12   1  /  2  页   跳转

求救!急

收藏
细胞终结者
头像
初生襁褓狮
  • 帖子:180
  • 注册: 2006-08-23
  • 来自:
发表于: 2006-08-23 14:24 | 只看楼主 短消息 资料
字号: 1楼

求救!急

我中了灰鸽子Backdoor.Gpigeon.zku用瑞星最新版怎么查杀还是有,怎么办?高手帮忙吧!先谢了!
最后编辑2006-08-23 16:29:33.610000000
分享到:
gototop
 
细胞终结者
头像
初生襁褓狮
  • 帖子:180
  • 注册: 2006-08-23
  • 来自:
发表于: 2006-08-23 15:48 | 只看楼主 短消息 资料
字号: 2楼

小弟在这先谢谢了,求助啊!~
gototop
 
细胞终结者
头像
初生襁褓狮
  • 帖子:180
  • 注册: 2006-08-23
  • 来自:
发表于: 2006-08-23 15:59 | 只看楼主 短消息 资料
字号: 3楼

就在C:/Program Files/Internet Explorer/IEXPLORE.EXE
瑞星报告IEXPLORE.EXE为病毒文件,病毒为Backdoor.Gpigeon.zku,当时能清除,但是重启后还是有!
怎么能清除呢?望高手指教!
gototop
 
轩辕小聪
头像
卡卡技术团队
  • 帖子:8368
  • 注册: 2006-01-09
  • 来自:
卡卡名人堂论坛9周年纪念
发表于: 2006-08-23 16:00 | 短消息 资料
字号: 4楼

http://forum.ikaka.com/topic.asp?board=28&artid=6979213
下载System Repair Engineer 2.0.21.505(RC2)导出全部日志。
gototop
 
westbeck
头像
初生襁褓狮
  • 帖子:3572
  • 注册: 2006-07-27
  • 来自:
发表于: 2006-08-23 16:01 | 短消息 资料
字号: 5楼

请贴HJ的日志...
gototop
 
细胞终结者
头像
初生襁褓狮
  • 帖子:180
  • 注册: 2006-08-23
  • 来自:
发表于: 2006-08-23 16:10 | 只看楼主 短消息 资料
字号: 6楼

启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [Microsoft Corporation]
(PHIME2002ASync)(C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [Microsoft Corporation]
(PHIME2002A)(C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [Microsoft Corporation]
(NvCplDaemon)(RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup) [NVIDIA Corporation]
(nwiz)(nwiz.exe /install) []
(NvMediaCenter)(RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit) [NVIDIA Corporation]
(SoundMan)(SOUNDMAN.EXE) [Realtek Semiconductor Corp.]
(RavTask)("d:\Program Files\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
(RfwMain)("D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
(yassistse)("C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe") [Yahoo! China]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [Microsoft Corporation]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINDOWS\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]
gototop
 
细胞终结者
头像
初生襁褓狮
  • 帖子:180
  • 注册: 2006-08-23
  • 来自:
发表于: 2006-08-23 16:12 | 只看楼主 短消息 资料
字号: 7楼

启动文件夹

服务

[mstake.exe / mstake.exe]
(C:\WINDOWS\mstake.exe)(N/A)
[NVIDIA Display Driver Service / NVSvc]
(C:\WINDOWS\system32\nvsvc32.exe)(NVIDIA Corporation)
[Rising Proxy Service / RfwProxySrv]
(d:\program files\rising\rfw\rfwproxy.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Personal Firewall Service / RfwService]
(d:\program files\rising\rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Process Communication Center / RsCCenter]
("d:\Program Files\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[RsRavMon Service / RsRavMon]
("D:\Program Files\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[SmartLinkService / SLService]
(slserv.exe)(Smart Link)



--------------------------------------------------------------------------------



浏览器加载项

[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} (C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, Yahoo! China)
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} (C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll, yahoo! china)
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL, yahoo! china)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD)
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} (C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China)
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} (d:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD)
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} (C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation)
[BitCometBar]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} (D:\Program Files\BitComet\BitCometBar\BitCometBar0.3.dll, N/A)
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} (C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll, yahoo! china)
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} (C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation)
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} (C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation)
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} (%SystemRoot%\system32\mshtml.dll, N/A)
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} (C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, Yahoo! China)
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} (C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll, yahoo! china)
[BitCometBar]
{3F1ABCDB-A875-46C1-8345-B72A4567E486} (D:\Program Files\BitComet\BitCometBar\BitCometBar0.3.dll, N/A)
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} (C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll, yahoo! china)
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} (C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation)
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} (C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll, yahoo! china)
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL, yahoo! china)
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD)
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} (C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation)
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} (C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.)
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} (C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China)
[&使用迅雷下载]
(d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A)
[&使用迅雷下载全部链接]
(d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A)
[上传到QQ网络硬盘]
(D:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A)
[导出到 Microsoft Excel(&x)]
(res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A)
[添加到QQ自定义面板]
(D:\Program Files\Tencent\QQ\AddPanel.htm, N/A)
[添加到QQ表情]
(D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A)
[添加到雅虎订阅(&Y)]
(res://C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll/YRSSMENUEXT, N/A)
[用QQ彩信发送该图片]
(D:\Program Files\Tencent\QQ\SendMMS.htm, N/A)
[雅虎搜索]
(res://C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll/203, N/A)



--------------------------------------------------------------------------------
gototop
 
细胞终结者
头像
初生襁褓狮
  • 帖子:180
  • 注册: 2006-08-23
  • 来自:
发表于: 2006-08-23 16:12 | 只看楼主 短消息 资料
字号: 8楼

正在运行的进程

[PID: 428][\SystemRoot\System32\smss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 492][\??\C:\WINDOWS\system32\csrss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 516][\??\C:\WINDOWS\system32\winlogon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 560][C:\WINDOWS\system32\services.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 572][C:\WINDOWS\system32\lsass.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 712][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 760][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 812][d:\Program Files\Rising\Rav\CCenter.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 3)
[PID: 828][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 884][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 976][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1012][D:\Program Files\Rising\Rav\Ravmond.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 33)
[D:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[D:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[D:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[D:\Program Files\Rising\Rav\RsLog.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[D:\Program Files\Rising\Rav\HOOKSYS.dll] (Beijing Rising Technology Co., Ltd.)(18, 1, 0, 11)
[d:\Program Files\Rising\Rav\Scanner.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 30)
[d:\Program Files\Rising\Rav\libload.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[d:\Program Files\Rising\Rav\VirusLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[D:\Program Files\Rising\Rav\regmon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[D:\Program Files\Rising\Rav\HookWeb.dll] (rising)(18, 0, 0, 2)
[D:\Program Files\Rising\Rav\MemMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[D:\Program Files\Rising\Rav\expscan.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[D:\Program Files\Rising\Rav\mPorts.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 3)
[D:\Program Files\Rising\Rav\MailMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[d:\Program Files\Rising\Rav\SpamEng.dll] (N/A)(18, 0, 0, 6)
[d:\Program Files\Rising\Rav\engine.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 30)
[d:\Program Files\Rising\Rav\PostTrt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[d:\Program Files\Rising\Rav\UnExe.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[d:\Program Files\Rising\Rav\ScanExec.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[d:\Program Files\Rising\Rav\ScanEx.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 14)
[d:\Program Files\Rising\Rav\NvFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 7)
[d:\Program Files\Rising\Rav\ScanMac.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 9)
[d:\Program Files\Rising\Rav\ScanSct.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 18)
[d:\Program Files\Rising\Rav\Unpacker.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 3)
[d:\Program Files\Rising\Rav\ExtOLE.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[PID: 1076][d:\program files\rising\rfw\rfwsrv.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 32)
[d:\program files\rising\rfw\RfwRule.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 13)
[d:\program files\rising\rfw\rfwlog.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 6)
[d:\program files\rising\rfw\Rfwdrv.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 21)
[d:\program files\rising\rfw\MonDrv.dll] (rs)(1, 0, 0, 4)
[d:\program files\rising\rfw\ProcLib.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 9)
[PID: 1188][C:\WINDOWS\system32\spoolsv.exe] (Microsoft Corporation)(5.1.2600.2696 (xpsp_sp2_gdr.050610-1519))
[PID: 1364][C:\WINDOWS\system32\nvsvc32.exe] (NVIDIA Corporation)(6.14.10.9137)
[PID: 1408][C:\WINDOWS\system32\slserv.exe] (Smart Link)(3.80.01MC15)
[PID: 1580][D:\Program Files\Rising\Rav\RavStub.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 16)
[D:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[PID: 1736][C:\WINDOWS\System32\alg.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 380][C:\WINDOWS\Explorer.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\RavExt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\WINDOWS\system32\nvcpl.dll] (NVIDIA Corporation)(6.14.10.9137)
[C:\WINDOWS\system32\nvshell.dll] (N/A)(N/A)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] (Yahoo! China)(3, 0, 2, 1020)
[C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll] (yahoo! china)(3, 2, 5, 1075)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] (Yahoo! China)(3, 0, 1, 1010)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasnoad.dll] (yahoo! china)(3, 0, 1, 1003)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsNetProto.dll] (Yahoo! China)(3, 0, 0, 1000)
[d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] (Thunder Networking Technologies,LTD)(5, 0, 0, 2)
[d:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] (Yahoo! China)(3, 0, 0, 1002)
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] (Yahoo! China)(3, 0, 1, 1002)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrepair.dll] (Yahoo! China)(3, 0, 2, 1002)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasfsks.dll] (3721.com)(2, 1, 1, 87)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yoptimum.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yxpstyle.dll] (Yahoo! China)(3, 0, 0, 1000)
[PID: 444][C:\WINDOWS\system32\wscntfy.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 272][d:\program files\rising\rfw\RfwMain.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 51)
[d:\program files\rising\rfw\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 23)
[d:\program files\rising\rfw\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[d:\program files\rising\rfw\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] (Yahoo! China)(3, 0, 2, 1020)
[PID: 1236][C:\WINDOWS\SOUNDMAN.EXE] (Realtek Semiconductor Corp.)(5.0.18)
[PID: 1288][D:\Program Files\Rising\Rav\RavTask.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 22)
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[D:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[D:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[PID: 1396][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe] (Yahoo! China)(3, 0, 0, 1001)
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll] (Yahoo! China)(3, 0, 0, 1002)
[C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll] (Yahoo! China)(3, 0, 0, 1001)
[PID: 668][D:\Program Files\Rising\Rav\Ravmon.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 32)
[D:\Program Files\Rising\Rav\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 24)
[D:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[D:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[D:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[D:\Program Files\Rising\Rav\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] (Yahoo! China)(3, 0, 2, 1020)
[PID: 1400][C:\WINDOWS\system32\ctfmon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 3736][D:\Program Files\Tencent\QQ\TIMPlatform.exe] (tencent)(0, 3, 1, 8)
[D:\Program Files\Tencent\QQ\TIMProxy.dll] (tencent)(0, 3, 2, 4)
[PID: 3544][C:\Program Files\Internet Explorer\iexplore.exe] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
gototop
 
细胞终结者
头像
初生襁褓狮
  • 帖子:180
  • 注册: 2006-08-23
  • 来自:
发表于: 2006-08-23 16:12 | 只看楼主 短消息 资料
字号: 9楼

[C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll] (yahoo! china)(3, 0, 6, 1049)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysearch.dll] (Yahoo! China)(3, 0, 3, 1004)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasnoad.dll] (yahoo! china)(3, 0, 1, 1003)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsNetProto.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll] (Yahoo! China)(3, 0, 1, 1001)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yaswiper.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasiesec.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysettings.dll] (yahoo! china)(3, 0, 2, 1004)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ymailp.dll] (Yahoo! China)(3.0.0.1006)
[C:\WINDOWS\system32\RavExt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll] (yahoo! china)(3, 0, 1, 1002)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] (Yahoo! China)(3, 0, 2, 1020)
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL] (yahoo! china)(3, 0, 0, 1000)
[d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] (Thunder Networking Technologies,LTD)(5, 0, 0, 2)
[C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll] (yahoo! china)(3, 2, 5, 1075)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll] (Yahoo! China)(3, 0, 7, 1012)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] (Yahoo! China)(3, 0, 1, 1010)
[d:\Program Files\Rising\Rav\RavScrCh.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] (Adobe Systems, Inc.)(9,0,16,0)
[PID: 3676][C:\PROGRA~1\Yahoo!\ASSIST~1\ylive.exe] (Yahoo! China)(3, 0, 1, 1007)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] (Yahoo! China)(3, 0, 2, 1020)
[C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll] (yahoo! china)(3, 2, 5, 1075)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] (Yahoo! China)(3, 0, 1, 1010)
[C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll] (yahoo! china)(3, 0, 0, 1000)
[PID: 2664][D:\Program Files\Tencent\QQ\QQ.exe] (TENCENT)(0, 0, 0, 0)
[D:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\QQHelperDll.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\BasicCtrlDll.dll] (Tencent)(5, 0, 200, 160)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] (Yahoo! China)(3, 0, 2, 1020)
[D:\Program Files\Tencent\QQ\QQAPI.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\TIMProxy.dll] (tencent)(0, 3, 2, 4)
[D:\Program Files\Tencent\QQ\LoginCtrl.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\npkcntc.dll] (INCA Internet Co., Ltd.)(2006, 3, 2, 1)
[D:\Program Files\Tencent\QQ\npkpdb.dll] (INCA Internet Co., Ltd.)(2003, 10, 1, 1)
[D:\Program Files\Tencent\QQ\QQRes.dll] (tencent)(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\QQMainFrame.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\CQQApplication.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\NewSkin.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\HostingMgr.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\CameraDll.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\MailSummary.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\QQSpace.dll] ()(1, 0, 0, 1)
[C:\WINDOWS\system32\msdmo.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\QQGroupMng.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\GroupLive.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\UserDefinedHead.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\QQPlugin.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\QQConfigPlugin.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\QQAvatar.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\FlashAvatarDll.dll] ()(1, 4, 0, 1)
[D:\Program Files\Tencent\QQ\QRingMng.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\PhoneAPI.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\DialerAllinOne.dll] (tencent)(1, 4, 0, 0)
[D:\Program Files\Tencent\QQ\LongConnection.dll] (tencent)(5, 0, 200, 160)
[D:\Program Files\Tencent\QQ\QQPet.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\QQSysMsgMng.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\BQQApplication.dll] (N/A)(N/A)
[C:\WINDOWS\system32\RavExt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[D:\Program Files\Tencent\QQ\CommercesMng.dll] ()(1, 0, 0, 1)
[D:\Program Files\Tencent\QQ\PersonalDesktop.dll] (深圳市腾讯计算机系统公司QQ工作小组)(1, 0, 0, 2)
[D:\Program Files\Tencent\QQ\QQAddr.dll] (深圳市腾讯计算机系统有限公司)(5, 0, 101, 200)
[D:\Program Files\Tencent\QQ\QQSceneMng.dll] (N/A)(N/A)
[D:\Program Files\Tencent\QQ\QQPhoneHelper.dll] (腾讯科技(深圳)有限公司)(2, 0, 6, 60)
[PID: 328][C:\Program Files\Internet Explorer\iexplore.exe] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] (Yahoo! China)(3, 0, 2, 1020)
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll] (yahoo! china)(3, 2, 5, 1075)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] (Yahoo! China)(3, 0, 1, 1010)
[C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll] (yahoo! china)(3, 0, 6, 1049)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysearch.dll] (Yahoo! China)(3, 0, 3, 1004)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasnoad.dll] (yahoo! china)(3, 0, 1, 1003)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsNetProto.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll] (Yahoo! China)(3, 0, 1, 1001)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yaswiper.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasiesec.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysettings.dll] (yahoo! china)(3, 0, 2, 1004)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ymailp.dll] (Yahoo! China)(3.0.0.1006)
[C:\WINDOWS\system32\RavExt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll] (yahoo! china)(3, 0, 1, 1002)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL] (yahoo! china)(3, 0, 0, 1000)
[d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] (Thunder Networking Technologies,LTD)(5, 0, 0, 2)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll] (Yahoo! China)(3, 0, 7, 1012)
[d:\Program Files\Rising\Rav\RavScrCh.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] (Adobe Systems, Inc.)(9,0,16,0)
[C:\WINDOWS\system32\UNISPIM5.IME] (北京紫光华宇软件股份有限公司)(5.0.0.5076)
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] (Yahoo! China)(3, 0, 0, 1002)
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] (Yahoo! China)(3, 0, 1, 1002)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrepair.dll] (Yahoo! China)(3, 0, 2, 1002)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasfsks.dll] (3721.com)(2, 1, 1, 87)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yoptimum.dll] (Yahoo! China)(3, 0, 0, 1000)
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yxpstyle.dll] (Yahoo! China)(3, 0, 0, 1000)
[d:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_003.dll] (Thunder Networking Technologies,LTD)(1, 0, 0, 10)
[PID: 260][D:\sreng2\SREng2\SREng.exe] (Smallfrogs Studio)(2.0.21.505)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] (Yahoo! China)(3, 0, 2, 1020)
[D:\sreng2\SREng2\Plugins\SREngPluginDemo.SRE] (Smallfrogs Studio)(1, 1, 1, 0)



--------------------------------------------------------------------------------
gototop
 
细胞终结者
头像
初生襁褓狮
  • 帖子:180
  • 注册: 2006-08-23
  • 来自:
发表于: 2006-08-23 16:12 | 只看楼主 短消息 资料
字号: 10楼

文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]



--------------------------------------------------------------------------------


Winsock 提供者
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT