12   2  /  2  页   跳转

oprar.exe是什么病毒?

收藏
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:50 | 只看楼主 短消息 资料
字号: 11楼

2006-08-21,11:34:47

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中:
    浏览器加载项


启动项目
注册表
启动文件夹
服务

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Zhongsou Browser Helper]
  {2A0176FE-008B-4706-90F5-BBA532A49731} <C:\Program Files\SearchNet\SNHpr.dll, Beijing Zhongsou Online Software>
[IE Browser Helper]
  {3CE496D1-1746-41CD-9489-3C0B93DF10E2} <C:\WINDOWS\Downlo~1\eb9p1vq.dll, 中搜在线软件有限公司>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[AlxTB BHO Class]
  {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} <C:\WINDOWS\system32\AlxTB1.dll, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
[ICQ  Toolbar]
  {855F3B16-6D32-4fe6-8A56-BBB695989046} <C:\Program Files\ICQToolbar\toolbaru.dll, ICQ Inc.>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[NTKO Office文档控件]
  {01DFB4B4-0E07-4E3F-8B7A-98FD6BFF153F} <C:\Program Files\NTKO SOFTWARE\OfficeControl\OfficeControl.ocx, 千航网络[NTKO SOFTWARE]Email: tanger@ntko.com>
[NetCamPlayerWeb Control]
  {1D9EFA3B-4E85-41A8-9092-14012CD447C9} <C:\WINDOWS\DOWNLO~1\NETCAM~1.OCX, >
[NetCamPlayerWeb11g Control]
  {4A026B12-94F3-4D2F-A468-96AA55DE20A5} <C:\WINDOWS\DOWNLO~1\NETCAM~2.OCX, Sercomm>
[ICCard Control]
  {4AB8AC1A-AE97-49FF-A74C-1F3C0CFC9870} <C:\WINDOWS\DOWNLO~1\CoolRun.ocx, 北京极限通软件研发中心>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
[天下搜索]
  {56A7DC70-E102-4408-A34A-AE06FEF01586} <, N/A>
[ProfileAccessCtrl Class]
  {8A96EAE5-D262-4226-A517-304C88B53F1F} <C:\WINDOWS\Downloaded Program Files\ProfileAccess.dll, >
[iWebOffice2006 Control]
  {8B23EA28-723C-402F-92C4-59BE0E063499} <C:\WINDOWS\DOWNLO~1\ioDoc.ocx, >
[LiveMediaOcx Control]
  {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} <C:\PROGRA~1\Tencent\QQLIVE~1\QQLive.ocx, >
[NvsViewer Class]
  {99A7E374-3E8E-4C78-A054-25522DC03DA2} <C:\WINDOWS\system32\NVSViewer.dll, CYNIX Inc.>
[Update Class]
  {9F1C11AA-197B-4942-BA54-47A8489BB47F} <C:\WINDOWS\system32\iuctl.dll, Microsoft Corporation>
[MeChatU Class]
  {BE9D5F13-40C1-44CA-9950-B9211E4B60DD} <C:\WINDOWS\Downloaded Program Files\MeChatUser.dll, >
[NTKO OFFICE文档控件]
  {C9BC4DFF-4248-4A3C-8A49-63A7D317F404} <C:\WINDOWS\Downloaded Program Files\OfficeControl.ocx, 千航网络[NTKO SOFTWARE] WEB:http://www.ntko.com Email: tanger@ntko.com>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[PSVRecImage Control]
  {E111B6BD-3B91-410E-A989-F3392676AF34} <C:\WINDOWS\DOWNLO~1\PSVREC~1.OCX, Pixord>
[HCNetVideo Control]
  {F030F48F-CD67-45D1-B622-A5D88A7BCFE9} <C:\WINDOWS\system32\HCNETV~1.OCX, >
[Hqext Control]
  {FE70C9C0-FB4D-4225-A50D-F967EC8FC54A} <C:\WINDOWS\DOWNLO~1\hqext.ocx, aljoin>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
文件关联
Winsock 提供者

==================================
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:50 | 只看楼主 短消息 资料
字号: 12楼

2006-08-21,11:35:58

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中:
    文件关联


启动项目
注册表
启动文件夹
服务

==================================
浏览器加载项
正在运行的进程
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:56 | 只看楼主 短消息 资料
字号: 13楼

2006-08-21,11:35:39

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中:
    正在运行的进程(包括进程模块信息)


启动项目
注册表
启动文件夹
服务

==================================
浏览器加载项
正在运行的进程
[PID: 364][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
[PID: 412][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 436][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 480][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 516][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 676][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 728][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 900][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 932][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 944][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1140][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.2.3790.346 (srv03_gdr.050610-1523)>
    [C:\WINDOWS\system32\adimon.dll]  <Autodesk, Inc.><3,0,14,176>
    [C:\WINDOWS\system32\heidi3.dll]  <Autodesk, Inc.><3,0,14,176>
    [C:\WINDOWS\system32\spool\PRTPROCS\W32X86\IAProcessor.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
    [C:\WINDOWS\system32\spool\PRTPROCS\W32X86\vprproc.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 1164][C:\WINDOWS\system32\netdde.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 1240][C:\WINDOWS\system32\msdtc.exe]  <Microsoft Corporation><2001.12.4720.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1336][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1348][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  <Macrovision><4.20.020>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1384][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1440][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  <Microsoft Corporation><6.0.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1496][d:\MYOA\MeChat\MeChat.exe]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1588][D:\MYOA\mysql\bin\mysqld-nt.exe]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1612][C:\WINDOWS\system32\ntfrs.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1640][d:\MYOA\bin\apache.exe]  <Apache Software Foundation><2.0.55>
    [d:\MYOA\bin\libapr.dll]  <Apache Software Foundation><0.9.7>
    [d:\MYOA\bin\libaprutil.dll]  <Apache Software Foundation><0.9.7>
    [d:\MYOA\bin\libapriconv.dll]  <Apache Software Foundation><0.9.7>
    [d:\MYOA\bin\libhttpd.dll]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_access.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_actions.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_alias.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_asis.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_auth.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_autoindex.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_dir.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_env.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_include.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_log_config.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_mime.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_negotiation.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_setenvif.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_cgi.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_isapi.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\bin\sapi\php4apache2.dll]  <N/A><N/A>
    [d:\MYOA\bin\php4ts.dll]  <The PHP Group><4.3.10.10>
    [D:\MYOA\bin\mmcache.dll]  <N/A><N/A>
    [D:\MYOA\bin\ZendOptimizer.dll]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [d:\MYOA\bin\php_gd2.dll]  <N/A><N/A>
    [d:\MYOA\bin\php_iconv.dll]  <N/A><N/A>
    [d:\MYOA\bin\iconv.dll]  <Free Software Foundation><1.9>
[PID: 1660][C:\Program Files\PeanutHull3\PhCore.exe]  <广东网域><1, 0, 0, 13>
    [C:\Program Files\PeanutHull3\PhAlive.dll]  <广东网域><1, 0, 1, 26>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 1692][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1740][C:\WINDOWS\System32\snmp.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1756][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1940][C:\WINDOWS\system32\Dfssvc.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 2016][d:\MYOA\IMA\IMAServer.exe]  <N/A><N/A>
    [d:\MYOA\IMA\crypt.dll]  <N/A><N/A>
    [d:\MYOA\IMA\CC3260MT.DLL]  <Borland Corporation><0.0.0.0 (informal build)>
    [d:\MYOA\IMA\libmysql.dll]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 216][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 2128][D:\MYOA\bin\apache.exe]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\bin\libapr.dll]  <Apache Software Foundation><0.9.7>
    [D:\MYOA\bin\libaprutil.dll]  <Apache Software Foundation><0.9.7>
    [D:\MYOA\bin\libapriconv.dll]  <Apache Software Foundation><0.9.7>
    [D:\MYOA\bin\libhttpd.dll]  <Apache Software Foundation><2.0.55>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [D:\MYOA\modules\mod_access.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_actions.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_alias.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_asis.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_auth.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_autoindex.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_dir.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_env.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_include.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_log_config.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_mime.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_negotiation.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_setenvif.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_cgi.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_isapi.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\bin\sapi\php4apache2.dll]  <N/A><N/A>
    [D:\MYOA\bin\php4ts.dll]  <The PHP Group><4.3.10.10>
    [D:\MYOA\bin\mmcache.dll]  <N/A><N/A>
    [D:\MYOA\bin\ZendOptimizer.dll]  <N/A><N/A>
    [D:\MYOA\bin\php_gd2.dll]  <N/A><N/A>
    [D:\MYOA\bin\php_iconv.dll]  <N/A><N/A>
    [D:\MYOA\bin\iconv.dll]  <Free Software Foundation><1.9>
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:58 | 只看楼主 短消息 资料
字号: 14楼


[PID: 3280][C:\WINDOWS\system32\wbem\wmiprvse.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 3908][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><16.0.0.86>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\Program Files\SearchNet\SrvNet32.dll]  <中搜在线><1, 0, 2, 7>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\WINDOWS\Downlo~1\eb9p1vq.dll]  <中搜在线软件有限公司><2, 0, 2, 5>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\ICQLite\ICQLiteShell.dll]  <><20, 34, 2321, 0>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.7.2006011200>
[PID: 3972][C:\Program Files\icd\Icd.exe]  <编程小屋 http://www.bcxw.com><1.72>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\Program Files\icd\icd.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 3820][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3292>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
[PID: 3796][C:\Program Files\ispirit\ispirit.exe]  <北京极限通科技有限公司><2, 0, 0, 0>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 3584][C:\WINDOWS\system32\NTdhcp.exe]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 3548][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 312][C:\Program Files\PeanutHull3\Phmain.exe]  <广东网域><3, 1, 0, 42>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\Program Files\PeanutHull3\PhRes.dll]  <广东网域><1, 0, 8, 1>
    [C:\Program Files\PeanutHull3\PhService.dll]  <广东网域><1, 0, 1, 21>
    [C:\Program Files\PeanutHull3\iconv.dll]  <Free Software Foundation><1.9>
    [C:\WINDOWS\PhIDNA.dll]  <广东网域><1, 0, 0, 2>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 3268][D:\MYOA\bin\Monitor.exe]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 1604][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [c:\program files\google\googletoolbar3.dll]  <Google Inc.><3, 0, 131, 0>
    [C:\Program Files\SearchNet\SNHpr.dll]  <Beijing Zhongsou Online Software><1, 0, 0, 1>
    [C:\WINDOWS\Downlo~1\eb9p1vq.dll]  <中搜在线软件有限公司><2, 0, 2, 5>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><16.0.0.86>
[PID: 812][C:\DOCUME~1\ADMINI~1.OA\LOCALS~1\Temp\oprar.exe]  <WHITEHOUSE><1.1.1.0>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\DOCUME~1\ADMINI~1.OA\LOCALS~1\Temp\7.dll]  <Microsoft Corporation><5.00.1764.1>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\DOCUME~1\ADMINI~1.OA\LOCALS~1\Temp\packet.dll]  <CACE Technologies><3, 1, 0, 27>
    [C:\DOCUME~1\ADMINI~1.OA\LOCALS~1\Temp\WanPacket.dll]  <CACE Technologies><3, 1, 0, 27>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 3532][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 4964][E:\瑞星2006\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>

==================================
文件关联
Winsock 提供者

==================================
gototop
 
newcenturymoon
头像
社区嘉宾
  • 帖子:15158
  • 注册: 2005-08-03
  • 来自:
论坛8周年活动礼物幸运草
发表于: 2006-08-21 11:58 | 短消息 资料
字号: 15楼

请升级你的瑞星到18.41版本 可以查杀这个病毒
我还没有找到手工查杀办法 用瑞星试试
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 12:03 | 只看楼主 短消息 资料
字号: 16楼

rising升级中,期待……
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 16:21 | 只看楼主 短消息 资料
字号: 17楼

rising居然被关闭了!看不到rising监控的雨伞,rising主界面也是一闪就被关闭,看来只能等到晚上进入安全模式试一下了》
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-24 17:20 | 只看楼主 短消息 资料
字号: 18楼

my god!
NO!
gototop
 
changmio
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2006-04-19
  • 来自:
发表于: 2006-08-24 18:15 | 短消息 资料
字号: 19楼

我也中了,怎么办啊。。。
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT