发表于: 2007-12-11 13:03 | 只看楼主 短消息 资料
字号: 1楼

aple

Technology Co., Ltd., 20.0.01.05]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\瑞星杀毒软件\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星杀毒软件\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\瑞星杀毒软件\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\瑞星杀毒软件\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [D:\瑞星杀毒软件\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
    [D:\瑞星杀毒软件\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [D:\瑞星杀毒软件\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
    [D:\瑞星杀毒软件\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.24]
    [D:\瑞星杀毒软件\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [D:\瑞星杀毒软件\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 79]
    [D:\瑞星杀毒软件\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 1936 / SYSTEM][D:\瑞星杀毒软件\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [D:\瑞星杀毒软件\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星杀毒软件\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星杀毒软件\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 524 / Administrator][D:\瑞星杀毒软件\Rising\Rav\RSAGENT.EXE]  [Beijing Rising Technology Co., Ltd., 20.0.0.7]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\瑞星杀毒软件\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星杀毒软件\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[PID: 1164 / Administrator][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3424]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\PROGRA~1\3721\helper.dll]  [国风因特软件(北京)有限公司, 2.5.4.1007]
[PID: 2292 / Administrator][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [国风因特软件(北京)有限公司, 2.5.4.1007]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 0]
    [C:\PROGRA~1\3721\autolive.dll]  [国风因特软件(北京)有限公司, 2.5.7.1012]
    [C:\PROGRA~1\3721\notifier.dll]  [国风因特软件(北京)有限公司, 2.5.1.1003]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
[PID: 2308 / Administrator][D:\Netkeeper\ChinaNetSn\bin\NetKeeper.exe]  [XI AN XINLI SOFTWARE TECHNOLOGY CO.,LTD, 0, 0, 1, 6]
    [C:\PROGRA~1\3721\helper.dll]  [国风因特软件(北京)有限公司, 2.5.4.1007]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 0]
    [D:\Netkeeper\ChinaNetSn\bin\detector.dll]  [西安信利软件系统有限公司, 1, 0, 0, 2]
    [C:\WINDOWS\system32\wpcap.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\packet.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\WanPacket.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\XLPPoEPCIoctl.dll]  [N/A, ]
[PID: 184 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [国风因特软件(北京)有限公司, 2.5.4.1007]
    [C:\PROGRA~1\3721\scrblock.dll]  [3721, 1, 0, 1, 1000]
    [C:\PROGRA~1\3721\alrex.dll]  [国风因特软件(北京)有限公司, 2.5.1.1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 0]
    [C:\WINDOWS\DOWNLO~1\CnsHint.dll]  [国风因特软件(北京)有限公司, 2.5.0.4]
    [C:\PROGRA~1\3721\autolive.dll]  [国风因特软件(北京)有限公司, 2.5.7.1012]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [C:\WINDOWS\DOWNLO~1\cnsplus.dll]  [国风因特软件(北京)有限公司, 2.5.0.3]
    [C:\WINDOWS\system32\IETool.dll]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 1, 0, 4, 2]
    [D:\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 528 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [国风因特软件(北京)有限公司, 2.5.4.1007]
    [C:\PROGRA~1\3721\scrblock.dll]  [3721, 1, 0, 1, 1000]
    [C:\PROGRA~1\3721\alrex.dll]  [国风因特软件(北京)有限公司, 2.5.1.1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 0]
    [C:\WINDOWS\DOWNLO~1\CnsHint.dll]  [国风因特软件(北京)有限公司, 2.5.0.4]
    [C:\PROGRA~1\3721\autolive.dll]  [国风因特软件(北京)有限公司, 2.5.7.1012]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [C:\WINDOWS\DOWNLO~1\cnsplus.dll]  [国风因特软件(北京)有限公司, 2.5.0.3]
    [C:\WINDOWS\system32\IETool.dll]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 1, 0, 4, 2]
    [D:\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  [北京三七二一科技有限公司, 1, 0, 3, 7]
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  [北京三七二一科技有限公司, 1, 0, 2, 8]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2088 / Administrator][D:\千千静听\TTPlayer.exe]  [Alen Soft, 4, 6, 9, 0]
    [D:\千千静听\ttpcomm.dll]  [N/A, ]
    [C:\PROGRA~1\3721\helper.dll]  [国风因特软件(北京)有限公司, 2.5.4.1007]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 0]
    [D:\千千静听\ttpres.dll]  [Alen Soft, 4, 6, 9, 0]
    [D:\千千静听\msdmo.dll]  [Microsoft Corporation, 6.03.01.0400]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\千千静听\AddIn\ttp_lrcsh.dll]  [N/A, ]
[PID: 2360 / Administrator][D:\瑞星杀毒软件\新建文件夹\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\PROGRA~1\3721\helper.dll]  [国风因特软件(北京)有限公司, 2.5.4.1007]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 4, 0]
    [D:\瑞星杀毒软件\新建文件夹\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
219.153.32.215 auto.search.msn.com

==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 2308, D:\NETKEEPER\CHINANETSN\BIN\NETKEEPER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2308, D:\NETKEEPER\CHINANETSN\BIN\NETKEEPER.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2088, D:\千千静听\TTPLAYER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2088, D:\千千静听\TTPLAYER.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
最后编辑2007-12-11 13:03:18.357000000