瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 dnsq.dll是什么啊?救命!(附SREngLOG)

1   1  /  1  页   跳转

[求助] dnsq.dll是什么啊?救命!(附SREngLOG)

收藏
rarara
头像
初生襁褓狮
  • 帖子:51
  • 注册: 2007-05-23
  • 来自:
发表于: 2009-09-28 19:44 | 只看楼主 短消息 资料
字号: 1楼

dnsq.dll是什么啊?救命!(附SREngLOG)

[CODE]
2009-09-22,17:12:50
System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\WINDOWS\system32\dnsq.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\Aurora.scr>  [Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <F:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
==================================
驱动程序
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\aliide.sys><ALi Corporation>
[ESS 1969 Audio Driver (WDM) / es1969][Running/Manual Start]
  <system32\drivers\es1969.sys><ESS Technology Inc.>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Stopped/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[m5287 / m5287][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\m5287.sys><ULi Electronics Inc.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
  <system32\DRIVERS\yk51x86.sys><Marvell>
[ASTDriver / ASTDriver][Running/Manual Start]
  <\??\F:\Program Files\ast\ASTDriver.sys><Windows (R) Server 2003 DDK provider>
[ASTTools / ASTTools][Running/Manual Start]
  <\??\F:\Program Files\ast\ASTTools.sys><DSW Lab>
==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <F:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SecAddons Class]
  {AF69627B-8489-41C2-971A-B927DF7A5B0F} <F:\Program Files\ast\SecAddons.dll, 超级巡警>
[畅游巡警]
  {C2EB616C-BFB0-4361-A02C-588F869A0E97} <C:\Program Files\Sucop\SecPlugin\SecPlugin.dll, (Signed) 超级巡警>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[IESecExtern Class]
  {7B71B9D0-7A6B-4CD4-BFAD-A8852409A1D9} <C:\Program Files\Sucop\SecPlugin\SecPlugin.dll, (Signed) 超级巡警>
[BitComet]
  {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, >
[雨林木风]
  {6AD31948-2ED9-4A2B-85EA-105DD4F656B4} <http://bbs.ylmf.com, N/A>
[畅游巡警]
  {B057BF9C-55B4-4AA4-938A-FE78617866B8} <C:\Program Files\Sucop\SecPlugin\SecPlugin.dll, (Signed) 超级巡警>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <F:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[Player Class]
  {11F2A418-94B2-4e16-9B0C-B00C0435F903} <F:\Program Files\Tencent\QQLive\LiveMedia.dll, (Signed) Tencent>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <F:\Program Files\Tencent\QQLive\QQLiveInstaller.dll, (Signed) >
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <F:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {6AD31948-2ED9-4A2B-85EA-105DD4F656B4} <, >
[QQLiveFile Class]
  {6B232760-90F1-41c3-9902-C8552C1D8A72} <F:\Program Files\Tencent\QQLive\FileVersion.dll, (Signed) Tencent>
[]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <, >
[]
  {7B71B9D0-7A6B-4CD4-BFAD-A8852409A1D9} <, >
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SecAddons Class]
  {AF69627B-8489-41C2-971A-B927DF7A5B0F} <F:\Program Files\ast\SecAddons.dll, 超级巡警>
[畅游巡警]
  {B057BF9C-55B4-4AA4-938A-FE78617866B8} <C:\Program Files\Sucop\SecPlugin\SecPlugin.dll, (Signed) 超级巡警>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <, >
[畅游巡警]
  {C2EB616C-BFB0-4361-A02C-588F869A0E97} <C:\Program Files\Sucop\SecPlugin\SecPlugin.dll, (Signed) 超级巡警>
[]
  {D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[QQLive Class]
  {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} <F:\Program Files\Tencent\QQLive\LiveAPI.dll, (Signed) Tencent>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <F:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) 深圳腾讯科技>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <F:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.149.dll, ShenZhen Thunder Networking Technologies Ltd.>

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MyIE2)
分享到:
gototop
 
rarara
头像
初生襁褓狮
  • 帖子:51
  • 注册: 2007-05-23
  • 来自:
发表于: 2009-09-28 19:44 | 只看楼主 短消息 资料
字号: 2楼

回复:dnsq.dll是什么啊?救命!(附SREngLOG)

==================================
正在运行的进程
[PID: 624][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 672 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 700 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 744 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 916 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\rpcss.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 1016 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\rpcss.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 1112 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1224 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1460 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1636 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\Program Files\ast\AST.dll]  [超级巡警, 1.0.2.10]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.11.6921]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.6921]
    [F:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [F:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [F:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [F:\Program Files\StormII\spfa.dll]  [北京暴风网际科技有限公司, 2, 7, 4, 2]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 1804 / Administrator][F:\Program Files\ast\ast.exe]  [超级巡警, 1, 8, 6, 119]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [F:\Program Files\ast\common.dll]  [超级巡警, 1, 4, 2, 32]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\Program Files\ast\EngineSDK.dll]  [超级巡警, 2, 2, 2, 61]
    [F:\Program Files\ast\AST.dll]  [超级巡警, 1.0.2.10]
    [F:\Program Files\ast\AutoRun.dll]  [超级巡警, 2, 2, 2, 26]
    [F:\Program Files\ast\FileAnalyser.dll]  [超级巡警, 1.0.1.11]
    [F:\Program Files\ast\FileForceKiller.dll]  [DSW Lab, 1, 0, 0, 1]
    [F:\Program Files\ast\ManagerProcess.dll]  [超级巡警, 1.3.4.13]
    [F:\Program Files\ast\ManagerService.dll]  [超级巡警, 1.0.6.4]
    [F:\Program Files\ast\Monitor.dll]  [超级巡警, 1, 7, 9, 42]
    [F:\Program Files\ast\PortAssociate.dll]  [超级巡警, 1.0.3.7]
    [F:\Program Files\ast\StateViewer.dll]  [超级巡警, 1, 0, 10, 18]
    [F:\Program Files\ast\aScanCom.dll]  [超级巡警, 2, 1, 2, 58]
    [F:\Program Files\ast\ssdt.dll]  [超级巡警, 1.0.2.4]
    [F:\Program Files\ast\tIERepair.dll]  [超级巡警, 1, 2, 2, 21]
    [F:\Program Files\ast\tRubbishClear.dll]  [超级巡警, 1, 5, 2, 25]
    [F:\Program Files\ast\tSecurityOptimize.dll]  [超级巡警, 1, 1, 2, 9]
    [F:\Program Files\ast\zDiagnosticTool.dll]  [超级巡警, 1.2.1.3]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
    [F:\Program Files\ast\KillModule.dll]  [超级巡警, 1, 2, 2, 30]
    [F:\Program Files\ast\MScaner.dll]  [超级巡警, 1.0.0.26]
    [F:\Program Files\ast\SKEngine.dll]  [超级巡警, 1.6.5.12]
    [F:\Program Files\ast\ScanAd.dll]  [Secward Technologies, Inc., 1.0.1.2]
    [F:\Program Files\ast\smart.dll]  [超级巡警, 1.0.0.31]
    [F:\Program Files\ast\unarc.dll]  [超级巡警, 1.2.5]
    [F:\Program Files\ast\SScanner.dll]  [超级巡警, 1, 0, 6, 40]
[PID: 1884 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
[PID: 184][C:\WINDOWS\system32\com\lsass.exe]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\Program Files\ast\AST.dll]  [超级巡警, 1.0.2.10]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
[PID: 1604][C:\WINDOWS\system32\com\smss.exe]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\Program Files\ast\AST.dll]  [超级巡警, 1.0.2.10]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
[PID: 2496 / SYSTEM][F:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 3, 15]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2668 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.6921]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.6921]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 4060 / Administrator][F:\Program Files\StormII\Storm.exe]  [北京暴风网际科技有限公司, 3, 8, 5, 15]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\Program Files\ast\AST.dll]  [超级巡警, 1.0.2.10]
    [F:\Program Files\StormII\mps.dll]  [北京暴风网际科技有限公司, 3, 8, 3, 27]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [F:\Program Files\StormII\MovieInfo.dll]  [baofeng, 1, 0, 0, 1]
    [F:\Program Files\StormII\jscript.dll]  [Microsoft Corporation, 5.6.0.8831]
    [F:\Program Files\StormII\media2.dll]  [北京暴风网际科技有限公司, 5, 8, 7, 16]
    [F:\Program Files\StormII\score.dll]  [北京暴风网际科技有限公司, 2, 7, 9, 30]
    [F:\Program Files\StormII\sexpert.dll]  [北京暴风网际科技有限公司, 2, 7, 9, 30]
    [F:\Program Files\StormII\sprobe.dll]  [北京暴风网际科技有限公司, 3, 8, 2, 1]
    [F:\Program Files\StormII\splayers.dll]  [北京暴风网际科技有限公司, 3, 8, 3, 27]
    [F:\Program Files\StormII\SubDecoder.dll]  [北京暴风网际科技有限公司, 3, 8, 3, 27]
    [F:\Program Files\StormII\rndrmgr.dll]  [北京暴风网际科技有限公司, 3, 8, 4, 15]
    [F:\PROGRA~1\StormII\Codec\DCBassSource.ax]  [http://www.dsp-worx.de, 1.1.1.0]
    [F:\PROGRA~1\StormII\Codec\bass.dll]  [Un4seen Developments, 2.3]
    [F:\PROGRA~1\StormII\Codec\bass_aac.dll]  [MaresWEB, 2.3.0.0]
    [F:\PROGRA~1\StormII\Codec\bass_alac.dll]  [MaresWEB, 2.3.0.0]
    [F:\PROGRA~1\StormII\Codec\bass_ape.dll]  [MaresWEB, 2.3.0.0]
    [F:\PROGRA~1\StormII\Codec\bass_flac.dll]  [Un4seen Developments, 2.3]
    [F:\PROGRA~1\StormII\Codec\bass_mpc.dll]  [MaresWEB, 2.3.0.0]
    [F:\PROGRA~1\StormII\Codec\bass_tta.dll]  [MaresWEB, 2.3.0.0]
    [F:\PROGRA~1\StormII\Codec\bass_wv.dll]  [MaresWEB, 2.3.0.0]
[PID: 3204 / Administrator][F:\Program Files\ZuoXiTong\srengs\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
[PID: 2316 / Administrator][F:\Program Files\ZuoXiTong\srengs\SRE796940c0.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\dnsq.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\Program Files\ast\AST.dll]  [超级巡警, 1.0.2.10]
    [F:\Program Files\ZuoXiTong\srengs\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 4060, F:\PROGRAM FILES\STORMII\STORM.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3204, F:\PROGRAM FILES\ZUOXITONG\SRENGS\SRENGLDR.EXE]

==================================
计划任务
[已启用] SogouImeMgr.job
        F:\PROGRA~1\SOGOUI~1\360~1.165\PinyinRepair.exe

==================================
API HOOK
入口点错误:CreateProcessA (危险等级: 高,  被下面模块所HOOK: F:\Program Files\ast\AST.dll)
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: F:\Program Files\ast\AST.dll)
入口点错误:OpenProcess (危险等级: 高,  被下面模块所HOOK: C:\WINDOWS\system32\dnsq.dll)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
天月来了
头像
版主
  • 帖子:76904
  • 注册: 2007-02-06
  • 来自:
发表于: 2009-09-28 19:46 | 短消息 资料
字号: 3楼

回复:dnsq.dll是什么啊?救命!(附SREngLOG)

磁碟机病毒

去我置顶工具贴下载磁碟机病毒瘫痪程序,运行后

在去找各家磁碟机专杀通盘杀吧

或者升级杀毒软件全盘杀吧
百年以后,你的墓碑旁 刻着的名字不是我
gototop
 
rarara
头像
初生襁褓狮
  • 帖子:51
  • 注册: 2007-05-23
  • 来自:
发表于: 2009-09-28 20:05 | 只看楼主 短消息 资料
字号: 4楼

回复:dnsq.dll是什么啊?救命!(附SREngLOG)

磁碟机瘫痪程序很好用 太感谢了
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT