瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 5555中毒了……请高手帮忙,快死了……怎么也删不掉……[附扫描日志]

12   2  /  2  页   跳转

5555中毒了……请高手帮忙,快死了……怎么也删不掉……[附扫描日志]

收藏
nagligivaget
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2007-03-11
  • 来自:
发表于: 2007-03-11 17:27 | 显示全部 短消息 资料
字号: 11楼

http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\WINDOWS\system32\sirenacm.dll]  [Microsoft Corp., 8.0.0812.00]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [E:\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll]  [Sony Ericsson Mobile Communications AB, 1, 3, 12, 1]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [E:\Sony Ericsson\Mobile2\File Manager\fmgrguil.dll]  [Sony Ericsson Mobile Communications AB, 1, 3, 4, 0]
    [C:\Program Files\Tencent\QQ\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\ffdshow.ax]  [, 1.0.2.2003]
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\TTL2Dec.dll]  [N/A, ]
    [C:\WINDOWS\system32\xvidcore.dll]  [N/A, ]
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\ff_tremor.dll]  [N/A, ]
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\libmplayer.dll]  [N/A, ]
[PID: 2676][C:\WINDOWS\regedit.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\COMMON~1\jwfg\wjvw.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\jwfg\boxy.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2956][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.8.1.2: 2007021917]
    [C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Firefox\nspr4.dll]  [Netscape Communications Corporation, 4.6.5]
    [C:\Program Files\Mozilla Firefox\xpcom_core.dll]  [Mozilla Foundation, 1.8.1.2: 2007021917]
    [C:\Program Files\Mozilla Firefox\plc4.dll]  [Netscape Communications Corporation, 4.6.5]
    [C:\Program Files\Mozilla Firefox\plds4.dll]  [Netscape Communications Corporation, 4.6.5]
    [C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Firefox\xpcom_compat.dll]  [Mozilla Foundation, 1.8.1.2: 2007021917]
    [C:\PROGRA~1\COMMON~1\jwfg\wjvw.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\jwfg\boxy.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Mozilla Firefox\components\myspell.dll]  [Mozilla Foundation, 1.8.1.2: 2007021917]
    [C:\Program Files\Mozilla Firefox\components\jar50.dll]  [Mozilla Foundation, 1.8.1.2: 2007021917]
    [C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll]  [N/A, ]
    [C:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.8.1.2: 2007021917]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll]  [N/A, ]
    [C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.62]
    [C:\Program Files\Mozilla Firefox\components\spellchk.dll]  [Mozilla Foundation, 1.8.1.2: 2007021917]
    [C:\WINDOWS\system32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll]  [, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[PID: 2304][C:\Program Files\Rising\Rav\RAVTASK.EXE]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\PROGRA~1\COMMON~1\jwfg\wjvw.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\jwfg\boxy.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2876][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 26]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 41]
    [C:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RsVM.dll]  [, 19, 0, 0, 15]
    [C:\Program Files\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 23]
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[PID: 3928][C:\Program Files\Rising\Rav\RAVMON.EXE]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
gototop
 
nagligivaget
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2007-03-11
  • 来自:
发表于: 2007-03-11 17:28 | 显示全部 短消息 资料
字号: 12楼

[C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\PROGRA~1\COMMON~1\jwfg\wjvw.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\jwfg\boxy.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1688][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\PROGRA~1\COMMON~1\jwfg\wjvw.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\jwfg\boxy.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\MSN Messenger\fsshext.8.0.0812.00.dll]  [Microsoft Corporation, 8.0.0812.00]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2960][C:\DOCUME~1\GUESTH~1\LOCALS~1\Temp\Rar$EX04.938\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\PROGRA~1\COMMON~1\jwfg\wjvw.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\jwfg\boxy.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
210.74.232.156      www.sougua.com
210.74.232.156      mp3.baidu.com
210.74.232.156      www.sogua.com
210.74.232.156      music.yahoo.com.cn
210.74.232.156      d.sogou.com
210.74.232.156      www.qq163.com
210.74.232.156      www.haoting.com
210.74.232.156      www.nowok.net
210.74.232.156      www.yymp3.com
210.74.232.156      music.feifa.com
210.74.232.156      www.tt67.com
210.74.232.156      www.kugoo.com
210.74.232.156      www.9sky.com
210.74.232.156      www.13139.com
210.74.232.156      www.mtvtop.com
210.74.232.156      www.6621.com
210.74.232.156      www.1ting.com
210.74.232.156      www.cococ.com
210.74.232.156      www.520music.com
210.74.232.156      www.7xi.net
210.74.232.156      www.st020.cn
210.74.232.156      www.9flash.com
210.74.232.156      www.7t7t.com
210.74.232.156      www.chinamp3.com
210.74.232.156      verycd.com
210.74.232.156      www.verycd.com
210.74.232.156      movie.poco.cn
210.74.232.156      pp365.net
210.74.232.156      www.pp365.net
210.74.232.156      btchina.net
210.74.232.156      bbs.btbbt.com
210.74.232.156      btz.cn
210.74.232.156      www.btz.cn
210.74.232.156      fkee.com
210.74.232.156      www.fkee.com
210.74.232.156      bt.kaicn.com
210.74.232.156      bt.acnow.net
210.74.232.156      movie.pcpop.com
210.74.232.156      bbs.cnxp.com
210.74.232.156      bt.sogua.com
210.74.232.156      gamedown.yesky.com
210.74.232.156      games.enet.com.cn
210.74.232.156      download.pchome.net
210.74.232.156      www.yxdown.com
210.74.232.156      movie.baidu.com
210.74.232.156      vagaa.com
210.74.232.156      www.vagaa.com
210.74.232.156      hnnn.net
210.74.232.156      www.hnnn.net
210.74.232.156      cn-see.com
210.74.232.156      www.cn-see.com
210.74.232.156      100bao.com
210.74.232.156      www.100bao.com
210.74.232.156      ent.163.com

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT