瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 各位大大能不能帮我看下是否中了木马哦,谢谢了~

1   1  /  1  页   跳转

[求助] 各位大大能不能帮我看下是否中了木马哦,谢谢了~

收藏
冰之剑行
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2006-07-14
  • 来自:
发表于: 2008-12-12 14:37 | 显示全部 短消息 资料
字号: 1楼

各位大大能不能帮我看下是否中了木马哦,谢谢了~

[Logitech QuickCam Pro 9000(UVC) / LVUVC][Running/Manual Start]
  <system32\DRIVERS\lvuvc.sys><Logitech Inc.>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvatabus / nvatabus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Legacy Driver / NVENET][Stopped/Manual Start]
  <system32\DRIVERS\NVENET.sys><NVIDIA Corporation>
[Service for NVIDIA(R) nForce(TM) MIDI UART / nvmpu401][Stopped/Manual Start]
  <system32\drivers\nvmpu401.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[DDK PACKET Protocol / Packet][Running/Manual Start]
  <system32\DRIVERS\ProtoDrv.sys><360安全中心>
[Psx Hid to Gamepad Port Enabler / PSXGamepadEnabler][Stopped/Manual Start]
  <system32\drivers\psxpad.sys><N/A>
[Psx Port Enumerator / PsxPortEnumerator][Stopped/Manual Start]
  <System32\Drivers\psxenum.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[SmartCard Reader Device  / Reader_Device][Running/Manual Start]
  <system32\DRIVERS\usbic2k.sys><OEM>
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Information Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/System Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Sony Ericsson Device 117 driver (WDM) / s117bus][Stopped/Manual Start]
  <system32\DRIVERS\s117bus.sys><MCCI Corporation>
[Sony Ericsson Device 117 USB WMC Modem Filter / s117mdfl][Stopped/Manual Start]
  <system32\DRIVERS\s117mdfl.sys><MCCI Corporation>
[Sony Ericsson Device 117 USB WMC Modem Driver / s117mdm][Stopped/Manual Start]
  <system32\DRIVERS\s117mdm.sys><MCCI Corporation>
[Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM) / s117mgmt][Stopped/Manual Start]
  <system32\DRIVERS\s117mgmt.sys><MCCI Corporation>
[Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS) / s117nd5][Stopped/Manual Start]
  <system32\DRIVERS\s117nd5.sys><MCCI Corporation>
[Sony Ericsson Device 117 USB WMC OBEX Interface / s117obex][Stopped/Manual Start]
  <system32\DRIVERS\s117obex.sys><MCCI Corporation>
[Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM) / s117unic][Stopped/Manual Start]
  <system32\DRIVERS\s117unic.sys><MCCI Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[usb token Device Driver / token][Stopped/Manual Start]
  <system32\DRIVERS\eps2kt1.sys><>

==================================

用户系统信息:Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4
分享到:
gototop
 
冰之剑行
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2006-07-14
  • 来自:
发表于: 2008-12-12 14:38 | 显示全部 短消息 资料
字号: 2楼

回复:各位大大能不能帮我看下是否中了木马哦,谢谢了~

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[Java(tm) Plug-In SSV Helper]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[FlashGetBHO]
  {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} <C:\Documents and Settings\All Users\Application Data\FlashGetBHO\FlashGetBHO.dll, (Signed) FlashGet>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <E:\浩方对战平台\GameClient.exe, (Signed) 上海浩方在线信息技术有限公司>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[Java Plug-in 1.6.0_11]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[ProxyCameraCtrl Class]
  {91434262-9F15-4A78-9D4E-7ADF53B1A8EB} <C:\WINDOWS\system32\videoYTDL\ProxyCamClient.dll, >
[tcast control]
  {9CA74596-B5BB-4634-971C-F0224115A15F} <C:\WINDOWS\DOWNLO~1\TPLAYE~1.OCX, Tom Online Inc.>
[Java Plug-in 1.6.0_01]
  {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_07]
  {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_11]
  {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_11]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_11.dll, (Signed) Sun Microsystems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <, >
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[InfosecCertInstall Class]
  {0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\WINDOWS\system32\certInStall.dll, >
[ESClientCtr Control]
  {105B5A2C-0F60-4D79-9CB8-7B8080C58BFF} <C:\WINDOWS\system32\VIDEOY~1\ESCLIE~1.OCX, ustc>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[GDGetTokenInfo Class]
  {3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\system32\GDREAD~1.DLL, >
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <, >
[InfoSecNetSign Class]
  {5CB840B5-A94E-4AD9-B785-4866E3B04476} <C:\WINDOWS\system32\ICBCNE~1.DLL, Infosec Technologies Co., Ltd.>
[]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, >
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, Xunlei Networking Technologies,LTD>
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <d:\Alisoft\WangWang\WangWangX6.dll, (Signed) 阿里巴巴软件(上海)有限公司>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[Java(tm) Plug-In SSV Helper]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[ProxyCameraCtrl Class]
  {91434262-9F15-4A78-9D4E-7ADF53B1A8EB} <C:\WINDOWS\system32\videoYTDL\ProxyCamClient.dll, >
[]
  {95B3F550-91C4-4627-BCC4-521288C52977} <, >
[tcast control]
  {9CA74596-B5BB-4634-971C-F0224115A15F} <C:\WINDOWS\DOWNLO~1\TPLAYE~1.OCX, Tom Online Inc.>
[]
  {A986E409-30CC-4185-89BB-AB212C104524} <, >
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5805.77.(146).dll, ShenZhen Thunder Networking Technologies Ltd.>
[FlashGetBHO]
  {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0} <C:\Documents and Settings\All Users\Application Data\FlashGetBHO\FlashGetBHO.dll, (Signed) FlashGet>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\system\msadc\msadco.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <D:\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.491.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5853.212.(146).dll, Xunlei Networking Technologies,LTD>
[]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <, >
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[使用快车(Flas&hGet)下载]
  <D:\FlashGet\GetUrl.htm, N/A>
[使用快车(Flash&Get)下载全部链接]
  <D:\FlashGet\GetAllUrl.htm, N/A>
[使用快车(FlashGet)下载该网页FLV]
  <D:\FlashGet\FlvDetector.htm, N/A>
[使用电驴下载]
  <D:\easyMule\IE2EM.htm, N/A>
[使用迅雷下载]
  <D:\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Thunder Network\Thunder\Program\getallurl.htm, N/A>

==================================
gototop
 
冰之剑行
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2006-07-14
  • 来自:
发表于: 2008-12-12 14:39 | 显示全部 短消息 资料
字号: 3楼

回复:各位大大能不能帮我看下是否中了木马哦,谢谢了~

==================================
正在运行的进程
[PID: 456][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 548][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 592][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 604][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 760][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 820][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 884][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.33]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 964][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1016][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1104][C:\PROGRAM FILES\RISING\RAV\ravmond.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.80]
    [C:\PROGRAM FILES\RISING\RAV\BWList.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.5]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [C:\PROGRAM FILES\RISING\RAV\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.36]
    [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\PROGRAM FILES\RISING\RAV\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.29]
    [C:\PROGRAM FILES\RISING\RAV\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\PROGRAM FILES\RISING\RAV\HookReg.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [C:\PROGRAM FILES\RISING\RAV\HookNtos.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [C:\PROGRAM FILES\RISING\RAV\rswalmon.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24]
    [C:\PROGRAM FILES\RISING\RAV\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41]
    [C:\PROGRAM FILES\RISING\RAV\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18]
    [C:\PROGRAM FILES\RISING\RAV\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.9]
    [C:\PROGRAM FILES\RISING\RAV\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rav\fakescan.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.14]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.39]
    [C:\PROGRAM FILES\RISING\RAV\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27]
    [C:\PROGRAM FILES\RISING\RAV\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRAM FILES\RISING\RAV\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.3]
    [C:\PROGRAM FILES\RISING\RAV\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [C:\PROGRAM FILES\RISING\RAV\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32]
    [C:\PROGRAM FILES\RISING\RAV\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8]
    [C:\PROGRAM FILES\RISING\RAV\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22]
    [C:\PROGRAM FILES\RISING\RAV\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6]
    [C:\PROGRAM FILES\RISING\RAV\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 0]
    [C:\PROGRAM FILES\RISING\RAV\scanpack.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10]
    [C:\PROGRAM FILES\RISING\RAV\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [C:\PROGRAM FILES\RISING\RAV\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [C:\PROGRAM FILES\RISING\RAV\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22]
    [C:\PROGRAM FILES\RISING\RAV\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10]
    [C:\PROGRAM FILES\RISING\RAV\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [C:\PROGRAM FILES\RISING\RAV\scriptci.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4]
    [C:\PROGRAM FILES\RISING\RAV\ur023.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3]
    [C:\PROGRAM FILES\RISING\RAV\uroutine.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27]
    [C:\PROGRAM FILES\RISING\RAV\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
[PID: 1112][C:\Program Files\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.77]
gototop
 
冰之剑行
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2006-07-14
  • 来自:
发表于: 2008-12-12 14:40 | 显示全部 短消息 资料
字号: 4楼

回复:各位大大能不能帮我看下是否中了木马哦,谢谢了~

[PID: 1112][C:\Program Files\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.77]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [C:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [C:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.17]
    [C:\Program Files\Rising\Rfw\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.16]
    [C:\Program Files\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.50]
    [C:\Program Files\Rising\Rfw\ijt_ctrl.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.0]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\Program Files\Rising\Rfw\unvdet.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.8]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.6]
[PID: 1160][C:\Program Files\Rising\Rfw\rfwProxy.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.38]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.17]
    [C:\Program Files\Rising\Rfw\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\Program Files\Rising\Rfw\MonMid.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1376][C:\Program Files\Rising\Rfw\rfwstub.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.12]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1568][C:\PROGRAM FILES\RISING\RAV\RavStub.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.10]
    [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1680][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1716][C:\WINDOWS\System32\SCardSvr.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1812][C:\Program Files\Java\jre6\bin\jqs.exe]  [Sun Microsystems, Inc., 6.0.110.3]
    [C:\Program Files\Java\jre6\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1900][d:\sql2000\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0760.00]
    [d:\sql2000\MSSQL\binn\OPENDS60.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [d:\sql2000\MSSQL\binn\UMS.DLL]  [Microsoft Corporation, 2000.080.0760.00]
    [d:\sql2000\MSSQL\binn\SQLSORT.DLL]  [Microsoft Corporation, 2000.080.0760.00]
    [d:\sql2000\MSSQL\binn\Resources\2052\sqlevn70.RLL]  [Microsoft Corporation, 2000.080.0760.00]
    [d:\sql2000\MSSQL\binn\SSNETLIB.dll]  [Microsoft Corporation, 2000.080.0766.00]
    [d:\sql2000\MSSQL\binn\SSNMPN70.dll]  [Microsoft Corporation, 2000.080.0534.00]
    [C:\WINDOWS\system32\aetsprov.dll]  [A.E.T. Europe B.V., 2.3.0.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\sql2000\MSSQL\binn\SSmsLPCn.dll]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1928][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1968][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1988][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1956][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 2372][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 9.0.0.2008061100]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 9.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
    [D:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [D:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [D:\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
[PID: 2464][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.24]
gototop
 
冰之剑行
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2006-07-14
  • 来自:
发表于: 2008-12-12 14:41 | 显示全部 短消息 资料
字号: 5楼

回复:各位大大能不能帮我看下是否中了木马哦,谢谢了~

[PID: 2464][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.24]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 2492][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.01.27]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.29]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 2508][C:\Program Files\Rising\Rfw\rfwmain.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.1.70]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [C:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [C:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rfw\RfwCtrl.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\Program Files\Rising\Rfw\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.17]
    [C:\WINDOWS\system32\aetsprov.dll]  [A.E.T. Europe B.V., 2.3.0.9]
    [C:\WINDOWS\system32\aetpkss1.dll]  [A.E.T. Europe B.V., 2.3.0.15080]
[PID: 2516][C:\Program Files\360safe\antiarp\AntiArp.exe]  [360安全中心, 2, 0, 0, 1008]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 2528][C:\Program Files\Java\jre6\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.110.3]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 2748][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 3100][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.0760.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.0382.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
[PID: 1964][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.9.0.4]
    [C:\Program Files\Mozilla Firefox\xul.dll]  [Mozilla Foundation, 1.9.0.4]
    [C:\Program Files\Mozilla Firefox\sqlite3.dll]  [sqlite.org, 3.5.9]
    [C:\Program Files\Mozilla Firefox\MOZCRT19.dll]  [Mozilla Foundation, 8.00.0000]
    [C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Firefox\nspr4.dll]  [Mozilla Foundation, 4.7.1]
    [C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.12.1.1 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.12.1.1 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssutil3.dll]  [Mozilla Foundation, 3.12.1.1 Basic ECC]
    [C:\Program Files\Mozilla Firefox\plc4.dll]  [Mozilla Foundation, 4.7.1]
    [C:\Program Files\Mozilla Firefox\plds4.dll]  [Mozilla Foundation, 4.7.1]
    [C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.12.1.1 Basic ECC]
    [C:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.9.0.4]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll]  [Mozilla Foundation, 1.9.0.4]
    [C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.12.1.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssdbm3.dll]  [Mozilla Foundation, 3.12.1.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.12.1.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.72]
    [C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll]  [Mozilla Foundation, 1.9.0.4]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
    [C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll]  [, ]
[PID: 3344][C:\WINDOWS\system32\taskmgr.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
[PID: 3368][F:\下载\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 3376][F:\下载\sreng2\SRE1a10268b.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [F:\下载\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\aetsprov.dll]  [A.E.T. Europe B.V., 2.3.0.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\aetpkss1.dll]  [A.E.T. Europe B.V., 2.3.0.15080]
[PID: 3528][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [D:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [D:\easyMule\modules\IE2EM.dll]  [VeryCD.com, 1.0.0.1]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll]  [Adobe Systems Incorporated, 9.0.0.2008061100]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 9.0.0.2008061100]
    [C:\Program Files\Java\jre6\bin\ssv.dll]  [Sun Microsystems, Inc., 6.0.110.3]
    [C:\Program Files\Java\jre6\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [D:\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Documents and Settings\All Users\Application Data\FlashGetBHO\FlashGetBHO.dll]  [FlashGet, 2, 2, 0, 1027]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
    [C:\Program Files\Java\jre6\bin\jp2ssv.dll]  [Sun Microsystems, Inc., 6.0.110.3]
    [C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll]  [Sun Microsystems, Inc., 6.0.110.3]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 1900, D:\SQL2000\MSSQL\BINN\SQLSERVR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1900, D:\SQL2000\MSSQL\BINN\SQLSERVR.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3100, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3100, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3368, F:\下载\SRENG2\SRENGLDR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3368, F:\下载\SRENG2\SRENGLDR.EXE]

==================================
计划任务
N/A

==================================
API HOOK
入口点错误:CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x00EE1FFD)
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x00EE20E5)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
冰之剑行
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2006-07-14
  • 来自:
发表于: 2008-12-12 14:41 | 显示全部 短消息 资料
字号: 6楼

回复:各位大大能不能帮我看下是否中了木马哦,谢谢了~

最近硬盘总是无缘无故的狂转,不知道是不是出了什么问题,谢谢了~
gototop
 
冰之剑行
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2006-07-14
  • 来自:
发表于: 2008-12-12 15:04 | 显示全部 短消息 资料
字号: 7楼

回复: 各位大大能不能帮我看下是否中了木马哦,谢谢了~

附件: SREngLOG.log (2008-12-12 15:03:33, 59.99 K)
该附件被下载次数 124


副件,帮我看看 谢谢了~
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT