瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 求助!!!打开文件夹exe文件不见了怎样恢复

12   2  /  2  页   跳转

求助!!!打开文件夹exe文件不见了怎样恢复

收藏
雨天故事
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2007-03-30
  • 来自:
发表于: 2007-07-22 11:11 | 显示全部 短消息 资料
字号: 11楼

[PID: 720 / Administrator][RsHide]  [N/A, ]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
[PID: 1308 / Administrator][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3760]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 2116 / Administrator][C:\Program Files\D-Tools\daemon.exe]  [DAEMON'S HOME, 3.47.0.0]
    [C:\WINDOWS\daemon.dll]  [, 3.47.0.0]
    [C:\Program Files\D-Tools\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]
    [C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]  [GENERIC, 1.02.0.0]
    [C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]  [GENERIC, 1.01.0.0]
    [C:\Program Files\D-Tools\Plugins\Images\pdimount.dll]  [GENERIC, 1.01.0.0]
    [C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]  [GENERIC, 1.02.0.0]
    [C:\Program Files\D-Tools\Plugins\Images\bw5mount.dll]  [, 1.0.2.0]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 2132 / Administrator][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 6, 8, 327]
    [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 26]
    [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 16, 2, 108]
    [C:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 16, 2, 108]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 29]
    [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 0, 18]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [ , 1, 0, 0, 19]
    [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 36]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 3, 18]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 4, 15]
    [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 2, 60]
    [C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 20]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
    [C:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 9]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 1, 3, 69]
    [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll]  [XunLei, 1, 2, 0, 10]
    [C:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 16]
    [C:\Program Files\Thunder Network\WebThunder\InMedia\iEmbed10.dll]  [ , 3, 3, 1, 83]
    [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
    [C:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Thunder Network\Thunder\Plugins\GouGouTop\GouGouTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VideoPicture.dll]  [XunLei, 1, 2, 0, 11]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 18]
    [C:\WINDOWS\system32\MFPlat.DLL]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
[PID: 2172 / Administrator][D:\WingFaster.exe]  [81915, 1.00]
    [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
    [C:\WINDOWS\system32\vb6chs.dll]  [Microsoft Corporation, 6.00.8988]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 2180 / Administrator][C:\Program Files\Alisoft\WangWang\WangWang.EXE]  [阿里巴巴软件(上海)有限公司, 5, 5, 0, 2]
    [C:\Program Files\Alisoft\WangWang\AliViewCtrl.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 2]
    [C:\Program Files\Alisoft\WangWang\VLNetwork.dll]  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 6]
    [C:\Program Files\Alisoft\WangWang\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Alisoft\WangWang\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Alisoft\WangWang\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Alisoft\WangWang\AliViewMedia.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 2]
    [C:\Program Files\Alisoft\WangWang\VideoCap.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 4]
    [C:\Program Files\Alisoft\WangWang\VLAudio.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 5]
    [C:\Program Files\Alisoft\WangWang\JsmShow.dll]  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 4]
    [C:\Program Files\Alisoft\WangWang\AliSkin.dll]  [阿里巴巴软件(上海)有限公司, 1.0.0.1]
    [C:\Program Files\Alisoft\WangWang\PngLib.dll]  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1]
    [C:\Program Files\Alisoft\WangWang\zlib.dll]  [, 1.2.3]
    [C:\Program Files\Alisoft\WangWang\ww_network.dll]  [阿里巴巴软件(上海)有限公司, 1, 0, 2, 2]
    [C:\Program Files\Alisoft\WangWang\Ali_Res.DLL]  [N/A, ]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\Program Files\Alisoft\WangWang\WangWangX4.dll]  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1]
    [C:\Program Files\Alisoft\WangWang\RICHED32.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Alisoft\WangWang\RICHED20.dll]  [Microsoft Corporation, 5.30.23.1221]
    [C:\Program Files\Alisoft\WangWang\RichOne.dll]  [阿里巴巴软件(上海)有限公司, 1.0.0.1]
    [C:\Program Files\Alisoft\WangWang\TBProgress.dll]  [阿里巴巴软件(上海)有限公司, 1.0.0.1]
    [C:\Program Files\Alisoft\WangWang\MessageNotify.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
gototop
 
雨天故事
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2007-03-30
  • 来自:
发表于: 2007-07-22 11:12 | 显示全部 短消息 资料
字号: 12楼

[PID: 2364 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 2960 / Administrator][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 3980 / Administrator][F:\xp\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQHelperDll.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [TENCENT, 7, 0, 225, 1651]
    [F:\xp\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [F:\xp\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [F:\xp\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [F:\xp\Program Files\Tencent\QQ\QQAPI.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [F:\xp\Program Files\Tencent\QQ\LoginCtrl.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQRes.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\MailSummary.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, ]
    [F:\xp\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\xp\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, ]
    [F:\xp\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [F:\xp\Program Files\Tencent\QQ\NewSkin.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\HostingMgr.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\CameraDll.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQAllInOne.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [F:\xp\Program Files\Tencent\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [F:\xp\Program Files\Tencent\QQ\QQGroupMng.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQSpace.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\LongConnection.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, ]
    [F:\xp\Program Files\Tencent\QQ\UserDefinedHead.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, ]
    [F:\xp\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, ]
    [F:\xp\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, ]
    [F:\xp\Program Files\Tencent\QQ\QQPet.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\PhoneAPI.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [F:\xp\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, ]
    [F:\xp\Program Files\Tencent\QQ\CommercesMng.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\PersonalDesktop.dll]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 310]
    [F:\xp\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, ]
    [F:\xp\Program Files\Tencent\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 1, 9, 93]
    [F:\xp\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, ]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 3152 / Administrator][F:\xp\Program Files\Tencent\QQ\TIMPlatform.exe]  [TENCENT, 7,0,313,1681]
    [F:\xp\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 1320 / Administrator][RsHide]  [N/A, ]
    [C:\Program Files\木马杀客\krnln.fnr]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\Program Files\木马杀客\iext.fne]  [, 1, 0, 0, 1]
    [C:\Program Files\木马杀客\HtmlView.fne]  [, 1, 0, 0, 1]
    [C:\Program Files\木马杀客\TrayIcon.fne]  [, 1, 0, 0, 1]
    [C:\Program Files\木马杀客\iext2.fne]  [, 1, 0, 0, 1]
    [C:\Program Files\木马杀客\HYExtLib.fne]  [N/A, ]
    [C:\Program Files\木马杀客\xplib.fne]  [N/A, ]
    [C:\Program Files\木马杀客\shell.fne]  [N/A, ]
    [C:\Program Files\木马杀客\eAPI.fne]  [, 1, 0, 0, 1]
    [C:\Program Files\木马杀客\EThread.fne]  [N/A, ]
    [C:\Program Files\木马杀客\dp1.fne]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
gototop
 
雨天故事
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2007-03-30
  • 来自:
发表于: 2007-07-22 11:12 | 显示全部 短消息 资料
字号: 13楼

[PID: 3120 / Administrator][E:\setup\数据恢复工具\h\EasyRecovery.exe]  [Ontrack Data Recovery Inc., 1.00.27.51]
    [E:\setup\数据恢复工具\h\mxdlgsup.dll]  [Ontrack Data Recovery Inc., 1.00.16.25]
    [E:\setup\数据恢复工具\h\MXPM.DLL]  [Ontrack Data Recovery Inc., 1.00.19.19]
    [E:\setup\数据恢复工具\h\mxexhand.dll]  [Ontrack Data Recovery Inc., 1.00.16.19]
    [E:\setup\数据恢复工具\h\ShellHC.dll]  [Ontrack Data Recovery Inc., 1.00.16.23]
    [E:\setup\数据恢复工具\h\Language\ShellEnglishHC.DLL]  [Ontrack Data Recovery Inc., 1.00.19.30]
    [E:\setup\数据恢复工具\h\Language\Shell2EnglishHC.DLL]  [Ontrack Data Recovery Inc., 1.00.22.42]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [E:\setup\数据恢复工具\h\engine.dll]  [Ontrack Data Recovery Inc., 1.00.16.44]
    [E:\setup\数据恢复工具\h\FILW.dll]  [KrollOntrack, 4, 0, 1, 4]
    [E:\setup\数据恢复工具\h\RTFCtrl.dll]  [Ontrack Data Recovery Inc., 1.00.17.28]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [E:\setup\数据恢复工具\h\Raw.dll]  [Ontrack Data Recovery Inc., 1.00.0.29]
    [E:\setup\数据恢复工具\h\CreateZip.dll]  [Ontrack Data Recovery Inc., 1.00.0.26]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 3032 / Administrator][RsHide]  [N/A, ]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 3, 2, 0, 1001]
    [C:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 3, 2, 0, 1001]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
[PID: 3084 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\535523.exe]  [北京江民新科技术有限公司, 3, 0, 7, 117]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
[PID: 2168 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [Thunder Networking Technologies,LTD, 4, 5, 1, 33]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [C:\WINDOWS\system32\TPHANDLE.dll]  [江苏科建教育软件有限责任公司, 5, 0, 10, 10]
    [C:\Program Files\Microsoft Office\Office12\msohevi.dll]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MFPlat.DLL]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3121 (xpsp_sp2_gdr.070418-0032)]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\L3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 2, 0, 63]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2580 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [Thunder Networking Technologies,LTD, 4, 5, 1, 33]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [C:\WINDOWS\system32\TPHANDLE.dll]  [江苏科建教育软件有限责任公司, 5, 0, 10, 10]
    [C:\Program Files\Microsoft Office\Office12\msohevi.dll]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [C:\WINDOWS\system32\FREEIME.IME]  [Delphi Fan Studio, 4.00.950]
[PID: 3000 / Administrator][D:\TDDOWNLOAD\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rsv16.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 2, 0, 5]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 0, 1, 0, 1]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 0, 1, 0, 0]
    [D:\TDDOWNLOAD\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
gototop
 
雨天故事
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2007-03-30
  • 来自:
发表于: 2007-07-22 11:13 | 显示全部 短消息 资料
字号: 14楼

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1420, C:\WINDOWS\RSHIDE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 720, C:\WINDOWS\RSHIDE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2116, C:\PROGRAM FILES\D-TOOLS\DAEMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2132, C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2172, D:\WINGFASTER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2180, C:\PROGRAM FILES\ALISOFT\WANGWANG\WANGWANG.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1320, C:\WINDOWS\RSHIDE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3120, E:\SETUP\数据恢复工具\H\EASYRECOVERY.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3032, C:\WINDOWS\RSHIDE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3032, C:\WINDOWS\RSHIDE]
特殊特权被允许: SeDebugPrivilege [PID = 3084, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\535523.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3084, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\535523.EXE]

==================================
API HOOK
入口点错误:RegCreateKeyExA (危险等级: 高,  被下面模块所HOOK: 0x00E81FE5)
入口点错误:RegCreateKeyExW (危险等级: 高,  被下面模块所HOOK: 0x00E820B5)
入口点错误:Process32NextW (危险等级: 高,  被下面模块所HOOK: 0x00E83835)
入口点错误:Module32FirstW (危险等级: 高,  被下面模块所HOOK: 0x00E83905)
入口点错误:TerminateProcess (危险等级: 高,  被下面模块所HOOK: 0x00E84055)
入口点错误:CreateProcessA (危险等级: 高,  被下面模块所HOOK: C:\Program Files\360safe\safemon\safemon.dll)
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: C:\Program Files\360safe\safemon\safemon.dll)
入口点错误:FindWindowA (危险等级: 高,  被下面模块所HOOK: 0x00E839D5)
入口点错误:FindWindowExA (危险等级: 高,  被下面模块所HOOK: 0x00E83B75)
入口点错误:FindWindowExW (危险等级: 高,  被下面模块所HOOK: 0x00E83C45)
入口点错误:FindWindowW (危险等级: 高,  被下面模块所HOOK: 0x00E83AA5)
入口点错误:SendMessageA (危险等级: 高,  被下面模块所HOOK: 0x00E83D15)
入口点错误:SendMessageW (危险等级: 高,  被下面模块所HOOK: 0x00E83DE5)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
雨天故事
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2007-03-30
  • 来自:
发表于: 2007-07-22 11:15 | 显示全部 短消息 资料
字号: 15楼

扫描已发上去了,请高手看看,如何补救
gototop
 
雨天故事
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2007-03-30
  • 来自:
发表于: 2007-07-22 11:33 | 显示全部 短消息 资料
字号: 16楼

找不到这个文件呢?
gototop
 
雨天故事
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2007-03-30
  • 来自:
发表于: 2007-07-22 11:41 | 显示全部 短消息 资料
字号: 17楼

你qq好象不在线呢?
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT