瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 高手进!!!求助,电脑换了2台了,仍然染上那种说不出来的病毒

1   1  /  1  页   跳转

高手进!!!求助,电脑换了2台了,仍然染上那种说不出来的病毒

收藏
白鸟瞳之住人
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-10-05
  • 来自:
发表于: 2006-10-05 11:40 | 显示全部 短消息 资料
字号: 1楼

高手进!!!求助,电脑换了2台了,仍然染上那种说不出来的病毒

先是上网受漏洞攻击,然后就有病毒,跳出来广告IE窗口,接着QQ木马就跟来了,接着升级rising的时候防火墙被它关了,就再也打不开了(点这个程序没反应),杀了好多好多病毒,但是广告仍然存在,那些插件的原文件能找到但删不掉,进程里什么cmd.exe,iexplorer.com什么的svch0st.exe,conime.exe都 出来了,cpu使用一直是100%

以上所有过程发生期间防火墙都有打开所有煎控,也有定时杀毒,

是不是有些木马瑞星搞不定呀

求住,求住,我新买的机器............................不能重导旧的那台的覆辙了...

联系我QQ158470515

谢谢
最后编辑2006-10-05 11:49:24
分享到:
gototop
 
白鸟瞳之住人
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-10-05
  • 来自:
发表于: 2006-10-05 11:47 | 显示全部 短消息 资料
字号: 2楼

发现个新问题,在文件夹选相里,我每次按照方法设置显示所有文件,按了确定,然后都会发现又被改回去了.
gototop
 
白鸟瞳之住人
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-10-05
  • 来自:
发表于: 2006-10-05 11:52 | 显示全部 短消息 资料
字号: 3楼

2006-10-05,11:39:44

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <wow><C:\WINDOWS\system32\Launcher.exe>  [N/A]
    <rx><C:\WINDOWS\system32\explore.exe>  [N/A]
    <zz><C:\WINDOWS\system32\intenet.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <SysExplr><C:\Herosoft\HeroV8\SYSEXPLR.EXE>  [N/A]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <High Definition Audio Property Page Shortcut><HDAShCut.exe>  [(Verified)Windows (R) Server 2003 DDK provider]
    <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Analog Devices, Inc.]
    <SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <EPSON ME 1><C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE /P10 "EPSON ME 1" /O6 "USB001" /M "ME 1">  [(Verified)SEIKO EPSON CORPORATION]
    <RavTask><"I:\瑞星杀毒\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <Torjan Program><C:\WINDOWS\WINLOGON.EXE>  [N/A]
    <IntelFile><C:\WINDOWS\system32\IntelFile.exe>  [N/A]
    <Update><C:\Program Files\Common Files\UPDATE2\Update.exe>  [N/A]
    <Tray><C:\WINDOWS\command\rundll32.exe>  [N/A]
    <Ljx><C:\WINDOWS\inf\rundll32.exe>  [N/A]
    <RavUpes><C:\WINDOWS\system32\agetltfes.exe>  []
    <zt><C:\WINDOWS\Intel\rundll32.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <9><C:\WINDOWS\system32\Ravdm.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><"\Program Files\Logonui\Royale.exe">  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\Program Files\Internet Explorer\PLUGINS\system3.sys>  [N/A]
    <{59703ED2-799E-4F3F-9EBB-41B2F1F65C07}><C:\WINDOWS\system32\winewfile.dll>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATK Keyboard Service / ATKKeyboardService]
  <C:\WINDOWS\ATKKBService.exe><ASUSTeK COMPUTER INC.>
[System Event Logger / BNESS]
  <C:\WINDOWS\SYSTEM32\RUNDLL.EXE C:\WINDOWS\SYSTEM32\WBEM\SMTPCONFS.DLL,Export 1087><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Spectrum24 Events Monitor / IPRIP]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\acss.dll><LINKMEDIA Tech>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[NetMeeting Remote Desktop Agent / Nwsapagent]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Nwsapagent.dll><LINKMEDIA Tech>
[Rising Process Communication Center / RsCCenter]
  <"I:\瑞星杀毒\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"I:\瑞星杀毒\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SVCHOST / SystemInspect]
  <C:\Program Files\SystemInspect\SVCHAST.exe><N/A>

==================================
驱动程序
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService]
  <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AEAudio Service / AEAudioService]
  <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[Enhanced Display Driver Helper Service / asuskbnt]
  <system32\drivers\atkkbnt.sys><ASUSTeK COMPUTER INC.>
[ati2mtag / ati2mtag]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[EIO / EIO]
  <\??\C:\WINDOWS\system32\drivers\EIO.sys><ASUSTeK Computer Inc.>
[ExpScaner / ExpScaner]
  <\??\I:\瑞星杀毒\ExpScan.sys><>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HOOKAPI / HOOKAPI]
  <\??\I:\瑞星杀毒\HOOKAPI.SYS><瑞星软件有限公司>
[HookCont / HookCont]
  <\??\I:\瑞星杀毒\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\I:\瑞星杀毒\HookReg.sys><>
[HookSys / HookSys]
  <\??\I:\瑞星杀毒\HookSys.sys><Rising>
[MegaIDE / MegaIDE]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN]
  <\??\I:\瑞星杀毒\MEMSCAN.sys><瑞星软件有限公司>
[ATK0110 ACPI UTILITY / MTsensor]
  <system32\DRIVERS\ASACPI.sys><>
[Netgroup Packet Filter / NPF]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
  <\??\I:\QQ\npkcrypt.sys><N/A>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nwlnksipx / nwlnksipx]
  <\??\C:\WINDOWS\system32\drivers\nwlnksipx.sys><Microsoft Corporation>
[Padus ASPI Shell / pfc]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SenFilt Service / SenFiltService]
  <system32\drivers\Senfilt.sys><Sensaura>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[viamraid / viamraid]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>

==================================
浏览器加载项
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <I:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[]
  {A31835C5-5E1E-4F35-B986-65BF19648DC1} <C:\WINDOWS\system32\asversys32.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
gototop
 
白鸟瞳之住人
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-10-05
  • 来自:
发表于: 2006-10-05 11:52 | 显示全部 短消息 资料
字号: 4楼

[百度搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\WINDOWS\DOWNLO~1\BaiDuBar.dll, >
[信息检索]
  {CE7C3CF0-98A8-474D-B2B5-1ED7E2E3B004} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[]
  {1D901067-2529-4A9B-9B6B-7A1DB3A44CB5} <C:\Program Files\coolsign\coolsign.dll, Fengcent>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <I:\QQ\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <I:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[百度搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\WINDOWS\DOWNLO~1\BaiDuBar.dll, >
[SearchCar]
  {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} <C:\Program Files\SearchCar\SearchCar.dll, IE Toolbar>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <I:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[]
  {A31835C5-5E1E-4F35-B986-65BF19648DC1} <C:\WINDOWS\system32\asversys32.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[百度搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\WINDOWS\DOWNLO~1\BaiDuBar.dll, >
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[信息检索]
  {CE7C3CF0-98A8-474D-B2B5-1ED7E2E3B004} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
  <I:\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <I:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <I:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <I:\QQ\SendMMS.htm, N/A>
[百度Flash搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/FLASHSEARCH.HTM, N/A>
[百度mp3搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUMP3.HTM, N/A>
[百度信息快递搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIE.HTM, N/A>
[百度图片搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIMG.HTM, N/A>
[百度搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUSEARCH.HTM, N/A>
[百度新闻搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUNEWS.HTM, N/A>
[豪杰超级解霸V8实时播放]
  <C:\Herosoft\HeroV8\MPURLGET.HTM, N/A>

==================================
正在运行的进程
[PID: 564][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 612][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 636][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4117]
[PID: 680][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 692][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 852][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 928][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]
[PID: 980][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\acss.dll]  [LINKMEDIA Tech, 1, 5, 0, 4]
    [c:\windows\system32\nwsapagent.dll]  [LINKMEDIA Tech, 1, 5, 0, 4]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]
[PID: 1024][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1080][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1292][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\EBPMON24.DLL]  [SEIKO EPSON CORPORATION, 5, 4, 0, 0]
[PID: 1388][C:\WINDOWS\ATKKBService.exe]  [ASUSTeK COMPUTER INC., 1, 0, 0, 0]
[PID: 1408][C:\WINDOWS\SYSTEM32\RUNDLL.EXE]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]
[PID: 1464][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8391]
[PID: 1508][C:\Program Files\SystemInspect\SVCHAST.exe]  [N/A, N/A]
[PID: 1780][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]
[PID: 492][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\SystemInput.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\mywow.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\myrx.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\myztr.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\jxdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\asversys32.dll]  [N/A, N/A]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\DOWNLO~1\BaiDuBar.dll]  [, 2, 0, 0, 0]
    [C:\WINDOWS\system32\IEHelper.dll]  [N/A, 1, 0, 0, 1]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [I:\瑞星杀毒\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\ACDSee\picaview.dll]  [ACD Systems, Ltd., 2, 0, 0, 78]
    [C:\Program Files\ACDSee\PlugIns\IDE_ACDStd.apl]  [ACD Systems, Ltd., 1, 3, 4, 22]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8391]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8391]
    [C:\WINDOWS\system32\nvshell.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [I:\瑞星杀毒\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1068][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.40]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1168][C:\Herosoft\HeroV8\SYSEXPLR.EXE]  [N/A, N/A]
    [C:\Herosoft\HeroV8\AVCDROM.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\CoolMenu.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\Sys936.DLL]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1252][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.8391]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8391]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1328][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 6, 0, 0, 20]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 6, 0, 4000, 014]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
gototop
 
白鸟瞳之住人
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-10-05
  • 来自:
发表于: 2006-10-05 11:52 | 显示全部 短消息 资料
字号: 5楼

[PID: 1368][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe]  [Analog Devices, Inc., 5, 2, 0, 12]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1616][I:\瑞星杀毒\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [I:\瑞星杀毒\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [I:\瑞星杀毒\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [I:\瑞星杀毒\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [I:\瑞星杀毒\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1652][C:\Program Files\Common Files\UPDATE2\Update.exe]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1632][C:\WINDOWS\command\rundll32.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 860][C:\WINDOWS\inf\rundll32.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\jxdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1700][C:\WINDOWS\system32\agetltfes.exe]  [, ]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
[PID: 1872][C:\WINDOWS\Intel\rundll32.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1936][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1756][I:\瑞星杀毒\rav.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 75]
    [I:\瑞星杀毒\PlugIn\RsPgScan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [I:\瑞星杀毒\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [I:\瑞星杀毒\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [I:\瑞星杀毒\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [I:\瑞星杀毒\RavUI.Dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 65]
    [I:\瑞星杀毒\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [I:\瑞星杀毒\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [I:\瑞星杀毒\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [I:\瑞星杀毒\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [I:\瑞星杀毒\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [I:\瑞星杀毒\RavUIMsg.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [C:\WINDOWS\system32\jxdll.dll]  [N/A, N/A]
    [I:\瑞星杀毒\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [I:\瑞星杀毒\RavQu.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [I:\瑞星杀毒\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [I:\瑞星杀毒\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [I:\瑞星杀毒\MVEngine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [I:\瑞星杀毒\Engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [I:\瑞星杀毒\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [I:\瑞星杀毒\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [I:\瑞星杀毒\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [I:\瑞星杀毒\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [I:\瑞星杀毒\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [I:\瑞星杀毒\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
[PID: 1748][I:\瑞星杀毒\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [I:\瑞星杀毒\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
gototop
 
白鸟瞳之住人
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-10-05
  • 来自:
发表于: 2006-10-05 11:53 | 显示全部 短消息 资料
字号: 6楼

[C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 1620][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\jxdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 212][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sdmAgent22.dll]  [LINKMEDIA Tech, 1, 5, 0, 7]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
[PID: 3456][I:\TT\TTraveler.exe]  [腾讯公司, 3.0.0.250]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [I:\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  [腾讯公司, 1, 1, 0, 5]
    [I:\TT\Plugins\TWeather\TWeather.dll]  [, 1, 0, 0, 3]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\jxdll.dll]  [N/A, N/A]
    [I:\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]
    [I:\瑞星杀毒\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\macromed\flash\Flash.ocx]  [Macromedia, Inc., 7,0,19,0]
[PID: 1228][C:\DOCUME~1\user\LOCALS~1\Temp\3.exe]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
[PID: 3668][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3692][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
[PID: 3716][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3792][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3932][C:\DOCUME~1\user\LOCALS~1\Temp\svch0st.exe]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\gziuwrj.dll]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\packet.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\DOCUME~1\user\LOCALS~1\Temp\WanPacket.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
[PID: 2488][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.jmp]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
[PID: 3016][I:\瑞星杀毒\RsLogVw.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [I:\瑞星杀毒\RsCommx.dll]  [rising, 18, 0, 0, 1]
    [I:\瑞星杀毒\rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [I:\瑞星杀毒\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [I:\瑞星杀毒\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\jxdll.dll]  [N/A, N/A]
    [I:\瑞星杀毒\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [I:\瑞星杀毒\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[PID: 2852][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\jxdll.dll]  [N/A, N/A]
[PID: 3132][C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.405\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\nmhxy.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\winewfile.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\jxdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\WSD_SOCK32.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\WSD_SOCK32.dll(N/A, N/A)
MT-TcpFilter
    C:\WINDOWS\system32\WSD_SOCK32.dll(N/A, N/A)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
59.34.197.239      www.baidu.com
59.34.197.239      baidu.com
59.34.197.239      www.sohu.com
59.34.197.239      sohu.com
59.34.197.239      www.sina.com
59.34.197.239      sina.com
59.34.197.239      www.sina.com.cn
59.34.197.239      sina.com.cn
59.34.197.239      www.163.com
59.34.197.239      163.com
59.34.197.239      www.google.com
59.34.197.239      google.com
59.34.197.239      www.qq.com
59.34.197.239      qq.com
59.34.197.239      www.hao123.com
59.34.197.239      hao123.com
59.34.197.239      ttlttt.com
203.171.236.215      www.17173.com
203.171.236.215      www.wowchina.com
203.171.236.215      www.ztgame.com.cn
203.171.236.215      rxjh.17game.com
203.171.236.215      www.17game.com
203.171.236.215      www.kd171.cn
203.171.236.215      www.72g.com
203.171.236.215      www.muchina.com
203.171.236.215      xyq.163.com
203.171.236.215      xy2.163.com
203.171.236.215      www.the9.com
203.171.236.215      www.5173.com
203.171.236.215      www.tkgame.com

==================================
gototop
 
白鸟瞳之住人
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-10-05
  • 来自:
发表于: 2006-10-05 11:54 | 显示全部 短消息 资料
字号: 7楼

攻击名称                                                        攻击日期              攻击来源                                                       
Blaster Rpc Exploit                                            2006-10-01 23:21      218.2.77.196:4054                                             
Blaster Rpc Exploit                                            2006-10-01 23:24      218.2.77.196:3589                                             
Blaster Rpc Exploit                                            2006-10-02 21:22      218.2.52.206:2923                                             
Blaster Rpc Exploit                                            2006-10-02 21:34      218.2.52.175:1964                                             
MS-4011 Exploit                                                2006-10-02 21:48      218.2.53.38:4419                                               
Blaster Rpc Exploit                                            2006-10-03 16:38      218.2.77.188:3168                                             
Blaster Rpc Exploit                                            2006-10-03 16:42      218.2.77.188:1742                                             
Blaster Rpc Exploit                                            2006-10-03 16:52      218.2.52.222:2960                                             
Blaster Rpc Exploit                                            2006-10-03 17:28      218.2.52.222:2160                                             
Blaster Rpc Exploit                                            2006-10-03 17:29      218.2.77.188:4881                                             
Blaster Rpc Exploit                                            2006-10-03 17:54      218.2.52.222:4624                                             
Blaster Rpc Exploit                                            2006-10-03 18:00      218.2.52.222:3475                                             
Blaster Rpc Exploit                                            2006-10-03 19:52      222.184.57.41:4258                                             
Blaster Rpc Exploit                                            2006-10-03 20:04      222.184.57.41:3914                                             
Blaster Rpc Exploit                                            2006-10-03 22:41      218.2.53.253:4531                                             
MS-4011 Exploit                                                2006-10-04 12:06      222.184.56.238:3648                                           
Blaster Rpc Exploit                                            2006-10-04 12:32      222.184.57.38:3656                                             
Blaster Rpc Exploit                                            2006-10-04 12:34      222.184.56.36:3425                                             
Blaster Rpc Exploit                                            2006-10-04 12:45      222.184.56.75:2296                                             
Blaster Rpc Exploit                                            2006-10-04 12:52      222.184.57.30:3229                                             
Blaster Rpc Exploit                                            2006-10-04 12:52      222.184.57.38:3891                                             
Blaster Rpc Exploit                                            2006-10-04 12:56      222.184.57.30:1537                                             
Blaster Rpc Exploit                                            2006-10-04 13:00      222.184.57.30:1963                                             
Blaster Rpc Exploit                                            2006-10-04 13:06      222.184.56.75:1711                                             
Blaster Rpc Exploit                                            2006-10-04 15:41      218.2.52.126:1747                                             
Blaster Rpc Exploit                                            2006-10-04 15:54      218.2.52.126:1205                                             
Blaster Rpc Exploit                                            2006-10-04 15:59      218.2.77.20:3077                                               
Blaster Rpc Exploit                                            2006-10-04 18:47      222.184.56.51:2628                                             
Blaster Rpc Exploit                                            2006-10-04 20:53      222.184.56.3:3709                                             
Blaster Rpc Exploit                                            2006-10-05 08:18      218.2.76.108:3406                                             
gototop
 
白鸟瞳之住人
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-10-05
  • 来自:
发表于: 2006-10-05 11:57 | 显示全部 短消息 资料
字号: 8楼

给点指示啊大哥
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT