瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 瑞星被毒吃掉 请问这个是不是机器狗?是它干的好事吗?

123   2  /  3  页   跳转

瑞星被毒吃掉 请问这个是不是机器狗?是它干的好事吗?

收藏
小小的懒猫
头像
健康舞勺狮
  • 帖子:232
  • 注册: 2006-11-28
  • 来自:
发表于: 2008-05-31 11:12 | 只看楼主 短消息 资料
字号: 11楼

回复:请问这个程序要不要删?是不是毒?

[PID: 2744][C:\WINDOWS\system32\inf\svchostc.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [C:\WINDOWS\twftadfia16_080526.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\WNWBIO.IME]  [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
    [C:\WINDOWS\system32\oswxcttb.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhfsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\mndhddwd.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
    [C:\WINDOWS\system32\apzhbtde.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcschlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ozfydbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxptejpg.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
[PID: 3632][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\WNWBIO.IME]  [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
    [C:\WINDOWS\system32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.4]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\WINDOWS\system32\apzhbtde.dll]  [N/A, ]
    [C:\WINDOWS\system32\oswxcttb.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcschlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ozfydbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\mndhddwd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhfsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxptejpg.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\tdcbdcasys32_080526.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
[PID: 3216][C:\Program Files\Rising\Rfw\rfwmain.exe]  [Beijing Rising Technology Co., Ltd., 7.0.1.65]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.7]
    [C:\Program Files\Rising\Rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [C:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\oswxcttb.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhfsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\mndhddwd.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
    [C:\WINDOWS\system32\apzhbtde.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcschlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ozfydbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxptejpg.dll]  [N/A, ]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
gototop
 
小小的懒猫
头像
健康舞勺狮
  • 帖子:232
  • 注册: 2006-11-28
  • 来自:
发表于: 2008-05-31 11:12 | 只看楼主 短消息 资料
字号: 12楼

回复:请问这个程序要不要删?是不是毒?

[PID: 3228][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.68]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [c:\program files\rising\rfw\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.12]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.41]
    [c:\program files\rising\rfw\psapi.dll]  [Microsoft Corporation, 4.00]
    [c:\program files\rising\rfw\ijt_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.0]
    [c:\program files\rising\rfw\unvdet.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.5]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.3]
[PID: 3676][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\Tencent\QQ\MSIMG32.dll]  [N/A, ]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\WNWBIO.IME]  [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
    [C:\Program Files\Tencent\QQ\FinePlus.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\fphelper.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [TENCENT, 8,0,777,1805]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [TENCENT, 8,0,776,1805]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\UnReadMsgMgr.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\vbscript.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\encode.dll]  [Microsoft Corporation, 5.6.0.8825]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\OEMApplication.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [TENCENT, 8,0,777,1805]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 0, 1, 10]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQLiveQMng.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQMagicFace.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQFileTransfer.dll]  [TENCENT, 8,0,777,1805]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [TENCENT, 8,0,777,1805]
gototop
 
小小的懒猫
头像
健康舞勺狮
  • 帖子:232
  • 注册: 2006-11-28
  • 来自:
发表于: 2008-05-31 11:13 | 只看楼主 短消息 资料
字号: 13楼

回复:请问这个程序要不要删?是不是毒?

[PID: 1508][C:\Program Files\Tencent\QQ\TXPlatform.exe]  [Tencent, 1, 0, 170, 0]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
[PID: 1476][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\Tencent\QQ\MSIMG32.dll]  [N/A, ]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\WNWBIO.IME]  [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
    [C:\Program Files\Tencent\QQ\FinePlus.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\fphelper.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [TENCENT, 8,0,777,1805]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [TENCENT, 8,0,776,1805]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\UnReadMsgMgr.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\vbscript.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\encode.dll]  [Microsoft Corporation, 5.6.0.8825]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [TENCENT, 8,0,777,1805]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\OEMApplication.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [TENCENT, 8,0,777,1805]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 0, 1, 10]
    [C:\Program Files\Tencent\QQ\QQLiveQMng.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQMagicFace.dll]  [TENCENT, 8,0,777,1805]
    [C:\Program Files\Tencent\QQ\QQFileTransfer.dll]  [TENCENT, 8,0,777,1805]
gototop
 
小小的懒猫
头像
健康舞勺狮
  • 帖子:232
  • 注册: 2006-11-28
  • 来自:
发表于: 2008-05-31 11:13 | 只看楼主 短消息 资料
字号: 14楼

回复:请问这个程序要不要删?是不是毒?

[PID: 2188][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\WNWBIO.IME]  [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
    [C:\WINDOWS\system32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.4]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\WINDOWS\system32\apzhbtde.dll]  [N/A, ]
    [C:\WINDOWS\system32\oswxcttb.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcschlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ozfydbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\mndhddwd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhfsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxptejpg.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[PID: 3052][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\WNWBIO.IME]  [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\oswxcttb.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhfsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\mndhddwd.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
    [C:\WINDOWS\system32\apzhbtde.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcschlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ozfydbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxptejpg.dll]  [N/A, ]
[PID: 1588][C:\DOCUME~1\LeThink\LOCALS~1\Temp\Rar$EX00.016\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\tisqatyu.dll]  [N/A, ]
    [C:\WINDOWS\system32\nhmxajkl.dll]  [N/A, ]
    [C:\WINDOWS\system32\ietzapaq.dll]  [N/A, ]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\midimapwl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapqn3.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapwd.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimapzx.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\midimaptl.dll]  [Microsoft Corporation, 5, 1, 2600, 3119]
    [C:\WINDOWS\system32\WNWBIO.IME]  [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
    [C:\WINDOWS\system32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfdswc.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\tfsdmz.dll]  [N/A, ]
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\wyrsdj.dll]  [N/A, ]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\DOCUME~1\LeThink\LOCALS~1\Temp\Rar$EX00.016\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 1412, C:\PROGRAM FILES\CHINA NETWORK COMUNICATION\CNCRASCLIENT\CNCRASCLIENT.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1012, C:\PROGRAM FILES\SMART DETECTOR\DETECTOR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1012, C:\PROGRAM FILES\SMART DETECTOR\DETECTOR.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2084, C:\WINDOWS\TWAIN_32\A6U16K\WATCH.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2084, C:\WINDOWS\TWAIN_32\A6U16K\WATCH.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2708, C:\PROGRAM FILES\WNWB\WNWB.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2708, C:\PROGRAM FILES\WNWB\WNWB.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3504, C:\DOCUME~1\ALLUSE~1\「开始~1\程序\启动\EXPLORER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3504, C:\DOCUME~1\ALLUSE~1\「开始~1\程序\启动\EXPLORER.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3052, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3052, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
    [3416] C:\WINDOWS\system32\22.exe

==================================


[/CODE]
gototop
 
扑街
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2008-05-19
  • 来自:
发表于: 2008-05-31 12:12 | 短消息 资料
字号: 15楼

回复:请问这个程序要不要删?是不是毒?

你家电脑也太棒了。。
看都看到眼花~~~
gototop
 
豪斯登堡新郎
头像
社区嘉宾
  • 帖子:4234
  • 注册: 2007-11-09
  • 来自:
发表于: 2008-05-31 12:38 | 短消息 资料
字号: 16楼

回复:请问这个程序要不要删?是不是毒?

将日志文件直接以附件形式上传以确保文件内容完整以及分析日志时方便
不认识我没关系,因为我也不认识你。
gototop
 
小小的懒猫
头像
健康舞勺狮
  • 帖子:232
  • 注册: 2006-11-28
  • 来自:
发表于: 2008-05-31 14:16 | 只看楼主 短消息 资料
字号: 17楼

回复:瑞星被毒吃掉 请问这个是不是机器狗?是它干的好事吗?

版主 
我把日志上传了 
请帮我看看
gototop
 
豪斯登堡新郎
头像
社区嘉宾
  • 帖子:4234
  • 注册: 2007-11-09
  • 来自:
发表于: 2008-05-31 14:55 | 短消息 资料
字号: 18楼

回复:瑞星被毒吃掉 请问这个是不是机器狗?是它干的好事吗?

1.用XDelBox勾选抑制再生后删除以下文件:(XDelBox1.7支持奥运版下载)
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板

导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界

面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。

c:\windows\system32\ietzapaq.dll
c:\windows\system32\nhmxajkl.dll
c:\windows\system32\tisqatyu.dll
c:\windows\system32\22.exe
c:\windows\system32\apzhbtde.dll
c:\windows\system32\cedafb.dll
c:\windows\system32\hfrdzx.dll
c:\windows\system32\hhrdxd.dll
c:\windows\system32\jdsaex.dll
c:\windows\system32\jfrwdh.dll
c:\windows\system32\jhrcar.dll
c:\windows\system32\mfdesy.dll
c:\windows\system32\midimapqn3.dll
c:\windows\system32\midimaptl.dll
c:\windows\system32\midimapwd.dll
c:\windows\system32\midimapwl.dll
c:\windows\system32\midimapzx.dll
c:\windows\system32\mndhddwd.dll
c:\windows\system32\mnmhfsrv.dll
c:\windows\system32\oswxcttb.dll
c:\windows\system32\ozfydbyt.dll
c:\windows\system32\rfdswc.dll
c:\windows\system32\sgrefg.dll
c:\windows\system32\tfsdmz.dll
c:\windows\system32\wyhesm.dll
c:\windows\system32\wyrsdj.dll
c:\windows\system32\ypdjfbmp.dll
c:\windows\system32\yxcschlp.dll
c:\windows\system32\zgfdet.dll
c:\windows\system32\zxmscwin.dll
c:\windows\system32\zxptejpg.dll
c:\windows\system32\inf\svchostc.exe
c:\windows\twftadfia16_080526.dll
c:\windows\tdcbdcasys32_080526.dll
c:\windows\system32\famdiy.exe
tisqatyu.dll,nhmxajkl.dll,ietzapaq.dll
c:\windows\system32\inf\svchostc.exe
c:\windows\twftadfia16_080526.dll
c:\docume~1\lethink\locals~1\temp\1.tmp
c:\windows\system32\d32dx9.sys

2.删除重启后使用SREng修复下面各项:

    启动项目 -- 注册表之如下项删除:
[N/A]    <C:\WINDOWS\system32\FamDiy.exe>
[{19109876-7619-9101-7012-901938475191}] 
[{91698482-6555-3666-1222-954784129019}] 
[{875E07B1-0614-43D9-A76E-D76A28AB3D7B}] 
[{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}] 
[{B29583D8-033A-4B9F-8553-7C5458F3FB8E}] 
[{17AC9076-C898-B098-D098-A18319080971}] 
[{18093456-9012-4568-9076-908765467181}] 
[{4A069845-2036-6084-9054-6087502480A4}] 
[{8C41B7F7-3168-400D-A702-0E7EFE0BA304}] 
[{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}] 
[{461D2AB4-29A5-45C2-9134-D52272D3DE38}] 
[{84143967-B645-4BFF-B873-DA1DC886E9A7}] 
[{35671234-7890-ABCD-CDEF-567801237653}] 
[{841529CB-7F77-4B99-A895-B5441E0D302F}] 
[{EB71E0B3-E97D-4D30-8733-E28266467617}] 
[{2D698451-2015-6358-9871-2015987452D2}] 
[{81954FAC-1023-154F-895A-1458258AD818}] 
[{4C648541-1025-9650-9057-6541258720C4}] 
[{6A041F13-A111-12A3-B0CF-F99818AA68A6}] 
[{DC3D30AE-0380-4151-8934-EE98A34B0370}] 
[{6C8D1401-A58D-A81C-CD24-A5915C4517C6}] 
[{28EB3777-3E23-4E72-8449-A992D09D24C3}] 
[{1DB3C525-5271-46F7-887A-D4E1ADAA7632}] 
[{33512378-9874-5641-1025-985420368733}] 
[{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}] 
注意该项[AppInit_DLLs]修改:把<tisqatyu.dll,nhmxajkl.dll,ietzapaq.dll>修改为<>即清空
[nyuserinit]   
[{4F4F0064-71E0-4f0d-0004-708476C7815F}] 
注意该项[shell]修改:把<EXPLORER.EXE,22.exe>修改为<Explorer.exe>即清除Explorer.exe后面的内容
[{4F4F0064-71E0-4f0d-0017-708476C7815F}]   
[midimaptl] 
[midimapzx] 
[midimapwd] 
[midimapqn3] 
[midimapwl] 
[{4F4F0064-71E0-4f0d-0005-708476C7815F}] 
[{4F4F0064-71E0-4f0d-0018-708476C7815F}] 
[{4F4F0064-71E0-4f0d-0022-708476C7815F}] 

    启动项目 -- 服务-- 驱动程序之如下项删除:
[IIS Manager  / IIS Manager ]
[HiddFldy / HiddFldy]       

    系统修复-- 浏览器加载项之如下项删除:
[]    <C:\WINDOWS\system32\nhmxajkl.dll>
[]    <C:\WINDOWS\system32\tisqatyu.dll>
[]    <C:\WINDOWS\system32\ietzapaq.dll>
[]    <C:\WINDOWS\system32\apzhbtde.dll>
[]    <C:\WINDOWS\system32\oswxcttb.dll>
[]    <C:\WINDOWS\system32\yxcschlp.dll>
[]    <C:\WINDOWS\system32\ozfydbyt.dll>
[]    <C:\WINDOWS\system32\mndhddwd.dll>
[]    <C:\WINDOWS\system32\zxmscwin.dll>
[]    <C:\WINDOWS\system32\mnmhfsrv.dll>
[]    <C:\WINDOWS\system32\ypdjfbmp.dll>
[]    <C:\WINDOWS\system32\zxptejpg.dll>
[]    <C:\WINDOWS\system32\zxptejpg.dll>
[]    <C:\WINDOWS\system32\ypdjfbmp.dll>
[]    <C:\WINDOWS\system32\mnmhfsrv.dll>
[]    <C:\WINDOWS\system32\zxmscwin.dll>
[]    <C:\WINDOWS\system32\mndhddwd.dll>
[]    <C:\WINDOWS\system32\ozfydbyt.dll>
[]    <C:\WINDOWS\system32\yxcschlp.dll>
[]    <C:\WINDOWS\system32\oswxcttb.dll>
[]    <C:\WINDOWS\system32\apzhbtde.dll>
[]    <C:\WINDOWS\system32\ietzapaq.dll>
[]    <C:\WINDOWS\system32\tisqatyu.dll>
[]    <C:\WINDOWS\system32\nhmxajkl.dll>


做完下载以下软件清理一次并更新杀毒软件至最新进行全盘杀毒一次

清理系统临时文件和IE临时文件夹
http://www.atribune.org/public-beta/ATF-Cleaner.exe
用金山清理专家清理恶意软件
http://www.duba.net/zt/ksc/down.shtml
下载 windows清理助手清理一遍
http://www.arswp.com/download/arswp2/arswp2.zip

然后参考这里:http://bbs.ikaka.com/showtopic-8508653.aspx
将补丁打上
不认识我没关系,因为我也不认识你。
gototop
 
小小的懒猫
头像
健康舞勺狮
  • 帖子:232
  • 注册: 2006-11-28
  • 来自:
发表于: 2008-06-01 00:06 | 只看楼主 短消息 资料
字号: 19楼

回复: 瑞星被毒吃掉 请问这个是不是机器狗?是它干的好事吗?

按你说的方法去操作了

有以下几个疑点(见下图)




想删除这三个红色项  提示如下


再附一次日志

附件附件:

文件名:SREngLOG000.log
下载次数:76
文件类型:application/octet-stream
文件大小:
上传时间:2008-6-1 0:06:20
描述:log
gototop
 
小小的懒猫
头像
健康舞勺狮
  • 帖子:232
  • 注册: 2006-11-28
  • 来自:
发表于: 2008-06-01 00:07 | 只看楼主 短消息 资料
字号: 20楼

回复:瑞星被毒吃掉 请问这个是不是机器狗?是它干的好事吗?

现在瑞星可以正常使用了
gototop
 
<<上一主题|下一主题>>
123   2  /  3  页   跳转
页面顶部
Powered by Discuz!NT