\program files\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. RavMond .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 F8 D7 42 00 68 C4 E4 41 00 64 UMWdf [AM] 7. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, 6A 28 68 30 26 00 01 E8 A5 01 00 00 66 81 3D 00 usnjsvc [AM] 8. c:\program files\msn messenger\usnsvc.exe Microsoft Corporation Messenger Sharing USN Journal Reader Service .text,.data,.rsrc, E8 0A 28 00 00 E9 40 FE FF FF E9 95 0B 00 00 51 + Kernel Drivers + HKLM\System\CurrentControlSet\Services 00 [A ] 9. c:\windows\system32\drivers\1674875.sys ALCXWDM [A ] 10. c:\windows\system32\drivers\alcxwdm.sys Realtek Semiconductor Corp. Realtek AC'97 Audio Driver (WDM) .text,_LTEXT,_PTEXT,.rdata,.data,.CRT,_LDATA,_PDATA,.data1,PAGE,INIT,.rsrc,.reloc, 53 56 57 8B 7C 24 10 68 F8 19 01 00 FF 74 24 18 BaseTDI [A ] 11. c:\windows\system32\drivers\basetdi.sys Beijing Rising Technology Co., Ltd. basetdi .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 56 57 E8 13 04 00 00 8B 35 CnsStd [A ] 12. c:\windows\system32\drivers\cnsstd.sys 北京三七二一科技有限公司 .text,.rdata,.data,INIT,.rsrc,.reloc, ExpScaner [A ] 13. c:\program files\rising\rav\expscan.sys ExpScan.sys .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 51 68 88 38 02 00 FF 15 70 1F 01 00 83 GEARAspiWDM [A ] 14. c:\windows\system32\drivers\gearaspiwdm.sys GEAR Software Inc. CD/DVD Class Filter Driver .text,.data,PAGE,INIT,.rsrc,.reloc, 8B 54 24 04 57 6A 1C 59 B8 7E 13 01 00 8D 7A 38 HOOKAPI [A ] 15. c:\program files\rising\rav\hookapi.sys 瑞星软件有限公司 HOOKAPI Driver .text,.rdata,.data,.edata,INIT,.rsrc,.reloc, 33 C0 C2 08 00 CC 55 8B EC 53 B9 FF FF 00 00 56 HookCont [A ] 16. c:\program files\rising\rav\hookcont.sys Rising HookCont .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 56 57 68 70 20 00 00 E8 F7 HookReg [A ] 17. c:\program files\rising\rav\hookreg.sys .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 64 56 57 C7 45 AC 00 00 00 00 B9 HookSys [A ] 18. c:\program files\rising\rav\hooksys.sys Rising Hooksys .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 56 57 E8 8A 08 00 00 68 FC kdoboep [A ] 19. c:\windows\system32\drivers\kdoboep.sys 北京三七二一科技有限公司 sys 应用程序 .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 18 C6 05 88 45 02 00 39 C6 05 89 mdmxsdk [A ] 20. c:\windows\system32\drivers\mdmxsdk.sys Conexant Diagnostic Interface DRIVER .text,.rdata,.data,INIT,.rsrc,.reloc, 57 6A 10 59 33 C0 FF 74 24 0C BF E4 24 01 00 F3 MEMSCAN [A ] 21. c:\program files\rising\rav\memscan.sys 瑞星软件有限公司 MemScan Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 56 8B 35 DC 0C 01 00 57 8D 45 New0 [A ] 22. c:\windows\system32\new.sys .text,.rdata,INIT,.reloc, 55 8B EC 83 EC 1C 68 60 02 01 00 E8 68 01 00 00 npkcrypt [A ] 23. f:\qq\npkcrypt.sys INCA Internet Co., Ltd. nProtect KeyCrypt Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 51 53 56 E8 47 2A 00 00 A3 28 36 01 00 E8 C4 29 pfc [A ] 24. c:\windows\system32\drivers\pfc.sys Padus, Inc. Padus(R) ASPI Shell .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 56 68 00 1D 01 00 8D 45 F4 50 RsAntiSpyware [A ] 25. c:\windows\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 20 53 56 33 F6 57 89 75 F4 60 8D RsNTGDI [A ] 26. c:\windows\system32\drivers\rsntgdi.sys Beijing Rising Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, 55 8B EC 83 EC 10 56 8B 75 08 57 8B 3D 58 05 01 RSPPSYS [A ] 27. c:\program files\rising\rav\rsppsys.sys Rising RSPPSYS.SYS .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 6A 5C E8 EE FB FF FF 33 DB Secdrv [A ] 28. c:\windows\system32\drivers\secdrv.sys Macrovision Europe Ltd Macrovision SECURITY Driver
水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:

水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	发表于： 2007-07-09 13:51 \| 只看楼主短消息资料字号：小中大 6楼 .text,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 56 E8 82 E0 FF FF 85 C0 75 3D zntport [A ] 29. c:\windows\system32\zntport.sys ZSMC303 [A ] 30. c:\windows\system32\drivers\usbvm303.sys Vimicro Corporation Video streaming and Capture Device Driver .text,.data,.data1,PAGECONS,INIT,.rsrc,.reloc, 68 C4 1B 01 00 6A 04 68 B0 06 00 00 FF 74 24 14 + File System Drivers + HKLM\System\CurrentControlSet\Services CnsMinKP [A ] 31. c:\windows\system32\drivers\cnsminkp.sys Copyright (C) 3721 Corporation. KMD .text,.rdata,.data,INIT,.rsrc,.reloc, yaskp [A ] 32. c:\windows\system32\drivers\yaskp.sys Copyright (C) yahoo Corporation. KMD .text,.rdata,.data,INIT,.rsrc,.reloc, zwduxpym [A ] 33. c:\windows\system32\drivers\zwduxpym.sys Yahoo! China Corporation .text,.rdata,.data,INIT,.rsrc,.reloc, + Winlogon + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify AtiExtEvent [AM] 34. c:\windows\system32\ati2evxx.dll .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57 8B 7D + Internet Explorer + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [AM] 35. c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\zh-cn\msntb.dll Microsoft Corporation MSN Toolbar extension .text,.rdata,.data,.SHARED,.rsrc,.reloc, 6A 0C 68 30 2C 03 10 E8 CA 12 00 00 33 C0 40 89 {406F94F0-504F-4A40-8DFD-58B0666ABEBD} [AM] 36. c:\program files\yahoo!\assistant\assist\yasbar.dll yahoo! china IE ToolBand .text,.rdata,.data,.yAsbarS,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks {406F94F0-504F-4a40-8DFD-58B0666ABEBD} [AM] 36. c:\program files\yahoo!\assistant\assist\yasbar.dll yahoo! china IE ToolBand .text,.rdata,.data,.yAsbarS,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {0005A87D-D626-4B3A-84F9-1D9571695F55} [AM] 37. c:\windows\system32\xunleibho_v8.dll xunleibho BHO .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [AM] 38. c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll Adobe Systems Incorporated Adobe Acrobat IE Helper Version 7.0 for ActiveX .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 28 89 00 10 E8 62 FC FF FF 33 C0 40 89 {33BBE430-0E42-4f12-B075-8D21ACB10DCB} [AM] 39. c:\program files\yahoo!\assistant\assist\yphtb.dll Yahoo! China yPhtb .text,.rdata,.data,.yPhtbSe,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {38928D50-8A48-44C2-945F-D2F23F771410} [AM] 40. c:\program files\yahoo!\assistant\assist\yangling.dll yahoo! china yangling.dll .text,.rdata,.data,.SHARED,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {54EBD53A-9BC1-480B-966A-843A333CA162} [AM] 41. f:\qq\qqiehelper.dll
水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:

水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	发表于： 2007-07-09 13:51 \| 只看楼主短消息资料字号：小中大 7楼深圳市腾讯计算机系统有限公司 QQIEHelper Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {62EED7C6-9F02-42f9-B634-98E2899E147B} [AM] 42. c:\program files\yahoo!\assistant\assist\ydragsearch.dll yahoo! china DragSearch .text,.rdata,.data,.BhoObjS,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {9030D464-4C02-4ABF-8ECC-5164760863C6} [AM] 43. c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll Microsoft Corporation WindowsLiveLogin.dll .text,.data,.rsrc,.reloc, 83 7C 24 08 01 75 05 E8 C2 3A 00 00 FF 74 24 04 {9394EDE7-C8B5-483E-8773-474BF36AF6E4} [AM] 44. c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll Microsoft Corporation st .text,.rdata,.data,.SHARED,.rsrc,.reloc, 6A 0C 68 18 C4 01 10 E8 2E 03 00 00 33 C0 40 89 {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [AM] 35. c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\zh-cn\msntb.dll Microsoft Corporation MSN Toolbar extension .text,.rdata,.data,.SHARED,.rsrc,.reloc, 6A 0C 68 30 2C 03 10 E8 CA 12 00 00 33 C0 40 89 {D157330A-9EF3-49F8-9A67-4141AC41ADD4} [AM] 45. c:\windows\downloaded program files\cnshook.dll 北京三七二一科技有限公司 CnsHook .text,.rdata,.data,.cnshook,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {F166BC04-3C84-44cc-A6E9-2315EC4844B9} [AM] 46. c:\program files\yahoo!\assistant\assist\yflashdl.dll Yahoo! China Flash video download .text,.rdata,.data,.yFlashD,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} [AM] 47. c:\program files\yahoo!\assistant\assist\yassist.dll Yahoo! China Assist Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 48. f:\程序\超级解霸\sthsdvd.exe .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 88 57 43 00 68 2C F2 42 00 64 Exec [A ] 49. f:\qq\qq.exe TENCENT QQ .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 08 54 52 00 68 AE 54 48 00 64 Exec [A ] 50. c:\program files\messenger\msmsgs.exe Microsoft Corporation Windows Messenger .text,.data,.rsrc, 6A 70 68 10 98 00 01 E8 BF 01 00 00 33 DB 53 8B + HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars {19CE93DE-8334-42C6-B2CA-BFE3DF5196A3} [AM] 51. c:\program files\yahoo!\assistant\assist\yrss.dll Yahoo! China yRss Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + Explorer + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler cdo [A ] 52. c:\program files\common files\microsoft shared\web folders\pkmcdo.dll Microsoft Corporation Microsoft SharePoint Portal Server Object Model .text,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 livecall [A ] 53. c:\program files\msn messenger\msgrapp.8.1.0178.00.dll Microsoft Corporation MSN Messenger Protocol Handler .text,.data,.rsrc,.reloc, 83 7C 24 08 01 75 05 E8 8A 05 00 00 FF 74 24 04 ms-itss [A ] 54. c:\program files\common files\microsoft shared\information retrieval\msitss.dll Microsoft Corporation Microsoft? InfoTech Storage System Library .text,.data,.rsrc,.reloc, 55 8B EC 53 56 8B 75 0C 57 6A 01 5F 3B F7 75 7C msnim [A ] 53. c:\program files\msn messenger\msgrapp.8.1.0178.00.dll Microsoft Corporation MSN Messenger Protocol Handler .text,.data,.rsrc,.reloc, 83 7C 24 08 01 75 05 E8 8A 05 00 00 FF 74 24 04 mso-offdap [A ] 55. c:\program files\common files\microsoft shared\web components\10\owc10.dll Microsoft Corporation Microsoft Office XP Web Components .text,.data,.rtext,.bootdat,msoconst,Shared,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers {F9DB5320-233E-11D1-9F84-707F02C10627} [AM] 56. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll Adobe Systems, Inc. PDF Shell Extension .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 E8 DD 00 10 E8 F5 EF FF FF 33 C0 40 89 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved RISING [AM] 57. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 Messenger Sharing Folders [A ] 58. c:\program files\msn messenger\fsshext.8.1.0178.00.dll Microsoft Corporation Messenger File Sharing Shell Extensions .text,.data,.rsrc,.reloc, 83 7C 24 08 01 75 05 E8 43 06 00 00 FF 74 24 04 Shell Extensions for RealOne Player [A ] 59. f:\realone\rpshellext.dll RealNetworks RealOne Player Shell Extensions .text,.rdata,.data,.rsrc,.reloc, 53 55 56 8B 74 24 14 85 F6 57 B8 01 00 00 00 75 粉碎文件 [A ] 60. c:\program files\yahoo!\assistant\assist\ywiper.dll Yahoo! China Wiper 动态链接库 .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 48 25 03 10 E8 1C 0B 00 00 33 C0 40 89 Yahoo!Photo [AM] 39. c:\program files\yahoo!\assistant\assist\yphtb.dll Yahoo! China yPhtb .text,.rdata,.data,.yPhtbSe,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 iTunes [A ] 61. e:\11\itunesminiplayer.dll Apple Inc. iTunes Mini Player DLL
水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:

水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	发表于： 2007-07-09 13:52 \| 只看楼主短消息资料字号：小中大 8楼 .text,.rdata,.data,.rsrc,.reloc, 83 7C 24 08 01 75 05 E8 BA 46 00 00 FF 74 24 04 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {D157330A-9EF3-49F8-9A67-4141AC41ADD4} [AM] 45. c:\windows\downloaded program files\cnshook.dll 北京三七二一科技有限公司 CnsHook .text,.rdata,.data,.cnshook,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {32CD708B-60A7-4C00-9377-D73EAA495F0F} [AM] 57. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A} [AM] 62. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + Logon + HKCU\Software\Microsoft\Windows\CurrentVersion\Run MsnMsgr [AM] 63. c:\program files\msn messenger\msnmsgr.exe Microsoft Corporation Messenger .text,.data,.rsrc, E8 05 00 00 00 E9 A1 11 FF FF 55 8B EC 83 EC 10 updateMgr [A ] 64. c:\program files\adobe\acrobat 7.0\reader\adobeupdatemanager.exe Adobe Systems Incorporated Adobe Update Manager .text,.rsrc, B8 68 B3 4A 00 50 64 FF 35 00 00 00 00 64 89 25 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run BigDog303 [AM] 65. c:\windows\vm303_sti.exe Vimicro Vimicro .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 C0 A2 40 00 68 A8 66 40 00 64 runeip [AM] 66. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 6B 40 00 68 40 52 40 00 64 QuickTime Task [AM] 67. c:\program files\quicktime\qttask.exe Apple Inc. QuickTime Task .text,.rdata,.data,.rsrc, 6A 60 68 D0 4A 43 00 E8 23 1E 00 00 BF 94 00 00 Adobe Photo Downloader [AM] 68. c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe Adobe Systems Incorporated Adobe Photoshop Album Starter Edition 3.0 component .text,.rdata,.data,.rsrc, 6A 74 68 A8 35 40 00 E8 60 02 00 00 33 DB 89 5D TkBellExe [AM] 69. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 B0 D4 41 00 68 6C 3E 41 00 64 YLive.exe [AM] 70. c:\program files\yahoo!\assistant\ylive.exe Yahoo! China YLive .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 48 31 40 00 68 90 25 40 00 64 yassistse [AM] 71. c:\program files\yahoo!\assistant\yassistse.exe Yahoo! China AssistSetting .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 48 52 40 00 68 6E 40 40 00 64 iTunesHelper [AM] 72. e:\11\ituneshelper.exe Apple Inc. iTunesHelper Module .text,.rdata,.data,.rsrc, E8 B8 6D 00 00 E9 16 FE FF FF CC 68 B0 D6 40 00 RavTask [A ] 73. c:\program files\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 50 E3 40 00 68 D4 90 40 00 64 + Boot Execute + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 74. c:\windows\system32\bsmain.exe Beijing Rising Technology Co., Ltd. BootScan .text,.data,.rsrc,.reloc, 55 8B EC 6A FF 68 F0 27 00 01 68 74 9E 00 01 64 + Image Hijacks + HKCR\.html htmlfile\Edit\Command [A ] 75. f:\程序\office xp\office10\msohtmed.exe Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc, 55 8B EC 83 EC 18 83 4D FC FF 53 56 57 6A FE 33 htmlfile\Print\Command [A ] 75. f:\程序\office xp\office10\msohtmed.exe Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc, 55 8B EC 83 EC 18 83 4D FC FF 53 56 57 6A FE 33 + HKCR\.htm htmlfile\Edit\Command [A ] 75. f:\程序\office xp\office10\msohtmed.exe Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc, 55 8B EC 83 EC 18 83 4D FC FF 53 56 57 6A FE 33 htmlfile\Print\Command [A ] 75. f:\程序\office xp\office10\msohtmed.exe Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc, 55 8B EC 83 EC 18 83 4D FC FF 53 56 57 6A FE 33 + HKCR\.mp3 RealPlayer.MP3.6\open\Command [A ] 76. f:\realone\realplay.exe RealNetworks, Inc. RealOne Player .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 A0 AA 40 00 68 B0 8D 40 00 64 + 其他自启动项目 + C:\Documents and Settings\liYuan\「开始」菜单\程序\启动腾讯QQ.lnk [A ] 49. f:\qq\qq.exe TENCENT QQ .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 08 54 52 00 68 AE 54 48 00 64 + C:\Documents and Settings\All Users\「开始」菜单\程序\启动 Adobe Reader Speed Launch.lnk [A ] 77. c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe Adobe Systems Incorporated Adobe Acrobat SpeedLauncher .text,.rdata,.data,.rsrc, 6A 74 68 E0 66 40 00 E8 08 02 00 00 33 DB 89 5D + C:\WINDOWS\Tasks AppleSoftwareUpdate.job [A ] 78. c:\program files\apple software update\softwareupdate.exe Apple Computer, Inc. Software Application .text,.rdata,.data,.rsrc, E8 B1 63 00 00 E9 17 FE FF FF 55 8B EC 51 53 8B + 系统活动模块 + 00000084(132) mdm.exe 00400000[00044000] [AM] 4. c:\program files\common files\microsoft shared\vs7debug\mdm.exe Microsoft Corporation Machine Debug Manager .text,.data,.rsrc, 55 8B EC 6A FF 68 00 5E 40 00 68 70 B0 42 00 64 + 00000140(320) svchost.exe + 00000190(400) wdfmgr.exe 01000000[0000C000] [AM] 7. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, 6A 28 68 30 26 00 01 E8 A5 01 00 00 66 81 3D 00 + 0000027c(636) smss.exe + 000002c0(704) csrss.exe + 000002d8(728) winlogon.exe 10000000[00017000] [AM] 34. c:\windows\system32\ati2evxx.dll .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57 8B 7D 72C80000[00008000] [ M] 79. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24 + 00000304(772) services.exe + 00000310(784) lsass.exe + 00000354(852) Ras.exe 00400000[0013D000] [ M] 80. c:\program files\rising\antispyware\ras.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 90 3A 4C 00 68 70 B7 4A 00 64 53000000[0000E000] [ M] 81. c:\program files\3721\helper.dll Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00C20000[0000B000] [ M] 82. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 37210000[00086000] [ M] 83. c:\windows\downloaded program files\cnsmin.dll 国风因特软件（北京）有限公司 CnsMin .text,.rdata,.data,.cnsdata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 10000000[000A0000] [ M] 84. c:\program files\rising\antispyware\rasgui.dll Beijing Rising Technology Co., Ltd. RasGUI .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 026D0000[0001B000] [ M] 85. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 00 CD 6D 02 E8 BD 02 00 00 33 C0 40 89 03E60000[0005B000] [ M] 86. c:\program files\common files\microsoft shared\ink\skchui.dll Microsoft Corporation Draw Pen Tip .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 51 C7 45 FC 01 00 00 00 83 7D 0C 00 75 + 000003b0(944) Ati2evxx.exe 00400000[00067000] [AM] 1. c:\windows\system32\ati2evxx.exe .text,.rdata,.data,.rsrc, 6A 60 68 18 98 45 00 E8 F6 2E 00 00 83 65 FC 00 + 000003c0(960) svchost.exe + 0000040c(1036) svchost.exe + 00000468(1128) svchost.exe 50E60000[0000C000] [ M] 87. c:\windows\system32\wups2.dll Microsoft Corporation Windows Update client proxy stub 2 .text,.orpc,.data,.rsrc,.reloc, 8B FF 55 8B EC 83 7D 0C 01 75 05 E8 F9 04 00 00 + 000004f0(1264) svchost.exe + 0000050c(1292) alg.exe + 0000055c(1372) svchost.exe + 000005cc(1484) iexplore.exe 53000000[0000E000]
水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:

水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	发表于： 2007-07-09 13:56 \| 只看楼主短消息资料字号：小中大 9楼 [ M] 81. c:\program files\3721\helper.dll Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00BA0000[0000B000] [ M] 82. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 37210000[00086000] [ M] 83. c:\windows\downloaded program files\cnsmin.dll 国风因特软件（北京）有限公司 CnsMin .text,.rdata,.data,.cnsdata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00CC0000[0001B000] [ M] 85. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 00 CD 6D 02 E8 BD 02 00 00 33 C0 40 89 + 00000770(1904) runiep.exe 00400000[00012000] [AM] 66. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 6B 40 00 68 40 52 40 00 64 37210000[00086000] [ M] 83. c:\windows\downloaded program files\cnsmin.dll 国风因特软件（北京）有限公司 CnsMin .text,.rdata,.data,.cnsdata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00D40000[0001B000] [ M] 85. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 00 CD 6D 02 E8 BD 02 00 00 33 C0 40 89 + 000007a8(1960) Rundll32.exe 37210000[00086000] [ M] 83. c:\windows\downloaded program files\cnsmin.dll 国风因特软件（北京）有限公司 CnsMin .text,.rdata,.data,.cnsdata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00AA0000[00010000] [ M] 125. c:\windows\downloaded program files\cnsminio.dll 北京三七二一科技有限公司 CnsMinIO .text,.rdata,.data,.cnsmini,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00AC0000[00026000] [ M] 126. c:\windows\downloaded program files\cnsio.dll 北京三七二一科技有限公司 cnsio .text,.rdata,.data,.cnsioda,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 10000000[0001B000] [ M] 85. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 00 CD 6D 02 E8 BD 02 00 00 33 C0 40 89 53000000[0000E000] [ M] 81. c:\program files\3721\helper.dll Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00BF0000[0000B000] [ M] 82. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00E50000[00018000] [ M] 127. c:\windows\downloaded program files\cnsminex.dll 国风因特软件(北京)有限公司 CnsMinEx .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + 000007e0(2016) YLive.exe 00400000[00006000] [AM] 70. c:\program files\yahoo!\assistant\ylive.exe Yahoo! China YLive .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 48 31 40 00 68 90 25 40 00 64 53000000[0000B000] [ M] 82. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 37210000[00086000] [ M] 83. c:\windows\downloaded program files\cnsmin.dll 国风因特软件（北京）有限公司 CnsMin .text,.rdata,.data,.cnsdata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 01EE0000[0000E000] [ M] 81. c:\program files\3721\helper.dll Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 3C000000[00058000]
水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:

水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:	发表于： 2007-07-09 13:57 \| 只看楼主短消息资料字号：小中大 10楼 [ M] 93. c:\program files\yahoo!\assistant\yalive.dll yahoo! china AutoLive Module .text,.rdata,.data,.ylive_d,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 10000000[0002A000] [ M] 94. c:\program files\yahoo!\assistant\yalliveex.dll Yahoo! China LiveEx .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 01F40000[0001B000] [ M] 85. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 00 CD 6D 02 E8 BD 02 00 00 33 C0 40 89 022A0000[00019000] [ M] 128. c:\program files\yahoo!\assistant\ynotifier.dll yahoo! china Notifier Module .text,.rdata,.data,.YahooNT,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + 0000080c(2060) yassistse.exe 00400000[00017000] [AM] 71. c:\program files\yahoo!\assistant\yassistse.exe Yahoo! China AssistSetting .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 48 52 40 00 68 6E 40 40 00 64 37210000[00086000] [ M] 83. c:\windows\downloaded program files\cnsmin.dll 国风因特软件（北京）有限公司 CnsMin .text,.rdata,.data,.cnsdata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 53000000[0000B000] [ M] 82. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 3B800000[0000F000] [ M] 129. c:\program files\yahoo!\assistant\shell\yasmenu.dll Yahoo! China yAsMenu .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 42000000[00010000] [ M] 115. c:\program files\yahoo!\assistant\shell\yassecblk.dll Yahoo! China yassecblk .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 3EC00000[00006000] [ M] 130. c:\program files\yahoo!\assistant\shell\yieangel.dll Yahoo! China IEAngel .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 40400000[00009000] [ M] 131. c:\program files\yahoo!\assistant\shell\ymenuinfo.dll Yahoo! China MenuInfo .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 10000000[0001B000] [ M] 85. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 00 CD 6D 02 E8 BD 02 00 00 33 C0 40 89 + 0000082c(2092) iTunesHelper.exe 00400000[00041000] [AM] 72. e:\11\ituneshelper.exe Apple Inc. iTunesHelper Module .text,.rdata,.data,.rsrc, E8 B8 6D 00 00 E9 16 FE FF FF CC 68 B0 D6 40 00 37210000[00086000] [ M] 83. c:\windows\downloaded program files\cnsmin.dll 国风因特软件（北京）有限公司 CnsMin .text,.rdata,.data,.cnsdata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 10000000[0000E000] [ M] 132. e:\11\ituneshelper.resources\zh_cn.lproj\ituneshelperlocalized.dll Apple Inc. iTunesHelper 资源库 .text,.rdata,.data,.rsrc,.reloc, 00BA0000[0000E000] [ M] 133. e:\11\ituneshelper.resources\ituneshelper.dll Apple Inc. iTunesHelper Resource Library .text,.rdata,.data,.rsrc,.reloc, 53000000[0000E000] [ M] 81. c:\program files\3721\helper.dll Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00D30000[0000B000] [ M] 82. c:\program files\yahoo!\assistant\yhelper.dll
水晶牡丹初生襁褓狮帖子:12 注册: 2007-07-09 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT