1   1  /  1  页   跳转

oprar.exe是什么病毒?

收藏
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 09:42 | 显示全部 短消息 资料
字号: 1楼

oprar.exe是什么病毒?

最近临时文件夹里总出现oprar.exe这个文件,删除后总会自己重新出现,把注册表里的有关项删除也没有用,而且系统总是提示它调用cmd.exe错误,开机也会弹出“系统错误,需要关闭”的提示,哪位大侠知道它的底细和查杀方法?
最后编辑2006-08-24 18:07:07
分享到:
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:49 | 显示全部 短消息 资料
字号: 2楼

我用的是系统服务器,扫描结果比较乱。

2006-08-21,11:34:37

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <PhMain><C:\Program Files\PeanutHull3\Phmain.exe>  [广东网域]
    <ScanRegistry><C:\Program Files\Common Files\update\update.exe>  []
    <3721><; C:\$NtUninstallQ5926809$\3721.bat>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <icd><"C:\Program Files\icd\Icd.exe">  [编程小屋 http://www.bcxw.com]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <iSpirit><C:\Program Files\ispirit\ispirit.exe>  [北京极限通科技有限公司]
    <NTdhcp><C:\WINDOWS\system32\NTdhcp.exe>  []
    <p5u2><RunDll32 "C:\WINDOWS\Downlo~1\p5u2.dll",Run>  [Microsoft Corporation]
    <SearchNet_Up><C:\Program Files\SearchNet\ServeUp.exe>  [中搜在线]
    <CdnCtr><8V-x?>  []
    <SrvNet32><RunDll32 "C:\Program Files\SearchNet\SrvNet32.dll",Run>  []
    <MyOASMS><; C:\Program Files\MYOASMS\MyOASMS.exe -1 -2>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <CheckFaultKernel><C:\WINDOWS\system32\mswdm.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{288BD9BD-F0DC-46B1-81B5-2B61DF8077CE}><C:\WINDOWS\system32\CC.dll>  []
    <{F3D0D422-CE6D-47B3-9CE6-C54DD63F1ADB}><C:\Program Files\Internet Explorer\PLUGINS\new123.sys>  []
    <{CF49F9F2-A8D3-464F-83EC-6AFC6573C267}><C:\WINDOWS\system32\jhcmd2.dll>  []

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk><N>
[极限应用服务监视器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\极限应用服务监视器.lnk><N>

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[IMA_Server / IMA_Server]
  <d:\MYOA\IMA\IMAServer.exe><N/A>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[MeChat / MeChat]
  <d:\MYOA\MeChat\MeChat.exe><N/A>
[MySQL_OA / MySQL_OA]
  <D:\MYOA\mysql\bin\mysqld-nt.exe MySQL_OA><N/A>
[OA_Service / OA_Service]
  <"d:\MYOA\bin\apache.exe" -k runservice><Apache Software Foundation>
[PeanuthullCore / PeanuthullCore]
  <C:\Program Files\PeanutHull3\PhCore.exe -service><广东网域>
[88IP V6.0 Service / PRO88IPService]
  <C:\Program Files\CasinTech\88ip Client\88ip.exe><N/A>
[Rising Proxy  Service / RfwProxySrv]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
正在运行的进程
文件关联
Winsock 提供者

==================================
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:50 | 显示全部 短消息 资料
字号: 3楼

2006-08-21,11:34:47

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中:
    浏览器加载项


启动项目
注册表
启动文件夹
服务

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Zhongsou Browser Helper]
  {2A0176FE-008B-4706-90F5-BBA532A49731} <C:\Program Files\SearchNet\SNHpr.dll, Beijing Zhongsou Online Software>
[IE Browser Helper]
  {3CE496D1-1746-41CD-9489-3C0B93DF10E2} <C:\WINDOWS\Downlo~1\eb9p1vq.dll, 中搜在线软件有限公司>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[AlxTB BHO Class]
  {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} <C:\WINDOWS\system32\AlxTB1.dll, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
[ICQ  Toolbar]
  {855F3B16-6D32-4fe6-8A56-BBB695989046} <C:\Program Files\ICQToolbar\toolbaru.dll, ICQ Inc.>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[NTKO Office文档控件]
  {01DFB4B4-0E07-4E3F-8B7A-98FD6BFF153F} <C:\Program Files\NTKO SOFTWARE\OfficeControl\OfficeControl.ocx, 千航网络[NTKO SOFTWARE]Email: tanger@ntko.com>
[NetCamPlayerWeb Control]
  {1D9EFA3B-4E85-41A8-9092-14012CD447C9} <C:\WINDOWS\DOWNLO~1\NETCAM~1.OCX, >
[NetCamPlayerWeb11g Control]
  {4A026B12-94F3-4D2F-A468-96AA55DE20A5} <C:\WINDOWS\DOWNLO~1\NETCAM~2.OCX, Sercomm>
[ICCard Control]
  {4AB8AC1A-AE97-49FF-A74C-1F3C0CFC9870} <C:\WINDOWS\DOWNLO~1\CoolRun.ocx, 北京极限通软件研发中心>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
[天下搜索]
  {56A7DC70-E102-4408-A34A-AE06FEF01586} <, N/A>
[ProfileAccessCtrl Class]
  {8A96EAE5-D262-4226-A517-304C88B53F1F} <C:\WINDOWS\Downloaded Program Files\ProfileAccess.dll, >
[iWebOffice2006 Control]
  {8B23EA28-723C-402F-92C4-59BE0E063499} <C:\WINDOWS\DOWNLO~1\ioDoc.ocx, >
[LiveMediaOcx Control]
  {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} <C:\PROGRA~1\Tencent\QQLIVE~1\QQLive.ocx, >
[NvsViewer Class]
  {99A7E374-3E8E-4C78-A054-25522DC03DA2} <C:\WINDOWS\system32\NVSViewer.dll, CYNIX Inc.>
[Update Class]
  {9F1C11AA-197B-4942-BA54-47A8489BB47F} <C:\WINDOWS\system32\iuctl.dll, Microsoft Corporation>
[MeChatU Class]
  {BE9D5F13-40C1-44CA-9950-B9211E4B60DD} <C:\WINDOWS\Downloaded Program Files\MeChatUser.dll, >
[NTKO OFFICE文档控件]
  {C9BC4DFF-4248-4A3C-8A49-63A7D317F404} <C:\WINDOWS\Downloaded Program Files\OfficeControl.ocx, 千航网络[NTKO SOFTWARE] WEB:http://www.ntko.com Email: tanger@ntko.com>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[PSVRecImage Control]
  {E111B6BD-3B91-410E-A989-F3392676AF34} <C:\WINDOWS\DOWNLO~1\PSVREC~1.OCX, Pixord>
[HCNetVideo Control]
  {F030F48F-CD67-45D1-B622-A5D88A7BCFE9} <C:\WINDOWS\system32\HCNETV~1.OCX, >
[Hqext Control]
  {FE70C9C0-FB4D-4225-A50D-F967EC8FC54A} <C:\WINDOWS\DOWNLO~1\hqext.ocx, aljoin>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
文件关联
Winsock 提供者

==================================
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:50 | 显示全部 短消息 资料
字号: 4楼

2006-08-21,11:35:58

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中:
    文件关联


启动项目
注册表
启动文件夹
服务

==================================
浏览器加载项
正在运行的进程
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:56 | 显示全部 短消息 资料
字号: 5楼

2006-08-21,11:35:39

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中:
    正在运行的进程(包括进程模块信息)


启动项目
注册表
启动文件夹
服务

==================================
浏览器加载项
正在运行的进程
[PID: 364][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
[PID: 412][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 436][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 480][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 516][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 676][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 728][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 900][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 932][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 944][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1140][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.2.3790.346 (srv03_gdr.050610-1523)>
    [C:\WINDOWS\system32\adimon.dll]  <Autodesk, Inc.><3,0,14,176>
    [C:\WINDOWS\system32\heidi3.dll]  <Autodesk, Inc.><3,0,14,176>
    [C:\WINDOWS\system32\spool\PRTPROCS\W32X86\IAProcessor.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
    [C:\WINDOWS\system32\spool\PRTPROCS\W32X86\vprproc.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 1164][C:\WINDOWS\system32\netdde.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 1240][C:\WINDOWS\system32\msdtc.exe]  <Microsoft Corporation><2001.12.4720.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1336][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1348][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  <Macrovision><4.20.020>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1384][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1440][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  <Microsoft Corporation><6.0.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1496][d:\MYOA\MeChat\MeChat.exe]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1588][D:\MYOA\mysql\bin\mysqld-nt.exe]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1612][C:\WINDOWS\system32\ntfrs.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1640][d:\MYOA\bin\apache.exe]  <Apache Software Foundation><2.0.55>
    [d:\MYOA\bin\libapr.dll]  <Apache Software Foundation><0.9.7>
    [d:\MYOA\bin\libaprutil.dll]  <Apache Software Foundation><0.9.7>
    [d:\MYOA\bin\libapriconv.dll]  <Apache Software Foundation><0.9.7>
    [d:\MYOA\bin\libhttpd.dll]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_access.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_actions.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_alias.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_asis.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_auth.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_autoindex.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_dir.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_env.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_include.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_log_config.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_mime.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_negotiation.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_setenvif.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_cgi.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_isapi.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\bin\sapi\php4apache2.dll]  <N/A><N/A>
    [d:\MYOA\bin\php4ts.dll]  <The PHP Group><4.3.10.10>
    [D:\MYOA\bin\mmcache.dll]  <N/A><N/A>
    [D:\MYOA\bin\ZendOptimizer.dll]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [d:\MYOA\bin\php_gd2.dll]  <N/A><N/A>
    [d:\MYOA\bin\php_iconv.dll]  <N/A><N/A>
    [d:\MYOA\bin\iconv.dll]  <Free Software Foundation><1.9>
[PID: 1660][C:\Program Files\PeanutHull3\PhCore.exe]  <广东网域><1, 0, 0, 13>
    [C:\Program Files\PeanutHull3\PhAlive.dll]  <广东网域><1, 0, 1, 26>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 1692][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1740][C:\WINDOWS\System32\snmp.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1756][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 1940][C:\WINDOWS\system32\Dfssvc.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 2016][d:\MYOA\IMA\IMAServer.exe]  <N/A><N/A>
    [d:\MYOA\IMA\crypt.dll]  <N/A><N/A>
    [d:\MYOA\IMA\CC3260MT.DLL]  <Borland Corporation><0.0.0.0 (informal build)>
    [d:\MYOA\IMA\libmysql.dll]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 216][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 2128][D:\MYOA\bin\apache.exe]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\bin\libapr.dll]  <Apache Software Foundation><0.9.7>
    [D:\MYOA\bin\libaprutil.dll]  <Apache Software Foundation><0.9.7>
    [D:\MYOA\bin\libapriconv.dll]  <Apache Software Foundation><0.9.7>
    [D:\MYOA\bin\libhttpd.dll]  <Apache Software Foundation><2.0.55>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [D:\MYOA\modules\mod_access.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_actions.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_alias.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_asis.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_auth.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_autoindex.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_dir.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_env.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_include.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_log_config.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_mime.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_negotiation.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_setenvif.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_cgi.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\modules\mod_isapi.so]  <Apache Software Foundation><2.0.55>
    [D:\MYOA\bin\sapi\php4apache2.dll]  <N/A><N/A>
    [D:\MYOA\bin\php4ts.dll]  <The PHP Group><4.3.10.10>
    [D:\MYOA\bin\mmcache.dll]  <N/A><N/A>
    [D:\MYOA\bin\ZendOptimizer.dll]  <N/A><N/A>
    [D:\MYOA\bin\php_gd2.dll]  <N/A><N/A>
    [D:\MYOA\bin\php_iconv.dll]  <N/A><N/A>
    [D:\MYOA\bin\iconv.dll]  <Free Software Foundation><1.9>
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 11:58 | 显示全部 短消息 资料
字号: 6楼


[PID: 3280][C:\WINDOWS\system32\wbem\wmiprvse.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 3908][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><16.0.0.86>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\Program Files\SearchNet\SrvNet32.dll]  <中搜在线><1, 0, 2, 7>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\WINDOWS\Downlo~1\eb9p1vq.dll]  <中搜在线软件有限公司><2, 0, 2, 5>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\ICQLite\ICQLiteShell.dll]  <><20, 34, 2321, 0>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.7.2006011200>
[PID: 3972][C:\Program Files\icd\Icd.exe]  <编程小屋 http://www.bcxw.com><1.72>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\Program Files\icd\icd.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 3820][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3292>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
[PID: 3796][C:\Program Files\ispirit\ispirit.exe]  <北京极限通科技有限公司><2, 0, 0, 0>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 3584][C:\WINDOWS\system32\NTdhcp.exe]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
[PID: 3548][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 312][C:\Program Files\PeanutHull3\Phmain.exe]  <广东网域><3, 1, 0, 42>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\Program Files\PeanutHull3\PhRes.dll]  <广东网域><1, 0, 8, 1>
    [C:\Program Files\PeanutHull3\PhService.dll]  <广东网域><1, 0, 1, 21>
    [C:\Program Files\PeanutHull3\iconv.dll]  <Free Software Foundation><1.9>
    [C:\WINDOWS\PhIDNA.dll]  <广东网域><1, 0, 0, 2>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 3268][D:\MYOA\bin\Monitor.exe]  <N/A><N/A>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 1604][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [c:\program files\google\googletoolbar3.dll]  <Google Inc.><3, 0, 131, 0>
    [C:\Program Files\SearchNet\SNHpr.dll]  <Beijing Zhongsou Online Software><1, 0, 0, 1>
    [C:\WINDOWS\Downlo~1\eb9p1vq.dll]  <中搜在线软件有限公司><2, 0, 2, 5>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><16.0.0.86>
[PID: 812][C:\DOCUME~1\ADMINI~1.OA\LOCALS~1\Temp\oprar.exe]  <WHITEHOUSE><1.1.1.0>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\DOCUME~1\ADMINI~1.OA\LOCALS~1\Temp\7.dll]  <Microsoft Corporation><5.00.1764.1>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\DOCUME~1\ADMINI~1.OA\LOCALS~1\Temp\packet.dll]  <CACE Technologies><3, 1, 0, 27>
    [C:\DOCUME~1\ADMINI~1.OA\LOCALS~1\Temp\WanPacket.dll]  <CACE Technologies><3, 1, 0, 27>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
[PID: 3532][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
[PID: 4964][E:\瑞星2006\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\yanga9_Hook.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINDOWS\yanga9Key.DLL]  <N/A><N/A>
    [C:\WINDOWS\system32\CC.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>

==================================
文件关联
Winsock 提供者

==================================
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 12:03 | 显示全部 短消息 资料
字号: 7楼

rising升级中,期待……
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-21 16:21 | 显示全部 短消息 资料
字号: 8楼

rising居然被关闭了!看不到rising监控的雨伞,rising主界面也是一闪就被关闭,看来只能等到晚上进入安全模式试一下了》
gototop
 
风在都市
头像
初生襁褓狮
  • 帖子:17
  • 注册: 2005-12-12
  • 来自:
发表于: 2006-08-24 17:20 | 显示全部 短消息 资料
字号: 9楼

my god!
NO!
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT