usb1606tdiflt64.sys是病毒吗什么病毒
点击联系发帖人
时间:2016-05-17 09:50
惠普 P1606dn网络打印机自动打印日期~!_百度知道
惠普 P1606dn网络打印机自动打印日期~!
用网络连接最近公司新买的 惠普 P1606dn打印机,而且惠普打印机占的比例很大,另外一台打印机也是共享为什么没有这种现象,共享打印,可是我很郁闷,打电话问客服,而且360,网上说的病毒文件,按要求设置了,发现网上很多同样的问题,我想问问到底是病毒还是惠普打印机的自身漏洞,从安装好的那天开始。去官网论坛问客服,就会自动打印一张左上角有日期的白纸,我在进程管理和注册表都没有发现,还是出现,说是威金病毒,毒霸这些都查不出病毒,一开始说设置问题
如果以上信息没有解决您的问题.hp:///support)、惠普家用产品支持论坛()寻求帮助./support" target="_blank">.hp首先我想与您确认下您是通过网络连接还是使用USB线连接去共享的
我们使用网络连接的
那我这边建议您尝试更换打印机IP地址试试看,或者您方便的话更换个路由器看下了。麻烦了。
其他类似问题
为您推荐:
网络打印机的相关知识
等待您来回答
下载知道APP
随时随地咨询
出门在外也不愁查看: 9490|回复: 114
mm.exe 第405次更新 3月31日第2次更新
假借瑞星之名
第1至28次更新:
第29至54次更新:
第55至80次更新:
第81至116次更新:
第117至160次更新:
第161至210次更新:
第210至258次更新:
第258至297次更新:
第298至365次更新:
====================
3月31(晚上,今天第2次)
3d4bfeb678cba729b7cbfb8&&3.ex3e
9f66d9047&&8.exe2
2fff4b096dfa3c&&TIMPIatform.exe3
3.ex3e - Trojan-Dropper.Win32.Agent.alfy
8.exe2 - Trojan-GameThief.Win32.OnLineGames.uuco
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajuj
====================
3月31(早上,今天第1次)
e3018dcebc& &1.exe3
202a687b05& &9.exe2
9d156cc710ddcd3bfd2da3& &TIMPIatform.exe3
1.exe3 - Trojan-Dropper.Win32.Small.czn
9.exe2 - Trojan-GameThief.Win32.OnLineGames.uuca
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajui
====================
3月30(晚上,今天第2次)
ea46b0bd13eeda93abe4& &1.exe
fe08aeeee280eb& &TIMPIatform.exe3
1.exe2 - Trojan-Dropper.Win32.Agent.aldm
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajuc
====================
3月30(早上,今天第1次)
e14d0a686f08ef2365f7& &1.exe
0fb034d9ddb68c7f7edc53df805bc9db& &9.exe
67eba394dace7c9021d13& &TIMPIatform.exe3
1.exe1 - Trojan-Dropper.Win32.Agent.alef
9.exe1 - Trojan-GameThief.Win32.OnLineGames.uuad
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajtz
====================
3月29(晚上,今天第2次)
9bdbee513b63e3eb8f281&&9.exe
9.exe3 - Trojan-GameThief.Win32.OnLineGames.utzr
====================
3月29(早上,今天第1次)
62ddcfab7e& &1.exe1
af29df49f243ccbf2cac2ff& &9.exe1
ac1b1df62f6fc41c3fe1& &aa.exe1
feb825fbf6b5ecc270aeca28df270eef& &TIMPIatform.exe2
451edbcd8fb1294ebddc& &wa.dll2
1.exe1 - Trojan-Dropper.Win32.Small.czk
9.exe1 - Trojan-GameThief.Win32.OnLineGames.utzc
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajtq
aa.exe1 - Worm.Win32.AutoRun.adic
wa.dll2 - Trojan-Dropper.Win32.Agent.akzb
====================
3月28(晚上,今天第3次)
ac1b1df62f6fc41c3fe1&&aa.exe1
21cc23d4a6bc0e28d0b720&&1.exe1
96eba1c78fbb&&9.exe1
2eda003e63a5cd154f21e2& &TIMPIatform.exe1
451edbcd8fb1294ebddc& &wa.dll1
1.exe_ - Trojan-Dropper.Win32.Agent.akzf,
wa.dll1 - Trojan-Dropper.Win32.Agent.akzb
9.exe_ - Trojan.Win32.Agent.bxrv,
aa.exe_ - Worm.Win32.AutoRun.adic,
TIMPIatform.exe_ - Trojan-Downloader.Win32.Small.ajsw
====================
3月28(中午,今天第2次)
ccf9b1d32936&&aa.exe
02f5e8b17eddd16dc3ad546&&dllB3.tmp
8ebdb193f8e170cd10a9&&wu.dll
aa.e3xe - Trojan-Dropper.Win32.Agent.akzn
wu.dl3l - Trojan-Dropper.Win32.Agent.akyp
dllB3.tm2p - Trojan.Win32.AntiAV.asp,
====================
3月28(早上,今天第1次)
7f6aab4c095d02b9c93a5dc&&1.exe
1f64bcfee2fe48f&&9.exe
f2e8a7fc28f&&aa.exe
78f112cffff&&x.gif
841bc78eb883d430e59c001d&&TIMPIatform.exe2
67f343cadbc1ce9ace12c3&&rnnb.dll2
1.exe1 - Trojan-Downloader.Win32.Agent.bpjs,
9.exe1 - Trojan-GameThief.Win32.OnLineGames.utyf,
aa.exe1 - Worm.Win32.AutoRun.fjm,
rnnb.dll2 - Trojan-Dropper.Win32.Agent.akyi,
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajss
====================
3月27(早上加中午,今天第1次)
da2fe0d2561&&x.gif1
9c612f948e49b449bae3cafd0db17095&&1.exe1
d891eaeba8f139bb2ea08f2c5412cbe5&&x.gif2
f72fd9ca7b89af0d665e9f&&1.exe2
0bd0548f90f&&9.exe2
edfe5271aaeb5&&TIMPIatform.exe2
6e471d9ccfa3a0d58b37fe&&TIMPIatform.exe1
1.exe2 - Trojan-Dropper.Win32.Small.czj,
9.exe_ - Trojan-GameThief.Win32.OnLineGames.utxi,
TIMPIatform.exe_ - Trojan-Downloader.Win32.Agent.bpeh
1.exe_ - Trojan-Dropper.Win32.Agent.akvy,
TIMPIatform.exe1 - Trojan-Downloader.Win32.Small.ajse
x.gif2 protected by password
x.gif1 clean
====================
3月26(晚上,今天第2次)
9920f6ede51dcc2a7ef925bf6068938f&&9.exe
ca8ca9ddfe6&&1.exe
6e471d9ccfa3a0d58b37fe&&TIMPIatform.exe2
1.exe2 - Trojan-Dropper.Win32.Agent.akvb
9.exe3 - Trojan-GameThief.Win32.OnLineGames.utvp,
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajse
====================
3月26(早上,今天第一次)
c2edd3bd7a2177ddd3e28c80ef5071af&&9.exe
1.exe2- Trojan-Dropper.Win32.Agent.akti
9.exe2 - Trojan-GameThief.Win32.OnLineGames.utvb
====================
3月25(中午,今天第二次)
fa83f4ffa118cc8abe8621&&1.exe
f38b68cf2bc4b4c64a3443&&TIMPIatform.exe3
Trojan-Dropper.Win32.Agent.aksf
Trojan-Downloader.Win32.Small.ajrw
====================
3月25(早上,今天第一次)
097c969ac3eb422bdbdca5bd0a87d3ad& &1.exe
6b10fcc5d6a87bb7bfbc& &9.exe
b893e49e0dac8aafc778d& &TIMPIatform.exe1
1.exe1,TIMPIatform.exe1 - Trojan-Downloader.Win32.Agent.bowl
9.exe1 - Trojan-GameThief.Win32.OnLineGames.uttk
====================
3月24(晚上)
fb612b2e7d4a09afb2f12&&1.exe
0c0ae9c22c9bcb293e9cef&&TIMPIatform.exe3
1.exe3 - Trojan-Dropper.Win32.Agent.akpy,
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajrs
====================
3月24(中午)
dc080eedd3d5f&&1.exe3
720c054aba9c81af5fd857da&&xx.exe3
702d32ad61f0cb0ecf8e4&&9.exe3
f9dd4a864ddafd&&br.dll3
63787aefd57cf7fab52e2&&TIMPIatform.exe
1.exe3 - Trojan-Dropper.Win32.Agent.akkz,
9.exe3 - Trojan.Win32.Agent.bwyb,
br.dll3 - Trojan.Win32.Agent.bwyc,
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajrm,
xx.exe3 - Worm.Win32.AutoRun.adax
====================
3月23(晚上)
ff3e9aaff88b5&&xx.exe
a487da9fb1acc79249cc95efc7db8235&&1.exe
a6ed4d96cbcbed50ae40780&&TIMPIatform.exe3
caabc4fe9672b&&bl.dll
5f65ae8ccae965cd5d85670&&rsss.sys3
====================
3月23(中午)
427ddc836c1cf8ea6cad3ab&&x.gif2
54b092cc48afcd6be784c8c4d21fb6ad&&xx.exe2
3ae57ff91caa0d922ec5ee&&1.ex2e
a62ef03a47aa&&pk.dll2
New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.
x.gif2 protected by password
====================
3月23(早上)
e9df47e9cbc3dbdbee505a& &9.exe
ddb07f68eec7c5& &1.exe
124daeacb88c29c12ad9& &x.gif
1bf4dc975c08387bf7fba& &xx.exe
7dff86d4ad41b4e933a1bec&&TIMPIatform.exe2
6e33ca0d0e51d8e1ca909c&&txl.dll2
1.exe2 - Trojan-Dropper.Win32.Agent.akdv
9.ex2e - Trojan-Dropper.Win32.Agent.akds
x.gif2.--_ .exe - Worm.Win32.AutoRun.acyh
xx.ex2e - Worm.Win32.AutoRun.fid
rsss.sys - Rootkit.Win32.Tiny.bi
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajre
txl.dll2 - Trojan-Dropper.Win32.Agent.akdt
====================
3月22:(晚上)
ecada50ea22f39d6ea505&&x.gif
x.gi2f.--_ .exe - Worm.Win32.AutoRun.acwj
====================
3月22:(中午)
4a5ad0beaf9f030aa6ef9f&&1.exe
2ba658b8c821ee8c2ed425b4f0da2a43&&9.exe
8acdb7f20858b2acaf99f&&TIMPIatform.exe2
Its detection will be included in the next update.
====================
3月22:(早上)
10ec53df0d11b94a84b7364db3ebec6c& &x.gif
0c6aa66cad2feb09b4cb612e& &9.exe
6bafc75e83e3726eec7ffb& &1.exe
401eef3ded& &TIMPIatform.e3xe
This file is already detected. Please update your bases.
====================
3月21:(晚上)
7efb4a6deab73045c2afc20b8bf51f2f& &1.exe
55ea0f05e4f762bacf76a5& &x.gif
baf3d9dbcbca& &TIMPIatform.exe2
1.ex2e - Trojan-Dropper.Win32.Small.cyq
x.g2if.--_ .exe - Worm.Win32.AutoRun.fht
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajqx
====================
3月21:(中午)
92aa4d284d50fa13b93ff3&&x.gif
3c588f443ecb2c0b9a60c2dd3.exe
生成跟上一包一样
1.exe1 - Trojan-Dropper.Win32.Small.cyp,
x.gif2 - Worm.Win32.AutoRun.fhr
====================
3月21:(上午)
9f8f21e10dd941c1683e&&1.exe
be1c5bd9c54&&9.exe
54b092cc48afcd6be784c8c4d21fb6ad&&mm.exe (卡巴报,不上报这个)
271fe77fed76edc8bef4b6677f7fea43&&x.gif
757ece1f6f21cdc08f41&&TIMPIatform.exe_
1.exe_ - Trojan-Dropper.Win32.Small.cyp,
9.exe_ - Trojan-GameThief.Win32.OnLineGames.bkzx,
TIMPIatform.exe_ - Trojan-Downloader.Win32.Small.jky,
x.gif_ - Worm.Win32.AutoRun.fhs
====================
3月20第3次:
b2c64c1b95faec99bf779& &x.gif
x.gi3f.--_ .exe - Worm.Win32.AutoRun.actv
====================
3月20第2次:
dc46dbe52afd94dec4f62&&9.exe3
ea8ba5b1e46e82f308a828d9cf3073b5&&x.gif2
ae3a0f4857f75dbea30bc354d4c6b7b3&&1.exe3
c3e0fc2a13d19d836c4b3e6&&TIMPIatform.exe2
1.exe3 - Trojan-Dropper.Win32.Small.cyp
9.exe3 - Trojan-GameThief.Win32.OnLineGames.utnk
x.gif2.--_ .exe - Worm.Win32.AutoRun.acur
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajqt
====================
47a1fcfc482a568a09cd812da9f4d7b9&&x.gif
185dc547e4ab2ad95ad6697&&1.exe
dc46dbe52afd94dec4f62&&9.exe
54b092cc48afcd6be784c8c4d21fb6ad&&mm.exe
a62ef03a47aa&&pk.dll2
2a4ba4ef89d59ea&&TIMPIatform.exe2
1.ex1e - Trojan-Dropper.Win32.Agent.ajyy
9.ex2e - Trojan-GameThief.Win32.OnLineGames.utnk
mm.ex2e - Worm.Win32.AutoRun.actb
x.gif2.--_ .exe - Worm.Win32.AutoRun.acth
pk.dll2 - Trojan-Dropper.Win32.Agent.ajyc
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajqr
====================
3月19第3次:
a9f3edd84a6fce6efd06dd&&9.exe
25c8b92c3b07e1bdf800e659a2dd8a5a&&mm.exe
e9fba2409bbb3ab4f3af01eefdc8a760&&x.gif
1ccac96c02c3&&1.exe
ce5b92d56f&&TIMPIatform.exe3
Detection will be included in the next update. Thank you for your help.
====================
3月19第2次:
938a261fe143e1bcb067c17fe3922041& &x.gif
2d2e7df1af& &mm.exe
12d9bf8c51401caac267a27& &1.exe
c1e92bbfd4be3ec2133cf& &msdd.dll2
8ee09ff5fb5d31d8b37fc& &TIMPIatform.exe2
1.exe_ - Trojan-Dropper.Win32.Small.cxy,
TIMPIatform.exe_ - Trojan-Downloader.Win32.Small.ajqj
##.exe_, mm.exe_, msdd.dll2 - Backdoor.Win32.Small.hrt
====================
07ab9c12f9e26d905b1cbe3&&x.gif
c562b3ec728c42ccd4afd8&&mm.exe
fbdfa56cea&&1.exe
8b67d2f2520ad49bce370&&9.exe
d9dfc8602ec8dcfe425fc&&WUHANWANGD.pif
56367d7acde61f9351aa7baab169bd5a&&rssd.dll3
93b1f1bbacc2f7dc194efc14ab36bcca&&TIMPIatform.exe2
1.exe1 - Trojan-Dropper.Win32.Small.cxy,
rssd.dll3 - Worm.Win32.AutoRun.acra
9.exe1 - Trojan-GameThief.Win32.OnLineGames.utlm,
mm.exe1, x.gif1 - Worm.Win32.AutoRun.fhg,
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.jkp,
WUHANWANGD.p2if - Trojan.Win32.Agent2.fuu
====================
3月18第3次:
10e9df61474&&xx.exe
058b83dc8b040c70c5a8e7d9&&x.gif
761b88feeea8&&9.exe
2f32b7928e1eea5f31627&&1.exe
93b1f1bbacc2f7dc194efc14ab36bcca&&TIMPIatform.ex2e
d9dfc8602ec8dcfe425fc&&WHWB.pif
9.ex2e - Trojan-GameThief.Win32.OnLineGames.utkp
1.ex2e - Trojan-Dropper.Win32.Small.cxw,
TIMPIatform.ex2e - Trojan-Downloader.Win32.Small.jkp,
WHWB.pif_ - Trojan.Win32.Agent2.fuu,
x.gif3 - Worm.Win32.Agent.ue,
xx.exe2 - Worm.Win32.AutoRun.fhg
====================
3月18第2次:
902e78b4d77c33373fac&&1.exe
a92a3ce9b5b&&mm.exe
d74590a27aab814ec493&&x.gif
82a807c6fe67&&kif.pif
01f74afa26d0a90bbecf49&&TIMPIatform.exe1
1.exe2 - Trojan-Dropper.Win32.Agent.ajtw,
kif.pif_ - Trojan.Win32.Agent2.fru,
mm.exe3, x.gif2 - Worm.Win32.Agent.uc,
TIMPIatform.exe1 - Trojan-Dropper.Win32.Small.cxi
====================
9eb72c9c94de794c592e8& &9.exe
902e78b4d77c33373fac& &1.exe
7fc845b6db19da0e7cae790& &x.gif
01f74afa26d0a90bbecf49& &TIMPIatform.exe
1.ex2e - Trojan-Dropper.Win32.Agent.ajtw,
TIMPIatform.exe3 - Trojan-Dropper.Win32.Small.cxi,
x.gif2 - Worm.Win32.AutoRun.acpf
9.ex3e - Trojan.Win32.Agent.bvru
====================
3月17第2次:
f5e0c0b8f45be6adaf7c517f&&1.exe
eb1e56cc84&&x.gif
0a7f803f676f8fc613f431b7&&TIMPIatform.exe
Trojan-Dropper.Win32.Agent.ajtg
Worm.Win32.Agent.ud
Trojan-Dropper.Win32.Small.cxf
====================
9d0a30baace3af211a59d7cdc8a7ec1a&&9.exe
f58e6f940b8fe114b367ac&&mm.exe
606c246e996a4f1dcdcbf54d48b720d3&&x.gif
32dc64aaf8&&1.exe
ef1c55b97b1a6b65bd220e&&TIMPIatform.exe
03e05cda9e0d&&bccd.dll
25f83bbbd57ebdde2a570ae10c7789b8&&MD.pif
Detection will be included in the next update.
====================
3月16第2次:
e8a991cde07ff82f893fae10& &1.exe
0c034aad7f3c& &x.gif
afbc0455d4de& &9.exe
f58e6f940b8fe114b367ac& &mm.exe
bc210a2f8ea364f43bbfa& &TIMPIatform.exe3
25f83bbbd57ebdde2a570ae10c7789b8& &MD.pif
e2 - Trojan-Downloader.Win32.Small.ajpq
9.exe3 - Trojan.Win32.Agent.bvig
TIMPIatform.exe3 - Trojan-Downloader.Win32.Agent.blnd
mm.exe3 - Worm.Win32.AutoRun.fgz
MD.pi3f - Trojan.Win32.Agent2.fqb
x.gif3(这个出錯,是垃圾文件)
====================
dd7df3b30b5c799d39460fbc1f019c6a&&1.exe
f982f5f3ac6c55b878b1&&mm.exe
de1cfbeee037b&&x.gif
bd19dd578fbf92bd605d5&&TIMPIatform.exe
d3470adb6c198c382623abc0ed488d70&&MD.pif
e3 - Trojan-Dropper.Win32.Agent.ajls
mm.exe2,x.gif2.--_ .exe - Worm.Win32.AutoRun.fgv
MD.pif2 - Trojan-Dropper.Win32.Agent.ajll
TIMPIatform.e2xe - Trojan-Downloader.Win32.Agent.bljt
====================
3月15第3次:
a80cda792ed97784d58a&&1.exe
1b6ab4ea4e438f6c5c2edec20040dd0c&&TIMPIatform.exe
1.exe_ - Trojan-Downloader.Win32.Small.jkd,
TIMPIatform.exe_ - Trojan.Win32.Small.bvs
====================
3月15第2次:
a75c4df2df0a& &mm.exe
c028fdb2f8c546f3d2b31& &x.gif
a49ed0094f75& &MD.pif
##.exe_, mm.exe2 - Trojan-Dropper.Win32.Agent.ajjz,
MD.pif2 - Trojan-Dropper.Win32.Agent.ajjw
====================
3c174ee6ed0f6aa2f53c20a661d6cdb3& &mm.exe1
3f21bad9bbd& &1.exe1
77d51ebf2b99c38725a3e& &x.gif1
ee0647bfe6dadb4be0ab6ba& &MD.pif
##.exe_, mm.exe1 - Worm.Win32.AutoRun.fgo,
1.exe1 - Trojan-Dropper.Win32.Agent.ajiy
MD.pif_ - Trojan-Dropper.Win32.Small.cxa
====================
[ 本帖最后由 sam.to 于
22:10 编辑 ]
404 Not Found
404 Not Found
本帖子中包含更多资源
才可以下载或查看,没有帐号?
版区有你更精彩: )
qianwenxiang
mm.exe 家族生命力果然旺盛。。
回复 2楼 qianwenxiang 的帖子
mm有很多別名,如flashmm,xx
第366次更新 3月15日第1次更新
go on sending to rs
Starting the file scan:
Begin scan in 'D:\new\1.exe1'
D:\new\1.exe1
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      A backup was created as '4a21c2ab.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
Begin scan in 'D:\new\mm.exe1'
D:\new\mm.exe1
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      A backup was created as '49eac2ea.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
Begin scan in 'D:\new\x.gif1'
D:\new\x.gif1
    [0] Archive type: RAR
    --& ᅰᅰᅥᆲ                                                                                                                                                              .exe
      [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
    [NOTE]      A backup was created as '4a23c2ab.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
Begin scan in 'D:\new\mm-c'
D:\new\mm-c\MD.pif2
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      A backup was created as '49eac2c1.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
End of the scan: 日  16:55
Used time: 00:08 Minute(s)
The scan has been done completely.
      1 Scanning directories
      5 Files were scanned
      4 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      4 files were deleted
      0 files were repaired
      4 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      4 Notes
[ 本帖最后由 Sebastian 于
16:59 编辑 ]
回复 4楼 sam.to 的帖子
Name: Packed/NSPack
Type: Sequence
Description:
c:\users\administrator\desktop\mm-c\x.gif1|照片& && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && &&&.exe
DR.WEB KILL ALL
第367次更新 3月15日第2次更新
回复 9楼 sam.to 的帖子
DR.WEB KILL All
Copyright & KaFan & All Rights Reserved.
Powered by Discuz! X3.1( 苏ICP备号 ) GMT+8,1&&/&&2&&页
跳转 0 ? parseInt(this.value) : 1) + '.aspx';}else{window.location='showtopic.aspx?topicid=8506327&page=' + (parseInt(this.value) > 0 ? parseInt(this.value) : 1) ;}}"" size="4" maxlength="9"
class="colorblue2"/>页
帮帮忙啊,中病毒了
拙长孩提狮
帮帮忙啊,中病毒了
下外挂中了病毒 瑞星提示C:\WINDOWS\system32\501.dll 老是访问网络[CODE],04:57:56System Repair Engineer 2.5.16.900Smallfrogs ()Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中:& & 所有的启动项目(包括注册表、启动文件夹、服务等)& & 浏览器加载项& & 正在运行的进程(包括进程模块信息)& & 文件关联& & Winsock 提供者& & Autorun.inf& & HOSTS 文件& & 进程特权扫描启动项目注册表[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]& & &ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]& & &runeip&&&C:\Program Files\Rising\AntiSpyware\runiep.exe& /startup&& [Beijing Rising Technology Co., Ltd.]& & &RavTask&&&D:\Rising\Rising\Rav\RavTask.exe& -system&& [(Verified)Beijing Rising Science and Technology Corporation Limited]& & &RfwMain&&&D:\Rising\Rising\Rfw\rfwmain.exe& -Startup&& [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED]& & &Knight V&&&& [N/A]& & &ISUSPM Startup&&C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup&& [InstallShield Software Corporation]& & &ISUSScheduler&&&C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe& -start&& [InstallShield Software Corporation]& & &NvCplDaemon&&RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]& & &KKDelay&&C:\Program Files\Rising\AntiSpyware\RunOnce.exe&& [Beijing Rising Technology Co., Ltd.][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]& & &shell&&Explorer.exe&& [(Verified)Microsoft Windows Publisher]& & &Userinit&&C:\WINDOWS\system32\userinit.exe,&& [(Verified)Microsoft Windows Publisher]& & &UIHost&&logonui.exe&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]& & &{32CD708B-60A7-4C00-9377-D73EAA495F0F}&&C:\WINDOWS\system32\RavExt.dll&& [(Verified)Beijing Rising Science and Technology Corporation Limited][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]& & &IE7 Uninstall Stub&&C:\WINDOWS\system32\ieudinit.exe&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]& & &Outlook Express&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE&& [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]& & &Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&& [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]& & &Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&& [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]& & &NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{e7d-11d1-bc44-00c04fd912be}]& & &Windows Messenger 4.7&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]& & &Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub&& [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]& & &通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&& [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}]& & &N/A&&C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install&& [(Verified)Microsoft Corporation]==================================启动文件夹N/A==================================服务[BoBoTurbo / BoBoTurbo][Stopped/Disabled]& &C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe&&广州易播信息科技有限公司&[Contrl Center of Storm Media / ccosm][Stopped/Disabled]& &E:\电影\暴风影音\stormliv.exe /asservice&&北京暴风网际科技有限公司&[Google Updater Service / gusvc][Stopped/Disabled]& &&C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe&&&Google&[Human Intexxxce Device Access / HidServ][Stopped/Disabled]& &C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]& &&C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe&&&Macrovision Corporation&[DCOM Service Process Manager / MSCOManager05][Stopped/Auto Start]& &C:\WINDOWS\system32\svchost.exe -k netsvcs--&c:\windows\inf\dev06.inf&&N/A&[NetBI0S / NetBI0S][Running/Auto Start]& &C:\WINDOWS\system32\a2e21.exe&&Microsoft Corporation&[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]& &C:\WINDOWS\system32\nvsvc32.exe&&NVIDIA Corporation&[Qvod Terminal / Qvod Terminal][Stopped/Disabled]& &D:\BlueskyControls\QvodPlayer\QvodTerminal.exe&&Shenzhen QVOD Technology Co.,Ltd&[Rising Proxy& Service / RfwProxySrv][Running/Auto Start]& &D:\Rising\Rising\Rfw\rfwProxy.exe&&Beijing Rising Technology Co., Ltd.&[Rising Personal Firewall Service / RfwService][Running/Auto Start]& &D:\Rising\Rising\Rfw\rfwsrv.exe&&Beijing Rising Technology Co., Ltd.&[Rising Process Communication Center / RsCCenter][Running/Auto Start]& &&D:\Rising\Rising\Rav\CCenter.exe&&&Beijing Rising Technology Co., Ltd.&[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]& &&D:\RISING\RISING\RAV\Ravmond.exe&&&Beijing Rising Technology Co., Ltd.&[Windows xbze RunThem / xbze][Stopped/Auto Start]& &C:\WINDOWS\System32\svchost.exe -k netsvcs--&C:\PROGRA~1\swuz\cgej.dll&&&==================================驱动程序[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]& &system32\drivers\ALCXSENS.SYS&&Sensaura Ltd&[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]& &system32\drivers\ALCXWDM.SYS&&Realtek Semiconductor Corp.&[ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter / AN983][Running/Manual Start]& &system32\DRIVERS\AN983.sys&&ADMtek Incorporated.&[Rising TDI Base Driver / BaseTDI][Running/Auto Start]& &System32\DRIVERS\BaseTDI.SYS&&Beijing Rising Technology Co., Ltd.&[EagleNT / EagleNT][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\drivers\EagleNT.sys&&N/A&[GMSIPCI / GMSIPCI][Stopped/Manual Start]& &\??\G:\INSTALL\GMSIPCI.SYS&&N/A&[HookCont / HookCont][Running/System Start]& &\SystemRoot\system32\drivers\HookCont.sys&&Beijing Rising Technology Co., Ltd&[HookNtos / HookNtos][Running/System Start]& &\SystemRoot\system32\drivers\HookNtos.sys&&Beijing Rising Technology Co., Ltd&[HookReg / HookReg][Running/System Start]& &\SystemRoot\system32\drivers\HookReg.sys&&Beijing Rising Technology Co., Ltd&[HookSys / HookSys][Running/System Start]& &\SystemRoot\system32\drivers\HookSys.sys&&Beijing Rising Technology Co., Ltd&[HookUrl / HookUrl][Running/Auto Start]& &\??\D:\Rising\Rising\Rfw\HookUrl.sys&&Beijing Rising Technology Co., Ltd.&[npkcrypt / npkcrypt][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\npkcrypt.sys&&N/A&[npkycryp / npkycryp][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\npkycryp.sys&&N/A&[NTACCESS / NTACCESS][Stopped/Manual Start]& &\??\G:\NTACCESS.sys&&N/A&[nv / nv][Running/Manual Start]& &system32\DRIVERS\nv4_mini.sys&&NVIDIA Corporation&[Direct Parallel Link Driver / Ptilink][Running/Manual Start]& &system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&[QKeyServiceDisplay / QKeyService][Running/Boot Start]& &\SystemRoot\system32\KeyCrypt.sys&&Tencent Technology (Shenzhen) Company Limited&[QuakeDRV / QuakeDRV][Running/Boot Start]& &\SystemRoot\system32\DRIVERS\quakedrv.sys&&N/A&[Rising& Rfwbase Driver / RfwBase][Running/Auto Start]& &System32\DRIVERS\rfwbase.SYS&&Beijing Rising Technology Co., Ltd.&[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]& &\SystemRoot\system32\drivers\RsBoot.sys&&Beijing Rising Technology Co., Ltd.&[RsFwDrv / RsFwDrv][Running/System Start]& &\??\D:\Rising\Rising\Rfw\RsFwDrv.sys&&Beijing Rising Technology Co., Ltd.&[RsNTGDI / RsNTGDI][Running/Boot Start]& &\SystemRoot\system32\Drivers\RsNTGdi.sys&&Beijing Rising Technology Co., Ltd.&[Secdrv / Secdrv][Stopped/Manual Start]& &system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&[SetupNTGLM7X / SetupNTGLM7X][Stopped/Manual Start]& &\??\G:\NTGLM7X.sys&&N/A&[sptd / sptd][Running/Boot Start]& &\SystemRoot\System32\Drivers\sptd.sys&&N/A&[sys_flt / sys_flt][Stopped/Manual Start]& &\??\C:\DOCUME~1\ADMINI~1.CHI\LOCALS~1\Temp\~21.tmp&&N/A&[TesSafe / TesSafe][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\TesSafe.sys&&TENCENT&[XDva074 / XDva074][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\XDva074.sys&&N/A&[XDva092 / XDva092][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\XDva092.sys&&N/A&用户系统信息:Mozilla/4.0 ( MSIE 7.0; Windows NT 5.1; KuGooS .NET CLR 2.0.50727)
拙长孩提狮
回复:帮帮忙啊,中病毒了
==================================浏览器加载项[ThunderAtOnce Class]& {01443AEC-0FD1-40fd-9C87-E93D} &D:\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD&[VnetCookie Class]& {4E83D567-B-B1F0-A513B01DB89A} &c:\PROGRA~1\chinanet\VNETTR~1.DLL, &[超级兔子上网精灵]& {B70-4A5B-B789-B25FE09B4AF3} &D:\超级兔子\haokanbar.dll, Xiang Feng Technology&[Invoke Class]& {EB-449b-9982-CAD99180EC0F} &C:\WINDOWS\system32\0a21.dll, &[Thunder Browser Helper]& {889D2FEB-98-1DD2C5261283} &D:\迅雷5\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD&[启动迅雷5]& {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} &D:\迅雷5\Thunder.exe, Thunder Networking Technologies,LTD&[浩方对战平台]& {0A155D3C-68E2-4215-A47A-E800A446447A} &D:\浩方优化版\HFGameOPT\GameClient.exe, 上海浩方在线信息技术有限公司&[扑克]& {4-} &E:\单机斗地主\开心斗地主.exe, 飞碟网络&[PPLive]& {95B3F550-91C4-4627-BCC4-77} &E:\PPLIVE\PPLive.exe, N/A&[讯通视频语音聊天]& {97C0CDFA-970D-4222-ADDE-C} &, N/A&[Messenger]& {FB5Fd2-BB9E-00C04F795683} &C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation&[卡卡上网安全助手]& {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} &C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.&[超级兔子上网精灵]& {4FD-4F15-9B46-F4E} &D:\超级兔子\haokanbar.dll, Xiang Feng Technology&[KooPlayer Control]& {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} &C:\WINDOWS\DOWNLO~1\KOOPLA~1.OCX, Koos&[PasswordEditCtrl Class]& {E787FD25-8D7C-4693-AE67-DF} &C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司&[ThunderAtOnce Class]& {01443AEC-0FD1-40FD-9C87-E93D} &D:\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD&[ActiveMovieControl Object]& {06-11CE-BF01-00AA0055595A} &C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation&[ULiveCtrl Control]& {070CA17A-4BD2--32B1B9159B47} &C:\PROGRA~1\sina\UCLive\UCLIVE~1.OCX, 北京新浪信息技术有限公司&[GerneralPeerID Class]& {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} &D:\迅雷5\Components\InMedia\peerid.dll, &[EWA Control]& {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} &E:\PPLIVE\SYNACA~2.OCX, Synacast&[Windows Media Player]& {22D6F312-B0F6-11D0-94AB-E95} &C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation&[Recorder Control]& {F42-457B-A337-FE3B11964DB0} &D:\BLUESK~1\recorder.ocx, Bluesky Studio ()&[HTML Document]& {F9-11CF-8FD0-00AA00686F13} &C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation&[XML DOM Document]& {B36-11D2-B20E-00C04F983E60} &%SystemRoot%\system32\msxml3.dll, N/A&[DHTML Edit Control Safe for Scripting for IE5]& {2D360201-FFF5-11D1-8D03-00A0C959BC0A} &C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation&[BlueskyVideo Control]& {2EA6D939--A12B-8CB3DDA8B855} &D:\BLUESK~1\v2.ocx, Bluesky Studio ()&[Ppd Control]& {2F2BA87D-385E-E190B06AA9} &D:\BLUESK~1\ppd.ocx, Bluesky Studio()&[RealPlayer RAM Download Handler]& {2F542A2E-EDC9-4BF7-8CB1-87C} &C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.&[Share Control]& {-0C4D-4E76-A7C6-FBAF129DBCC9} &D:\BLUESK~1\share.ocx, Bluesky Studio ()&[超级兔子上网精灵]& {4FD-4F15-9B46-F4E} &D:\超级兔子\haokanbar.dll, Xiang Feng Technology&[XML Document]& {4D9-11D1-A6B3-00C04FD91555} &%SystemRoot%\system32\msxml3.dll, N/A&[Thunder Agent Class]& {-8FB2-4B3B-B29B-8B919B0EACCE} &D:\迅雷5\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD&[IE2EMUrlTaker Class]& {F-4CA0-B8CD-6F496C997FAF} &E:\eMule\IE2EM.dll, &[VnetCookie Class]& {4E83D567-B-B1F0-A513B01DB89A} &c:\PROGRA~1\chinanet\VNETTR~1.DLL, &[HHCtrl Object]& {52A2AAAE-085D-4187-97EA-8C30DB990436} &C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation&[Shell Name Space]& {DE-11D1-B9F2-00A0C98BC547} &C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation&[Traceppd Control]& {5910C66C-F9BA--C098B7F0ED62} &D:\BLUESK~1\traceppd.ocx, BlueskyStudio()&[KooPlayer Control]& {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} &C:\WINDOWS\DOWNLO~1\KOOPLA~1.OCX, Koos&[PowerPlayer Control]& {5EC7C511-CD0F-42E6-830C-1BD} &D:\PPStream\POWERP~1.DLL, PPStream Inc.&[PP Control]& {616DACC1-C5E6-FA4FC726BAD} &D:\BLUESK~1\ppc.ocx, Bluesky Studio ()&[XMP Class]& {8-4C41-AACC-52D4D7845851} &C:\Documents and Settings\All Users.WINDOWS\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, &[XDRM]& {693571CB-54A3-4E90-9D52-EEAE} &C:\Documents and Settings\All Users.WINDOWS\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, &[StormPlayer Object]& {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} &E:\电影\暴风影音\mps.dll, 北京暴风网际科技有限公司&[Windows Media Player]& {6BF52A52-394A-11D3-B153-00C04F79FAA6} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&[BDC Control]& {D4A-11D7-A4DC-00E04C504779} &D:\BLUESK~1\BDC\Bdc.ocx, BLUE&[超级兔子上网精灵]& {B70-4A5B-B789-B25FE09B4AF3} &D:\超级兔子\haokanbar.dll, Xiang Feng Technology&[Videohelp Control]& {75B75D86-D88B-4BEA-BC59-BFD9D7300518} &D:\BLUESK~1\VIDEOH~1.OCX, Bluesky Studio()&[MediaComm Class]& {1B-42AF-BDFE-46D26AF5EFF2} &D:\迅雷5\Components\InMedia\MediaAddin15.dll, Thunder Networking Technologies,LTD&[Invoke Class]& {EB-449B-9982-CAD99180EC0F} &C:\WINDOWS\system32\0a21.dll, &[360SafeLive]& {C--D416CB8059E3} &D:\360安全卫士\360safe\live.dll, &[Microsoft Web Browser]& {A-11D0-A96B-00C04FD705A2} &C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation&[Filetran Control]& {D0-42C0-A13F-7E881EE550CF} &D:\BLUESK~1\filetran.ocx, Bluesky Studio()&[Thunder Browser Helper]& {889D2FEB-98-1DD2C5261283} &D:\迅雷5\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD&[Chat Control]& {94EFE58C-E678-4808-AD65-24CE4B94C1FE} &D:\BLUESK~1\chat.ocx, Bluesky Studio()&[Blueskyvoice Control]& {--8C24-F5CB} &D:\BLUESK~1\BLUESK~1.OCX, Bluesky Studio ()&[Display Control]& {A1D97DB3-E564--6F5182CBF406} &D:\BLUESK~1\display.ocx, Bluesky Studio ()&[Tracechat Control]& {AD1-4E7B-CDA5B603C} &D:\BLUESK~1\TRACEC~1.OCX, Bluesky Studio()&[RMGetLicense Class]& {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} &C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation&[Imgsend Control]& {AA1561BF-D290-} &D:\BLUESK~1\imgsend.ocx, Bluesky Studio ()&[Thunder DapCtrl]& {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} &C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.1.6..dll, ShenZhen Thunder Networking Technologies Ltd.&[Microsoft Scriptlet Component]& {AE24FDAE-03C6-11D1-8B76-} &C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation&[PPChat Control]& {AFB97F16-B7E8-4EB1-8133-FBD5AA2EBB3B} &D:\BLUESK~1\ppchat.ocx, Bluesky Studio()&[SearchAssistantOC]& {B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, N/A&[Blueskyvoice Control]& {BA0F088C-72C1-475a-92F8-42391DEF6961} &D:\BLUESK~1\BLUESK~2.OCX, 蓝天工作室()&[RDS.DataSpace]& {BD96C556-65A3-11D0-983A-00C04FC29E36} &C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation&[Client Control]& {C7B0C764-5D4E-433E-A854-591F} &D:\BLUESK~1\client.ocx, BlueskyStudio()&[MytvPlayer]& {C843C397-1B23--BB5DC1AB2985} &C:\Program Files\MyTvPlayer\MyTvPlayer.dll, 炎黄互动 &[Play Control]& {CC20DDA1-9A21-4DEC-B5BE-E61E0351FCA9} &D:\BLUESK~1\play.ocx, Bluesky Studio ()&[QQPlayerSvr Proxy Control]& {CD4-43E6-AA90-8} &D:\狂人QQ\QzoneMusic.dll, 腾讯科技&[VIDEO__X_MS_ASF Moniker Class]& {CD3AFA8F-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&[RealPlayer G2 Control]& {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.&[Shockwave Flash Object]& {D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.&[卡卡上网安全助手]& {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} &C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.&[PasswordEditCtrl Class]& {E787FD25-8D7C-4693-AE67-DF} &C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司&[BoBoControl Class]& {EC0978ED-24E3-403C-AB7A-060E} &C:\WINDOWS\system32\BoBo_ActiveX_V3.ocx, 广州易播信息科技有限公司&[TimwpDll.TimwpCheck]& {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} &D:\狂人QQ\Timwp.dll, TENCENT&[XML HTTP Request]& {ED8C108E--91A4-00C04F7969E8} &%SystemRoot%\system32\msxml3.dll, N/A&[Scripting.Dictionary]& {EE09B103-97E0-11CF-978F-00A02463E06F} &C:\WINDOWS\system32\scrrun.dll, Microsoft Corporation&[Thunder DapPlayer]& {EEDD6FF9-13DE-496B-9A1C-D78B} &D:\迅雷5\Components\DownAndPlay\DapPlayer3.0.44.68.729.dll, ShenZhen Thunder Networking Technologies Ltd.&[QvodCtrl Class]& {F3D0D36F-23F8-C92B03D4AF} &D:\BlueskyControls\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd&[XPPlayer Class]& {F3E70CEA-956E-49CC-B444-73AFE593AD7F} &C:\Documents and Settings\All Users.WINDOWS\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder&[XML HTTP 3.0]& {F1-11D3-89B9-1} &%SystemRoot%\system32\msxml3.dll, N/A&[XML HTTP]& {F6D90F16-9C73-11D3-B32E-00C04F990BB4} &%SystemRoot%\system32\msxml3.dll, N/A&[IERPCtl Class]& {FDC7A535--A0EA-D9994BCC0DC5} &D:\REAL\rpplugins\ierpplug.dll, RealNetworks, Inc.&[使用iTudou下载节目]& &, N/A&[使用迅雷下载]& &D:\迅雷5\Program\geturl.htm, N/A&[使用迅雷下载全部链接]& &D:\迅雷5\Program\getallurl.htm, N/A&[添加到QQ表情]& &D:\狂人QQ\AddEmotion.htm, N/A&[添加到网络硬盘]& &D:\狂人QQ\AddToNetDisk.htm, N/A&
拙长孩提狮
回复:帮帮忙啊,中病毒了
==================================正在运行的进程[PID: 448 / SYSTEM][\SystemRoot\System32\smss.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 528 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 552 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 596 / SYSTEM][C:\WINDOWS\system32\services.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 608 / SYSTEM][C:\WINDOWS\system32\lsass.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 760 / SYSTEM][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 816 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 884 / SYSTEM][D:\Rising\Rising\Rav\CCenter.exe]& [Beijing Rising Technology Co., Ltd., 20.0.0.28]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 900 / SYSTEM][C:\WINDOWS\System32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1072 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1232 / Administrator][C:\WINDOWS\Explorer.EXE]& [Microsoft Corporation, 6.00. (xpsp_sp2_gdr.4)]& & [C:\WINDOWS\system32\RavExt.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.17]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\迅雷5\ComDlls\xunleiBHO_Now.dll]& [Thunder Networking Technologies,LTD, 5, 0, 8, 96]& & [D:\迅雷5\Components\ResWorker\DsBho_01.dll]& [, 1, 0, 0, 17]& & [D:\迅雷5\Components\ResWorker\DataProcessor_01.dll]& [Thunder Networking Technologies,LTD, 1, 0, 0, 16]& & [D:\迅雷5\ComDlls\TDAtOnce_Now.dll]& [Thunder Networking Technologies,LTD, 1.0.5.16]& & [C:\WINDOWS\system32\0a21.dll]& [, 1, 1, 0, 2]& & [D:\Daemon Tools\WinRar\rarext.dll]& [N/A, ]& & [E:\金山游~1\Tools\KVD\kscdrush.dll]& [金山软件股份有限公司, 5, 0, 0, 0]& & [C:\WINDOWS\system32\TudouUpload.dll]& [, 1.1.0.0]& & [D:\Rising\Rising\Rav\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16][PID: 1256 / SYSTEM][D:\RISING\RISING\RAV\ravmond.exe]& [Beijing Rising Technology Co., Ltd., 20.0.0.76]& & [D:\RISING\RISING\RAV\BWList.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.4]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [D:\RISING\RISING\RAV\RSAPPMGR.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\RISING\RISING\RAV\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16]& & [D:\RISING\RISING\RAV\RsLog.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.34]& & [D:\RISING\RISING\RAV\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\RISING\RISING\RAV\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\RISING\RISING\RAV\MonRule.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.29]& & [D:\RISING\RISING\RAV\Hooksys.dll]& [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\RISING\RISING\RAV\HookReg.dll]& [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]& & [D:\RISING\RISING\RAV\HookNtos.dll]& [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]& & [D:\RISING\RISING\RAV\rswalmon.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]& & [D:\RISING\RISING\RAV\recomp.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]& & [D:\RISING\RISING\RAV\refs.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\RISING\RISING\RAV\ffr.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]& & [D:\Rising\Rising\Rav\RsStore.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.8]& & [D:\RISING\RISING\RAV\HookCont.dll]& [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]& & [D:\Rising\Rising\Rav\fakescan.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.13]& & [D:\Rising\Rising\Rav\Scanner.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.36]& & [D:\RISING\RISING\RAV\viruslib.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]& & [D:\RISING\RISING\RAV\relibldr.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]& & [D:\RISING\RISING\RAV\HookWeb.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.2]& & [D:\RISING\RISING\RAV\nvfile.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]& & [D:\RISING\RISING\RAV\extfile.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]& & [D:\RISING\RISING\RAV\pearc.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]& & [D:\RISING\RISING\RAV\scanexec.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]& & [D:\RISING\RISING\RAV\unexe.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]& & [D:\RISING\RISING\RAV\scanex.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 62]& & [D:\RISING\RISING\RAV\scansct.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]& & [D:\RISING\RISING\RAV\scanpack.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]& & [D:\RISING\RISING\RAV\revm.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]& & [D:\RISING\RISING\RAV\urutils.dll]& [, 20, 0, 0, 5]& & [D:\RISING\RISING\RAV\ur000.dat]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]& & [D:\RISING\RISING\RAV\scriptci.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]& & [D:\RISING\RISING\RAV\ur023.dat]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]& & [D:\RISING\RISING\RAV\uroutine.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]& & [D:\RISING\RISING\RAV\ur001.dat]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]& & [D:\RISING\RISING\RAV\extmail.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9][PID: 1264 / SYSTEM][D:\Rising\Rising\Rfw\rfwsrv.exe]& [Beijing Rising Technology Co., Ltd., 7.0.0.68]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [D:\Rising\Rising\Rfw\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RSAPPMGR.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\Rising\Rising\Rfw\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16]& & [D:\Rising\Rising\Rfw\RfwRule.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.13]& & [D:\Rising\Rising\Rfw\rfwlog.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.12]& & [D:\Rising\Rising\Rfw\Rfwdrv.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.41]& & [D:\Rising\Rising\Rfw\ijt_ctrl.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.0]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\Rising\Rising\Rfw\unvdet.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.5]& & [D:\Rising\Rising\Rfw\mPorts.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.3][PID: 1376 / SYSTEM][D:\Rising\Rising\Rfw\rfwProxy.exe]& [Beijing Rising Technology Co., Ltd., 7.0.0.33]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [D:\Rising\Rising\Rfw\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RfwRule.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.13]& & [D:\Rising\Rising\Rfw\urlrule.dll]& [Beijing Rising Technology Co., Ltd., 1, 0, 0, 9]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\Rising\Rising\Rfw\MonMid.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.4][PID: 1580 / SYSTEM][D:\Rising\Rising\Rfw\rfwstub.exe]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [D:\Rising\Rising\Rfw\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1792 / SYSTEM][D:\RISING\RISING\RAV\RavStub.exe]& [Beijing Rising Technology Co., Ltd., 20.0.0.9]& & [D:\RISING\RISING\RAV\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\RISING\RISING\RAV\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\RISING\RISING\RAV\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1892 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_gdr.9)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1932 / Administrator][D:\Rising\Rising\Rfw\RfwMain.exe]& [Beijing Rising Technology Co., Ltd., 7.0.1.65]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [D:\Rising\Rising\Rfw\RsGuiLib.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]& & [D:\Rising\Rising\Rfw\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RSAPPMGR.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\Rising\Rising\Rfw\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16]& & [D:\Rising\Rising\Rfw\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rfw\RfwCtrl.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.7]& & [D:\Rising\Rising\Rfw\RsXML.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]& & [D:\Rising\Rising\Rfw\PngDll.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\Rising\Rising\Rfw\RfwRule.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.13][PID: 1504 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]& [NVIDIA Corporation, 6.14.10.4471][PID: 288 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 936 / Administrator][D:\Rising\Rising\Rav\RavTask.exe]& [Beijing Rising Technology Co., Ltd., 20.0.0.23]& & [D:\Rising\Rising\Rav\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rav\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rav\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rav\RSAPPMGR.DLL]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\Rising\Rising\Rav\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16][PID: 712 / Administrator][C:\WINDOWS\system32\ctfmon.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 2180 / Administrator][D:\Rising\Rising\Rav\Ravmon.exe]& [Beijing Rising Technology Co., Ltd., 20.0.01.19]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [D:\Rising\Rising\Rav\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rav\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rav\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rav\recomp.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]& & [D:\Rising\Rising\Rav\refs.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rav\viruslib.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]& & [D:\Rising\Rising\Rav\relibldr.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]& & [D:\Rising\Rising\Rav\RSAPPMGR.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\Rising\Rising\Rav\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16]& & [D:\Rising\Rising\Rav\MonRule.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.29]& & [D:\Rising\Rising\Rav\PngDll.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]& & [D:\Rising\Rising\Rav\Rsguilib.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]& & [D:\Rising\Rising\Rav\RsXML.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0][PID: 2904 / Administrator][C:\Program Files\ChinaNet\VnetClient.exe]& [, , 1]& & [C:\Program Files\ChinaNet\Communicate.dll]& [0, , 1]& & [C:\Program Files\ChinaNet\DialModule.dll]& [GDCN, , 16]& & [C:\Program Files\ChinaNet\MFC42.DLL]& [Microsoft Corporation, 6.00.8665.0]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]& [, , 1]& & [C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\sign.dll]& [0, , 1]& & [C:\PROGRA~1\ChinaNet\PostPlug.dll]& [, , 2]& & [C:\PROGRA~1\ChinaNet\ADVERT~1.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\Gif89a.dll]& [, , 1]& & [C:\PROGRA~1\ChinaNet\VnetBs.ocx]& [, , 1]& & [C:\PROGRA~1\ChinaNet\ACCOUN~2.DLL]& [, , 1]& & [C:\PROGRA~1\ChinaNet\AccountMgr.dll]& [, , 10]& & [C:\PROGRA~1\ChinaNet\VnetSkin.ocx]& [GDDC, , 1]& & [C:\PROGRA~1\ChinaNet\DialogStyle.dll]& [, 1, 0, 0, 1]& & [C:\PROGRA~1\ChinaNet\Timer.ocx]& [, , 17]& & [C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\NEWMES~1.DLL]& [, , 1]& & [C:\PROGRA~1\ChinaNet\PassCtrl.dll]& [, 1, 0, 0, 1]& & [C:\WINDOWS\system32\wpcap.dll]& [Politecnico di Torino, 3, 0, 0, 18]& & [C:\WINDOWS\system32\pthreadVC.dll]& [N/A, ]& & [C:\WINDOWS\system32\packet.dll]& [Politecnico di Torino, 3, 0, 0, 18]& & [C:\PROGRA~1\ChinaNet\PlugPush.dll]& [, , 1]& & [C:\PROGRA~1\ChinaNet\ALLINT~1.DLL]& [, , 1]& & [C:\PROGRA~1\ChinaNet\VNETLO~1.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\StatNum.dll]& [, , 1]& & [C:\PROGRA~1\ChinaNet\VNETON~1.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL]& [GDCN, , 1]& & [C:\PROGRA~1\ChinaNet\VnetOptLog.dll]& [, , 9]
拙长孩提狮
回复:帮帮忙啊,中病毒了
[D:\Rising\Rising\Rav\RavScrCh.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]& & [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]& [Adobe Systems, Inc., 9,0,124,0][PID: 3916 / Administrator][D:\狂人QQ\QQ.exe]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQBaseClassInDll.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQHelperDll.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\BasicCtrlDll.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\MSIMG32.dll]& [N/A, ]& & [D:\狂人QQ\FinePlus.dll]& [N/A, ]& & [D:\狂人QQ\fphelper.dll]& [N/A, ]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\狂人QQ\QQAPI.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\TXPFProxy.dll]& [N/A, ]& & [D:\狂人QQ\LoginCtrl.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\LoginCtrlRes.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQRes.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQMainFrame.dll]& [N/A, ]& & [D:\狂人QQ\QQPlugin.dll]& [N/A, ]& & [D:\狂人QQ\UnReadMsgMgr.dll]& [N/A, ]& & [D:\狂人QQ\CQQApplication.dll]& [N/A, ]& & [D:\狂人QQ\FlashAvatarDll.dll]& [, 1, 4, 0, 1]& & [D:\狂人QQ\NewSkin.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\MailSummary.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\vbscript.dll]& [N/A, ]& & [D:\狂人QQ\encode.dll]& [Microsoft Corporation, 5.6.0.8825]& & [C:\WINDOWS\system32\msdmo.dll]& [, ]& & [D:\狂人QQ\OEMApplication.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQKnowledgeSearch.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQGroupMng.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQAvatar.dll]& [N/A, ]& & [D:\狂人QQ\QQAllInOne.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\SCCore.dll]& [TENCENT, 1, 6, 0, 2]& & [D:\狂人QQ\CameraDll.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQSpace.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QRingMng.dll]& [N/A, ]& & [D:\狂人QQ\QQSysMsgMng.dll]& [N/A, ]& & [D:\狂人QQ\UserDefinedHead.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQConfigPlugin.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQCustomFace.dll]& [N/A, ]& & [D:\狂人QQ\LongConnection.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQAddr.dll]& [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]& & [D:\狂人QQ\PersonalDesktop.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\CommercesMng.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQSceneMng.dll]& [N/A, ]& & [D:\狂人QQ\AddrSearch.dll]& [腾讯科技(深圳)有限公司, 2, 0, 1, 10]& & [D:\狂人QQ\QQDoctor\TSVulMdw.dat]& [TENCENT, , 3][PID: 3924 / SYSTEM][C:\WINDOWS\system32\a2e21.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 4032 / Administrator][C:\WINDOWS\system32\rundll32.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [C:\WINDOWS\system32\501.dll]& [& , 1, 0, 0, 3][PID: 3516 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]& [Microsoft Corporation, 7.00. (vista_gdr.6)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\超级兔子\haokanbar.dll]& [Xiang Feng Technology, 2, 2, 0, 1612]& & [D:\迅雷5\ComDlls\TDAtOnce_Now.dll]& [Thunder Networking Technologies,LTD, 1.0.5.16]& & [c:\PROGRA~1\chinanet\VNETTR~1.DLL]& [, , 1]& & [c:\PROGRA~1\chinanet\Communicate.dll]& [0, , 1]& & [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]& [, , 1]& & [C:\WINDOWS\system32\0a21.dll]& [, 1, 1, 0, 2]& & [D:\迅雷5\ComDlls\xunleiBHO_Now.dll]& [Thunder Networking Technologies,LTD, 5, 0, 8, 96]& & [D:\迅雷5\Components\ResWorker\DsBho_01.dll]& [, 1, 0, 0, 17]& & [D:\迅雷5\Components\ResWorker\DataProcessor_01.dll]& [Thunder Networking Technologies,LTD, 1, 0, 0, 16]& & [D:\Rising\Rising\Rav\RavScrCh.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]& & [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]& [Adobe Systems, Inc., 9,0,124,0][PID: 768 / Administrator][D:\新建文件夹\SREngPS.EXE]& [Smallfrogs Studio, 2.5.16.900]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\新建文件夹\Upload\3rdUpd.DLL]& [Smallfrogs Studio, 2, 1, 0, 15]==================================文件关联.TXT& Error. [C:\WINDOWS\notepad.exe %1].EXE& OK. [&%1& %*].COM& OK. [&%1& %*].PIF& OK. [&%1& %*].REG& OK. [regedit.exe &%1&].BAT& OK. [&%1& %*].SCR& OK. [&%1& /S].CHM& Error. [&hh.exe& %1].HLP& OK. [%SystemRoot%\System32\winhlp32.exe %1].INI& Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1].INF& OK. [%SystemRoot%\System32\NOTEPAD.EXE %1].VBS& OK. [%SystemRoot%\System32\WScript.exe &%1& %*].JS&
OK. [%SystemRoot%\System32\WScript.exe &%1& %*].LNK& OK. [{0-}]==================================Winsock 提供者N/A==================================Autorun.infN/A==================================HOSTS 文件127.0.0.1& & &
localhost127.0.0.1& yu.8s7.net127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& xxx.m111.biz127.0.0.1& 127.0.0.1& 127.0.0.1& xxx.vh7.biz127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& xxx.mmma.biz127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& down.18dd.net127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& c3.aishangai.net127.0.0.1& c2.aishangai.net127.0.0.1& 127.0.0.1& 127.0.0.1& d1.163500.net127.0.0.1& down.==================================进程特权扫描特殊特权被允许: SeDebugPrivilege [PID = 2904, C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE]特殊特权被允许: SeLoadDriverPrivilege [PID = 2904, C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE]==================================API HOOK入口点错误:CreateProcessA (危险等级: 高,& 被下面模块所HOOK: 0x010A1FFD)入口点错误:CreateProcessW (危险等级: 高,& 被下面模块所HOOK: 0x010A20E5)==================================隐藏进程N/A==================================[/CODE]
拙长孩提狮
回复:帮帮忙啊,中病毒了
帮帮忙啊.我继续等啊
回复:帮帮忙啊,中病毒了
1.用XDelBox勾选抑制再生后删除以下文件:()使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。c:\windows\system32\0a21.dllc:\windows\system32\a2e21.exec:\windows\system32\501.dllc:\progra~1\swuz\cgej.dllc:\windows\inf\dev06.infc:\docume~1\admini~1.chi\locals~1\temp\~21.tmpc:\windows\system32\drivers\quakedrv.sys 2.删除重启后使用SREng修复下面各项: & & 启动项目 -- 服务 -- Win32服务应用程序之如下项删除:[Windows xbze RunThem / xbze]& & [NetBI0S / NetBI0S]&
[DCOM Service Process Manager / MSCOManager05]&
& & 启动项目 -- 服务-- 驱动程序之如下项删除:[sys_flt / sys_flt]& & [QuakeDRV / QuakeDRV]
不认识我没关系,因为我也不认识你。
威望:7781
贡献:1667
拙长孩提狮
回复:帮帮忙啊,中病毒了
谢谢啊,玩了一会没有在出现了
拙长孩提狮
回复:帮帮忙啊,中病毒了
晕,又出来了,弹出个对话框 .加载什么什么501出错,就是那个病毒文件,怎么办啊
回复:帮帮忙啊,中病毒了
再扫描个日志&
记的& 一定要以附件形式上传
不认识我没关系,因为我也不认识你。
威望:7781
贡献:1667
来自:遥远的地方
回复:帮帮忙啊,中病毒了
下载清理系统临时文件和IE临时文件夹工具,全选所有项目,点击“立即清理”清理系统这 里 下 载 W i n d o w s 清 理 助 手 ,清理系统。———————————————————————————————————————————————扫SRENG日志发这论坛来下载System Repair Engineer 1 下载的是压缩包,必须解压缩(建议解压到系统Windows文件夹里)2 运行SREng***.EXE& ((将SREng***.EXE改名为运行))3 选择主界面左边的:智能扫描=》扫描=》保存报告4 把报告保存后,直接将日志文件以附件的形式发这论坛来。一定以附件形式发这论坛来。点击你自己的主题贴右下角的“引用”或最右下角的那个较大的“回复”然后就应该知道怎么发了。哈哈,刚刚更新了,从天月哥那里偷来的
威望:14040
1&&/&&2&&页
跳转 0 ? parseInt(this.value) : 1) + '.aspx';}else{window.location='showtopic.aspx?topicid=8506327&page=' + (parseInt(this.value) > 0 ? parseInt(this.value) : 1) ;}}"" size="4" maxlength="9"
class="colorblue2"/>页
论坛跳转...
热点专题 &&瑞星杀毒软件V17 &&瑞星安全联盟论坛 &&瑞星安全随身WiFi &&瑞星个人防火墙V16 && &&广告过滤 && &&瑞星个人防火墙2011 &&瑞星路由安全卫士 && &&路由系统内核漏洞 &&瑞星积分商城 && &&北方区 && &&华东区 && &&华南区 && &&木马入侵拦截有奖体验专区 && &&瑞星2009版查杀引擎测试 && &&瑞星2009测试版问题反馈 && && &&瑞星杀毒软件2009公测 && && &&瑞星个人防火墙2009公测 && && &&瑞星全功能安全软件2009公测瑞星产品求助区 &&瑞星杀毒软件V16+ && &&瑞星杀毒软件2011 && &&瑞星全功能安全软件 && &&V16+新引擎测试专区 &&瑞星WiFi助手 &&APP保镖 &&瑞星手机安全助手 &&企业级安全产品 && &&瑞星企业终端安全管理系统 &&瑞星安全助手 && &&卡卡上网安全助手 &&瑞星安全浏览器 &&瑞星其他产品 && &&瑞星软件管家 && &&瑞星加密盘 && &&账号保险柜5.0 && &&瑞星专业数据恢复技术交流区 &&反病毒/反流氓软件论坛 && &&菜鸟学堂 && &&安全技术讨论 &&恶意网站交流 && &&每日网马播报 && &&瑞星云安全网站联盟专版 &&入侵防御(HIPS) &&可疑文件交流 &&系统软件 && &&防火墙自定义规则 &&硬件交流综合娱乐区 &&Rising茶馆 &&影音贴图 &&瑞星安全游戏 && &&战将风云 && &&飘渺西游 && &&傲视天地 && &&凡人修真 && &&华人德州扑克 && &&天地英雄 && &&一球成名 && &&星际世界 && &&武林英雄 && &&神仙道 && &&赢家竞技 && &&盛世三国 && &&龙将 && &&梦幻飞仙 && &&斗破苍穹 && &&热血海贼王 && &&三国演义 && &&开天辟地 && &&仙落凡尘 && &&秦美人 && &&大侠传 && &&烈火战神 && &&神将三国 && &&街机三国 && &&龙回三国 && &&武尊 && &&绝代双骄 && &&攻城掠地 && &&女神联盟 && &&最无极 && &&剑影 && &&仙侠道 && &&风云无双 && &&傲视九重天 && &&深渊 && &&魅影传说 && &&热血屠龙 && &&雷霆之怒 && &&大天使之剑 && &&传奇霸业 && &&战天 && &&无上神兵 && &&九鼎记 && &&大国战 &&活动专区 && &&实习生专区 && && &&实习生交流区 && && && &&实习生签到区 && && &&实习生考核区 && &&“安全之狮”校园行活动专版 && &&历史活动 && && &&论坛9周年活动专区 && && &&关注灾情 同心抗灾本站站务区 &&站务 &&版主之家[限] && &&禁言禁访记录 &&待审核 &&瑞星客户俱乐部[限]}
惠普 P1606dn网络打印机自动打印日期~!
用网络连接最近公司新买的 惠普 P1606dn打印机,而且惠普打印机占的比例很大,另外一台打印机也是共享为什么没有这种现象,共享打印,可是我很郁闷,打电话问客服,而且360,网上说的病毒文件,按要求设置了,发现网上很多同样的问题,我想问问到底是病毒还是惠普打印机的自身漏洞,从安装好的那天开始。去官网论坛问客服,就会自动打印一张左上角有日期的白纸,我在进程管理和注册表都没有发现,还是出现,说是威金病毒,毒霸这些都查不出病毒,一开始说设置问题
如果以上信息没有解决您的问题.hp:///support)、惠普家用产品支持论坛()寻求帮助./support" target="_blank">.hp首先我想与您确认下您是通过网络连接还是使用USB线连接去共享的
我们使用网络连接的
那我这边建议您尝试更换打印机IP地址试试看,或者您方便的话更换个路由器看下了。麻烦了。
其他类似问题
为您推荐:
网络打印机的相关知识
等待您来回答
下载知道APP
随时随地咨询
出门在外也不愁查看: 9490|回复: 114
mm.exe 第405次更新 3月31日第2次更新
假借瑞星之名
第1至28次更新:
第29至54次更新:
第55至80次更新:
第81至116次更新:
第117至160次更新:
第161至210次更新:
第210至258次更新:
第258至297次更新:
第298至365次更新:
====================
3月31(晚上,今天第2次)
3d4bfeb678cba729b7cbfb8&&3.ex3e
9f66d9047&&8.exe2
2fff4b096dfa3c&&TIMPIatform.exe3
3.ex3e - Trojan-Dropper.Win32.Agent.alfy
8.exe2 - Trojan-GameThief.Win32.OnLineGames.uuco
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajuj
====================
3月31(早上,今天第1次)
e3018dcebc& &1.exe3
202a687b05& &9.exe2
9d156cc710ddcd3bfd2da3& &TIMPIatform.exe3
1.exe3 - Trojan-Dropper.Win32.Small.czn
9.exe2 - Trojan-GameThief.Win32.OnLineGames.uuca
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajui
====================
3月30(晚上,今天第2次)
ea46b0bd13eeda93abe4& &1.exe
fe08aeeee280eb& &TIMPIatform.exe3
1.exe2 - Trojan-Dropper.Win32.Agent.aldm
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajuc
====================
3月30(早上,今天第1次)
e14d0a686f08ef2365f7& &1.exe
0fb034d9ddb68c7f7edc53df805bc9db& &9.exe
67eba394dace7c9021d13& &TIMPIatform.exe3
1.exe1 - Trojan-Dropper.Win32.Agent.alef
9.exe1 - Trojan-GameThief.Win32.OnLineGames.uuad
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajtz
====================
3月29(晚上,今天第2次)
9bdbee513b63e3eb8f281&&9.exe
9.exe3 - Trojan-GameThief.Win32.OnLineGames.utzr
====================
3月29(早上,今天第1次)
62ddcfab7e& &1.exe1
af29df49f243ccbf2cac2ff& &9.exe1
ac1b1df62f6fc41c3fe1& &aa.exe1
feb825fbf6b5ecc270aeca28df270eef& &TIMPIatform.exe2
451edbcd8fb1294ebddc& &wa.dll2
1.exe1 - Trojan-Dropper.Win32.Small.czk
9.exe1 - Trojan-GameThief.Win32.OnLineGames.utzc
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajtq
aa.exe1 - Worm.Win32.AutoRun.adic
wa.dll2 - Trojan-Dropper.Win32.Agent.akzb
====================
3月28(晚上,今天第3次)
ac1b1df62f6fc41c3fe1&&aa.exe1
21cc23d4a6bc0e28d0b720&&1.exe1
96eba1c78fbb&&9.exe1
2eda003e63a5cd154f21e2& &TIMPIatform.exe1
451edbcd8fb1294ebddc& &wa.dll1
1.exe_ - Trojan-Dropper.Win32.Agent.akzf,
wa.dll1 - Trojan-Dropper.Win32.Agent.akzb
9.exe_ - Trojan.Win32.Agent.bxrv,
aa.exe_ - Worm.Win32.AutoRun.adic,
TIMPIatform.exe_ - Trojan-Downloader.Win32.Small.ajsw
====================
3月28(中午,今天第2次)
ccf9b1d32936&&aa.exe
02f5e8b17eddd16dc3ad546&&dllB3.tmp
8ebdb193f8e170cd10a9&&wu.dll
aa.e3xe - Trojan-Dropper.Win32.Agent.akzn
wu.dl3l - Trojan-Dropper.Win32.Agent.akyp
dllB3.tm2p - Trojan.Win32.AntiAV.asp,
====================
3月28(早上,今天第1次)
7f6aab4c095d02b9c93a5dc&&1.exe
1f64bcfee2fe48f&&9.exe
f2e8a7fc28f&&aa.exe
78f112cffff&&x.gif
841bc78eb883d430e59c001d&&TIMPIatform.exe2
67f343cadbc1ce9ace12c3&&rnnb.dll2
1.exe1 - Trojan-Downloader.Win32.Agent.bpjs,
9.exe1 - Trojan-GameThief.Win32.OnLineGames.utyf,
aa.exe1 - Worm.Win32.AutoRun.fjm,
rnnb.dll2 - Trojan-Dropper.Win32.Agent.akyi,
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajss
====================
3月27(早上加中午,今天第1次)
da2fe0d2561&&x.gif1
9c612f948e49b449bae3cafd0db17095&&1.exe1
d891eaeba8f139bb2ea08f2c5412cbe5&&x.gif2
f72fd9ca7b89af0d665e9f&&1.exe2
0bd0548f90f&&9.exe2
edfe5271aaeb5&&TIMPIatform.exe2
6e471d9ccfa3a0d58b37fe&&TIMPIatform.exe1
1.exe2 - Trojan-Dropper.Win32.Small.czj,
9.exe_ - Trojan-GameThief.Win32.OnLineGames.utxi,
TIMPIatform.exe_ - Trojan-Downloader.Win32.Agent.bpeh
1.exe_ - Trojan-Dropper.Win32.Agent.akvy,
TIMPIatform.exe1 - Trojan-Downloader.Win32.Small.ajse
x.gif2 protected by password
x.gif1 clean
====================
3月26(晚上,今天第2次)
9920f6ede51dcc2a7ef925bf6068938f&&9.exe
ca8ca9ddfe6&&1.exe
6e471d9ccfa3a0d58b37fe&&TIMPIatform.exe2
1.exe2 - Trojan-Dropper.Win32.Agent.akvb
9.exe3 - Trojan-GameThief.Win32.OnLineGames.utvp,
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajse
====================
3月26(早上,今天第一次)
c2edd3bd7a2177ddd3e28c80ef5071af&&9.exe
1.exe2- Trojan-Dropper.Win32.Agent.akti
9.exe2 - Trojan-GameThief.Win32.OnLineGames.utvb
====================
3月25(中午,今天第二次)
fa83f4ffa118cc8abe8621&&1.exe
f38b68cf2bc4b4c64a3443&&TIMPIatform.exe3
Trojan-Dropper.Win32.Agent.aksf
Trojan-Downloader.Win32.Small.ajrw
====================
3月25(早上,今天第一次)
097c969ac3eb422bdbdca5bd0a87d3ad& &1.exe
6b10fcc5d6a87bb7bfbc& &9.exe
b893e49e0dac8aafc778d& &TIMPIatform.exe1
1.exe1,TIMPIatform.exe1 - Trojan-Downloader.Win32.Agent.bowl
9.exe1 - Trojan-GameThief.Win32.OnLineGames.uttk
====================
3月24(晚上)
fb612b2e7d4a09afb2f12&&1.exe
0c0ae9c22c9bcb293e9cef&&TIMPIatform.exe3
1.exe3 - Trojan-Dropper.Win32.Agent.akpy,
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajrs
====================
3月24(中午)
dc080eedd3d5f&&1.exe3
720c054aba9c81af5fd857da&&xx.exe3
702d32ad61f0cb0ecf8e4&&9.exe3
f9dd4a864ddafd&&br.dll3
63787aefd57cf7fab52e2&&TIMPIatform.exe
1.exe3 - Trojan-Dropper.Win32.Agent.akkz,
9.exe3 - Trojan.Win32.Agent.bwyb,
br.dll3 - Trojan.Win32.Agent.bwyc,
TIMPIatform.exe3 - Trojan-Downloader.Win32.Small.ajrm,
xx.exe3 - Worm.Win32.AutoRun.adax
====================
3月23(晚上)
ff3e9aaff88b5&&xx.exe
a487da9fb1acc79249cc95efc7db8235&&1.exe
a6ed4d96cbcbed50ae40780&&TIMPIatform.exe3
caabc4fe9672b&&bl.dll
5f65ae8ccae965cd5d85670&&rsss.sys3
====================
3月23(中午)
427ddc836c1cf8ea6cad3ab&&x.gif2
54b092cc48afcd6be784c8c4d21fb6ad&&xx.exe2
3ae57ff91caa0d922ec5ee&&1.ex2e
a62ef03a47aa&&pk.dll2
New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.
x.gif2 protected by password
====================
3月23(早上)
e9df47e9cbc3dbdbee505a& &9.exe
ddb07f68eec7c5& &1.exe
124daeacb88c29c12ad9& &x.gif
1bf4dc975c08387bf7fba& &xx.exe
7dff86d4ad41b4e933a1bec&&TIMPIatform.exe2
6e33ca0d0e51d8e1ca909c&&txl.dll2
1.exe2 - Trojan-Dropper.Win32.Agent.akdv
9.ex2e - Trojan-Dropper.Win32.Agent.akds
x.gif2.--_ .exe - Worm.Win32.AutoRun.acyh
xx.ex2e - Worm.Win32.AutoRun.fid
rsss.sys - Rootkit.Win32.Tiny.bi
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajre
txl.dll2 - Trojan-Dropper.Win32.Agent.akdt
====================
3月22:(晚上)
ecada50ea22f39d6ea505&&x.gif
x.gi2f.--_ .exe - Worm.Win32.AutoRun.acwj
====================
3月22:(中午)
4a5ad0beaf9f030aa6ef9f&&1.exe
2ba658b8c821ee8c2ed425b4f0da2a43&&9.exe
8acdb7f20858b2acaf99f&&TIMPIatform.exe2
Its detection will be included in the next update.
====================
3月22:(早上)
10ec53df0d11b94a84b7364db3ebec6c& &x.gif
0c6aa66cad2feb09b4cb612e& &9.exe
6bafc75e83e3726eec7ffb& &1.exe
401eef3ded& &TIMPIatform.e3xe
This file is already detected. Please update your bases.
====================
3月21:(晚上)
7efb4a6deab73045c2afc20b8bf51f2f& &1.exe
55ea0f05e4f762bacf76a5& &x.gif
baf3d9dbcbca& &TIMPIatform.exe2
1.ex2e - Trojan-Dropper.Win32.Small.cyq
x.g2if.--_ .exe - Worm.Win32.AutoRun.fht
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajqx
====================
3月21:(中午)
92aa4d284d50fa13b93ff3&&x.gif
3c588f443ecb2c0b9a60c2dd3.exe
生成跟上一包一样
1.exe1 - Trojan-Dropper.Win32.Small.cyp,
x.gif2 - Worm.Win32.AutoRun.fhr
====================
3月21:(上午)
9f8f21e10dd941c1683e&&1.exe
be1c5bd9c54&&9.exe
54b092cc48afcd6be784c8c4d21fb6ad&&mm.exe (卡巴报,不上报这个)
271fe77fed76edc8bef4b6677f7fea43&&x.gif
757ece1f6f21cdc08f41&&TIMPIatform.exe_
1.exe_ - Trojan-Dropper.Win32.Small.cyp,
9.exe_ - Trojan-GameThief.Win32.OnLineGames.bkzx,
TIMPIatform.exe_ - Trojan-Downloader.Win32.Small.jky,
x.gif_ - Worm.Win32.AutoRun.fhs
====================
3月20第3次:
b2c64c1b95faec99bf779& &x.gif
x.gi3f.--_ .exe - Worm.Win32.AutoRun.actv
====================
3月20第2次:
dc46dbe52afd94dec4f62&&9.exe3
ea8ba5b1e46e82f308a828d9cf3073b5&&x.gif2
ae3a0f4857f75dbea30bc354d4c6b7b3&&1.exe3
c3e0fc2a13d19d836c4b3e6&&TIMPIatform.exe2
1.exe3 - Trojan-Dropper.Win32.Small.cyp
9.exe3 - Trojan-GameThief.Win32.OnLineGames.utnk
x.gif2.--_ .exe - Worm.Win32.AutoRun.acur
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajqt
====================
47a1fcfc482a568a09cd812da9f4d7b9&&x.gif
185dc547e4ab2ad95ad6697&&1.exe
dc46dbe52afd94dec4f62&&9.exe
54b092cc48afcd6be784c8c4d21fb6ad&&mm.exe
a62ef03a47aa&&pk.dll2
2a4ba4ef89d59ea&&TIMPIatform.exe2
1.ex1e - Trojan-Dropper.Win32.Agent.ajyy
9.ex2e - Trojan-GameThief.Win32.OnLineGames.utnk
mm.ex2e - Worm.Win32.AutoRun.actb
x.gif2.--_ .exe - Worm.Win32.AutoRun.acth
pk.dll2 - Trojan-Dropper.Win32.Agent.ajyc
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.ajqr
====================
3月19第3次:
a9f3edd84a6fce6efd06dd&&9.exe
25c8b92c3b07e1bdf800e659a2dd8a5a&&mm.exe
e9fba2409bbb3ab4f3af01eefdc8a760&&x.gif
1ccac96c02c3&&1.exe
ce5b92d56f&&TIMPIatform.exe3
Detection will be included in the next update. Thank you for your help.
====================
3月19第2次:
938a261fe143e1bcb067c17fe3922041& &x.gif
2d2e7df1af& &mm.exe
12d9bf8c51401caac267a27& &1.exe
c1e92bbfd4be3ec2133cf& &msdd.dll2
8ee09ff5fb5d31d8b37fc& &TIMPIatform.exe2
1.exe_ - Trojan-Dropper.Win32.Small.cxy,
TIMPIatform.exe_ - Trojan-Downloader.Win32.Small.ajqj
##.exe_, mm.exe_, msdd.dll2 - Backdoor.Win32.Small.hrt
====================
07ab9c12f9e26d905b1cbe3&&x.gif
c562b3ec728c42ccd4afd8&&mm.exe
fbdfa56cea&&1.exe
8b67d2f2520ad49bce370&&9.exe
d9dfc8602ec8dcfe425fc&&WUHANWANGD.pif
56367d7acde61f9351aa7baab169bd5a&&rssd.dll3
93b1f1bbacc2f7dc194efc14ab36bcca&&TIMPIatform.exe2
1.exe1 - Trojan-Dropper.Win32.Small.cxy,
rssd.dll3 - Worm.Win32.AutoRun.acra
9.exe1 - Trojan-GameThief.Win32.OnLineGames.utlm,
mm.exe1, x.gif1 - Worm.Win32.AutoRun.fhg,
TIMPIatform.exe2 - Trojan-Downloader.Win32.Small.jkp,
WUHANWANGD.p2if - Trojan.Win32.Agent2.fuu
====================
3月18第3次:
10e9df61474&&xx.exe
058b83dc8b040c70c5a8e7d9&&x.gif
761b88feeea8&&9.exe
2f32b7928e1eea5f31627&&1.exe
93b1f1bbacc2f7dc194efc14ab36bcca&&TIMPIatform.ex2e
d9dfc8602ec8dcfe425fc&&WHWB.pif
9.ex2e - Trojan-GameThief.Win32.OnLineGames.utkp
1.ex2e - Trojan-Dropper.Win32.Small.cxw,
TIMPIatform.ex2e - Trojan-Downloader.Win32.Small.jkp,
WHWB.pif_ - Trojan.Win32.Agent2.fuu,
x.gif3 - Worm.Win32.Agent.ue,
xx.exe2 - Worm.Win32.AutoRun.fhg
====================
3月18第2次:
902e78b4d77c33373fac&&1.exe
a92a3ce9b5b&&mm.exe
d74590a27aab814ec493&&x.gif
82a807c6fe67&&kif.pif
01f74afa26d0a90bbecf49&&TIMPIatform.exe1
1.exe2 - Trojan-Dropper.Win32.Agent.ajtw,
kif.pif_ - Trojan.Win32.Agent2.fru,
mm.exe3, x.gif2 - Worm.Win32.Agent.uc,
TIMPIatform.exe1 - Trojan-Dropper.Win32.Small.cxi
====================
9eb72c9c94de794c592e8& &9.exe
902e78b4d77c33373fac& &1.exe
7fc845b6db19da0e7cae790& &x.gif
01f74afa26d0a90bbecf49& &TIMPIatform.exe
1.ex2e - Trojan-Dropper.Win32.Agent.ajtw,
TIMPIatform.exe3 - Trojan-Dropper.Win32.Small.cxi,
x.gif2 - Worm.Win32.AutoRun.acpf
9.ex3e - Trojan.Win32.Agent.bvru
====================
3月17第2次:
f5e0c0b8f45be6adaf7c517f&&1.exe
eb1e56cc84&&x.gif
0a7f803f676f8fc613f431b7&&TIMPIatform.exe
Trojan-Dropper.Win32.Agent.ajtg
Worm.Win32.Agent.ud
Trojan-Dropper.Win32.Small.cxf
====================
9d0a30baace3af211a59d7cdc8a7ec1a&&9.exe
f58e6f940b8fe114b367ac&&mm.exe
606c246e996a4f1dcdcbf54d48b720d3&&x.gif
32dc64aaf8&&1.exe
ef1c55b97b1a6b65bd220e&&TIMPIatform.exe
03e05cda9e0d&&bccd.dll
25f83bbbd57ebdde2a570ae10c7789b8&&MD.pif
Detection will be included in the next update.
====================
3月16第2次:
e8a991cde07ff82f893fae10& &1.exe
0c034aad7f3c& &x.gif
afbc0455d4de& &9.exe
f58e6f940b8fe114b367ac& &mm.exe
bc210a2f8ea364f43bbfa& &TIMPIatform.exe3
25f83bbbd57ebdde2a570ae10c7789b8& &MD.pif
e2 - Trojan-Downloader.Win32.Small.ajpq
9.exe3 - Trojan.Win32.Agent.bvig
TIMPIatform.exe3 - Trojan-Downloader.Win32.Agent.blnd
mm.exe3 - Worm.Win32.AutoRun.fgz
MD.pi3f - Trojan.Win32.Agent2.fqb
x.gif3(这个出錯,是垃圾文件)
====================
dd7df3b30b5c799d39460fbc1f019c6a&&1.exe
f982f5f3ac6c55b878b1&&mm.exe
de1cfbeee037b&&x.gif
bd19dd578fbf92bd605d5&&TIMPIatform.exe
d3470adb6c198c382623abc0ed488d70&&MD.pif
e3 - Trojan-Dropper.Win32.Agent.ajls
mm.exe2,x.gif2.--_ .exe - Worm.Win32.AutoRun.fgv
MD.pif2 - Trojan-Dropper.Win32.Agent.ajll
TIMPIatform.e2xe - Trojan-Downloader.Win32.Agent.bljt
====================
3月15第3次:
a80cda792ed97784d58a&&1.exe
1b6ab4ea4e438f6c5c2edec20040dd0c&&TIMPIatform.exe
1.exe_ - Trojan-Downloader.Win32.Small.jkd,
TIMPIatform.exe_ - Trojan.Win32.Small.bvs
====================
3月15第2次:
a75c4df2df0a& &mm.exe
c028fdb2f8c546f3d2b31& &x.gif
a49ed0094f75& &MD.pif
##.exe_, mm.exe2 - Trojan-Dropper.Win32.Agent.ajjz,
MD.pif2 - Trojan-Dropper.Win32.Agent.ajjw
====================
3c174ee6ed0f6aa2f53c20a661d6cdb3& &mm.exe1
3f21bad9bbd& &1.exe1
77d51ebf2b99c38725a3e& &x.gif1
ee0647bfe6dadb4be0ab6ba& &MD.pif
##.exe_, mm.exe1 - Worm.Win32.AutoRun.fgo,
1.exe1 - Trojan-Dropper.Win32.Agent.ajiy
MD.pif_ - Trojan-Dropper.Win32.Small.cxa
====================
[ 本帖最后由 sam.to 于
22:10 编辑 ]
404 Not Found
404 Not Found
本帖子中包含更多资源
才可以下载或查看,没有帐号?
版区有你更精彩: )
qianwenxiang
mm.exe 家族生命力果然旺盛。。
回复 2楼 qianwenxiang 的帖子
mm有很多別名,如flashmm,xx
第366次更新 3月15日第1次更新
go on sending to rs
Starting the file scan:
Begin scan in 'D:\new\1.exe1'
D:\new\1.exe1
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      A backup was created as '4a21c2ab.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
Begin scan in 'D:\new\mm.exe1'
D:\new\mm.exe1
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      A backup was created as '49eac2ea.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
Begin scan in 'D:\new\x.gif1'
D:\new\x.gif1
    [0] Archive type: RAR
    --& ᅰᅰᅥᆲ                                                                                                                                                              .exe
      [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
    [NOTE]      A backup was created as '4a23c2ab.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
Begin scan in 'D:\new\mm-c'
D:\new\mm-c\MD.pif2
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      A backup was created as '49eac2c1.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
End of the scan: 日  16:55
Used time: 00:08 Minute(s)
The scan has been done completely.
      1 Scanning directories
      5 Files were scanned
      4 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      4 files were deleted
      0 files were repaired
      4 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      4 Notes
[ 本帖最后由 Sebastian 于
16:59 编辑 ]
回复 4楼 sam.to 的帖子
Name: Packed/NSPack
Type: Sequence
Description:
c:\users\administrator\desktop\mm-c\x.gif1|照片& && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && &&&.exe
DR.WEB KILL ALL
第367次更新 3月15日第2次更新
回复 9楼 sam.to 的帖子
DR.WEB KILL All
Copyright & KaFan & All Rights Reserved.
Powered by Discuz! X3.1( 苏ICP备号 ) GMT+8,1&&/&&2&&页
跳转 0 ? parseInt(this.value) : 1) + '.aspx';}else{window.location='showtopic.aspx?topicid=8506327&page=' + (parseInt(this.value) > 0 ? parseInt(this.value) : 1) ;}}"" size="4" maxlength="9"
class="colorblue2"/>页
帮帮忙啊,中病毒了
拙长孩提狮
帮帮忙啊,中病毒了
下外挂中了病毒 瑞星提示C:\WINDOWS\system32\501.dll 老是访问网络[CODE],04:57:56System Repair Engineer 2.5.16.900Smallfrogs ()Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中:& & 所有的启动项目(包括注册表、启动文件夹、服务等)& & 浏览器加载项& & 正在运行的进程(包括进程模块信息)& & 文件关联& & Winsock 提供者& & Autorun.inf& & HOSTS 文件& & 进程特权扫描启动项目注册表[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]& & &ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]& & &runeip&&&C:\Program Files\Rising\AntiSpyware\runiep.exe& /startup&& [Beijing Rising Technology Co., Ltd.]& & &RavTask&&&D:\Rising\Rising\Rav\RavTask.exe& -system&& [(Verified)Beijing Rising Science and Technology Corporation Limited]& & &RfwMain&&&D:\Rising\Rising\Rfw\rfwmain.exe& -Startup&& [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED]& & &Knight V&&&& [N/A]& & &ISUSPM Startup&&C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup&& [InstallShield Software Corporation]& & &ISUSScheduler&&&C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe& -start&& [InstallShield Software Corporation]& & &NvCplDaemon&&RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]& & &KKDelay&&C:\Program Files\Rising\AntiSpyware\RunOnce.exe&& [Beijing Rising Technology Co., Ltd.][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]& & &shell&&Explorer.exe&& [(Verified)Microsoft Windows Publisher]& & &Userinit&&C:\WINDOWS\system32\userinit.exe,&& [(Verified)Microsoft Windows Publisher]& & &UIHost&&logonui.exe&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]& & &{32CD708B-60A7-4C00-9377-D73EAA495F0F}&&C:\WINDOWS\system32\RavExt.dll&& [(Verified)Beijing Rising Science and Technology Corporation Limited][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]& & &IE7 Uninstall Stub&&C:\WINDOWS\system32\ieudinit.exe&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]& & &Outlook Express&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE&& [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]& & &Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&& [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]& & &Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&& [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]& & &NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{e7d-11d1-bc44-00c04fd912be}]& & &Windows Messenger 4.7&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser&& [(Verified)Microsoft Windows Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]& & &Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub&& [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]& & &通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&& [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}]& & &N/A&&C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install&& [(Verified)Microsoft Corporation]==================================启动文件夹N/A==================================服务[BoBoTurbo / BoBoTurbo][Stopped/Disabled]& &C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe&&广州易播信息科技有限公司&[Contrl Center of Storm Media / ccosm][Stopped/Disabled]& &E:\电影\暴风影音\stormliv.exe /asservice&&北京暴风网际科技有限公司&[Google Updater Service / gusvc][Stopped/Disabled]& &&C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe&&&Google&[Human Intexxxce Device Access / HidServ][Stopped/Disabled]& &C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]& &&C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe&&&Macrovision Corporation&[DCOM Service Process Manager / MSCOManager05][Stopped/Auto Start]& &C:\WINDOWS\system32\svchost.exe -k netsvcs--&c:\windows\inf\dev06.inf&&N/A&[NetBI0S / NetBI0S][Running/Auto Start]& &C:\WINDOWS\system32\a2e21.exe&&Microsoft Corporation&[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]& &C:\WINDOWS\system32\nvsvc32.exe&&NVIDIA Corporation&[Qvod Terminal / Qvod Terminal][Stopped/Disabled]& &D:\BlueskyControls\QvodPlayer\QvodTerminal.exe&&Shenzhen QVOD Technology Co.,Ltd&[Rising Proxy& Service / RfwProxySrv][Running/Auto Start]& &D:\Rising\Rising\Rfw\rfwProxy.exe&&Beijing Rising Technology Co., Ltd.&[Rising Personal Firewall Service / RfwService][Running/Auto Start]& &D:\Rising\Rising\Rfw\rfwsrv.exe&&Beijing Rising Technology Co., Ltd.&[Rising Process Communication Center / RsCCenter][Running/Auto Start]& &&D:\Rising\Rising\Rav\CCenter.exe&&&Beijing Rising Technology Co., Ltd.&[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]& &&D:\RISING\RISING\RAV\Ravmond.exe&&&Beijing Rising Technology Co., Ltd.&[Windows xbze RunThem / xbze][Stopped/Auto Start]& &C:\WINDOWS\System32\svchost.exe -k netsvcs--&C:\PROGRA~1\swuz\cgej.dll&&&==================================驱动程序[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]& &system32\drivers\ALCXSENS.SYS&&Sensaura Ltd&[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]& &system32\drivers\ALCXWDM.SYS&&Realtek Semiconductor Corp.&[ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter / AN983][Running/Manual Start]& &system32\DRIVERS\AN983.sys&&ADMtek Incorporated.&[Rising TDI Base Driver / BaseTDI][Running/Auto Start]& &System32\DRIVERS\BaseTDI.SYS&&Beijing Rising Technology Co., Ltd.&[EagleNT / EagleNT][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\drivers\EagleNT.sys&&N/A&[GMSIPCI / GMSIPCI][Stopped/Manual Start]& &\??\G:\INSTALL\GMSIPCI.SYS&&N/A&[HookCont / HookCont][Running/System Start]& &\SystemRoot\system32\drivers\HookCont.sys&&Beijing Rising Technology Co., Ltd&[HookNtos / HookNtos][Running/System Start]& &\SystemRoot\system32\drivers\HookNtos.sys&&Beijing Rising Technology Co., Ltd&[HookReg / HookReg][Running/System Start]& &\SystemRoot\system32\drivers\HookReg.sys&&Beijing Rising Technology Co., Ltd&[HookSys / HookSys][Running/System Start]& &\SystemRoot\system32\drivers\HookSys.sys&&Beijing Rising Technology Co., Ltd&[HookUrl / HookUrl][Running/Auto Start]& &\??\D:\Rising\Rising\Rfw\HookUrl.sys&&Beijing Rising Technology Co., Ltd.&[npkcrypt / npkcrypt][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\npkcrypt.sys&&N/A&[npkycryp / npkycryp][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\npkycryp.sys&&N/A&[NTACCESS / NTACCESS][Stopped/Manual Start]& &\??\G:\NTACCESS.sys&&N/A&[nv / nv][Running/Manual Start]& &system32\DRIVERS\nv4_mini.sys&&NVIDIA Corporation&[Direct Parallel Link Driver / Ptilink][Running/Manual Start]& &system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&[QKeyServiceDisplay / QKeyService][Running/Boot Start]& &\SystemRoot\system32\KeyCrypt.sys&&Tencent Technology (Shenzhen) Company Limited&[QuakeDRV / QuakeDRV][Running/Boot Start]& &\SystemRoot\system32\DRIVERS\quakedrv.sys&&N/A&[Rising& Rfwbase Driver / RfwBase][Running/Auto Start]& &System32\DRIVERS\rfwbase.SYS&&Beijing Rising Technology Co., Ltd.&[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]& &\SystemRoot\system32\drivers\RsBoot.sys&&Beijing Rising Technology Co., Ltd.&[RsFwDrv / RsFwDrv][Running/System Start]& &\??\D:\Rising\Rising\Rfw\RsFwDrv.sys&&Beijing Rising Technology Co., Ltd.&[RsNTGDI / RsNTGDI][Running/Boot Start]& &\SystemRoot\system32\Drivers\RsNTGdi.sys&&Beijing Rising Technology Co., Ltd.&[Secdrv / Secdrv][Stopped/Manual Start]& &system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&[SetupNTGLM7X / SetupNTGLM7X][Stopped/Manual Start]& &\??\G:\NTGLM7X.sys&&N/A&[sptd / sptd][Running/Boot Start]& &\SystemRoot\System32\Drivers\sptd.sys&&N/A&[sys_flt / sys_flt][Stopped/Manual Start]& &\??\C:\DOCUME~1\ADMINI~1.CHI\LOCALS~1\Temp\~21.tmp&&N/A&[TesSafe / TesSafe][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\TesSafe.sys&&TENCENT&[XDva074 / XDva074][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\XDva074.sys&&N/A&[XDva092 / XDva092][Stopped/Manual Start]& &\??\C:\WINDOWS\system32\XDva092.sys&&N/A&用户系统信息:Mozilla/4.0 ( MSIE 7.0; Windows NT 5.1; KuGooS .NET CLR 2.0.50727)
拙长孩提狮
回复:帮帮忙啊,中病毒了
==================================浏览器加载项[ThunderAtOnce Class]& {01443AEC-0FD1-40fd-9C87-E93D} &D:\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD&[VnetCookie Class]& {4E83D567-B-B1F0-A513B01DB89A} &c:\PROGRA~1\chinanet\VNETTR~1.DLL, &[超级兔子上网精灵]& {B70-4A5B-B789-B25FE09B4AF3} &D:\超级兔子\haokanbar.dll, Xiang Feng Technology&[Invoke Class]& {EB-449b-9982-CAD99180EC0F} &C:\WINDOWS\system32\0a21.dll, &[Thunder Browser Helper]& {889D2FEB-98-1DD2C5261283} &D:\迅雷5\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD&[启动迅雷5]& {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} &D:\迅雷5\Thunder.exe, Thunder Networking Technologies,LTD&[浩方对战平台]& {0A155D3C-68E2-4215-A47A-E800A446447A} &D:\浩方优化版\HFGameOPT\GameClient.exe, 上海浩方在线信息技术有限公司&[扑克]& {4-} &E:\单机斗地主\开心斗地主.exe, 飞碟网络&[PPLive]& {95B3F550-91C4-4627-BCC4-77} &E:\PPLIVE\PPLive.exe, N/A&[讯通视频语音聊天]& {97C0CDFA-970D-4222-ADDE-C} &, N/A&[Messenger]& {FB5Fd2-BB9E-00C04F795683} &C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation&[卡卡上网安全助手]& {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} &C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.&[超级兔子上网精灵]& {4FD-4F15-9B46-F4E} &D:\超级兔子\haokanbar.dll, Xiang Feng Technology&[KooPlayer Control]& {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} &C:\WINDOWS\DOWNLO~1\KOOPLA~1.OCX, Koos&[PasswordEditCtrl Class]& {E787FD25-8D7C-4693-AE67-DF} &C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司&[ThunderAtOnce Class]& {01443AEC-0FD1-40FD-9C87-E93D} &D:\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD&[ActiveMovieControl Object]& {06-11CE-BF01-00AA0055595A} &C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation&[ULiveCtrl Control]& {070CA17A-4BD2--32B1B9159B47} &C:\PROGRA~1\sina\UCLive\UCLIVE~1.OCX, 北京新浪信息技术有限公司&[GerneralPeerID Class]& {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} &D:\迅雷5\Components\InMedia\peerid.dll, &[EWA Control]& {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} &E:\PPLIVE\SYNACA~2.OCX, Synacast&[Windows Media Player]& {22D6F312-B0F6-11D0-94AB-E95} &C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation&[Recorder Control]& {F42-457B-A337-FE3B11964DB0} &D:\BLUESK~1\recorder.ocx, Bluesky Studio ()&[HTML Document]& {F9-11CF-8FD0-00AA00686F13} &C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation&[XML DOM Document]& {B36-11D2-B20E-00C04F983E60} &%SystemRoot%\system32\msxml3.dll, N/A&[DHTML Edit Control Safe for Scripting for IE5]& {2D360201-FFF5-11D1-8D03-00A0C959BC0A} &C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation&[BlueskyVideo Control]& {2EA6D939--A12B-8CB3DDA8B855} &D:\BLUESK~1\v2.ocx, Bluesky Studio ()&[Ppd Control]& {2F2BA87D-385E-E190B06AA9} &D:\BLUESK~1\ppd.ocx, Bluesky Studio()&[RealPlayer RAM Download Handler]& {2F542A2E-EDC9-4BF7-8CB1-87C} &C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.&[Share Control]& {-0C4D-4E76-A7C6-FBAF129DBCC9} &D:\BLUESK~1\share.ocx, Bluesky Studio ()&[超级兔子上网精灵]& {4FD-4F15-9B46-F4E} &D:\超级兔子\haokanbar.dll, Xiang Feng Technology&[XML Document]& {4D9-11D1-A6B3-00C04FD91555} &%SystemRoot%\system32\msxml3.dll, N/A&[Thunder Agent Class]& {-8FB2-4B3B-B29B-8B919B0EACCE} &D:\迅雷5\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD&[IE2EMUrlTaker Class]& {F-4CA0-B8CD-6F496C997FAF} &E:\eMule\IE2EM.dll, &[VnetCookie Class]& {4E83D567-B-B1F0-A513B01DB89A} &c:\PROGRA~1\chinanet\VNETTR~1.DLL, &[HHCtrl Object]& {52A2AAAE-085D-4187-97EA-8C30DB990436} &C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation&[Shell Name Space]& {DE-11D1-B9F2-00A0C98BC547} &C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation&[Traceppd Control]& {5910C66C-F9BA--C098B7F0ED62} &D:\BLUESK~1\traceppd.ocx, BlueskyStudio()&[KooPlayer Control]& {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} &C:\WINDOWS\DOWNLO~1\KOOPLA~1.OCX, Koos&[PowerPlayer Control]& {5EC7C511-CD0F-42E6-830C-1BD} &D:\PPStream\POWERP~1.DLL, PPStream Inc.&[PP Control]& {616DACC1-C5E6-FA4FC726BAD} &D:\BLUESK~1\ppc.ocx, Bluesky Studio ()&[XMP Class]& {8-4C41-AACC-52D4D7845851} &C:\Documents and Settings\All Users.WINDOWS\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, &[XDRM]& {693571CB-54A3-4E90-9D52-EEAE} &C:\Documents and Settings\All Users.WINDOWS\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, &[StormPlayer Object]& {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} &E:\电影\暴风影音\mps.dll, 北京暴风网际科技有限公司&[Windows Media Player]& {6BF52A52-394A-11D3-B153-00C04F79FAA6} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&[BDC Control]& {D4A-11D7-A4DC-00E04C504779} &D:\BLUESK~1\BDC\Bdc.ocx, BLUE&[超级兔子上网精灵]& {B70-4A5B-B789-B25FE09B4AF3} &D:\超级兔子\haokanbar.dll, Xiang Feng Technology&[Videohelp Control]& {75B75D86-D88B-4BEA-BC59-BFD9D7300518} &D:\BLUESK~1\VIDEOH~1.OCX, Bluesky Studio()&[MediaComm Class]& {1B-42AF-BDFE-46D26AF5EFF2} &D:\迅雷5\Components\InMedia\MediaAddin15.dll, Thunder Networking Technologies,LTD&[Invoke Class]& {EB-449B-9982-CAD99180EC0F} &C:\WINDOWS\system32\0a21.dll, &[360SafeLive]& {C--D416CB8059E3} &D:\360安全卫士\360safe\live.dll, &[Microsoft Web Browser]& {A-11D0-A96B-00C04FD705A2} &C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation&[Filetran Control]& {D0-42C0-A13F-7E881EE550CF} &D:\BLUESK~1\filetran.ocx, Bluesky Studio()&[Thunder Browser Helper]& {889D2FEB-98-1DD2C5261283} &D:\迅雷5\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD&[Chat Control]& {94EFE58C-E678-4808-AD65-24CE4B94C1FE} &D:\BLUESK~1\chat.ocx, Bluesky Studio()&[Blueskyvoice Control]& {--8C24-F5CB} &D:\BLUESK~1\BLUESK~1.OCX, Bluesky Studio ()&[Display Control]& {A1D97DB3-E564--6F5182CBF406} &D:\BLUESK~1\display.ocx, Bluesky Studio ()&[Tracechat Control]& {AD1-4E7B-CDA5B603C} &D:\BLUESK~1\TRACEC~1.OCX, Bluesky Studio()&[RMGetLicense Class]& {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} &C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation&[Imgsend Control]& {AA1561BF-D290-} &D:\BLUESK~1\imgsend.ocx, Bluesky Studio ()&[Thunder DapCtrl]& {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} &C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.1.6..dll, ShenZhen Thunder Networking Technologies Ltd.&[Microsoft Scriptlet Component]& {AE24FDAE-03C6-11D1-8B76-} &C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation&[PPChat Control]& {AFB97F16-B7E8-4EB1-8133-FBD5AA2EBB3B} &D:\BLUESK~1\ppchat.ocx, Bluesky Studio()&[SearchAssistantOC]& {B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, N/A&[Blueskyvoice Control]& {BA0F088C-72C1-475a-92F8-42391DEF6961} &D:\BLUESK~1\BLUESK~2.OCX, 蓝天工作室()&[RDS.DataSpace]& {BD96C556-65A3-11D0-983A-00C04FC29E36} &C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation&[Client Control]& {C7B0C764-5D4E-433E-A854-591F} &D:\BLUESK~1\client.ocx, BlueskyStudio()&[MytvPlayer]& {C843C397-1B23--BB5DC1AB2985} &C:\Program Files\MyTvPlayer\MyTvPlayer.dll, 炎黄互动 &[Play Control]& {CC20DDA1-9A21-4DEC-B5BE-E61E0351FCA9} &D:\BLUESK~1\play.ocx, Bluesky Studio ()&[QQPlayerSvr Proxy Control]& {CD4-43E6-AA90-8} &D:\狂人QQ\QzoneMusic.dll, 腾讯科技&[VIDEO__X_MS_ASF Moniker Class]& {CD3AFA8F-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&[RealPlayer G2 Control]& {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.&[Shockwave Flash Object]& {D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.&[卡卡上网安全助手]& {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} &C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.&[PasswordEditCtrl Class]& {E787FD25-8D7C-4693-AE67-DF} &C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司&[BoBoControl Class]& {EC0978ED-24E3-403C-AB7A-060E} &C:\WINDOWS\system32\BoBo_ActiveX_V3.ocx, 广州易播信息科技有限公司&[TimwpDll.TimwpCheck]& {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} &D:\狂人QQ\Timwp.dll, TENCENT&[XML HTTP Request]& {ED8C108E--91A4-00C04F7969E8} &%SystemRoot%\system32\msxml3.dll, N/A&[Scripting.Dictionary]& {EE09B103-97E0-11CF-978F-00A02463E06F} &C:\WINDOWS\system32\scrrun.dll, Microsoft Corporation&[Thunder DapPlayer]& {EEDD6FF9-13DE-496B-9A1C-D78B} &D:\迅雷5\Components\DownAndPlay\DapPlayer3.0.44.68.729.dll, ShenZhen Thunder Networking Technologies Ltd.&[QvodCtrl Class]& {F3D0D36F-23F8-C92B03D4AF} &D:\BlueskyControls\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd&[XPPlayer Class]& {F3E70CEA-956E-49CC-B444-73AFE593AD7F} &C:\Documents and Settings\All Users.WINDOWS\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder&[XML HTTP 3.0]& {F1-11D3-89B9-1} &%SystemRoot%\system32\msxml3.dll, N/A&[XML HTTP]& {F6D90F16-9C73-11D3-B32E-00C04F990BB4} &%SystemRoot%\system32\msxml3.dll, N/A&[IERPCtl Class]& {FDC7A535--A0EA-D9994BCC0DC5} &D:\REAL\rpplugins\ierpplug.dll, RealNetworks, Inc.&[使用iTudou下载节目]& &, N/A&[使用迅雷下载]& &D:\迅雷5\Program\geturl.htm, N/A&[使用迅雷下载全部链接]& &D:\迅雷5\Program\getallurl.htm, N/A&[添加到QQ表情]& &D:\狂人QQ\AddEmotion.htm, N/A&[添加到网络硬盘]& &D:\狂人QQ\AddToNetDisk.htm, N/A&
拙长孩提狮
回复:帮帮忙啊,中病毒了
==================================正在运行的进程[PID: 448 / SYSTEM][\SystemRoot\System32\smss.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 528 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 552 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 596 / SYSTEM][C:\WINDOWS\system32\services.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 608 / SYSTEM][C:\WINDOWS\system32\lsass.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 760 / SYSTEM][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 816 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 884 / SYSTEM][D:\Rising\Rising\Rav\CCenter.exe]& [Beijing Rising Technology Co., Ltd., 20.0.0.28]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 900 / SYSTEM][C:\WINDOWS\System32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1072 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1232 / Administrator][C:\WINDOWS\Explorer.EXE]& [Microsoft Corporation, 6.00. (xpsp_sp2_gdr.4)]& & [C:\WINDOWS\system32\RavExt.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.17]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\迅雷5\ComDlls\xunleiBHO_Now.dll]& [Thunder Networking Technologies,LTD, 5, 0, 8, 96]& & [D:\迅雷5\Components\ResWorker\DsBho_01.dll]& [, 1, 0, 0, 17]& & [D:\迅雷5\Components\ResWorker\DataProcessor_01.dll]& [Thunder Networking Technologies,LTD, 1, 0, 0, 16]& & [D:\迅雷5\ComDlls\TDAtOnce_Now.dll]& [Thunder Networking Technologies,LTD, 1.0.5.16]& & [C:\WINDOWS\system32\0a21.dll]& [, 1, 1, 0, 2]& & [D:\Daemon Tools\WinRar\rarext.dll]& [N/A, ]& & [E:\金山游~1\Tools\KVD\kscdrush.dll]& [金山软件股份有限公司, 5, 0, 0, 0]& & [C:\WINDOWS\system32\TudouUpload.dll]& [, 1.1.0.0]& & [D:\Rising\Rising\Rav\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16][PID: 1256 / SYSTEM][D:\RISING\RISING\RAV\ravmond.exe]& [Beijing Rising Technology Co., Ltd., 20.0.0.76]& & [D:\RISING\RISING\RAV\BWList.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.4]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [D:\RISING\RISING\RAV\RSAPPMGR.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\RISING\RISING\RAV\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16]& & [D:\RISING\RISING\RAV\RsLog.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.34]& & [D:\RISING\RISING\RAV\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\RISING\RISING\RAV\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\RISING\RISING\RAV\MonRule.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.29]& & [D:\RISING\RISING\RAV\Hooksys.dll]& [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\RISING\RISING\RAV\HookReg.dll]& [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]& & [D:\RISING\RISING\RAV\HookNtos.dll]& [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]& & [D:\RISING\RISING\RAV\rswalmon.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]& & [D:\RISING\RISING\RAV\recomp.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]& & [D:\RISING\RISING\RAV\refs.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\RISING\RISING\RAV\ffr.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]& & [D:\Rising\Rising\Rav\RsStore.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.8]& & [D:\RISING\RISING\RAV\HookCont.dll]& [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]& & [D:\Rising\Rising\Rav\fakescan.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.13]& & [D:\Rising\Rising\Rav\Scanner.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.36]& & [D:\RISING\RISING\RAV\viruslib.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]& & [D:\RISING\RISING\RAV\relibldr.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]& & [D:\RISING\RISING\RAV\HookWeb.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.2]& & [D:\RISING\RISING\RAV\nvfile.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]& & [D:\RISING\RISING\RAV\extfile.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]& & [D:\RISING\RISING\RAV\pearc.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]& & [D:\RISING\RISING\RAV\scanexec.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]& & [D:\RISING\RISING\RAV\unexe.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]& & [D:\RISING\RISING\RAV\scanex.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 62]& & [D:\RISING\RISING\RAV\scansct.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]& & [D:\RISING\RISING\RAV\scanpack.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]& & [D:\RISING\RISING\RAV\revm.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]& & [D:\RISING\RISING\RAV\urutils.dll]& [, 20, 0, 0, 5]& & [D:\RISING\RISING\RAV\ur000.dat]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]& & [D:\RISING\RISING\RAV\scriptci.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]& & [D:\RISING\RISING\RAV\ur023.dat]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]& & [D:\RISING\RISING\RAV\uroutine.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]& & [D:\RISING\RISING\RAV\ur001.dat]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]& & [D:\RISING\RISING\RAV\extmail.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9][PID: 1264 / SYSTEM][D:\Rising\Rising\Rfw\rfwsrv.exe]& [Beijing Rising Technology Co., Ltd., 7.0.0.68]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [D:\Rising\Rising\Rfw\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RSAPPMGR.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\Rising\Rising\Rfw\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16]& & [D:\Rising\Rising\Rfw\RfwRule.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.13]& & [D:\Rising\Rising\Rfw\rfwlog.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.12]& & [D:\Rising\Rising\Rfw\Rfwdrv.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.41]& & [D:\Rising\Rising\Rfw\ijt_ctrl.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.0]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\Rising\Rising\Rfw\unvdet.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.5]& & [D:\Rising\Rising\Rfw\mPorts.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.3][PID: 1376 / SYSTEM][D:\Rising\Rising\Rfw\rfwProxy.exe]& [Beijing Rising Technology Co., Ltd., 7.0.0.33]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [D:\Rising\Rising\Rfw\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RfwRule.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.13]& & [D:\Rising\Rising\Rfw\urlrule.dll]& [Beijing Rising Technology Co., Ltd., 1, 0, 0, 9]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\Rising\Rising\Rfw\MonMid.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.4][PID: 1580 / SYSTEM][D:\Rising\Rising\Rfw\rfwstub.exe]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [D:\Rising\Rising\Rfw\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1792 / SYSTEM][D:\RISING\RISING\RAV\RavStub.exe]& [Beijing Rising Technology Co., Ltd., 20.0.0.9]& & [D:\RISING\RISING\RAV\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\RISING\RISING\RAV\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\RISING\RISING\RAV\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1892 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_gdr.9)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 1932 / Administrator][D:\Rising\Rising\Rfw\RfwMain.exe]& [Beijing Rising Technology Co., Ltd., 7.0.1.65]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [D:\Rising\Rising\Rfw\RsGuiLib.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]& & [D:\Rising\Rising\Rfw\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rfw\RSAPPMGR.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\Rising\Rising\Rfw\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16]& & [D:\Rising\Rising\Rfw\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rfw\RfwCtrl.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.7]& & [D:\Rising\Rising\Rfw\RsXML.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]& & [D:\Rising\Rising\Rfw\PngDll.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\Rising\Rising\Rfw\RfwRule.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.13][PID: 1504 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]& [NVIDIA Corporation, 6.14.10.4471][PID: 288 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 936 / Administrator][D:\Rising\Rising\Rav\RavTask.exe]& [Beijing Rising Technology Co., Ltd., 20.0.0.23]& & [D:\Rising\Rising\Rav\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rav\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rav\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rav\RSAPPMGR.DLL]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\Rising\Rising\Rav\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16][PID: 712 / Administrator][C:\WINDOWS\system32\ctfmon.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6][PID: 2180 / Administrator][D:\Rising\Rising\Rav\Ravmon.exe]& [Beijing Rising Technology Co., Ltd., 20.0.01.19]& & [C:\WINDOWS\system32\MFC71.DLL]& [Microsoft Corporation, 7.10.3077.0]& & [C:\WINDOWS\system32\MSVCR71.dll]& [Microsoft Corporation, 7.10.3052.4]& & [C:\WINDOWS\system32\MSVCP71.dll]& [Microsoft Corporation, 7.10.3077.0]& & [D:\Rising\Rising\Rav\ProcCom.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rav\RsCommX2.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]& & [D:\Rising\Rising\Rav\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rav\recomp.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]& & [D:\Rising\Rising\Rav\refs.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]& & [D:\Rising\Rising\Rav\viruslib.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]& & [D:\Rising\Rising\Rav\relibldr.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]& & [D:\Rising\Rising\Rav\RSAPPMGR.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.0]& & [D:\Rising\Rising\Rav\CfgDll.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.16]& & [D:\Rising\Rising\Rav\MonRule.dll]& [Beijing Rising Technology Co., Ltd., 20.0.0.29]& & [D:\Rising\Rising\Rav\PngDll.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]& & [D:\Rising\Rising\Rav\Rsguilib.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]& & [D:\Rising\Rising\Rav\RsXML.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0][PID: 2904 / Administrator][C:\Program Files\ChinaNet\VnetClient.exe]& [, , 1]& & [C:\Program Files\ChinaNet\Communicate.dll]& [0, , 1]& & [C:\Program Files\ChinaNet\DialModule.dll]& [GDCN, , 16]& & [C:\Program Files\ChinaNet\MFC42.DLL]& [Microsoft Corporation, 6.00.8665.0]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]& [, , 1]& & [C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\sign.dll]& [0, , 1]& & [C:\PROGRA~1\ChinaNet\PostPlug.dll]& [, , 2]& & [C:\PROGRA~1\ChinaNet\ADVERT~1.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\Gif89a.dll]& [, , 1]& & [C:\PROGRA~1\ChinaNet\VnetBs.ocx]& [, , 1]& & [C:\PROGRA~1\ChinaNet\ACCOUN~2.DLL]& [, , 1]& & [C:\PROGRA~1\ChinaNet\AccountMgr.dll]& [, , 10]& & [C:\PROGRA~1\ChinaNet\VnetSkin.ocx]& [GDDC, , 1]& & [C:\PROGRA~1\ChinaNet\DialogStyle.dll]& [, 1, 0, 0, 1]& & [C:\PROGRA~1\ChinaNet\Timer.ocx]& [, , 17]& & [C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\NEWMES~1.DLL]& [, , 1]& & [C:\PROGRA~1\ChinaNet\PassCtrl.dll]& [, 1, 0, 0, 1]& & [C:\WINDOWS\system32\wpcap.dll]& [Politecnico di Torino, 3, 0, 0, 18]& & [C:\WINDOWS\system32\pthreadVC.dll]& [N/A, ]& & [C:\WINDOWS\system32\packet.dll]& [Politecnico di Torino, 3, 0, 0, 18]& & [C:\PROGRA~1\ChinaNet\PlugPush.dll]& [, , 1]& & [C:\PROGRA~1\ChinaNet\ALLINT~1.DLL]& [, , 1]& & [C:\PROGRA~1\ChinaNet\VNETLO~1.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\StatNum.dll]& [, , 1]& & [C:\PROGRA~1\ChinaNet\VNETON~1.OCX]& [, , 1]& & [C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL]& [GDCN, , 1]& & [C:\PROGRA~1\ChinaNet\VnetOptLog.dll]& [, , 9]
拙长孩提狮
回复:帮帮忙啊,中病毒了
[D:\Rising\Rising\Rav\RavScrCh.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]& & [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]& [Adobe Systems, Inc., 9,0,124,0][PID: 3916 / Administrator][D:\狂人QQ\QQ.exe]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQBaseClassInDll.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQHelperDll.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\BasicCtrlDll.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\MSIMG32.dll]& [N/A, ]& & [D:\狂人QQ\FinePlus.dll]& [N/A, ]& & [D:\狂人QQ\fphelper.dll]& [N/A, ]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\狂人QQ\QQAPI.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\TXPFProxy.dll]& [N/A, ]& & [D:\狂人QQ\LoginCtrl.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\LoginCtrlRes.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQRes.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQMainFrame.dll]& [N/A, ]& & [D:\狂人QQ\QQPlugin.dll]& [N/A, ]& & [D:\狂人QQ\UnReadMsgMgr.dll]& [N/A, ]& & [D:\狂人QQ\CQQApplication.dll]& [N/A, ]& & [D:\狂人QQ\FlashAvatarDll.dll]& [, 1, 4, 0, 1]& & [D:\狂人QQ\NewSkin.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\MailSummary.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\vbscript.dll]& [N/A, ]& & [D:\狂人QQ\encode.dll]& [Microsoft Corporation, 5.6.0.8825]& & [C:\WINDOWS\system32\msdmo.dll]& [, ]& & [D:\狂人QQ\OEMApplication.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQKnowledgeSearch.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQGroupMng.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQAvatar.dll]& [N/A, ]& & [D:\狂人QQ\QQAllInOne.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\SCCore.dll]& [TENCENT, 1, 6, 0, 2]& & [D:\狂人QQ\CameraDll.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQSpace.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QRingMng.dll]& [N/A, ]& & [D:\狂人QQ\QQSysMsgMng.dll]& [N/A, ]& & [D:\狂人QQ\UserDefinedHead.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQConfigPlugin.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQCustomFace.dll]& [N/A, ]& & [D:\狂人QQ\LongConnection.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQAddr.dll]& [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]& & [D:\狂人QQ\PersonalDesktop.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\CommercesMng.dll]& [TENCENT, 8,0,775,1803]& & [D:\狂人QQ\QQSceneMng.dll]& [N/A, ]& & [D:\狂人QQ\AddrSearch.dll]& [腾讯科技(深圳)有限公司, 2, 0, 1, 10]& & [D:\狂人QQ\QQDoctor\TSVulMdw.dat]& [TENCENT, , 3][PID: 3924 / SYSTEM][C:\WINDOWS\system32\a2e21.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 4032 / Administrator][C:\WINDOWS\system32\rundll32.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [C:\WINDOWS\system32\501.dll]& [& , 1, 0, 0, 3][PID: 3516 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]& [Microsoft Corporation, 7.00. (vista_gdr.6)]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\超级兔子\haokanbar.dll]& [Xiang Feng Technology, 2, 2, 0, 1612]& & [D:\迅雷5\ComDlls\TDAtOnce_Now.dll]& [Thunder Networking Technologies,LTD, 1.0.5.16]& & [c:\PROGRA~1\chinanet\VNETTR~1.DLL]& [, , 1]& & [c:\PROGRA~1\chinanet\Communicate.dll]& [0, , 1]& & [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]& [, , 1]& & [C:\WINDOWS\system32\0a21.dll]& [, 1, 1, 0, 2]& & [D:\迅雷5\ComDlls\xunleiBHO_Now.dll]& [Thunder Networking Technologies,LTD, 5, 0, 8, 96]& & [D:\迅雷5\Components\ResWorker\DsBho_01.dll]& [, 1, 0, 0, 17]& & [D:\迅雷5\Components\ResWorker\DataProcessor_01.dll]& [Thunder Networking Technologies,LTD, 1, 0, 0, 16]& & [D:\Rising\Rising\Rav\RavScrCh.dll]& [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]& & [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]& [Adobe Systems, Inc., 9,0,124,0][PID: 768 / Administrator][D:\新建文件夹\SREngPS.EXE]& [Smallfrogs Studio, 2.5.16.900]& & [D:\Rising\Rising\Rfw\ijt_base.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.10]& & [D:\Rising\Rising\Rfw\olemon.dll]& [Beijing Rising Technology Co., Ltd., 7.0.0.6]& & [D:\新建文件夹\Upload\3rdUpd.DLL]& [Smallfrogs Studio, 2, 1, 0, 15]==================================文件关联.TXT& Error. [C:\WINDOWS\notepad.exe %1].EXE& OK. [&%1& %*].COM& OK. [&%1& %*].PIF& OK. [&%1& %*].REG& OK. [regedit.exe &%1&].BAT& OK. [&%1& %*].SCR& OK. [&%1& /S].CHM& Error. [&hh.exe& %1].HLP& OK. [%SystemRoot%\System32\winhlp32.exe %1].INI& Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1].INF& OK. [%SystemRoot%\System32\NOTEPAD.EXE %1].VBS& OK. [%SystemRoot%\System32\WScript.exe &%1& %*].JS&
OK. [%SystemRoot%\System32\WScript.exe &%1& %*].LNK& OK. [{0-}]==================================Winsock 提供者N/A==================================Autorun.infN/A==================================HOSTS 文件127.0.0.1& & &
localhost127.0.0.1& yu.8s7.net127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& xxx.m111.biz127.0.0.1& 127.0.0.1& 127.0.0.1& xxx.vh7.biz127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& xxx.mmma.biz127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& down.18dd.net127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& 127.0.0.1& c3.aishangai.net127.0.0.1& c2.aishangai.net127.0.0.1& 127.0.0.1& 127.0.0.1& d1.163500.net127.0.0.1& down.==================================进程特权扫描特殊特权被允许: SeDebugPrivilege [PID = 2904, C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE]特殊特权被允许: SeLoadDriverPrivilege [PID = 2904, C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE]==================================API HOOK入口点错误:CreateProcessA (危险等级: 高,& 被下面模块所HOOK: 0x010A1FFD)入口点错误:CreateProcessW (危险等级: 高,& 被下面模块所HOOK: 0x010A20E5)==================================隐藏进程N/A==================================[/CODE]
拙长孩提狮
回复:帮帮忙啊,中病毒了
帮帮忙啊.我继续等啊
回复:帮帮忙啊,中病毒了
1.用XDelBox勾选抑制再生后删除以下文件:()使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。c:\windows\system32\0a21.dllc:\windows\system32\a2e21.exec:\windows\system32\501.dllc:\progra~1\swuz\cgej.dllc:\windows\inf\dev06.infc:\docume~1\admini~1.chi\locals~1\temp\~21.tmpc:\windows\system32\drivers\quakedrv.sys 2.删除重启后使用SREng修复下面各项: & & 启动项目 -- 服务 -- Win32服务应用程序之如下项删除:[Windows xbze RunThem / xbze]& & [NetBI0S / NetBI0S]&
[DCOM Service Process Manager / MSCOManager05]&
& & 启动项目 -- 服务-- 驱动程序之如下项删除:[sys_flt / sys_flt]& & [QuakeDRV / QuakeDRV]
不认识我没关系,因为我也不认识你。
威望:7781
贡献:1667
拙长孩提狮
回复:帮帮忙啊,中病毒了
谢谢啊,玩了一会没有在出现了
拙长孩提狮
回复:帮帮忙啊,中病毒了
晕,又出来了,弹出个对话框 .加载什么什么501出错,就是那个病毒文件,怎么办啊
回复:帮帮忙啊,中病毒了
再扫描个日志&
记的& 一定要以附件形式上传
不认识我没关系,因为我也不认识你。
威望:7781
贡献:1667
来自:遥远的地方
回复:帮帮忙啊,中病毒了
下载清理系统临时文件和IE临时文件夹工具,全选所有项目,点击“立即清理”清理系统这 里 下 载 W i n d o w s 清 理 助 手 ,清理系统。———————————————————————————————————————————————扫SRENG日志发这论坛来下载System Repair Engineer 1 下载的是压缩包,必须解压缩(建议解压到系统Windows文件夹里)2 运行SREng***.EXE& ((将SREng***.EXE改名为运行))3 选择主界面左边的:智能扫描=》扫描=》保存报告4 把报告保存后,直接将日志文件以附件的形式发这论坛来。一定以附件形式发这论坛来。点击你自己的主题贴右下角的“引用”或最右下角的那个较大的“回复”然后就应该知道怎么发了。哈哈,刚刚更新了,从天月哥那里偷来的
威望:14040
1&&/&&2&&页
跳转 0 ? parseInt(this.value) : 1) + '.aspx';}else{window.location='showtopic.aspx?topicid=8506327&page=' + (parseInt(this.value) > 0 ? parseInt(this.value) : 1) ;}}"" size="4" maxlength="9"
class="colorblue2"/>页
论坛跳转...
热点专题 &&瑞星杀毒软件V17 &&瑞星安全联盟论坛 &&瑞星安全随身WiFi &&瑞星个人防火墙V16 && &&广告过滤 && &&瑞星个人防火墙2011 &&瑞星路由安全卫士 && &&路由系统内核漏洞 &&瑞星积分商城 && &&北方区 && &&华东区 && &&华南区 && &&木马入侵拦截有奖体验专区 && &&瑞星2009版查杀引擎测试 && &&瑞星2009测试版问题反馈 && && &&瑞星杀毒软件2009公测 && && &&瑞星个人防火墙2009公测 && && &&瑞星全功能安全软件2009公测瑞星产品求助区 &&瑞星杀毒软件V16+ && &&瑞星杀毒软件2011 && &&瑞星全功能安全软件 && &&V16+新引擎测试专区 &&瑞星WiFi助手 &&APP保镖 &&瑞星手机安全助手 &&企业级安全产品 && &&瑞星企业终端安全管理系统 &&瑞星安全助手 && &&卡卡上网安全助手 &&瑞星安全浏览器 &&瑞星其他产品 && &&瑞星软件管家 && &&瑞星加密盘 && &&账号保险柜5.0 && &&瑞星专业数据恢复技术交流区 &&反病毒/反流氓软件论坛 && &&菜鸟学堂 && &&安全技术讨论 &&恶意网站交流 && &&每日网马播报 && &&瑞星云安全网站联盟专版 &&入侵防御(HIPS) &&可疑文件交流 &&系统软件 && &&防火墙自定义规则 &&硬件交流综合娱乐区 &&Rising茶馆 &&影音贴图 &&瑞星安全游戏 && &&战将风云 && &&飘渺西游 && &&傲视天地 && &&凡人修真 && &&华人德州扑克 && &&天地英雄 && &&一球成名 && &&星际世界 && &&武林英雄 && &&神仙道 && &&赢家竞技 && &&盛世三国 && &&龙将 && &&梦幻飞仙 && &&斗破苍穹 && &&热血海贼王 && &&三国演义 && &&开天辟地 && &&仙落凡尘 && &&秦美人 && &&大侠传 && &&烈火战神 && &&神将三国 && &&街机三国 && &&龙回三国 && &&武尊 && &&绝代双骄 && &&攻城掠地 && &&女神联盟 && &&最无极 && &&剑影 && &&仙侠道 && &&风云无双 && &&傲视九重天 && &&深渊 && &&魅影传说 && &&热血屠龙 && &&雷霆之怒 && &&大天使之剑 && &&传奇霸业 && &&战天 && &&无上神兵 && &&九鼎记 && &&大国战 &&活动专区 && &&实习生专区 && && &&实习生交流区 && && && &&实习生签到区 && && &&实习生考核区 && &&“安全之狮”校园行活动专版 && &&历史活动 && && &&论坛9周年活动专区 && && &&关注灾情 同心抗灾本站站务区 &&站务 &&版主之家[限] && &&禁言禁访记录 &&待审核 &&瑞星客户俱乐部[限]}
我要回帖
更多关于 tdiflt64.sys是病毒吗 的文章
更多推荐
- ·闲鱼怎么查到对方实名自己的账号?
- ·怎么把迅雷云盘的视频保存到手机中的东西下载到本地
- ·计算能手苏教版六年级解方程讲解上册97页的解方程要过程?
- ·为啥微博热门网页版彩板的搜索没有了?
- ·想做早餐加盟店10大品牌有哪些 盟,一般哪个品牌能做好?
- ·为什么我赞不了其中一个QQ好友的lol好友列表个性签名名(lol好友列表个性签名) 是别人设置了吗?他是我好友。别人的可以赞。
- ·为什么微信聊天只能两个人聊天的软件聊二十句话,超过就要删除记录不然就发不了?
- ·4gb的8g物理内存虚拟内存应该设多少虚拟内存?在线等
- ·杭州尊旭科技有限公司火旭网络科技怎么样靠谱不??
- ·U盘插到电脑一点显示不了,是不是u盘芯片检测工具坏的机会大些,因为之前插过一点事都没有
- ·建行二建行一代网银盾换二代有使用期限吗?
- ·百度的兄弟们上贴吧的兄弟们上,大家快去给我打杀手妓。貂蝉在此谢谢了
- ·博金丝楠木博物馆发动多少钱
- ·妹妹的米米号被盗了,强制申诉qq成功了但是不成功,请问大家有会盗。。懂得。。。。请留一下联系方式,价格好说、
- ·怎样可以怎样把照片变成20kb像 打印机里出来的,
- ·深圳注册深圳商业保理公司司要多长时间
- ·键盘出现连击按什么可以出现这个
- ·该怎么换能怎么提升fps值
- ·在31五段均衡器完美人声上怎么调试人声、个频段的音准、我听说有光碟卖、光碟上有教程、在哪里可以买到这光碟啊、
- ·忘记微信密码如何找回忘记了没有绑定该怎么找回?
- ·usb1606tdiflt64.sys是病毒吗什么病毒
- ·东西湖区智能石家庄监控公司哪家好安装哪家好 ——零点壹网络
- ·下载阿罗伊的骸骨的三人小游戏 大全游戏下载不见了
- ·包商银行qq公众号取消关注注后多久可以再次关注
- ·华为手环b3价格B3手环可以自动统计骑车数据么?
- ·个人社保办理流程能办理一千张联通手机不带四的吗
- ·下面哪些年份是平年?哪些2100年是闰年还是平年?2100年1003年2005年2200年508年6000年1896
- ·2014唱响抚州市2014年重大工程冠军是谁?
- ·SIPAIKEmlb牌子的中文是什么么牌子的山地车
- ·网上足球里面有没有上班族呢,网友会不会有代沟呢?
- ·易海燕拉丁健美操的健美操会伤害膝盖吗
- ·夏天我喜欢游泳 绘本故事文一年级
- ·满足肌体不饱和脂肪酸酸值物不饱和脂肪酸不低于总脂量的
- ·手臂肌肉肿块疼痛一夜间有块肿块是什么原因
- ·健身后流的汗是化肥散发的气味味 什么原因
- ·唐山市古冶赵各庄区赵各庄大厅的篮球多少元一个
