瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 【求助】痛苦~
何必言语 - 2006-5-11 10:56:00
我的电脑现在不管打开什么东西都慢的吓死人~月球绕一圈回来了它有可能都还没打开~等待的时间好痛苦!烦啦~希望各位高高低低新新旧旧手手都来帮帮偶!
不言放弃 - 2006-5-11 10:59:00
【回复“何必言语”的帖子】
建议先进入安全模式下断网查杀一下
看看是否有病毒或木马存在
何必言语 - 2006-5-11 11:09:00
用瑞星查过了查不出 用木马克星查说有木马 但是必须注册用户才能删 555  还有我下的超兔都不能用了~ 最近系统都重装几次整的快疯啦~
不言放弃 - 2006-5-11 11:11:00
【回复“何必言语”的帖子】
http://forum.ikaka.com/topic.asp?board=28&artid=6979213
(1楼附件)
下载HIJACKTHIS
导出全部日志
何必言语 - 2006-5-11 11:37:00
下载的东西都没法解压:( 鼠标一到    发送到----就不动了~  怎么办啊?99999999999555555555555555555555555555555  7的我真的想把电脑拿去甩了~~~~~~~~~~~
不言放弃 - 2006-5-11 11:40:00
【回复“何必言语”的帖子】
没有安装WINRAR吗?
何必言语 - 2006-5-11 11:45:00
解压了 但是怎么出现黄色的惊叹号 说的无法打开?
何必言语 - 2006-5-11 11:50:00
! WINRAR 诊断信息  无法把 D:\zi0k.d10 重命名为 D:\hijackthis.exe
!  无法创建 D:\hijackthis.exe
何必言语 - 2006-5-11 11:51:00
! WINRAR 诊断信息  无法把 D:\zi0k.d10 重命名为 D:\hijackthis.exe
!  无法创建 D:\hijackthis.exe
何必言语 - 2006-5-11 13:58:00
大家帮我看看嘛  谢谢了!                                    木马克星分析报告:2006-5-11 13:51:52
==================================================
内存中的进程:
[System Process]
CCenter.exe
CSRSS.EXE
CTFMON.EXE
EXPLORER.EXE
Iparmor.exe
LSASS.EXE
Max.exe
nvsvc32.exe
RavMon.exe
RavMonD.exe
RavStub.exe
RavTask.exe
rfwmain.exe
rfwsrv.exe
RsAgent.exe
SERVICES.EXE
SMSS.EXE
sriecli.exe
SVCHOST.EXE
System
WINLOGON.EXE
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\appHelp.dll
C:\WINDOWS\System32\ATL.DLL
C:\WINDOWS\System32\CLBCATQ.DLL
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll
C:\WINDOWS\system32\comdlg32.dll
C:\WINDOWS\System32\COMRes.dll
C:\WINDOWS\system32\CRYPT32.dll
C:\WINDOWS\System32\DNSAPI.dll
C:\WINDOWS\system32\GDI32.dll
D:\遨游\木马克星\getportlistxp.dll
D:\遨游\木马克星\hookhookdll.dll
C:\WINDOWS\System32\IMM32.DLL
D:\遨游\木马克星\Iparmor.exe
C:\WINDOWS\System32\iphlpapi.dll
C:\WINDOWS\System32\jscript.dll
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\System32\LPK.DLL
C:\WINDOWS\System32\MFC42.DLL
C:\WINDOWS\System32\MFC42LOC.DLL
C:\WINDOWS\System32\mlang.dll
C:\WINDOWS\system32\mpr.dll
C:\WINDOWS\system32\MSASN1.dll
C:\WINDOWS\System32\MSCTF.dll
C:\WINDOWS\System32\msctfime.ime
C:\WINDOWS\System32\mshtml.dll
C:\WINDOWS\System32\Msimtf.dll
C:\WINDOWS\System32\MSLS31.DLL
C:\WINDOWS\system32\MSVCRT.DLL
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\System32\mydocs.dll
C:\WINDOWS\System32\netapi32.dll
C:\WINDOWS\System32\ntdll.dll
C:\WINDOWS\System32\ntshrui.dll
C:\WINDOWS\system32\OLE32.DLL
C:\WINDOWS\system32\oleaut32.dll
C:\WINDOWS\System32\oledlg.dll
C:\WINDOWS\System32\olepro32.dll
C:\WINDOWS\System32\rasadhlp.dll
C:\WINDOWS\System32\RASAPI32.DLL
C:\WINDOWS\System32\rasman.dll
C:\WINDOWS\System32\RICHED20.DLL
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\System32\rtutils.dll
C:\WINDOWS\System32\Secur32.dll
C:\WINDOWS\System32\sensapi.dll
C:\WINDOWS\System32\SETUPAPI.dll
C:\WINDOWS\System32\shdoclc.dll
C:\WINDOWS\System32\shdocvw.dll
C:\WINDOWS\system32\shell32.dll
C:\WINDOWS\system32\SHLWAPI.dll
D:\遨游\木马克星\socketinit.dll
C:\WINDOWS\System32\SXS.DLL
C:\WINDOWS\System32\TAPI32.dll
C:\WINDOWS\system32\urlmon.dll
C:\WINDOWS\system32\user32.dll
C:\WINDOWS\system32\USERENV.dll
C:\WINDOWS\System32\USP10.dll
C:\WINDOWS\System32\UXTHEME.dll
C:\WINDOWS\system32\version.dll
C:\WINDOWS\system32\wininet.dll
C:\WINDOWS\System32\winmm.dll
C:\WINDOWS\System32\winrnr.dll
C:\WINDOWS\System32\winspool.drv
C:\WINDOWS\system32\WLDAP32.dll
C:\WINDOWS\System32\WS2_32.dll
C:\WINDOWS\System32\WS2HELP.dll
C:\WINDOWS\System32\wshtcpip.dll
C:\WINDOWS\System32\wsock32.dll
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\MSUTB.dll
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\system32\ole32.dll
D:\遨游\木马克星\SocketArmor.dll
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\System32\uxtheme.dll
C:\WINDOWS\System32\WSOCK32.dll
C:\WINDOWS\System32\ACTIVEDS.dll
C:\WINDOWS\System32\adsldpc.dll
C:\WINDOWS\System32\BatMeter.dll
C:\WINDOWS\System32\browselc.dll
C:\WINDOWS\System32\BROWSEUI.dll
C:\WINDOWS\System32\CFGMGR32.dll
C:\WINDOWS\system32\comctl32.dll
C:\WINDOWS\system32\credui.dll
C:\WINDOWS\System32\CSCDLL.dll
C:\WINDOWS\System32\cscui.dll
C:\WINDOWS\System32\davclnt.dll
C:\WINDOWS\System32\drprov.dll
C:\WINDOWS\System32\dsquery.dll
C:\WINDOWS\System32\dsuiext.dll
C:\WINDOWS\System32\DUSER.dll
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\IMAGEHLP.dll
C:\WINDOWS\system32\iphlpapi.dll
C:\WINDOWS\System32\LINKINFO.dll
C:\WINDOWS\System32\midimap.dll
C:\WINDOWS\system32\MPR.dll
C:\WINDOWS\System32\MSACM32.dll
C:\WINDOWS\System32\msacm32.drv
C:\WINDOWS\System32\MSIMG32.dll
C:\WINDOWS\System32\msutb.dll
C:\WINDOWS\System32\MSVCP60.dll
C:\WINDOWS\System32\NETAPI32.dll
C:\WINDOWS\System32\NETRAP.dll
C:\WINDOWS\system32\NETSHELL.dll
C:\WINDOWS\System32\NETUI0.dll
C:\WINDOWS\System32\NETUI1.dll
C:\WINDOWS\System32\NTDSAPI.dll
C:\WINDOWS\System32\ntlanman.dll
C:\WINDOWS\System32\NTMARTA.DLL
C:\WINDOWS\System32\nvcpl.dll
C:\WINDOWS\System32\NVRSZHC.DLL
C:\WINDOWS\System32\nvshell.dll
C:\WINDOWS\System32\OLEACC.dll
C:\WINDOWS\system32\OLEAUT32.dll
C:\WINDOWS\System32\POWRPROF.dll
C:\WINDOWS\System32\printui.dll
C:\WINDOWS\System32\rsaenh.dll
C:\WINDOWS\System32\SAMLIB.dll
C:\WINDOWS\System32\SHDOCVW.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\System32\stobject.dll
C:\WINDOWS\System32\themeui.dll
C:\WINDOWS\System32\urlmon.dll
C:\WINDOWS\System32\UxTheme.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\System32\wdmaud.drv
C:\WINDOWS\System32\webcheck.dll
C:\WINDOWS\system32\WININET.dll
C:\WINDOWS\System32\WINMM.dll
C:\WINDOWS\System32\WINSPOOL.DRV
C:\WINDOWS\System32\WINSTA.dll
C:\WINDOWS\System32\WINTRUST.dll
C:\WINDOWS\system32\WS2_32.dll
C:\WINDOWS\system32\WS2HELP.dll
C:\WINDOWS\System32\WTSAPI32.dll
C:\WINDOWS\System32\browseui.dll
C:\WINDOWS\System32\CLUSAPI.DLL
C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\COMCTL32.dll
C:\WINDOWS\System32\DCIMAN32.dll
C:\WINDOWS\System32\DDRAW.dll
C:\WINDOWS\System32\ddrawex.dll
C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx
C:\WINDOWS\System32\imgutil.dll
C:\WINDOWS\System32\loadperf.dll
D:\遨游\Maxthon\max.exe
D:\遨游\Maxthon\maxzlib.dll
C:\WINDOWS\System32\MFC42u.DLL
C:\WINDOWS\System32\MPRAPI.dll
C:\WINDOWS\System32\MSDTCPRX.dll
C:\WINDOWS\System32\msdtcuiu.DLL
C:\WINDOWS\System32\MSGINA.dll
C:\WINDOWS\System32\mshtmled.dll
C:\WINDOWS\System32\mswsock.dll
C:\WINDOWS\System32\MTXCLU.DLL
C:\WINDOWS\System32\ODBC32.dll
C:\WINDOWS\System32\odbcbcp.dll
C:\WINDOWS\System32\odbcint.dll
C:\WINDOWS\System32\OLEPRO32.DLL
C:\WINDOWS\System32\pdh.dll
C:\WINDOWS\System32\perfdisk.dll
C:\WINDOWS\System32\perfnet.dll
C:\WINDOWS\System32\perfos.dll
C:\WINDOWS\System32\perfproc.dll
C:\WINDOWS\System32\perfts.dll
C:\WINDOWS\System32\plugin.ocx
C:\WINDOWS\System32\pschdprf.dll
C:\WINDOWS\System32\query.dll
D:\Program Files\Rising\Rav\RavScrCh.dll
D:\遨游\Maxthon\Services\RealTime\real_time.dll
C:\WINDOWS\System32\RESUTILS.DLL
C:\WINDOWS\System32\rsvpperf.dll
C:\WINDOWS\System32\tapiperf.dll
C:\WINDOWS\System32\TRAFFIC.dll
C:\WINDOWS\System32\UTILDLL.dll
C:\WINDOWS\System32\vbscript.dll
C:\WINDOWS\System32\wbem\wbemcomn.dll
C:\WINDOWS\System32\wintrust.dll
C:\WINDOWS\System32\WMI.dll
C:\WINDOWS\System32\wbem\wmiaprpl.dll
D:\Program Files\Rising\Rav\BWList.dll
D:\Program Files\Rising\Rav\CfgDll.dll
C:\WINDOWS\system32\MSVCRT.dll
D:\Program Files\Rising\Rav\PngDll.dll
D:\Program Files\Rising\Rav\Ravmon.exe
D:\Program Files\Rising\Rav\RSAPPMGR.DLL
D:\Program Files\Rising\Rav\RSCOMMON.DLL
D:\Program Files\Rising\Rav\RsCommX.dll
D:\Program Files\Rising\Rav\RsGuiLib.dll
C:\WINDOWS\System32\wtsapi32.dll
C:\WINDOWS\System32\odbccp32.dll
D:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\System32\VBAJET32.DLL
C:\WINDOWS\System32\ole32.dll
C:\WINDOWS\system32\perfproc.dll
d:\瑞星\rising\rfw\PngDll.dll
d:\瑞星\rising\rfw\PSAPI.DLL
d:\瑞星\rising\rfw\RfwMain.exe
d:\瑞星\rising\rfw\RSCOMMON.DLL
d:\瑞星\rising\rfw\RsGuiLib.dll
C:\WINDOWS\System32\sfc.dll
C:\WINDOWS\System32\sfc_os.dll
C:\WINDOWS\msagent\agentmpx.dll
D:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\System32\asycfilt.dll
C:\WINDOWS\system32\MSIMG32.dll
C:\WINDOWS\System32\MSVBVM60.DLL
C:\WINDOWS\system32\OLEPRO32.DLL
C:\WINDOWS\system32\shlobj71.ocx
D:\遨游\MagicSet\MagicSet\SRIECLI.EXE
C:\WINDOWS\System32\vb6chs.dll
C:\WINDOWS\system32\WINSPOOL.DRV
==================================================
何必言语 - 2006-5-11 14:00:00
启动项目:
"D:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
; RUNDLL32.EXE C:\WINDOWS\SYSTEM32\NVCPL.DLL,NVSTARTUP
"D:\瑞星\RISING\RFW\RFWMAIN.EXE" -STARTUP
D:\遨游\MAGICSET\MAGICSET\SRREST.EXE /AUTOSAVE
C:\WINDOWS\SYSTEM32\CTFMON.EXE
D:\遨游\MAGICSET\MAGICSET\SRIECLI.EXE /LOAD
desktop.ini
腾讯QQ.lnk

==================================================
系统服务列表:
Abiosdsk
abp480n5
System32\DRIVERS\ACPI.sys
ACPIEC
adpu160m
system32\drivers\aec.sys
\SystemRoot\System32\drivers\afd.sys
System32\DRIVERS\agp440.sys
Aha154x
aic78u2
aic78xx
system32\drivers\ALCXWDM.SYS
%SystemRoot%\System32\svchost.exe -k LocalService
%SystemRoot%\System32\alg.exe
AliIde
amsint
%SystemRoot%\system32\svchost.exe -k netsvcs
asc
asc3350p
asc3550
System32\DRIVERS\asyncmac.sys
System32\DRIVERS\atapi.sys
Atdisk
System32\DRIVERS\atmarpc.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\DRIVERS\audstub.sys
System32\DRIVERS\BaseTDI.SYS
BattC
Beep
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\System32\svchost.exe -k netsvcs
cbidf2k
System32\DRIVERS\CCDECODE.sys
cd20xrnt
Cdaudio
Cdfs
System32\DRIVERS\cdrom.sys
Changer
%SystemRoot%\system32\cisvc.exe
%SystemRoot%\system32\clipsrv.exe
CmdIde
C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
ContentFilter
ContentIndex
Cpqarray
%SystemRoot%\system32\svchost.exe -k netsvcs
dac2w2k
dac960nt
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\DRIVERS\disk.sys
%SystemRoot%\System32\dmadmin.exe /com
System32\drivers\dmboot.sys
System32\drivers\dmio.sys
System32\drivers\dmload.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
system32\drivers\DMusic.sys
%SystemRoot%\System32\svchost.exe -k NetworkService
dpti2o
system32\drivers\drmkaud.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\system32\services.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
\??\D:\Program Files\Rising\Rav\ExpScan.sys
Fastfat
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\DRIVERS\fdc.sys
Fips
Flpydisk
System32\DRIVERS\fsvga.sys
Fs_Rec
System32\DRIVERS\ftdisk.sys
System32\DRIVERS\gameenum.sys
System32\DRIVERS\msgpc.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\System32\svchost.exe -k netsvcs
\??\D:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS
\??\D:\Program Files\Rising\Rav\HOOKCONT.sys
\??\D:\Program Files\Rising\Rav\HookReg.sys
\??\D:\Program Files\Rising\Rav\HookSys.sys
hpn
i2omgmt
i2omp
System32\DRIVERS\i8042prt.sys
System32\DRIVERS\IdeBusDr.sys
System32\DRIVERS\IdeChnDr.sys
System32\DRIVERS\imapi.sys
C:\WINDOWS\System32\imapi.exe
inetaccs
ini910u
Inport
System32\DRIVERS\intelide.sys
System32\DRIVERS\ipfltdrv.sys
System32\DRIVERS\ipinip.sys
System32\DRIVERS\ipnat.sys
System32\DRIVERS\ipsec.sys
System32\DRIVERS\irenum.sys
ISAPISearch
System32\DRIVERS\isapnp.sys
System32\DRIVERS\kbdclass.sys
system32\drivers\kmixer.sys
KSecDD
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\System32\svchost.exe -k netsvcs
lbrtfdc
ldap
LicenseService
%SystemRoot%\System32\svchost.exe -k LocalService
\??\D:\Program Files\Rising\Rav\MEMSCAN.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
mnmdd
C:\WINDOWS\System32\mnmsrvc.exe
Modem
System32\DRIVERS\mouclass.sys
MountMgr
\??\d:\瑞星\rising\rfw\mProcRs.sys
mraid35x
System32\DRIVERS\mrxdav.sys
System32\DRIVERS\mrxsmb.sys
C:\WINDOWS\System32\msdtc.exe
Msfs
C:\WINDOWS\System32\msiexec.exe /V
system32\drivers\MSKSSRV.sys
system32\drivers\MSPCLOCK.sys
system32\drivers\MSPQM.sys
system32\drivers\MSTEE.sys
Mup
System32\DRIVERS\NABTSFEC.sys
NDIS
System32\DRIVERS\NdisIP.sys
System32\DRIVERS\ndistapi.sys
System32\DRIVERS\ndisuio.sys
System32\DRIVERS\ndiswan.sys
NDProxy
System32\DRIVERS\netbios.sys
System32\DRIVERS\netbt.sys
%SystemRoot%\system32\netdde.exe
%SystemRoot%\system32\netdde.exe
%SystemRoot%\System32\lsass.exe
%SystemRoot%\System32\svchost.exe -k netsvcs
\??\C:\WINDOWS\System32\new.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
Npfs
\??\D:\Program Files\Tencent\QQ\npkcrypt.sys
\??\D:\Program Files\Tencent\QQ\npkycryp.sys
Ntfs
%SystemRoot%\System32\lsass.exe
%SystemRoot%\system32\svchost.exe -k netsvcs
Null
System32\DRIVERS\nv4_mini.sys
%SystemRoot%\System32\nvsvc32.exe
System32\DRIVERS\nwlnkflt.sys
System32\DRIVERS\nwlnkfwd.sys
System32\DRIVERS\parport.sys
PartMgr
ParVdm
System32\DRIVERS\pci.sys
PCIDump
System32\DRIVERS\pciide.sys
Pcmcia
PDCOMP
PDFRAME
PDRELI
PDRFRAME
perc2
perc2hib
PerfDisk
PerfNet
PerfOS
PerfProc
%SystemRoot%\system32\services.exe
%SystemRoot%\System32\lsass.exe
System32\DRIVERS\raspptp.sys
System32\DRIVERS\processr.sys
%SystemRoot%\system32\lsass.exe
System32\DRIVERS\psched.sys
System32\DRIVERS\ptilink.sys
ql1080
Ql10wnt
ql12160
ql1240
ql1280
System32\DRIVERS\rasacd.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\DRIVERS\rasl2tp.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\DRIVERS\raspppoe.sys
System32\DRIVERS\raspti.sys
System32\DRIVERS\rdbss.sys
System32\DRIVERS\RDPCDD.sys
RDPDD
System32\DRIVERS\rdpdr.sys
RDPNP
RDPWD
C:\WINDOWS\system32\sessmgr.exe
System32\DRIVERS\redbook.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\system32\svchost.exe -k LocalService
d:\rising\rfw\rfwproxy.exe
d:\瑞星\rising\rfw\rfwsrv.exe
%SystemRoot%\System32\locator.exe
%SystemRoot%\system32\svchost -k rpcss
"D:\Program Files\Rising\Rav\CCenter.exe"
\??\D:\瑞星\Rising\Rfw\RsFwDrv.sys
"D:\Program Files\Rising\Rav\Ravmond.exe"
%SystemRoot%\System32\rsvp.exe
System32\DRIVERS\RTL8139.SYS
%SystemRoot%\system32\lsass.exe
%SystemRoot%\System32\SCardSvr.exe
%SystemRoot%\System32\SCardSvr.exe
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\DRIVERS\secdrv.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\system32\svchost.exe -k netsvcs
System32\DRIVERS\serenum.sys
System32\DRIVERS\serial.sys
Sfloppy
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\System32\svchost.exe -k netsvcs
Simbad
System32\DRIVERS\SLIP.sys
Sparrow
system32\drivers\splitter.sys
%SystemRoot%\system32\spoolsv.exe
\SystemRoot\System32\DRIVERS\sr.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\DRIVERS\srv.sys
%SystemRoot%\System32\svchost.exe -k LocalService
%SystemRoot%\System32\svchost.exe -k imgsvc
System32\DRIVERS\StreamIP.sys
System32\DRIVERS\swenum.sys
system32\drivers\swmidi.sys
C:\WINDOWS\System32\dllhost.exe /Processid:{4C821565-C0C5-4C45-AB21-8964308A573B}
symc810
symc8xx
sym_hi
sym_u3
system32\drivers\sysaudio.sys
%SystemRoot%\system32\smlogsvc.exe
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\DRIVERS\tcpip.sys
TDPIPE
TDTCP
System32\DRIVERS\termdd.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\tlntsvr.exe
TosIde
%SystemRoot%\system32\svchost.exe -k netsvcs
TSDDD
Udfs
ultra
System32\DRIVERS\update.sys
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\System32\svchost.exe -k LocalService
%SystemRoot%\System32\ups.exe
System32\DRIVERS\usbehci.sys
System32\DRIVERS\usbhub.sys
System32\DRIVERS\USBSTOR.SYS
System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\drivers\vga.sys
ViaIde
VolSnap
%SystemRoot%\System32\vssvc.exe
VXD
%SystemRoot%\System32\svchost.exe -k netsvcs
W3SVC
System32\DRIVERS\wanarp.sys
WDICA
system32\drivers\wdmaud.sys
%SystemRoot%\System32\svchost.exe -k LocalService
%systemroot%\system32\svchost.exe -k netsvcs
Winsock
WinSock2
WinTrust
%SystemRoot%\System32\svchost.exe -k netsvcs
%SystemRoot%\System32\svchost.exe -k netsvcs
WmiApRpl
C:\WINDOWS\System32\wbem\wmiapsrv.exe
wscsvc
System32\DRIVERS\WSTCODEC.SYS
%systemroot%\system32\svchost.exe -k netsvcs
%SystemRoot%\System32\svchost.exe -k netsvcs
System32\Drivers\usbVM31b.sys
{4988F990-4C66-4D57-9302-FF2935AEF8C6}
{A39206DC-75CE-4536-BAE0-DC5D181E0368}

轩辕小聪 - 2006-5-11 14:03:00
楼主是否下错了?应该是在3楼给的那个帖子里第1楼的RAR附件。
何必言语 - 2006-5-11 14:09:00
能否说的更让偶明白点:)
我无邪 - 2006-5-11 14:09:00
运行速度太慢,可以到带网络的安全模式下
这样可能月球绕半圈就能回来了。
何必言语 - 2006-5-11 14:11:00
木马克星提示 发现2个可疑文件 C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx
C:\WINDOWS\system32\shlobj71.ocx
何必言语 - 2006-5-11 14:15:00
下载的很多东西都不能用了 我又卸了重装的~  谢谢无邪!那4一下看看~
我无邪 - 2006-5-11 14:28:00
木马克星信不得,居然怀疑C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx
何必言语 - 2006-5-11 14:52:00
晕~那    D\RFW\RFW.EXE              RUNDLL32.EXE  C\WINDOWS\SYSTEM32\NVCPL.DLL NVSTARTUP呢?我又去安全模式绕了一圈还是很慢呢!无助啊!!!
我无邪 - 2006-5-11 20:44:00
请下载使用 System Repair Engineer,使用“智能扫描”,按下“扫描”按钮进行扫描,扫描完成后按下“保存报告”按钮保存报告日志文件(SREng.LOG),把保存的报告日志文件内容复制-粘贴上来
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
www.27814939.ys168.com
何必言语 - 2006-5-12 2:29:00
2006-05-12,02:14:26

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows XP Professional Service Pack 1 - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <Super Rabbit IEPro><D:\遨游\MagicSet\MagicSet\SRIECLI.EXE /LOAD>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RfwMain><"D:\瑞星\Rising\Rfw\rfwmain.exe" -Startup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Super Rabbit SRRestore><D:\遨游\MagicSet\MagicSet\SRRest.exe /autosave>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <iparmor><D:\遨游\木马克星\Iparmor.exe mini>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\yao8023h\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <d:\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\瑞星\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <D:\遨游\MagicSet\MagicSet\HaokanBar.dll, 超级兔子>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <d:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <D:\遨游\MagicSet\MagicSet\HaokanBar.dll, 超级兔子>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\System32\LegitCheckControl.DLL, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <d:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <d:\Program Files\Thunder Network\Thunder\getallurl.htm, N/A>
[&使用迷你迅雷下载]
  <D:\遨游\Maxthon\Thundermini\geturl.htm, N/A>
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <D:\PROGRA~1\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\PROGRA~1\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 452][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 512][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 536][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1557 (xpsp2_gdr.040517-1325)>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 580][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 592][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 776][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 828][D:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 844][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 944][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 972][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 992][D:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 19>
    [D:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [D:\Program Files\Rising\Rav\HOOKSYS.dll]  <Rising><18, 1, 0, 9>
    [D:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
    [D:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [D:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
    [D:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [D:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [D:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [D:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
    [D:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [D:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [D:\Program Files\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [D:\Program Files\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [D:\Program Files\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [D:\Program Files\Rising\Rav\ExtFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
    [D:\Program Files\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
何必言语 - 2006-5-12 2:30:00
[D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
    [D:\Program Files\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1076][d:\瑞星\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
    [d:\瑞星\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 12>
    [d:\瑞星\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [d:\瑞星\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [d:\瑞星\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [d:\瑞星\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
    [d:\瑞星\rising\rfw\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[PID: 1208][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.1699 (xpsp2.050610-1533)>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 1292][D:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 1596][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
    [C:\WINDOWS\System32\nvcpl.dll]  <NVIDIA Corporation><6.14.10.8195>
    [C:\WINDOWS\System32\NVRSZHC.DLL]  <NVIDIA Corporation><6.14.10.8195>
    [C:\WINDOWS\System32\nvshell.dll]  <N/A><N/A>
    [d:\Program Files\Tencent\QQ\TIMProxy.dll]  <tencent><0, 3, 2, 4>
    [d:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\qdshm.dll]  <><1, 0, 1, 2>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
[PID: 1744][d:\瑞星\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 48>
    [d:\瑞星\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [d:\瑞星\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [d:\瑞星\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 1820][D:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 1844][D:\Program Files\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 17>
    [D:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [D:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 1872][D:\遨游\木马克星\Iparmor.exe]  <luosoft.com><5.5.0.0>
    [D:\遨游\木马克星\getportlistxp.dll]  <><1, 0, 0, 1>
    [D:\遨游\木马克星\socketinit.dll]  <N/A><N/A>
    [D:\遨游\木马克星\hookhookdll.dll]  <N/A><N/A>
[PID: 1880][C:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
[PID: 496][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 752][C:\WINDOWS\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.8195>
[PID: 2448][D:\Program Files\Tencent\QQ\QQ.exe]  <TENCENT><0, 0, 0, 0>
    [D:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\QQHelperDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  <Tencent><5, 0, 200, 14>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\QQAPI.dll]  <><1, 0, 0, 1>
    [d:\Program Files\Tencent\QQ\TIMProxy.dll]  <tencent><0, 3, 2, 4>
    [D:\Program Files\Tencent\QQ\LoginCtrl.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\npkcntc.dll]  <INCA Internet Co., Ltd.><2005, 9, 1, 1>
    [D:\Program Files\Tencent\QQ\npkpdb.dll]  <INCA Internet Co., Ltd.><2003, 10, 1, 1>
    [D:\Program Files\Tencent\QQ\QQRes.dll]  <tencent><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\QQMainFrame.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\CQQApplication.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\NewSkin.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\HostingMgr.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\CameraDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\MailSummary.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\QQSpace.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\QQGroupMng.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\UserDefinedHead.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\QQPlugin.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\QQAllInOne.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\SCCore.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\QQCustomFace.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\QQPet.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  <><1, 4, 0, 1>
    [D:\Program Files\Tencent\QQ\QQAvatar.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\QRingMng.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\PhoneAPI.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\DialerAllinOne.dll]  <tencent><1, 4, 0, 0>
    [D:\Program Files\Tencent\QQ\LongConnection.dll]  <tencent><0, 3, 3, 8>
    [D:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\QQMagicFace.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\QQSceneMng.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\GroupConnection.dll]  <Tencent><0, 3, 3, 5>
    [D:\Program Files\Tencent\QQ\BQQApplication.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\QQ\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
    [D:\Program Files\Tencent\QQ\CommercesMng.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\QQAddr.dll]  <深圳市腾讯计算机系统有限公司><5, 0, 101, 141>
    [D:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  <腾讯科技(深圳)有限公司><2, 0, 2, 21>
    [D:\Program Files\Tencent\QQ\QQSettingCtrl.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\QQ\ContentTab.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
    [D:\Program Files\Tencent\QQ\QQNetDisk.dll]  <深圳腾讯科技><7, 2, 101, 90>
[PID: 2464][D:\Program Files\Tencent\QQ\TIMPlatform.exe]  <tencent><0, 3, 1, 8>
    [d:\Program Files\Tencent\QQ\TIMProxy.dll]  <tencent><0, 3, 2, 4>
[PID: 3792][D:\遨游\Maxthon\Max.exe]  <Maxthon International Ltd.><1, 5, 3, 18>
    [D:\遨游\Maxthon\maxzlib.dll]  < ><1, 0, 0, 2>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>
    [D:\遨游\Maxthon\Services\RealTime\real_time.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2096][D:\Program Files\Rising\Rav\RsAgent.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 168][C:\WINDOWS\msagent\AgentSvr.exe]  <Microsoft Corporation><2.00.0.3422>
[PID: 3524][D:\遨游\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [D:\遨游\木马克星\SocketArmor.dll]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
何必言语 - 2006-5-12 2:33:00
谢谢各位帮忙看看~我的电脑实在慢的不行了~ 怎么我的贴图是男的啊?晕~
何必言语 - 2006-5-12 2:39:00
还有每次我用(恶意软件清理助手)查都说有SPOOLSV木马病毒  清理成功后再开机查还是出现这个:(  超级痛苦~~~~~~~~~~~~~~~~~~~~~
何必言语 - 2006-5-12 2:49:00
大哥哥大姐姐们麻烦帮帮忙好吗?谢谢了~
何必言语 - 2006-5-12 7:29:00
怎么没人来帮我看看哦:(
何必言语 - 2006-5-12 7:33:00
真的急46啦~~~~~~~~~~~~~~~求求你们了啦~我开网页什么都慢的不行了 真想把电脑砸了~
goingtodie - 2006-5-12 7:50:00
安全模式下解压就可以了..
何必言语 - 2006-5-12 7:54:00
安全模式下给什么解压啊?
何必言语 - 2006-5-12 8:06:00
C:\WINDOWS\System32\nvsvc32.exe 这个进程想改我的注册表~
何必言语 - 2006-5-12 8:13:00
再没人帮我我4给你们看咯~.~
1
查看完整版本: 【求助】痛苦~
© 2000 - 2026 Rising Corp. Ltd.