瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 求助,Trojan.DL.Agent.xyw 怎么杀啊?

1   1  /  1  页   跳转

求助,Trojan.DL.Agent.xyw 怎么杀啊?

收藏
tigeres
头像
初生襁褓狮
  • 帖子:60
  • 注册: 2005-08-25
  • 来自:
发表于: 2006-10-28 01:10 | 只看楼主 短消息 资料
字号: 1楼

求助,Trojan.DL.Agent.xyw 怎么杀啊?

Trojan.DL.Agent.xyw 怎么杀啊?杀了好多遍都杀不掉,在安全模式下也不行,高手帮忙啊!
最后编辑2006-10-28 11:59:46.420000000
分享到:
gototop
 
轩辕小聪
头像
卡卡技术团队
  • 帖子:8368
  • 注册: 2006-01-09
  • 来自:
卡卡名人堂论坛9周年纪念
发表于: 2006-10-28 06:04 | 短消息 资料
字号: 2楼

病毒文件名称与具体路径?
gototop
 
tigeres
头像
初生襁褓狮
  • 帖子:60
  • 注册: 2005-08-25
  • 来自:
发表于: 2006-10-28 11:24 | 只看楼主 短消息 资料
字号: 3楼

相关信息如下:
Trojan.DL.Agent.xyw C:\WINDOWS\system32  usercrd.dll 本机
gototop
 
tigeres
头像
初生襁褓狮
  • 帖子:60
  • 注册: 2005-08-25
  • 来自:
发表于: 2006-10-28 11:53 | 只看楼主 短消息 资料
字号: 4楼

扫描结果如下:
2006-10-28,11:33:10

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <nwiz><nwiz.exe /install>  [(Verified)NVIDIA Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <RavTask><"D:\常用软件\瑞星\Rising\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"D:\常用软件\瑞星\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <Galaxy><rundll32.exe C:\WINDOWS\system32\ppgaxea.dll,Su>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Portable Equipment Service / Framework]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\aijpib80.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[MessageService / MessageService]
  <C:\WINDOWS\system32\Svchost.exe -k MessageService-->C:\WINDOWS\system32\MsServices\svchost.dll><N/A>
[QoS Service Center / NHLAP]
  <C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\WINDOWS\SYSTEM32\WBEM\KRCOGN14.DLL,Export 1087><Microsoft Corporation>
[Print Manager / NHLscA]
  <C:\WINDOWS\SYSTEM32\RUNDLL.EXE C:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL,Export 1087><Microsoft Corporation>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <d:\常用软件\瑞星\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\常用软件\瑞星\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"D:\常用软件\瑞星\Rising\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\常用软件\瑞星\Rising\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[User Profile Hive Cleanup / UPHClean]
  <C:\Program Files\UPHClean\uphclean.exe><Microsoft Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[ExpScaner / ExpScaner]
  <\??\D:\常用软件\瑞星\Rising\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HOOKAPI / HOOKAPI]
  <\??\D:\常用软件\瑞星\RISING\RISING\RAV\HOOKAPI.SYS><瑞星软件有限公司>
[HookCont / HookCont]
  <\??\D:\常用软件\瑞星\Rising\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\常用软件\瑞星\Rising\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\常用软件\瑞星\Rising\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\D:\常用软件\瑞星\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HWiNFO32 Kernel Driver / HWiNFO32]
  <\??\C:\Program Files\HWiNFO32\HWiNFO32.SYS><REALiX(tm)>
[MegaIDE / MegaIDE]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN]
  <\??\D:\常用软件\瑞星\Rising\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\d:\常用软件\瑞星\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\QQ2005\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[paraudio / paraudio]
  <\??\C:\WINDOWS\system32\drivers\paraudio.sys><Microsoft Corporation>
[ProcServ / ProcServ]
  <\??\C:\WINDOWS\system32\drivers\ProcServ.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv]
  <\??\D:\常用软件\瑞星\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp]
  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[sispc / sispc]
  <\??\C:\WINDOWS\system32\drivers\sispc.sys><N/A>
gototop
 
tigeres
头像
初生襁褓狮
  • 帖子:60
  • 注册: 2005-08-25
  • 来自:
发表于: 2006-10-28 11:56 | 只看楼主 短消息 资料
字号: 5楼

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\常用软件\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5115.dll, N/A>
[SYM]
  {36BF6929-DCBC-4CCD-A620-C5E3BBA77B95} <C:\WINDOWS\system32\usersrd.dll, N/A>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[BitComet工具栏]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <D:\常用软件\BT\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <d:\常用软件\金山快译\IEBand.dll, N/A>
[ESou 工具栏]
  {00BE86F6-2E61-4c1e-A36B-AE233EE21FA2} <C:\Program Files\eSou\ESouBar.dll, N/A>
[ESou 工具栏]
  {00BE86F6-2E61-4C1E-A36B-AE233EE21FA2} <C:\Program Files\eSou\ESouBar.dll, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\常用软件\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[XDownload Class]
  {165D83D3-359C-4783-9BF0-6FA6DC42A3F1} <C:\WINDOWS\Downloaded Program Files\SSDownload.dll, 北京世纪超星>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5115.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[SYM]
  {36BF6929-DCBC-4CCD-A620-C5E3BBA77B95} <C:\WINDOWS\system32\usersrd.dll, N/A>
[BitComet工具栏]
  {3F1ABCDB-A875-46C1-8345-B72A4567E486} <D:\常用软件\BT\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[SSCtv Control]
  {611DD271-1D62-40AF-8DA0-A9C8513F9CB7} <C:\WINDOWS\system32\ssctv.ocx, >
[Microsoft 外壳 UI 帮助程序]
  {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <d:\常用软件\金山快译\IEBand.dll, N/A>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[PDG_Plug Class]
  {80CA289E-5844-4E7F-A225-1FA91E58A53E} <C:\WINDOWS\system32\ssieplug.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[&Esou search]
  <res://C:\Program Files\eSou\ESouBar.dll/MENUSEARCH.HTM, N/A>
[上传到QQ网络硬盘]
  <, N/A>
[使用影音传送带下载]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[使用网际快车下载]
  <, N/A>
[使用网际快车下载全部链接]
  <, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[导出当前页到超星阅览器(&A)]
  <, N/A>
[导出选中部分到超星阅览器(&S)]
  <, N/A>
[添加到QQ自定义面板]
  <, N/A>
[添加到QQ表情]
  <, N/A>
[用QQ彩信发送该图片]
  <, N/A>
gototop
 
tigeres
头像
初生襁褓狮
  • 帖子:60
  • 注册: 2005-08-25
  • 来自:
发表于: 2006-10-28 11:57 | 只看楼主 短消息 资料
字号: 6楼

==================================
正在运行的进程
[PID: 452][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 512][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 536][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 592][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 800][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 912][D:\常用软件\瑞星\Rising\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 928][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1012][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1076][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1092][D:\常用软件\瑞星\Rising\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
    [D:\常用软件\瑞星\Rising\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\常用软件\瑞星\Rising\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\常用软件\瑞星\Rising\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [D:\常用软件\瑞星\Rising\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [D:\常用软件\瑞星\Rising\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\常用软件\瑞星\Rising\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\常用软件\瑞星\Rising\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\常用软件\瑞星\Rising\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [D:\常用软件\瑞星\Rising\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\常用软件\瑞星\Rising\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\常用软件\瑞星\Rising\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\常用软件\瑞星\Rising\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\常用软件\瑞星\Rising\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\常用软件\瑞星\Rising\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
    [D:\常用软件\瑞星\Rising\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [D:\常用软件\瑞星\Rising\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\常用软件\瑞星\Rising\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [D:\常用软件\瑞星\Rising\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [D:\常用软件\瑞星\Rising\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [D:\常用软件\瑞星\Rising\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [D:\常用软件\瑞星\Rising\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\常用软件\瑞星\Rising\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\常用软件\瑞星\Rising\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\常用软件\瑞星\Rising\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 1148][d:\常用软件\瑞星\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 33]
    [d:\常用软件\瑞星\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
    [d:\常用软件\瑞星\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
    [d:\常用软件\瑞星\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
    [d:\常用软件\瑞星\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [d:\常用软件\瑞星\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[PID: 1288][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1388][D:\常用软件\瑞星\Rising\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1564][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
[PID: 1792][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [C:\WINDOWS\system32\ppgaxea.dll]  [, 1, 0, 0, 0]
    [d:\常用软件\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [d:\常用软件\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll]  [Xi, 1.91.12]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINDOWS\system32\ccpgen.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\sutxre.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\wpsont.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\KIme.ime]  [金山软件公司, 1, 0, 0, 1]
    [C:\Program Files\Common Files\kingsoft\Extract\KSEngine.dll]  [金山软件有限公司, 2, 0, 1, 0]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\vsfilter.dll]  [Gabest, 1, 0, 0, 9]
    [C:\WINDOWS\system32\sctongjix.dll]  [www.seecha.com, 1, 0, 1, 3]
[PID: 1836][C:\WINDOWS\system32\Svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\msservices\svchost.dll]  [N/A, N/A]
    [c:\windows\system32\msservices\MsService.dll]  [Microsoft Corporation All rights reserved, 1, 0, 0, 1]
    [c:\windows\system32\msservices\unreg1.dll]  [N/A, N/A]
    [c:\windows\system32\msservices\OldUnReg.dll]  [N/A, N/A]
[PID: 1852][C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1944][d:\常用软件\瑞星\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 52]
    [d:\常用软件\瑞星\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [d:\常用软件\瑞星\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [d:\常用软件\瑞星\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 180][D:\常用软件\瑞星\Rising\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\常用软件\瑞星\Rising\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 232][D:\常用软件\瑞星\Rising\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [D:\常用软件\瑞星\Rising\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\常用软件\瑞星\Rising\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\常用软件\瑞星\Rising\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\常用软件\瑞星\Rising\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 260][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3275]
[PID: 316][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 344][C:\Program Files\MSN Messenger\MsnMsgr.Exe]  [Microsoft Corporation, 7.5.0311]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
[PID: 464][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.13.10.4072]
[PID: 768][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1124][C:\Program Files\UPHClean\uphclean.exe]  [Microsoft Corporation, 1.5.5.21]
[PID: 2084][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3992][C:\Program Files\QQ2005\TMDlls\TM.exe]  [N/A, N/A]
gototop
 
tigeres
头像
初生襁褓狮
  • 帖子:60
  • 注册: 2005-08-25
  • 来自:
发表于: 2006-10-28 11:59 | 只看楼主 短消息 资料
字号: 7楼

[C:\Program Files\QQ2005\TMDlls\BasicCtrlDll.dll]  [Tencent, 0, 3, 2, 9]
    [C:\Program Files\QQ2005\TMDlls\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\QQ2005\TMDlls\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\QQ2005\TMDlls\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\QQ2005\TMDlls\QQRes.dll]  [N/A, N/A]
    [C:\Program Files\QQ2005\TMDlls\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\WizardCtrl.dll]  [Tencent, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\QQMainFrame.dll]  [TENCENT, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\CQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\QQ2005\TMDlls\FrameBar.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\QQAllInOne.dll]  [N/A, N/A]
    [C:\Program Files\QQ2005\TMDlls\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\QQ2005\TMDlls\MiscCtrl.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\QQUdpGetFileLib.dll]  [tencent, 0, 2, 2, 3]
    [C:\Program Files\QQ2005\TMDlls\LongConnection.dll]  [tencent, 0, 3, 3, 0]
    [C:\Program Files\QQ2005\TMDlls\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TMDlls\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 0, 3, 0, 43]
    [C:\Program Files\QQ2005\TMDlls\QQMMSender.dll]  [N/A, N/A]
    [C:\Program Files\QQ2005\TMDlls\GroupConnection.dll]  [Tencent, 0, 3, 3, 0]
[PID: 2044][C:\Program Files\QQ2005\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\Program Files\QQ2005\TMDlls\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 2964][D:\Downloads\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [C:\WINDOWS\hh.exe %1]
.HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1                    aifind.info
127.0.0.1                    i-lookup.com
127.0.0.1                    vod.mmdy.org
127.0.0.1                    www.23.la
127.0.0.1                    www.4199.com
127.0.0.1                    www.71791.com
127.0.0.1                    www.7939.com
127.0.0.1                    www.k662.com
127.0.0.1                    www.kzxf.com
127.0.0.1                    www.nkvd.us
127.0.0.1                    www.xfreehosting.com
127.0.0.1                    www.xxx166.com
127.0.0.1    www.ccnnic.com
127.0.0.1    www.ccnnic.net
127.0.0.1    www.ccnnlc.com
127.0.0.1    www.ccnnlc.net
127.0.0.1    www.bodoto.com
127.0.0.1    bj.bodoto.com
127.0.0.1    nb.bodoto.com
127.0.0.1    hangzhou.bodoto.com
127.0.0.1    jh.bodoto.com
127.0.0.1    shangh.bodoto.com
127.0.0.1    my.bodoto.com
127.0.0.1    mail.bodoto.com
127.0.0.1    www.bodoto.net
127.0.0.1    www.bodoto.cn
127.0.0.1    www.bodoto.com.cn
127.0.0.1    www.bodoto.net.cn
127.0.0.1    www.bodoto.org
127.0.0.1    www.edmchina.com
127.0.0.1    www.edmchina.net
127.0.0.1    www.edmchina.cn
127.0.0.1    www.edmchina.com.cn
127.0.0.1    ad.edmchina.com
127.0.0.1    agent.edmchina.com
127.0.0.1    sales.edmchina.com
127.0.0.1    mail.edmchina.com
127.0.0.1    edmchina.com
127.0.0.1    edmchina.net
127.0.0.1    edmchina.cn
127.0.0.1    edmchina.com.cn
127.0.0.1    www.pk265.com
127.0.0.1    pk265.com
127.0.0.1    www.qqbao.com
127.0.0.1    www.qqbao.net
127.0.0.1    www.qqbao.cn
127.0.0.1    www.qqbao.com.cn
127.0.0.1    qqbao.com
127.0.0.1    qqbao.cn
127.0.0.1    qqbao.com.cn
127.0.0.1    ad.pvka.com
127.0.0.1    da.pvka.com
127.0.0.1    www.20060106.com
127.0.0.1    20060106.com
127.0.0.1    www.huajundown.com
127.0.0.1    www.huajundown.net
127.0.0.1    huajundown.net
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT