瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 救命啊Trojan.IMMSG.Win32.TBMSG.ld怎么根除???

12   2  /  2  页   跳转

救命啊Trojan.IMMSG.Win32.TBMSG.ld怎么根除???

收藏
光影圣堂
头像
初生襁褓狮
  • 帖子:29
  • 注册: 2007-09-13
  • 来自:
发表于: 2007-09-13 17:36 | 只看楼主 短消息 资料
字号: 11楼

[C:\winnt\System32\ntdll.dll]  [Microsoft Corporation, 5.00.2163.1]
    [C:\winnt\system32\ole32.dll]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\system32\RPCRT4.DLL]  [Microsoft Corporation, 5.00.2193.1]
    [C:\winnt\system32\KERNEL32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\ADVAPI32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\GDI32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\USER32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\VERSION.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\LZ32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\IMM32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\shell32.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\SHLWAPI.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\COMCTL32.DLL]  [Microsoft Corporation, 5.81]
    [C:\winnt\system32\OLEAUT32.DLL]  [Microsoft Corporation, 2.40.4512]
    [C:\winnt\System32\CLBCATQ.DLL]  [Microsoft Corporation, 1999.9.3422.14]
    [C:\winnt\system32\MSVCRT.DLL]  [Microsoft Corporation, 6.10.8637.0]
    [C:\winnt\System32\cscui.dll]  [Microsoft Corporation, 5.00.2172.1]
    [C:\winnt\System32\CSCDLL.DLL]  [Microsoft Corporation, 5.00.2189.1]
    [C:\winnt\System32\NTMARTA.DLL]  [Microsoft Corporation, 5.00.2158.1]
    [C:\winnt\System32\WINSPOOL.DRV]  [Microsoft Corporation, 5.00.2167.1]
    [C:\winnt\system32\WLDAP32.dll]  [Microsoft Corporation, 5.00.2168.1]
    [C:\winnt\System32\NTDSAPI.dll]  [Microsoft Corporation, 5.00.2160.1]
    [C:\winnt\System32\DNSAPI.DLL]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\System32\WSOCK32.DLL]  [Microsoft Corporation, 5.00.2152.1]
    [C:\winnt\System32\WS2_32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\WS2HELP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\NETAPI32.DLL]  [Microsoft Corporation, 5.00.2194.1]
    [C:\winnt\System32\SECUR32.DLL]  [Microsoft Corporation, 5.00.2154.1]
    [C:\winnt\System32\NETRAP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\SAMLIB.DLL]  [Microsoft Corporation, 5.00.2160.1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1216][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 4.0.0.18]
    [C:\winnt\System32\ntdll.dll]  [Microsoft Corporation, 5.00.2163.1]
    [C:\winnt\System32\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\winnt\system32\MSVCRT.dll]  [Microsoft Corporation, 6.10.8637.0]
    [C:\winnt\system32\KERNEL32.dll]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\GDI32.dll]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\USER32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\RPCRT4.DLL]  [Microsoft Corporation, 5.00.2193.1]
    [C:\winnt\system32\SHELL32.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\SHLWAPI.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\COMCTL32.DLL]  [Microsoft Corporation, 5.81]
    [C:\winnt\system32\VERSION.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\LZ32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\IMM32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\System32\MFC42LOC.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1400][C:\winnt\System32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\ntdll.dll]  [Microsoft Corporation, 5.00.2163.1]
    [C:\winnt\system32\KERNEL32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\USER32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\GDI32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\COMCTL32.DLL]  [Microsoft Corporation, 5.81]
    [C:\winnt\system32\ADVAPI32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\RPCRT4.DLL]  [Microsoft Corporation, 5.00.2193.1]
    [C:\winnt\System32\IMM32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\System32\SETUPAPI.DLL]  [Microsoft Corporation, 5.00.2183.1]
    [C:\winnt\system32\MSVCRT.DLL]  [Microsoft Corporation, 6.10.8637.0]
    [C:\winnt\System32\USERENV.DLL]  [Microsoft Corporation, 5.00.2185.1]
    [C:\winnt\system32\SHELL32.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\SHLWAPI.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1416][C:\Program Files\hexin\sslproxy\SSLCnt.exe]  [杭州核新软件技术有限公司, 1.110.2006.1220]
    [C:\winnt\System32\ntdll.dll]  [Microsoft Corporation, 5.00.2163.1]
    [C:\winnt\System32\WSOCK32.dll]  [Microsoft Corporation, 5.00.2152.1]
    [C:\winnt\system32\KERNEL32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\System32\WS2_32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\MSVCRT.DLL]  [Microsoft Corporation, 6.10.8637.0]
    [C:\winnt\system32\ADVAPI32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\RPCRT4.DLL]  [Microsoft Corporation, 5.00.2193.1]
    [C:\winnt\System32\WS2HELP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\hexin\sslproxy\crypteng.dll]  [杭州核新软件技术有限公司, 1.44.2003.0426]
    [C:\winnt\system32\GDI32.dll]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\USER32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\Program Files\hexin\sslproxy\sslproxy.dll]  [杭州核新软件技术有限公司, 1.52.2002.326]
    [C:\Program Files\hexin\sslproxy\CAsAPI.dll]  [杭州核新软件技术有限公司, 1.49.2002.422]
    [C:\winnt\System32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2173.1]
    [C:\winnt\System32\MSASN1.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\VERSION.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\LZ32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\hexin\sslproxy\Scard.dll]  [杭州核新软件技术有限公司, 1.02.2001.0529]
    [C:\winnt\system32\comdlg32.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\SHLWAPI.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\COMCTL32.DLL]  [Microsoft Corporation, 5.81]
    [C:\winnt\system32\SHELL32.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\WINSPOOL.DRV]  [Microsoft Corporation, 5.00.2167.1]
    [C:\winnt\System32\oledlg.dll]  [Microsoft Corporation, 1.0]
    [C:\winnt\system32\OLE32.DLL]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\system32\OLEAUT32.dll]  [Microsoft Corporation, 2.40.4512]
    [C:\winnt\System32\IMM32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\System32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\CLBCATQ.DLL]  [Microsoft Corporation, 1999.9.3422.14]
    [C:\Program Files\hexin\sslproxy\MapProxy.dll]  [核新软件技术有限公司, 1.00.2003.0613]
    [C:\winnt\system32\msafd.dll]  [Microsoft Corporation, 5.00.2153.1]
    [C:\winnt\System32\wshtcpip.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1288][C:\winnt\EXPLORER.EXE]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\ntdll.dll]  [Microsoft Corporation, 5.00.2163.1]
    [C:\winnt\system32\ADVAPI32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\KERNEL32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\RPCRT4.DLL]  [Microsoft Corporation, 5.00.2193.1]
    [C:\winnt\system32\GDI32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\USER32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\SHLWAPI.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\COMCTL32.DLL]  [Microsoft Corporation, 5.81]
    [C:\winnt\System32\IMM32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\SHELL32.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\OLE32.DLL]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\System32\CLBCATQ.DLL]  [Microsoft Corporation, 1999.9.3422.14]
    [C:\winnt\system32\OLEAUT32.DLL]  [Microsoft Corporation, 2.40.4512]
    [C:\winnt\system32\MSVCRT.DLL]  [Microsoft Corporation, 6.10.8637.0]
    [C:\winnt\System32\cscui.dll]  [Microsoft Corporation, 5.00.2172.1]
    [C:\winnt\System32\CSCDLL.DLL]  [Microsoft Corporation, 5.00.2189.1]
    [C:\winnt\System32\SHDOCVW.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\browseui.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\MPR.DLL]  [Microsoft Corporation, 5.00.2146.1]
    [C:\winnt\System32\USERENV.DLL]  [Microsoft Corporation, 5.00.2185.1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
gototop
 
光影圣堂
头像
初生襁褓狮
  • 帖子:29
  • 注册: 2007-09-13
  • 来自:
发表于: 2007-09-13 17:37 | 只看楼主 短消息 资料
字号: 12楼

[C:\winnt\System32\ntshrui.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\ATL.DLL]  [Microsoft Corporation, 3.00.8449]
    [C:\winnt\System32\NETAPI32.DLL]  [Microsoft Corporation, 5.00.2194.1]
    [C:\winnt\System32\SECUR32.DLL]  [Microsoft Corporation, 5.00.2154.1]
    [C:\winnt\System32\NETRAP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\SAMLIB.DLL]  [Microsoft Corporation, 5.00.2160.1]
    [C:\winnt\System32\WS2_32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\WS2HELP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\WLDAP32.DLL]  [Microsoft Corporation, 5.00.2168.1]
    [C:\winnt\System32\DNSAPI.DLL]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\System32\WSOCK32.DLL]  [Microsoft Corporation, 5.00.2152.1]
    [C:\WINNT\system32\NETSHELL.dll]  [Microsoft Corporation, 5.00.2176.1]
    [C:\winnt\System32\webcheck.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\stobject.dll]  [Microsoft Corporation, 5.00.2144.1]
    [C:\winnt\System32\BATMETER.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\SETUPAPI.DLL]  [Microsoft Corporation, 5.00.2183.1]
    [C:\winnt\System32\POWRPROF.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\WINMM.DLL]  [Microsoft Corporation, 5.00.2161.1]
    [C:\winnt\System32\ntlanman.dll]  [Microsoft Corporation, 5.00.2157.1]
    [C:\winnt\System32\NETUI0.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\NETUI1.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\wdmaud.drv]  [Microsoft Corporation, 5.00.2147.1]
    [C:\winnt\System32\msacm32.drv]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\MSACM32.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\MSI.DLL]  [Microsoft Corporation, 2.0.2600.2]
    [C:\winnt\system32\WININET.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\MLANG.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\LINKINFO.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\CfgMgr32.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\browselc.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINNT\System32\docprop2.dll]  [Microsoft Corporation, 5.00.2178.1]
    [C:\WINNT\System32\MSVFW32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\System32\AVIFIL32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\faxshell.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\winnt\System32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.9]
    [C:\winnt\system32\VERSION.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\LZ32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\shdoclc.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [D:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\winnt\System32\mydocs.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 464][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\winnt\System32\ntdll.dll]  [Microsoft Corporation, 5.00.2163.1]
    [C:\winnt\system32\ADVAPI32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\KERNEL32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\RPCRT4.DLL]  [Microsoft Corporation, 5.00.2193.1]
    [C:\winnt\system32\COMCTL32.DLL]  [Microsoft Corporation, 5.81]
    [C:\winnt\system32\GDI32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\USER32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\COMDLG32.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\SHLWAPI.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\SHELL32.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\MSVCRT.DLL]  [Microsoft Corporation, 6.10.8637.0]
    [C:\winnt\system32\OLE32.DLL]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\System32\IMM32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\System32\riched32.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\RICHED20.dll]  [Microsoft Corporation, 5.30.23.1200]
    [C:\winnt\System32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\CLBCATQ.DLL]  [Microsoft Corporation, 1999.9.3422.14]
    [C:\winnt\system32\OLEAUT32.DLL]  [Microsoft Corporation, 2.40.4512]
    [C:\winnt\System32\cscui.dll]  [Microsoft Corporation, 5.00.2172.1]
    [C:\winnt\System32\CSCDLL.DLL]  [Microsoft Corporation, 5.00.2189.1]
    [C:\winnt\system32\MPR.DLL]  [Microsoft Corporation, 5.00.2146.1]
    [C:\winnt\System32\ntlanman.dll]  [Microsoft Corporation, 5.00.2157.1]
    [C:\winnt\System32\NETUI0.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\NETUI1.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\NETAPI32.DLL]  [Microsoft Corporation, 5.00.2194.1]
    [C:\winnt\System32\SECUR32.DLL]  [Microsoft Corporation, 5.00.2154.1]
    [C:\winnt\System32\NETRAP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\SAMLIB.DLL]  [Microsoft Corporation, 5.00.2160.1]
    [C:\winnt\System32\WS2_32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\WS2HELP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\WLDAP32.DLL]  [Microsoft Corporation, 5.00.2168.1]
    [C:\winnt\System32\DNSAPI.DLL]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\System32\WSOCK32.DLL]  [Microsoft Corporation, 5.00.2152.1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\winnt\System32\mydocs.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\SHDOCVW.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\USERENV.DLL]  [Microsoft Corporation, 5.00.2185.1]
    [C:\winnt\System32\MSI.DLL]  [Microsoft Corporation, 2.0.2600.2]
[PID: 1476][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX09.406\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
gototop
 
光影圣堂
头像
初生襁褓狮
  • 帖子:29
  • 注册: 2007-09-13
  • 来自:
发表于: 2007-09-13 17:37 | 只看楼主 短消息 资料
字号: 13楼

[C:\winnt\System32\ntdll.dll]  [Microsoft Corporation, 5.00.2163.1]
    [C:\winnt\system32\kernel32.dll]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\USER32.dll]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\GDI32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\system32\comdlg32.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\SHLWAPI.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\ADVAPI32.DLL]  [Microsoft Corporation, 5.00.2191.1]
    [C:\winnt\system32\RPCRT4.DLL]  [Microsoft Corporation, 5.00.2193.1]
    [C:\winnt\system32\COMCTL32.DLL]  [Microsoft Corporation, 5.81]
    [C:\winnt\system32\SHELL32.DLL]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\MSVCRT.DLL]  [Microsoft Corporation, 6.10.8637.0]
    [C:\winnt\System32\WINSPOOL.DRV]  [Microsoft Corporation, 5.00.2167.1]
    [C:\winnt\System32\oledlg.dll]  [Microsoft Corporation, 1.0]
    [C:\winnt\system32\OLE32.DLL]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\system32\OLEAUT32.dll]  [Microsoft Corporation, 2.40.4512]
    [C:\winnt\system32\VERSION.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\LZ32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2173.1]
    [C:\winnt\System32\MSASN1.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\WINMM.dll]  [Microsoft Corporation, 5.00.2161.1]
    [C:\winnt\System32\WS2_32.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\WS2HELP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\WININET.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\System32\IMM32.DLL]  [Microsoft Corporation, 5.00.2180.1]
    [C:\winnt\System32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1200]
    [C:\winnt\System32\NTMARTA.DLL]  [Microsoft Corporation, 5.00.2158.1]
    [C:\winnt\system32\WLDAP32.dll]  [Microsoft Corporation, 5.00.2168.1]
    [C:\winnt\System32\NTDSAPI.dll]  [Microsoft Corporation, 5.00.2160.1]
    [C:\winnt\System32\DNSAPI.DLL]  [Microsoft Corporation, 5.00.2181.1]
    [C:\winnt\System32\WSOCK32.DLL]  [Microsoft Corporation, 5.00.2152.1]
    [C:\winnt\System32\NETAPI32.DLL]  [Microsoft Corporation, 5.00.2194.1]
    [C:\winnt\System32\SECUR32.DLL]  [Microsoft Corporation, 5.00.2154.1]
    [C:\winnt\System32\NETRAP.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\SAMLIB.DLL]  [Microsoft Corporation, 5.00.2160.1]
    [C:\winnt\System32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\winnt\System32\sfc.dll]  [Microsoft Corporation, 5.00.2164.1]
    [C:\winnt\System32\sfcfiles.dll]  [Microsoft Corporation, 5.00.2195.1]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX09.406\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\winnt\System32\Winsta.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\utildll.dll]  [Microsoft Corporation, 5.00.2153.1]
    [C:\winnt\System32\TAPI32.dll]  [Microsoft Corporation, 5.00.2182.1]
    [C:\winnt\System32\SETUPAPI.dll]  [Microsoft Corporation, 5.00.2183.1]
    [C:\winnt\System32\USERENV.DLL]  [Microsoft Corporation, 5.00.2185.1]
    [C:\winnt\System32\wintrust.dll]  [Microsoft Corporation, 5.131.2143.1]
    [C:\winnt\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.00.2195.1]
    [C:\winnt\System32\RASAPI32.DLL]  [Microsoft Corporation, 5.00.2188.1]
    [C:\winnt\System32\RASMAN.DLL]  [Microsoft Corporation, 5.00.2188.1]
    [C:\winnt\System32\RTUTILS.DLL]  [Microsoft Corporation, 5.00.2168.1]
    [C:\winnt\System32\sensapi.dll]  [Microsoft Corporation, 5.00.2163.1]
    [C:\winnt\System32\rsabase.dll]  [Microsoft Corporation, 5.00.2150.1]
    [C:\winnt\System32\rnr20.dll]  [Microsoft Corporation, 5.00.2152.1]
    [C:\winnt\System32\winrnr.dll]  [Microsoft Corporation, 5.00.2160.1]
    [C:\winnt\System32\rasadhlp.dll]  [Microsoft Corporation, 5.00.2168.1]
    [C:\winnt\system32\urlmon.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\winnt\system32\msafd.dll]  [Microsoft Corporation, 5.00.2153.1]
    [C:\winnt\System32\wshtcpip.dll]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\System32\CLBCATQ.DLL]  [Microsoft Corporation, 1999.9.3422.14]
    [C:\winnt\System32\cscui.dll]  [Microsoft Corporation, 5.00.2172.1]
    [C:\winnt\System32\CSCDLL.DLL]  [Microsoft Corporation, 5.00.2189.1]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  Error. [超级解霸3000]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[D:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1    sinaplusserver
127.0.0.1    sinaplusserver

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 628, D:\ORACLE\ORA81\BIN\TNSLSNR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 712, D:\ORACLE\ORA81\BIN\ORACLE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1176, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1216, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1416, C:\PROGRAM FILES\HEXIN\SSLPROXY\SSLCNT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 464, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
光影圣堂
头像
初生襁褓狮
  • 帖子:29
  • 注册: 2007-09-13
  • 来自:
发表于: 2007-09-13 17:39 | 只看楼主 短消息 资料
字号: 14楼

请帮忙看下日志啊
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT