1   1  /  1  页   跳转

求助:Adware.win32.Clicker.a.

收藏
令狐璧
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-08-13
  • 来自:
发表于: 2007-08-13 13:38 | 只看楼主 短消息 资料
字号: 1楼

求助:Adware.win32.Clicker.a.

每次瑞星查毒,在\windows\system32\drivers\TYKeeper.sys下发现此病毒,提示删除与清除,按此操作后,第二此杀毒重新又发现。
这是怎么回事呀,我发现我网速明显下降。是这么病毒害的吗?
我的瑞星版本19.35
请专家帮忙解答

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon)
最后编辑2007-08-23 14:19:41
分享到:
gototop
 
g任逍遥g
头像
初生襁褓狮
  • 帖子:165
  • 注册: 2007-06-07
  • 来自:
发表于: 2007-08-13 13:56 | 短消息 资料
字号: 2楼

扫描一个日志上传到这里!让大家帮你分析一下!

下载 System Repair Engineer,
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来,不要修改日志一次发不完,分次发上来
5 SREng无法运行时将其改名运行
gototop
 
令狐璧
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-08-13
  • 来自:
发表于: 2007-08-13 16:24 | 只看楼主 短消息 资料
字号: 3楼

{F08555B0-9CC3-11D2-AA8E-000000000000} <C:\WINDOWS\system32\IEBHO.dll, N/A>
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[]
  {F869BB38-FFEF-4589-B986-610B7AD0ADA2} <C:\Program Files\yok\toolbar.dll, YOK.com>
[FGAutoLive]
  {F90D830D-C175-4bbe-82C7-FF94669A4C42} <C:\Program Files\FlashGet\fgupdate.dll, www.flashget.com>
[FGCatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <C:\PROGRA~1\FlashGet\jccatch.dll, www.flashget.com>
[  经KK图铃通发送到手机]
  <C:\Program Files\ZCOMPRDIY\MenuSendImg.htm, N/A>
[&使用快车(FlashGet)下载]
  <C:\PROGRA~1\FlashGet\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <C:\PROGRA~1\FlashGet\jc_all.htm, N/A>
[&使用超级旋风下载]
  <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[珊瑚虫超级搜索]
  <C:\Program Files\yok\yoksch.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 628 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 696 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.7.0018.5]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 764 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 776 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1016 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1116 / SYSTEM][G:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1144 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\progra~1\iesnap\navoct.dll]  [ , 1, 0, 1, 4]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)]
[PID: 1240 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1324 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1392 / SYSTEM][G:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
    [G:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [G:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [G:\Program Files\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [G:\Program Files\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [G:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [G:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [G:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [G:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [G:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [G:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [G:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [G:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [G:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [G:\Program Files\Rising\Rav\psapi.dll]  [Microsoft Corporation, 4.00]
    [G:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [G:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
    [G:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [G:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [G:\Program Files\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [G:\Program Files\Rising\Rav\SpamEng.dll]  [, 18, 0, 0, 6]
    [G:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [G:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [G:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [G:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [G:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 73]
    [G:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [G:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [G:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [G:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [G:\Program Files\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
    [G:\Program Files\Rising\Rav\RsVM.dll]  [, 19, 0, 0, 20]
    [G:\Program Files\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 48]
    [G:\Program Files\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [G:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [G:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[PID: 1636 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\Program Files\yok\yok.dll]  [YOK.Com, 3, 0, 0, 1005]
    [C:\Program Files\yok\protect.dll]  [YOK.Com, 3, 0, 0, 1002]
    [C:\Program Files\yok\adblock.dll]  [YOK.Com, 3, 0, 0, 1003]
    [C:\Program Files\yok\toolbar.dll]  [YOK.com, 3, 1, 0, 1009]
    [C:\Program Files\yok\relband.dll]  [YOK.Com, 3, 1, 0, 1005]
    [C:\Program Files\yok\buttonmail.dll]  [YOK.com, 1, 0, 0, 1002]
    [C:\Program Files\yok\autolive.dll]  [YOK.Com, 3, 0, 0, 1002]
    [C:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll]  [Nero AG, 2, 0, 0, 8]
    [C:\Program Files\Common Files\Ahead\lib\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.0.0.0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 8.0.0.0]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll]  [Nero AG, 2, 0, 6, 2]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 8.0.0.2006102200]
    [C:\WINDOWS\system32\ZComBHO.dll]  [zcom, 1.00]
    [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
    [C:\WINDOWS\system32\VB6CHS.DLL]  [Microsoft Corporation, 6.00.8988]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 1732 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
gototop
 
令狐璧
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-08-13
  • 来自:
发表于: 2007-08-13 16:33 | 只看楼主 短消息 资料
字号: 4楼

[C:\WINDOWS\system32\CNMLM6e.DLL]  [CANON INC., 1.80.2.50]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD6e.DLL]  [CANON INC., 1.80.2.50]
[PID: 1804 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1956 / Administrator][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  [北京三七二一科技有限公司, 2, 5, 0, 4]
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  [北京三七二一科技有限公司, 2, 5, 0, 3]
    [C:\WINDOWS\DOWNLO~1\CnsMinEx.dll]  [国风因特软件(北京)有限公司, 2, 5, 0, 3]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
[PID: 1988 / SYSTEM][G:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [G:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [G:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 252 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\progra~1\wxgf\ghqp.dll]  [, 5, 0, 0, 8]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [c:\progra~1\wxgf\lmvu.dll]  [, 5, 0, 0, 8]
    [c:\progra~1\wxgf\cdml.dll]  [, 5, 0, 0, 8]
[PID: 372 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 528 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 560 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1800 / Administrator][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 56]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 2052 / Administrator][C:\WINDOWS\ZSSnp211.exe]  [ZSMCSNAP, 3, 6, 818, 7]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\ZS211Prp.Ax]  [ZSMC, 3, 6, 703, 15]
[PID: 2092 / Administrator][C:\WINDOWS\Domino.exe]  [, 3, 6, 818, 7]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 2188 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2272 / Administrator][G:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [G:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [G:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [G:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [G:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 2368 / Administrator][G:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [G:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [G:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [G:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [G:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [G:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [G:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [G:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [G:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 2412 / Administrator][C:\Program Files\DAEMON Tools\daemon.exe]  [DT Soft Ltd., 4.08.0.0]
    [C:\Program Files\DAEMON Tools\daemon.dll]  [DT Soft Ltd., 4.08.0.0]
    [C:\Program Files\DAEMON Tools\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]
    [C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll]  [, 1.1.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll]  [GENERIC, 1.10.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\cuemount.dll]  [DT Soft Ltd., 1.0.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll]  [DT Soft Ltd., 1.18.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll]  [DT Soft Ltd., 1.12.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll]  [GENERIC, 1.01.0.0]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 2444 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 2564 / Administrator][C:\Program Files\Tencent\QQDownload\QQDownload.exe]  [Tencent Technology (Shenzhen) Company Limited, 1, 3, 101, 101]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [C:\Program Files\Tencent\QQDownload\QQDownload.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 3, 101, 101]
gototop
 
令狐璧
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-08-13
  • 来自:
发表于: 2007-08-13 16:34 | 只看楼主 短消息 资料
字号: 5楼

[C:\Program Files\Tencent\QQDownload\TNProxy.dll]  [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 80]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Tencent\QQDownload\BT\BTDownload.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 3, 101, 101]
    [C:\Program Files\Tencent\QQDownload\BT\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.42]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3236 / Administrator][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\QQ\CoralAssist.DLL]  [Coral Team, 4.5.0 build 20060515]
    [C:\Program Files\Tencent\QQ\CoralQQ.DLL]  [Coral Team, 4.5.4 Build 20061001]
    [C:\Program Files\Tencent\QQ\ipsearcher.dll]  [, 1.0.0.4]
    [C:\Program Files\Tencent\QQ\mfc42.dll]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Tencent\QQ\VPortal.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [G:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [C:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技(深圳)有限公司, 2, 1, 9, 95]
    [C:\Program Files\Tencent\QQ\ShareFiles.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQZip.dll]  [tencent, 0, 3, 2, 4]
[PID: 3304 / Administrator][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 3512 / Administrator][G:\海通证券大智慧2005专业版\internet\hypwise.exe]  [, 1, 0, 0, 1]
    [G:\海通证券大智慧2005专业版\internet\MFC42.DLL]  [Microsoft Corporation, 6.00.8447.0]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 3648 / Administrator][G:\海通证券大智慧2005专业版\internet\hypmain.exe]  [GreatWise, 5.5.6.2650]
    [G:\海通证券大智慧2005专业版\internet\borlndmm.dll]  [Inprise Corporation, 5.0.6.18]
    [G:\海通证券大智慧2005专业版\internet\tcpip.dll]  [, 1, 0, 0, 1]
    [G:\海通证券大智慧2005专业版\internet\InvestDll.dll]  [, 1, 0, 0, 3]
    [G:\海通证券大智慧2005专业版\internet\wgdll.dll]  [N/A, ]
    [G:\海通证券大智慧2005专业版\internet\zlib.dll]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [G:\海通证券大智慧2005专业版\internet\olepro32.dll]  [Microsoft Corporation, 5.0.4275]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
gototop
 
令狐璧
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-08-13
  • 来自:
发表于: 2007-08-13 16:35 | 只看楼主 短消息 资料
字号: 6楼

[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1140 / Administrator][C:\Program Files\Maxthon\Maxthon.exe]  [Maxthon International Ltd., 1, 6, 1, 22]
    [C:\Program Files\Maxthon\maxzlib.dll]  [ , 1, 0, 0, 2]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [c:\progra~1\iesnap\navpref.dll]  [, 1, 0, 1, 6]
    [c:\progra~1\iesnap\navseg.dll]  [, 1, 0, 1, 6]
    [c:\progra~1\iesnap\navneg.dll]  [, 1, 0, 1, 6]
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [G:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\NpOpenStore.dll]  [N/A, ]
    [C:\WINDOWS\system32\NPCard.dll]  [N/A, ]
    [C:\WINDOWS\system32\RsaFun.dll]  [N/A, ]
    [C:\WINDOWS\system32\GPKPCSC.dll]  [N/A, ]
    [C:\WINDOWS\Downloaded Program Files\safein.dll]  [Beijing eChannels Century Technology Co.,Ltd, 2, 3, 1, 0]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\ffdshow.ax]  [, 1.0.2.2028]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
[PID: 3844 / Administrator][c:\progra~1\iesnap\navplay.exe]  [, 1, 0, 1, 6]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 3836 / Administrator][C:\Program Files\Maxthon\Maxthon.exe]  [Maxthon International Ltd., 1, 6, 1, 22]
    [C:\Program Files\Maxthon\maxzlib.dll]  [ , 1, 0, 0, 2]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [c:\progra~1\iesnap\navpref.dll]  [, 1, 0, 1, 6]
    [c:\progra~1\iesnap\navseg.dll]  [, 1, 0, 1, 6]
    [c:\progra~1\iesnap\navneg.dll]  [, 1, 0, 1, 6]
    [G:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2540 / Administrator][C:\Documents and Settings\Administrator\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [C:\Documents and Settings\Administrator\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\NpOpenStore.dll]  [N/A, ]
    [C:\WINDOWS\system32\NPCard.dll]  [N/A, ]
    [C:\WINDOWS\system32\RsaFun.dll]  [N/A, ]
    [C:\WINDOWS\system32\GPKPCSC.dll]  [N/A, ]
[PID: 3736 / Administrator][G:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [G:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
[PID: 2532 / Administrator][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3424]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件(北京)有限公司, 2.5.1.0]
    [c:\progra~1\iesnap\navstub.dll]  [, 1, 0, 1, 6]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5091]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
219.153.32.215 auto.search.msn.com

==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 1800, C:\WINDOWS\SOUNDMAN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1800, C:\WINDOWS\SOUNDMAN.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2052, C:\WINDOWS\ZSSNP211.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2052, C:\WINDOWS\ZSSNP211.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2092, C:\WINDOWS\DOMINO.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2092, C:\WINDOWS\DOMINO.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2272, G:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2272, G:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2368, G:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2368, G:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2564, C:\PROGRAM FILES\TENCENT\QQDOWNLOAD\QQDOWNLOAD.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2564, C:\PROGRAM FILES\TENCENT\QQDOWNLOAD\QQDOWNLOAD.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3236, C:\PROGRAM FILES\TENCENT\QQ\QQ.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3236, C:\PROGRAM FILES\TENCENT\QQ\QQ.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3304, C:\PROGRAM FILES\TENCENT\QQ\TIMPLATFORM.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3304, C:\PROGRAM FILES\TENCENT\QQ\TIMPLATFORM.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3512, G:\海通证券大智慧2005专业版\INTERNET\HYPWISE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3512, G:\海通证券大智慧2005专业版\INTERNET\HYPWISE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3648, G:\海通证券大智慧2005专业版\INTERNET\HYPMAIN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3648, G:\海通证券大智慧2005专业版\INTERNET\HYPMAIN.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1140, C:\PROGRAM FILES\MAXTHON\MAXTHON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1140, C:\PROGRAM FILES\MAXTHON\MAXTHON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3844, C:\PROGRA~1\IESNAP\NAVPLAY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3844, C:\PROGRA~1\IESNAP\NAVPLAY.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3836, C:\PROGRAM FILES\MAXTHON\MAXTHON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3836, C:\PROGRAM FILES\MAXTHON\MAXTHON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3736, G:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3736, G:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
令狐璧
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2007-08-13
  • 来自:
发表于: 2007-08-13 16:37 | 只看楼主 短消息 资料
字号: 7楼

完了,
请逍遥帮我看看,谢谢
gototop
 
婈雪儿
头像
初生襁褓狮
  • 帖子:1
  • 注册: 2007-08-23
  • 来自:
发表于: 2007-08-23 14:30 | 短消息 资料
字号: 8楼

我的电脑也出现同样的问题怎么解决
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT