瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助【求助【求助【求助【求助【求助救救我吧!

1234   3  /  4  页   跳转

【求助【求助【求助【求助【求助【求助救救我吧!

收藏
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:21 | 显示全部 短消息 资料
字号: 21楼

[E:\瑞星\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [E:\瑞星\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\瑞星\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\瑞星\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1928][C:\WINDOWS\system32\internat.exe]  <Microsoft Corporation><5.00.2920.0000>
[PID: 1228][C:\Program Files\racer-henan-cnc\racer.exe]  <Putian Runway><2, 0, 51, 92>
    [C:\Program Files\racer-henan-cnc\rwxre.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\nspr4.dll]  <Netscape Communications Corporation><4.5 Beta>
    [C:\Program Files\racer-henan-cnc\xpcom.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\nss3.dll]  <Netscape Communications Corporation><3.9.1>
    [C:\Program Files\racer-henan-cnc\softokn3.dll]  <Netscape Communications Corporation><3.9.1>
    [C:\Program Files\racer-henan-cnc\gkgfx.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\js3250.dll]  <Netscape Communications Corporation><4.0>
    [C:\Program Files\racer-henan-cnc\components\racer_base_comp.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\xpcom_compat.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\racer_base.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\components\pipnss.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\components\gklayout.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\components\jar50.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\components\xpcom_compat_c.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\components\racer_ad_comp.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\components\racer_access_dhcpplus.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\dhcpplus.dll]  <北京润汇科技有限公司><0, 13, 21, 45>
    [C:\Program Files\racer-henan-cnc\components\racer_nss4_comp.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\nss4.dll]  <北京普天润汇科技有限公司><1, 0, 0, 3>
    [C:\Program Files\racer-henan-cnc\wpcap.dll]  <NetGroup - Politecnico di Torino><3, 1, 0, 24>
    [C:\Program Files\racer-henan-cnc\packet.dll]  <NetGroup - Politecnico di Torino><3, 1, 0, 24>
    [C:\Program Files\racer-henan-cnc\WanPacket.dll]  <NetGroup - Politecnico di Torino><3, 1, 0, 24>
[PID: 3120][C:\Program Files\racer-henan-cnc\RacerKp.exe]  <北京润汇科技有限公司><1, 0, 0, 1>
[PID: 3600][C:\Program Files\TTPlayer\TTPlayer.exe]  <Alen Soft><4, 6, 0, 0>
    [C:\Program Files\TTPlayer\ttpcomm.dll]  <N/A><N/A>
    [C:\Program Files\TTPlayer\ttpres.dll]  <Alen Soft><4, 6, 5, 0>
    [C:\Program Files\TTPlayer\AddIn\ttp_lrcsh.dll]  <N/A><N/A>
    [C:\Program Files\TTPlayer\AddIn\ttp_asf.dll]  <N/A><N/A>
    [C:\Program Files\TTPlayer\AddIn\ttp_aac.dll]  <N/A><N/A>
    [C:\Program Files\TTPlayer\AddIn\ttp_ac3dts.dll]  <N/A><N/A>
    [C:\Program Files\TTPlayer\mp3PRO.dll]  <Coding Technologies GmbH><1, 1, 0, 0>
[PID: 204][F:\新建文件夹\QQ.exe]  <TENCENT><0, 0, 0, 0>
    [F:\新建文件夹\QQBaseClassInDll.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\QQHelperDll.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\BasicCtrlDll.dll]  <Tencent><5, 0, 200, 160>
    [F:\新建文件夹\QQAPI.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\TIMProxy.dll]  <tencent><0, 3, 2, 4>
    [F:\新建文件夹\LoginCtrl.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\npkcntc.dll]  <INCA Internet Co., Ltd.><2006, 3, 2, 1>
    [F:\新建文件夹\npkpdb.dll]  <INCA Internet Co., Ltd.><2003, 10, 1, 1>
    [F:\新建文件夹\QQRes.dll]  <tencent><1, 0, 0, 1>
    [F:\新建文件夹\QQMainFrame.dll]  <N/A><N/A>
    [F:\新建文件夹\CQQApplication.dll]  <N/A><N/A>
    [F:\新建文件夹\NewSkin.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\HostingMgr.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\CameraDll.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\MailSummary.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\QQSpace.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [F:\新建文件夹\QQGroupMng.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\GroupLive.dll]  <N/A><N/A>
    [F:\新建文件夹\UserDefinedHead.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\QQPlugin.dll]  <N/A><N/A>
    [F:\新建文件夹\QQConfigPlugin.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\QRingMng.dll]  <N/A><N/A>
    [F:\新建文件夹\PhoneAPI.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\DialerAllinOne.dll]  <tencent><1, 4, 0, 0>
    [F:\新建文件夹\QQAvatar.dll]  <N/A><N/A>
    [F:\新建文件夹\FlashAvatarDll.dll]  <><1, 4, 0, 1>
    [F:\新建文件夹\LongConnection.dll]  <tencent><5, 0, 200, 160>
    [F:\新建文件夹\QQPet.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\QQSysMsgMng.dll]  <N/A><N/A>
    [F:\新建文件夹\BQQApplication.dll]  <N/A><N/A>
    [F:\新建文件夹\QQAllInOne.dll]  <N/A><N/A>
    [F:\新建文件夹\SCCore.dll]  <N/A><N/A>
    [F:\新建文件夹\QQCustomFace.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  <Macromedia, Inc.><8,5,0,133>
    [F:\新建文件夹\QQSceneMng.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [F:\新建文件夹\CommercesMng.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
    [F:\新建文件夹\QQUdpGetFileLib.dll]  <tencent><0, 2, 2, 3>
    [F:\新建文件夹\QQAddr.dll]  <深圳市腾讯计算机系统有限公司><5, 0, 101, 200>
    [F:\新建文件夹\GroupConnection.dll]  <Tencent><5, 0, 202, 170>
    [F:\新建文件夹\QQPhoneHelper.dll]  <腾讯科技(深圳)有限公司><2, 0, 6, 60>
    [F:\新建文件夹\ImageOle.dll]  <TODO: <Company name>><1.0.0.1>
    [F:\新建文件夹\QQMagicFace.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\QQZip.dll]  <tencent><0, 3, 2, 4>
    [F:\新建文件夹\QQMsgFriendMng.dll]  <N/A><N/A>
    [F:\新建文件夹\QQFileTransfer.dll]  <Tencent><5, 0, 202, 180>
    [F:\新建文件夹\VqqModule.dll]  <><1, 0, 0, 1>
    [F:\新建文件夹\VqqAllInOne.dll]  <Tencent><1, 5, 0, 3>
    [F:\新建文件夹\tencent-proto1.dll]  <tencent><1, 5, 0, 3>
    [F:\新建文件夹\tencent-comlib.dll]  <tencent><1.4.0.2>
    [F:\新建文件夹\tencent-proto2.dll]  <tencent><1, 5, 0, 3>
    [F:\新建文件夹\inplus.dll]  <Tencent><1.5.0.0>
[PID: 3996][F:\新建文件夹\TIMPlatform.exe]  <tencent><0, 3, 1, 8>
    [F:\新建文件夹\TIMProxy.dll]  <tencent><0, 3, 2, 4>
[PID: 3700][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3980][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  <Baidu.com, Inc.><2, 0, 2, 114>
    [F:\新建文件夹\QQIEHelper.dll]  <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
    [D:\0001\xunlei\xunlei\新建文件夹\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
    [E:\瑞星\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  <Macromedia, Inc.><8,5,0,133>
[PID: 2524][F:\新建文件夹\471716330\MyRecvFiles\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:24 | 显示全部 短消息 资料
字号: 22楼

有问题吗 ?我还没重起那 看看 重起后还有这个病毒吗?行吗哥哥  我要不要重起
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:34 | 显示全部 短消息 资料
字号: 23楼

谢谢 哥哥您拉  我现在重起了 没杀出来  等回来 我再重起一下 看看 到底有没有这种病毒了,,谢谢哥哥您拉,,对拉哥哥  我把日志发给你不还 ,,,
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:38 | 显示全部 短消息 资料
字号: 24楼

呵呵  呵呵  你这是 刺激我啊  哥哥
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:39 | 显示全部 短消息 资料
字号: 25楼

呵呵  总之  这次是你帮了我  小弟我不胜感激,,,,,,,谢谢  对拉哥哥你有QQ吗
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:49 | 显示全部 短消息 资料
字号: 26楼

哥哥  你看看 还有吗?2006-11-09,16:38:05

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"E:\瑞星\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"E:\瑞星\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
服务
[Rising Proxy  Service / RfwProxySrv]
  <e:\瑞星\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <e:\瑞星\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"E:\瑞星\Rising\Rav\RavMonD.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <F:\新建文件夹\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\0001\xunlei\xunlei\新建文件夹\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\0001\xunlei\xunlei\新建文件夹\Thunder.exe, Thunder Networking Technologies,LTD>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\新建文件夹\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <F:\新建文件夹\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\Program Files\Sogou PXP\MMCShell.dll, Sohu.com Inc.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[updatePanelX Control]
  {43E839C5-E10F-443A-BC1F-F09CFD2ABC77} <F:\8889588\IPTV\updateC.ocx, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[CMCBooter Object]
  {53AF6E02-F18F-4228-AC13-3E79773FBE50} <C:\WINDOWS\system32\Booter.ocx, 北京高维视讯科技有限公司>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <F:\新建文件夹\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CMCLoader Object]
  {779769CA-82F1-4973-BBA7-515E6C7BFD0E} <C:\Program Files\GAOV\Mysee2\MycLive.dll, 北京高维视讯科技有限公司>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\0001\xunlei\xunlei\新建文件夹\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Tool Class]
  {A7F05EE4-0426-454F-8013-C41E3596E9E9} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[WebVGPlayer Class]
  {AA899B43-24BD-4B6B-BBD0-45557D8D11E0} <C:\PROGRA~1\VIEWGOOD\WEBPLA~1\VGPlayer.dll, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[TencentVmpCtl Class]
  {D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[&使用迅雷下载]
  <D:\0001\xunlei\xunlei\新建文件夹\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\0001\xunlei\xunlei\新建文件夹\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <F:\新建文件夹\AddToNetDisk.htm, N/A>
[使用影音传送带下载]
  <, N/A>
[使用影音传送带下载全部链接]
  <, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <F:\新建文件夹\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\新建文件夹\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\新建文件夹\SendMMS.htm, N/A>

==================================  这是我用你给我的那个扫描的日志
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:50 | 显示全部 短消息 资料
字号: 27楼

正在运行的进程
[PID: 540][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 588][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 612][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 656][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 668][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 824][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 896][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 992][C:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 1020][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1112][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1220][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1264][E:\瑞星\Rising\Rav\RavMonD.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 47>
    [E:\瑞星\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [E:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\瑞星\Rising\Rav\RsPPsys.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [E:\瑞星\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\瑞星\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\瑞星\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [E:\瑞星\Rising\Rav\HOOKSYS.dll]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 12>
    [E:\瑞星\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 33>
    [E:\瑞星\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [E:\瑞星\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [E:\瑞星\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [E:\瑞星\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 2>
    [E:\瑞星\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [E:\瑞星\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\瑞星\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [E:\瑞星\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [E:\瑞星\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [E:\瑞星\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 35>
    [E:\瑞星\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [E:\瑞星\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\瑞星\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
    [E:\瑞星\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [E:\瑞星\Rising\Rav\RSUnpack.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 19>
    [E:\瑞星\Rising\Rav\ExtFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [E:\瑞星\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [E:\瑞星\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [E:\瑞星\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [E:\瑞星\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [E:\瑞星\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[PID: 1344][e:\瑞星\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 33>
    [e:\瑞星\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
    [e:\瑞星\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [e:\瑞星\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [e:\瑞星\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [e:\瑞星\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1508][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1596][E:\瑞星\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [E:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1832][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  <Baidu.com, Inc.><2, 0, 2, 114>
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:54 | 显示全部 短消息 资料
字号: 28楼

不是 我 要你的QQ以后 好给你 送东西啊!我没别的意思  ,,, [D:\0001\xunlei\xunlei\新建文件夹\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[PID: 1876][e:\瑞星\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 52>
    [e:\瑞星\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [e:\瑞星\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [e:\瑞星\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1912][E:\瑞星\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [E:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\瑞星\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\瑞星\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 1924][E:\瑞星\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 39>
    [E:\瑞星\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
    [E:\瑞星\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [E:\瑞星\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\瑞星\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\瑞星\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1976][C:\WINDOWS\system32\internat.exe]  <Microsoft Corporation><5.00.2920.0000>
[PID: 244][C:\Program Files\racer-henan-cnc\racer.exe]  <Putian Runway><2, 0, 51, 92>
    [C:\Program Files\racer-henan-cnc\rwxre.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\nspr4.dll]  <Netscape Communications Corporation><4.5 Beta>
    [C:\Program Files\racer-henan-cnc\xpcom.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\nss3.dll]  <Netscape Communications Corporation><3.9.1>
    [C:\Program Files\racer-henan-cnc\softokn3.dll]  <Netscape Communications Corporation><3.9.1>
    [C:\Program Files\racer-henan-cnc\gkgfx.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\js3250.dll]  <Netscape Communications Corporation><4.0>
    [C:\Program Files\racer-henan-cnc\components\racer_base_comp.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\xpcom_compat.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\racer_base.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\components\pipnss.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\components\gklayout.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\components\jar50.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\components\xpcom_compat_c.dll]  <Mozilla Foundation><1.7.3: 2005040616>
    [C:\Program Files\racer-henan-cnc\components\racer_ad_comp.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\components\racer_access_dhcpplus.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\dhcpplus.dll]  <北京润汇科技有限公司><0, 13, 21, 45>
    [C:\Program Files\racer-henan-cnc\components\racer_nss4_comp.dll]  <Putian Runway><2,0,47,87>
    [C:\Program Files\racer-henan-cnc\nss4.dll]  <北京普天润汇科技有限公司><1, 0, 0, 3>
    [C:\Program Files\racer-henan-cnc\wpcap.dll]  <NetGroup - Politecnico di Torino><3, 1, 0, 24>
    [C:\Program Files\racer-henan-cnc\packet.dll]  <NetGroup - Politecnico di Torino><3, 1, 0, 24>
    [C:\Program Files\racer-henan-cnc\WanPacket.dll]  <NetGroup - Politecnico di Torino><3, 1, 0, 24>
[PID: 392][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1628][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2716][C:\Program Files\racer-henan-cnc\RacerKp.exe]  <北京润汇科技有限公司><1, 0, 0, 1>
[PID: 3316][C:\Program Files\TTPlayer\TTPlayer.exe]  <Alen Soft><4, 6, 0, 0>
    [C:\Program Files\TTPlayer\ttpcomm.dll]  <N/A><N/A>
    [C:\Program Files\TTPlayer\ttpres.dll]  <Alen Soft><4, 6, 5, 0>
    [C:\Program Files\TTPlayer\AddIn\ttp_asf.dll]  <N/A><N/A>
    [C:\Program Files\TTPlayer\AddIn\ttp_aac.dll]  <N/A><N/A>
    [C:\Program Files\TTPlayer\AddIn\ttp_ac3dts.dll]  <N/A><N/A>
[PID: 3396][E:\瑞星\Rising\Rav\RsAgent.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [E:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 3420][C:\WINDOWS\msagent\AgentSvr.exe]  <Microsoft Corporation><2.00.0.2202>
[PID: 3648][C:\WINDOWS\system32\wuauclt.exe]  <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
[PID: 3852][E:\瑞星\Rising\Rav\Rav.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 75>
    [E:\瑞星\Rising\Rav\PlugIn\RsPgScan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
    [E:\瑞星\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\瑞星\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\瑞星\Rising\Rav\RavUI.Dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 65>
    [E:\瑞星\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
    [E:\瑞星\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [E:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\瑞星\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 33>
    [E:\瑞星\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [E:\瑞星\Rising\Rav\RavUIMsg.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 27>
    [E:\瑞星\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\瑞星\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [E:\瑞星\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [E:\瑞星\Rising\Rav\MVEngine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [E:\瑞星\Rising\Rav\Engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 35>
    [E:\瑞星\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
    [E:\瑞星\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [E:\瑞星\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\瑞星\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [E:\瑞星\Rising\Rav\RSUnpack.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 19>
    [E:\瑞星\Rising\Rav\ExtFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [E:\瑞星\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [E:\瑞星\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [E:\瑞星\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [E:\瑞星\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [E:\瑞星\Rising\Rav\ExtMail.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [E:\瑞星\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[PID: 3976][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  <Baidu.com, Inc.><2, 0, 2, 114>
    [F:\新建文件夹\QQIEHelper.dll]  <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
    [D:\0001\xunlei\xunlei\新建文件夹\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
    [E:\瑞星\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  <Macromedia, Inc.><8,5,0,133>
[PID: 1360][F:\新建文件夹\471716330\MyRecvFiles\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 16:56 | 显示全部 短消息 资料
字号: 29楼

哥哥 你看看 我 还有 这种病毒吗?谢谢拉  估计 这些日志你 看晕了吧  !呵呵  真是麻烦你拉
gototop
 
大哥大姐
头像
初生襁褓狮
  • 帖子:62
  • 注册: 2006-10-24
  • 来自:
发表于: 2006-11-09 17:01 | 显示全部 短消息 资料
字号: 30楼

是  哥哥  ,,呵呵  真是麻烦你拉  ,,,谢谢 你了哥哥  ,,,
gototop
 
<<上一主题|下一主题>>
1234   3  /  4  页   跳转
页面顶部
Powered by Discuz!NT