瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 中了Trojan.DL.Agent.nxd和Rootkit.Agent.yj 怎么杀?附日志

12   2  /  2  页   跳转

中了Trojan.DL.Agent.nxd和Rootkit.Agent.yj 怎么杀?附日志

收藏
HKG36
头像
初生襁褓狮
  • 帖子:14
  • 注册: 2007-05-16
  • 来自:
发表于: 2007-05-18 11:40 | 显示全部 短消息 资料
字号: 11楼

正在运行的进程
[PID: 448][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 748][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 792][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 804][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 976][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1024][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1136][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1204][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1288][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1764][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\msonpmon.dll]  [Microsoft Corporation, 12.3.4518.1014]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\msonpppr.dll]  [Microsoft Corporation, 12.3.4518.1014]
[PID: 1776][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\MICROS~3\Office12\GrooveNew.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Microsoft Office\Office12\msohevi.dll]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\MICROS~3\Office12\GR326C~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech Inc., 2.42.257]
    [C:\DOCUME~1\lihaitao\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 7.2.0 (Build 137R)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)]
    [C:\Program Files\Avpack\Haali\mmfinfo.dll]  [N/A, ]
    [C:\Program Files\Avpack\Haali\mkunicode.dll]  [N/A, ]
    [C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll]  [Nero AG, 2, 0, 0, 7]
    [C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\a\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 1940][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 288][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
[PID: 356][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
[PID: 476][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 2296][C:\Program Files\DAEMON Tools\daemon.exe]  [DT Soft Ltd., 4.08.0.0]
    [C:\Program Files\DAEMON Tools\daemon.dll]  [DT Soft Ltd., 4.08.0.0]
    [C:\Program Files\DAEMON Tools\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]
    [C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll]  [, 1.1.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll]  [GENERIC, 1.10.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\cuemount.dll]  [DT Soft Ltd., 1.0.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll]  [DT Soft Ltd., 1.18.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll]  [DT Soft Ltd., 1.12.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll]  [GENERIC, 1.01.0.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 2436][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 2540][C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\Program Files\Microsoft Office\Office12\USP10.dll]  [Microsoft Corporation, 1.0626.5756.0 (vista_rtm.061008-1400)]
    [C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
gototop
 
HKG36
头像
初生襁褓狮
  • 帖子:14
  • 注册: 2007-05-16
  • 来自:
发表于: 2007-05-18 11:41 | 显示全部 短消息 资料
字号: 12楼

[PID: 2548][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 2556][C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe]  [Nero AG, 1, 0, 0, 1]
    [C:\Program Files\Common Files\Ahead\lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Common Files\Ahead\lib\NMIndexStoreSvrPS.dll]  [Nero AG, 1, 0, 0, 1]
    [C:\Program Files\Common Files\Ahead\lib\NMDataServices.dll]  [Nero AG, 1, 0, 0, 1]
[PID: 2624][C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe]  [Logitech, 2.1.2.0]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\backWeb.dll]  [BackWeb Technologies Inc., Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwsec.dll]  [BackWeb, Version 4.2.0 (Build 137R)]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\clntutil.dll]  [N/A, ]
    [C:\PROGRA~1\Logitech\DESKTO~1\8876480\720~1.137\program\EN\ClientRC.dll]  [BackWeb Technologies Inc., Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll]  [BackWeb Technologies Inc.                        , Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWfiles.dll]  [, Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\DOCUME~1\lihaitao\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 7.2.0 (Build 137R)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll]  [BackWeb Technologies Inc.                        , Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWDocMapExt.dll]  [, Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll]  [BackWeb Technologies Inc.                        , Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwscriptext.dll]  [, Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll]  [Logitech, 2.01.02]
[PID: 2648][C:\Program Files\Logitech\SetPoint\SetPoint.exe]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\KemUtil.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Logitech\SetPoint\SetPointCOM.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\kemutb.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\KGame.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\KemWnd.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\KemXML.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Logitech\KHAL\KhalApi.dll]  [Logitech Inc., 2.42.257]
    [C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\MICROS~3\Office12\GrooveNew.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Logitech\SetPoint\LCabHandler.dll]  [Logitech Inc., 2.42.257]
[PID: 2660][D:\a\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 0, 1, 9008]
    [D:\a\Maxthon2\mxpp.dll]  [Maxthon, 1, 0, 0, 50]
    [D:\a\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 119]
    [D:\a\Maxthon2\MxProxy2.dll]  [, 1, 0, 0, 2868]
    [D:\a\Maxthon2\MxFav.dll]  [Maxthon, 1, 0, 0, 186]
    [D:\a\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [D:\a\Maxthon2\mxtool.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\a\Maxthon2\mxfeedU.dll]  [, 1, 0, 45, 45]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech Inc., 2.42.257]
    [C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\DOCUME~1\lihaitao\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 7.2.0 (Build 137R)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sohu.com Inc., 3, 0, 0, 0]
    [C:\WINDOWS\system32\dllMergeDict.dll]  [Sogou.com Inc., 3, 0, 0, 0]
    [C:\Program Files\SogouInput\Plugin\SgImeWord.dll]  [, 1, 0, 0, 31]
    [C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCTIP.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\COMMON~1\MICROS~1\IME12\SHARED\IMETIP.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCCORE.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCCFG.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\PROGRA~1\COMMON~1\MICROS~1\IME12\SHARED\IMELM.DLL]  [Microsoft Corporation, 12.0.4518.1014]
[PID: 2836][C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE]  [Logitech Inc., 2.42.230]
    [C:\Program Files\Common Files\Logitech\KHAL\KHALAPI.DLL]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Logitech\KHAL\KHALITCH.DLL]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Common Files\Logitech\KHAL\KHALMW.DLL]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Common Files\Logitech\KHAL\KHALHPP.DLL]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3624][D:\软件\安全\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\DOCUME~1\lihaitao\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 7.2.0 (Build 137R)]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech Inc., 2.42.257]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech Inc., 2.42.257]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
gototop
 
HKG36
头像
初生襁褓狮
  • 帖子:14
  • 注册: 2007-05-16
  • 来自:
发表于: 2007-05-18 11:41 | 显示全部 短消息 资料
字号: 13楼

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
60.191.64.72 www.hao123.com
60.191.64.72 www.gjj.cc
60.191.64.73 search.114.vnet.cn
60.191.64.73 www.baidu,com
60.191.64.73 www.4399.com
60.191.64.73 www.4399.net
60.191.64.73 www.4399.cn
60.191.64.73 www.4399.cc
60.191.64.73 www.4399.org
60.191.64.73 www.gameyes.com
60.191.64.73 www.xiaoyouxi.com
60.191.64.73 4399.com
60.191.64.73 4399.net
60.191.64.73 4399.cn
60.191.64.73 4399.cc
60.191.64.73 4399.org
60.191.64.73 gameyes.com
60.191.64.73 xiaoyouxi.com

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT