超隐蔽木马 bbs.ikaka.com

bh89757 - 2006-6-10 9:34:00

标题：菜鸟求救!

各位大虾:

感谢您关注我的这份报告，小菜鸟急需您的帮助！
本扫描/诊断报告由上网助手IE修复专家生成

操作系统: Windows XP
IE版本号: 6.0.2900.2180

===============================================================

1.主页被锁定为恶意网站
2.搜索页被篡改
3.有无法删除的自启动程序
4.其他现象
我的电脑中了木马,最新的瑞星没查出.我上网下载了很多专杀,都没查出.连新浪介绍的7大高手都用了,还是没用.要是电脑坏了我会被我妈打的,请各位大虾帮帮我吧.木马在c:/WINDOW/sysme32/shdoclc.dll/dnsenrror.htm.可是这是一个很重要的文件,根本不能删.求大家帮我吧

如有时间烦请您将回复同时发送至我的email地址：610430581@QQ.com，非常感谢！

===============================================================

以下是我的扫描报告正文：

*** 扫描项列表 ***

下列条目被IE修复专家判断为危险：

下列条目被IE修复专家判断为有风险：

1.O18 - 网络协议过滤器 - text/html，，
CLSID：{F79B2338-A6E7-46D4-9201-422AA6E74F43}
相关文件：C:\WINDOWS\EagleFlt.dll
安全等级：有风险

下列条目被IE修复专家判断为未知：

2.O02 - 浏览器辅助对象(BHO) - ，，
CLSID：{F79B2338-A6E7-46D4-9202-422AA6E74F43}
相关文件：C:\WINDOWS\EagleFlt.dll
安全等级：未知

3.O03 - IE第三方工具条 - 无效的CLSID : {F60C7D81-8471-4D40-AAFE-56D318F34C2D}，，
内容：新浪点点通
安全等级：未知

4.O04 - 自动运行项(Run) - EagleEye，EagleEye，
相关文件：(隐藏)(系统)C:\Program Files\Lenovo\网络爸爸\EagleSvr.exe
内容：C:\Program Files\Lenovo\网络爸爸\EagleSvr.exe
安全等级：未知

5.O04 - 自动运行项(Run) - RavTask，RavTask，
相关文件：C:\Program Files\Rising\Rav\RavTask.exe -system
内容："C:\Program Files\Rising\Rav\RavTask.exe" -system
安全等级：未知

6.O04 - 自动运行项(Run) - BigDog303，BigDog303，
相关文件：C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
内容：C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
安全等级：未知

7.O04 - 自动运行项(Run) - supervisor.exe，，
相关文件：C:\WINDOWS\supervisor.exe
内容：C:\WINDOWS\supervisor.exe
安全等级：未知

8.O04 - 自动运行项(RunOnce) - RavStub，RavStub，
相关文件：C:\Program Files\Rising\Rav\RavStub.exe /RUNONCE
内容："C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
安全等级：未知

9.O08 - IE右键菜单 - 上传到QQ网络硬盘，，
相关文件：C:\Program Files\Tencent\QQ\AddToNetDisk.htm
安全等级：未知

10.O08 - IE右键菜单 - 收藏此页到新浪ViVi，，
网页路径：http://vivi.sina.com.cn/collect/click.php?agent=ddt
安全等级：未知

11.O08 - IE右键菜单 - 新浪搜索，，
网页路径：http://cha.sina.com.cn/ddt.html
安全等级：未知

12.O08 - IE右键菜单 - 添加到QQ自定义面板，，
相关文件：C:\Program Files\Tencent\QQ\AddPanel.htm
安全等级：未知

13.O08 - IE右键菜单 - 添加到QQ表情，，
相关文件：C:\Program Files\Tencent\QQ\AddEmotion.htm
安全等级：未知

14.O08 - IE右键菜单 - 用QQ彩信发送该图片，，
相关文件：C:\Program Files\Tencent\QQ\SendMMS.htm
安全等级：未知

15.O08 - IE右键菜单 - 豪杰超级解霸V8实时播放，，
相关文件：C:\Herosoft\HeroV8\MPUrlget.htm
安全等级：未知

16.O09 - IE菜单项和工具栏按钮 - 豪杰超级解霸V8，，
相关文件：C:\Herosoft\HeroV8\STHSDVD.exe
安全等级：未知

17.O09 - IE菜单项和工具栏按钮 - 腾讯QQ，腾讯QQ，
相关文件：C:\Program Files\Tencent\QQ\QQ.exe
安全等级：未知

18.O09 - IE菜单项 - QQ炫彩工具条设置，QQ炫彩工具条设置，
相关文件：C:\Program Files\Tencent\QQ\QQIEHelper.dll
安全等级：未知

19.O17 - 本机网络设置 NameServer - 218.85.157.99 202.101.107.54，，
内容：218.85.157.99 202.101.107.54
安全等级：未知

20.O27 - 文件执行挂钩 - ShlExecHack，ShlExecHack，
CLSID：{32CD708B-60A7-4C00-9377-D73EAA495F0F}
相关文件：C:\WINDOWS\system32\RavExt.dll
内容：Rising Execute File Exts hook
安全等级：未知

下列条目被IE修复专家判断为安全：

21.R00 - IE自定义搜索引擎 - http://seek.3721.com/srchcust.htm，，
内容：http://seek.3721.com/srchcust.htm
安全等级：安全

22.R00 - IE备用搜索引擎 - http://seek.3721.com/srchasst.htm，，
内容：http://seek.3721.com/srchasst.htm
安全等级：安全

23.R03 - 搜索挂接 - 上网助手2005，上网助手2005，
CLSID：{BB936323-19FA-4521-BA29-ECA6A121BC78}
相关文件：C:\Program Files\3721\Assist\asbar.dll
内容：coolbar
安全等级：安全

24.O02 - 浏览器辅助对象(BHO) - AcrobatReader AcroIEHlprObj，AcrobatReader AcroIEHlprObj，
CLSID：{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
相关文件：C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll
安全等级：安全

25.O02 - 浏览器辅助对象(BHO) - QQ IE助手，QQ IE助手，
CLSID：{54EBD53A-9BC1-480B-966A-843A333CA162}
相关文件：C:\Program Files\Tencent\QQ\QQIEHelper.dll
安全等级：安全

26.O02 - 浏览器辅助对象(BHO) - 上网助手2005，上网助手2005，
CLSID：{BB936323-19FA-4521-BA29-ECA6A121BC78}
相关文件：C:\Program Files\3721\Assist\asbar.dll
安全等级：安全

27.O02 - 浏览器辅助对象(BHO) - 一搜工具条，一搜工具条，
CLSID：{EF1D17A9-089F-40cc-8D64-7324CDEBA0DB}
相关文件：(文件不存在)(隐藏)(系统)C:\PROGRA~1\yisou\yisoub.dll
安全等级：安全

28.O03 - IE第三方工具条 - 上网助手2005，上网助手2005，
CLSID：{BB936323-19FA-4521-BA29-ECA6A121BC78}
相关文件：C:\Program Files\3721\Assist\asbar.dll
内容：上网助手
安全等级：安全

29.O03 - IE第三方工具条 - 一搜工具条，一搜工具条，
CLSID：{115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5}
相关文件：C:\Program Files\yisou\yisou.dll
内容：一搜
安全等级：安全

30.O04 - 当前用户自启动目录 - QQ即时通讯软件，QQ即时通讯软件，
相关文件：C:\Program Files\Tencent\QQ\QQ.exe
安全等级：安全

31.O04 - 自动运行项(Run) - 雅虎助手托盘图标，雅虎助手托盘图标，
相关文件：C:\Program Files\3721\AssistSe.exe
内容："C:\PROGRA~1\3721\assistse.exe"
安全等级：安全

32.O04 - 自动运行项(Run) - 超级解霸自动播放器，，
相关文件：C:\Herosoft\HeroV8\SysExplr.exe
内容：C:\Herosoft\HeroV8\SysExplr.EXE
安全等级：安全

33.O04 - 自动运行项(Run) - RealOne Player免费版的驻留程序，RealOne Player免费版的驻留程序，
相关文件：C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
内容："C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
安全等级：安全

34.O04 - 自动运行项(Run) - Windows多种输入技术的支持程序，Windows多种输入技术的支持程序，
相关文件：C:\WINDOWS\system32\ctfmon.exe
内容：C:\WINDOWS\system32\ctfmon.exe
安全等级：安全

35.O08 - IE右键菜单 - !搜一搜(&S)，!搜一搜(&S)，
相关文件：C:\Program Files\yisou\yisou.dll /232
安全等级：安全

36.O08 - IE右键菜单 - &使用迅雷下载，，
相关文件：F:\软件\新建文件夹\Program\geturl.htm
安全等级：安全

37.O08 - IE右键菜单 - &使用迅雷下载全部链接，，
相关文件：F:\软件\新建文件夹\Program\GetAllUrl.htm
安全等级：安全

38.O09 - IE菜单项和工具栏按钮 - Windows Messenger，Windows Messenger，
相关文件：C:\Program Files\Messenger\msmsgs.exe
安全等级：安全

39.O21 - 自启动项SSODL - 管理托盘图标对象的程序，管理托盘图标对象的程序，
CLSID：{35CEC8A3-2BE6-11D2-8773-92E220524153}
相关文件：C:\WINDOWS\system32\stobject.dll
内容：{35CEC8A3-2BE6-11D2-8773-92E220524153}
安全等级：安全

40.O31 - 浏览栏区对象 - 每日提示，每日提示，
CLSID：{4D5C8C25-D075-11d0-B416-00C04FB90376}
相关文件：C:\WINDOWS\system32\shdocvw.dll
安全等级：安全

魔法学徒 - 2006-6-10 10:21:00

修复
7.O04 - 自动运行项(Run) - supervisor.exe，，
相关文件：C:\WINDOWS\supervisor.exe
内容：C:\WINDOWS\supervisor.exe
安全等级：未知

删除

C:\WINDOWS\supervisor.exe

bh89757 - 2006-6-10 11:14:00

【回复“魔法学徒”的帖子】那是我下载的木马专杀工具.还有什么办法吗

魔法学徒 - 2006-6-10 17:34:00

请用System Repair Engineer扫个log贴上来

下载地址见置顶贴
[必读]本版说明及常用小软件下载
http://forum.ikaka.com/topic.asp?board=67&artid=5188931

bh89757 - 2006-6-11 10:34:00

【回复“魔法学徒”的帖子】日志太长了,怎么办
啊

我无邪 - 2006-6-11 10:43:00

一次粘不完，就分二次粘完。

bh89757 - 2006-6-11 10:51:00

【回复“我无邪”的帖子】好的

bh89757 - 2006-6-11 10:55:00

【回复“我无邪”的帖子】日志来啦--------------------------系统环境-------------------------
检测日期: 2006-6-11 10:43
Windows: Microsoft Windows XP
ServicePack: Service Pack 2
Update: 2600.xpsp_sp2_gdr.050301-1519
Internet Explorer: 6.0.2900.2180

-----------------------网络基础安全测试--------------------
密码安全检测:已经设置了管理员密码,建议:将密码复杂度和长度提高!
网络漏洞检测:空连接检查安全!

服务名称是否运行描述
RemoteRegistry [运行中] [说明:这个服务可能被利用远程操作注册表]
Windows Time [运行中] [说明:这个服务可能被黑客利用来启动木马]
Telnet [已停止] [说明:这个服务可能被黑客登录到您计算机]
Messenger [已停止] [说明:这个服务常被广告商用来发垃圾广告]
Server [运行中] [说明:如果你的电脑不用局域网中,可以关闭]
建议在[控制面板]-[管理工具]-[服务]中,找到这些服务关闭并设置为[禁用].

-----------------------计算机网络端口----------------------
协议端口号端口类型
TCP 135 微软DCE RPC end-point mapper服务
TCP 445 Microsoft-DS
TCP 6059 未知类型
TCP 1025 未知类型
TCP 139 微软Netbios Name服务(用于文件及打印机共享)
TCP 68 未知类型
TCP 445 公共Internet文件系统(CIFS)
TCP 500 Internet密钥交换
TCP 1043 未知类型
TCP 1072 未知类型
TCP 4500 sae-urn
TCP 123 未知类型
TCP 1900 未知类型
TCP 123 未知类型
TCP 137 未知类型
TCP 138 未知类型
TCP 1900 未知类型
TCP 123 未知类型
TCP 1900 未知类型

--------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:3]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:4]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:5]
[名称:C:\Program Files\Rising\Rav\CCenter.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright Rising 2002]

[编号:6]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:7]
[名称:C:\Program Files\Rising\Rav\Ravmond.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:8]
[名称:C:\WINDOWS\Explorer.EXE]

bh89757 - 2006-6-11 10:57:00

【回复“我无邪”的帖子】第2次,
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:9]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:10]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:11]
[名称:C:\Program Files\Rising\Rav\RavStub.exe]
[类型:运行进程]
[内容:RavStub Application Copyright (c) 1998-2005 Rising Corp.]

[编号:12]
[名称:C:\Program Files\Lenovo\网络爸爸\EagleSvr.exe]
[类型:运行进程]
[内容: ]

[编号:13]
[名称:C:\PROGRA~1\3721\assistse.exe]
[类型:运行进程]
[内容:未知]

[编号:14]
[名称:C:\Herosoft\HeroV8\SysExplr.EXE]
[类型:运行进程]
[内容:未知]

[编号:15]
[名称:C:\Program Files\Rising\Rav\RavTask.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright (c) 1998-2006 Rising Corp.]

[编号:16]
[名称:C:\Program Files\Rising\Rav\Ravmon.exe]
[类型:运行进程]
[内容:Rising Anti-Virus Monitor Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:17]
[名称:C:\Program Files\Common Files\Real\Update_OB\realsched.exe]
[类型:运行进程]
[内容:RealPlayer (32-bit) Copyright ? RealNetworks, Inc. 1995-2004]

[编号:18]
[名称:C:\WINDOWS\VM303_STI.EXE]
[类型:运行进程]
[内容:BIGDOG Copyright (C) 2004 Vimicro Corporation]

[编号:19]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:20]
[名称:C:\Program Files\Messenger\msmsgs.exe]
[类型:运行进程]
[内容:Messenger Copyright (c) Microsoft Corporation 2004]

[编号:21]
[名称:C:\Program Files\Rising\Rav\RsAgent.exe]
[类型:运行进程]
[内容:RsAgent Application Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:22]
[名称:C:\WINDOWS\msagent\AgentSvr.exe]
[类型:运行进程]
[内容:Microsoft Agent Server Copyright (C) Microsoft Corp. 1997-98]

[编号:23]
[名称:D:\新建文件夹\完美卸载V2006\syssec.exe]
[类型:运行进程]
[内容:完美卸载V2006-ChinaHijackThis 版权所有 (C) 2006]

[编号:24]
[分隔符:---------------------------------------------------------------------]

[编号:25]
[名称:C:\Program Files\Rising\Rav\BWList.dll]
[类型:已加载DLL]
[内容:BWList Dynamic Link Library Copyright(c) 1998-2006 Beijing Rising Technology

bh89757 - 2006-6-11 11:39:00

【回复“魔法学徒”的帖子】说话啊求你啦我都中了4十几次的病毒了,只是一晚上啊

我无邪 - 2006-6-11 11:39:00

兄弟，不是这个报告
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

abc555efg - 2006-6-11 12:22:00

我的朋友QQ发给我一个网站。我一按就出现了一个黄网。10多分钟出现一次。原来不会改主页的。但是过了几天会改主页了。用了瑞星的注册表修复了就好了。过了一下又弹出来。主页又改了。我是新手。不会开注册表看。也不会看启动项，你能教我吗。或开QQ给你控制，谢谢

DJ之大非 - 2006-6-11 12:53:00

汗~~楼上的（11楼）是发木马的吧~~劝你还是省点吧！有没有傻蛋去点就不知道了！哈哈

bh89757 - 2006-6-11 14:06:00

【回复“我无邪”的帖子】第1页2006-06-11,13:51:18

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<EagleEye><C:\Program Files\Lenovo\网络爸爸\EagleSvr.exe> [tuEagles]
<assistse><"C:\PROGRA~1\3721\assistse.exe"> []
<SysExplr><C:\Herosoft\HeroV8\SysExplr.EXE> []
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32> []
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<LHotkey><; LHotkey.exe> [Chicony]
<MoveSearch><; C:\Program Files\wsearch\Search.exe> [中搜在线]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<RavMon><; C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM> [Beijing Rising Technology Co., Ltd.]
<RavTimer><; C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE> []
<SoundMan><; SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Study><; C:\Program Files\Lenovo\联想100分学校\study.exe> [Lenovo]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<VTTimer><; VTTimer.exe> [S3 Graphics, Inc.]
<VTTrayp><; VTtrayp.exe> [S3 Graphics Co., Ltd.]

==================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\lenovo\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>

bh89757 - 2006-6-11 14:07:00

【回复“我无邪”的帖子】第2页[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <F:\软件\新建文件夹\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[DragSearch BHO]
{EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} <C:\PROGRA~1\yisou\yisoub.dll, >
[]
{F79B2338-A6E7-46D4-9202-422AA6E74F43} <C:\WINDOWS\EagleFlt.dll, N/A>
[豪杰超级解霸V8]
{367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[一搜工具条]
{115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} <C:\Program Files\yisou\yisou.dll, 3721>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[一搜工具条]
{115F6E46-FCBC-41ED-B3B5-3BDDD4AAB5E5} <C:\Program Files\yisou\yisou.dll, 3721>
[assist]
{1B0E7716-898E-48CC-9690-4E338E8DE1D3} <C:\Program Files\3721\Assist\assist.dll, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[AutoLive]
{7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\Program Files\3721\AutoLive.dll, >
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <F:\软件\新建文件夹\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\flash.ocx, Macromedia, Inc.>
[DragSearch BHO]
{EF1D17A9-089F-40CC-8D64-7324CDEBA0DB} <C:\PROGRA~1\yisou\yisoub.dll, >
[]
{F79B2338-A6E7-46D4-9202-422AA6E74F43} <C:\WINDOWS\EagleFlt.dll, N/A>
[!搜一搜(&S)]
<res://C:\Program Files\yisou\yisou.dll/232, N/A>
[&使用迅雷下载]
<F:\软件\新建文件夹\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<F:\软件\新建文件夹\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[收藏此页到新浪ViVi]
<http://vivi.sina.com.cn/collect/click.php?agent=ddt, N/A>
[新浪搜索]
<http://cha.sina.com.cn/ddt.html, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[豪杰超级解霸V8实时播放]
<C:\Herosoft\HeroV8\MPURLGET.HTM, N/A>

==================================
正在运行的进程

bh89757 - 2006-6-11 14:11:00

【回复“我无邪”的帖子】第3页[PID: 552][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 616][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 640][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 684][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 696][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 844][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 932][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1028][C:\Program Files\Rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 1044][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1088][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1248][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1264][C:\Program Files\Rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 22>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
[C:\Program Files\Rising\Rav\HOOKSYS.dll] <Rising><18, 1, 0, 9>
[C:\Program Files\Rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\Rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\HookWeb.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\Rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
[C:\Program Files\Rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\Rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
[C:\Program Files\Rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\Program Files\Rising\Rav\ExtOLE.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[PID: 1508][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\Program Files\Acrobatchs\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[C:\PROGRA~1\3721\Assist\asnoad.dll] <><1, 0, 0, 1>
[C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><7.0.0.2004121400>
[F:\软件\新建文件夹\ComDlls\XunLeiBHO_001.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 1>
[C:\WINDOWS\EagleFlt.dll] <N/A><N/A>
[PID: 1588][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1732][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1940][C:\Program Files\Rising\Rav\RavStub.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co.,

bh89757 - 2006-6-11 14:14:00

【回复“我无邪”的帖子】第4页Ltd.><18, 0, 0, 4>
[PID: 232][C:\PROGRA~1\3721\assistse.exe] <N/A><N/A>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\PROGRA~1\3721\shell\AsMenu.dll] <N/A><N/A>
[C:\PROGRA~1\3721\Assist\assist.dll] <><2, 0, 3, 0>
[C:\PROGRA~1\3721\shell\IEAngel.dll] <N/A><N/A>
[C:\PROGRA~1\3721\shell\MenuInfo.dll] <N/A><N/A>
[C:\PROGRA~1\3721\shell\assecblk.dll] <3721><1, 0, 0, 5>
[c:\progra~1\3721\assist\adfilter.dll] < ><1, 0, 1, 6>
[C:\PROGRA~1\3721\assist\optimum.dll] <N/A><N/A>
[C:\PROGRA~1\3721\assist\repair.dll] <北京三七二一科技有限公司><1, 0, 4, 1001>
[C:\PROGRA~1\3721\assist\asfsks.dll] <3721.com><2, 1, 1, 87>
[PID: 244][C:\Herosoft\HeroV8\SysExplr.EXE] <N/A><N/A>
[C:\Herosoft\HeroV8\HttpReq.dll] <N/A><N/A>
[C:\Herosoft\HeroV8\CoolMenu.dll] <N/A><N/A>
[C:\Herosoft\HeroV8\httphlp.dll] <N/A><N/A>
[C:\Herosoft\HeroV8\AVCDROM.dll] <N/A><N/A>
[C:\Herosoft\HeroV8\Sys936.DLL] <N/A><N/A>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 256][C:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 320][C:\Program Files\Rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 19>
[C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 364][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3275>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 516][C:\WINDOWS\VM303_STI.EXE] <Vimicro><4, 3, 625, 61>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[PID: 576][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 604][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><4.7.3001>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 1148][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1440][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\Program Files\3721\Assist\asbar.dll] <3721><1, 0, 0, 3>
[C:\PROGRA~1\3721\Assist\TbWrap.dll] <3721><1, 0, 0, 2>
[C:\PROGRA~1\3721\Assist\asnoad.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\3721\Assist\aswiper.dll] <3721><1, 0, 0, 1>
[C:\PROGRA~1\3721\Assist\asiesec.dll] <3721><1, 0, 0, 1>
[C:\Program Files\yisou\yisou.dll] <3721><1, 1, 1, 0>
[C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><7.0.0.2004121400>
[C:\Program Files\Tencent\QQ\QQIEHelper.dll] <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
[F:\软件\新建文件夹\ComDlls\XunLeiBHO_001.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 1>
[C:\PROGRA~1\yisou\yisoub.dll] <><1, 1, 2, 3>
[C:\WINDOWS\EagleFlt.dll] <N/A><N/A>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\Program Files\3721\shell\assecblk.dll] <3721><1, 0, 0, 5>
[C:\PROGRA~1\3721\assist\repair.dll] <北京三七二一科技有限公司><1, 0, 4, 1001>
[C:\PROGRA~1\3721\assist\asfsks.dll] <3721.com><2, 1, 1, 87>
[C:\PROGRA~1\3721\assist\optimum.dll] <N/A><N/A>
[c:\progra~1\3721\assist\adfilter.dll] < ><1, 0, 1, 6>
[C:\WINDOWS\system32\Macromed\Flash\flash.ocx] <Macromedia, Inc.><7,0,19,0>
[PID: 4016][C:\Program Files\Rising\Rav\RsAgent.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[PID: 2948][C:\WINDOWS\msagent\AgentSvr.exe] <Microsoft Corporation><2.00.0.3422>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 3160][C:\Program Files\WinRAR\WinRAR.exe] <Alexander Roshal><3.41>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 2340][C:\DOCUME~1\lenovo\LOCALS~1\Temp\Rar$EX00.578\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

bh89757 - 2006-6-11 14:14:00

【回复“我无邪”的帖子】第4页Ltd.><18, 0, 0, 4>
[PID: 232][C:\PROGRA~1\3721\assistse.exe] <N/A><N/A>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\PROGRA~1\3721\shell\AsMenu.dll] <N/A><N/A>
[C:\PROGRA~1\3721\Assist\assist.dll] <><2, 0, 3, 0>
[C:\PROGRA~1\3721\shell\IEAngel.dll] <N/A><N/A>
[C:\PROGRA~1\3721\shell\MenuInfo.dll] <N/A><N/A>
[C:\PROGRA~1\3721\shell\assecblk.dll] <3721><1, 0, 0, 5>
[c:\progra~1\3721\assist\adfilter.dll] < ><1, 0, 1, 6>
[C:\PROGRA~1\3721\assist\optimum.dll] <N/A><N/A>
[C:\PROGRA~1\3721\assist\repair.dll] <北京三七二一科技有限公司><1, 0, 4, 1001>
[C:\PROGRA~1\3721\assist\asfsks.dll] <3721.com><2, 1, 1, 87>
[PID: 244][C:\Herosoft\HeroV8\SysExplr.EXE] <N/A><N/A>
[C:\Herosoft\HeroV8\HttpReq.dll] <N/A><N/A>
[C:\Herosoft\HeroV8\CoolMenu.dll] <N/A><N/A>
[C:\Herosoft\HeroV8\httphlp.dll] <N/A><N/A>
[C:\Herosoft\HeroV8\AVCDROM.dll] <N/A><N/A>
[C:\Herosoft\HeroV8\Sys936.DLL] <N/A><N/A>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 256][C:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 320][C:\Program Files\Rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 19>
[C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 364][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3275>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 516][C:\WINDOWS\VM303_STI.EXE] <Vimicro><4, 3, 625, 61>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[PID: 576][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 604][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><4.7.3001>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 1148][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1440][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\Program Files\3721\Assist\asbar.dll] <3721><1, 0, 0, 3>
[C:\PROGRA~1\3721\Assist\TbWrap.dll] <3721><1, 0, 0, 2>
[C:\PROGRA~1\3721\Assist\asnoad.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\3721\Assist\aswiper.dll] <3721><1, 0, 0, 1>
[C:\PROGRA~1\3721\Assist\asiesec.dll] <3721><1, 0, 0, 1>
[C:\Program Files\yisou\yisou.dll] <3721><1, 1, 1, 0>
[C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><7.0.0.2004121400>
[C:\Program Files\Tencent\QQ\QQIEHelper.dll] <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
[F:\软件\新建文件夹\ComDlls\XunLeiBHO_001.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 1>
[C:\PROGRA~1\yisou\yisoub.dll] <><1, 1, 2, 3>
[C:\WINDOWS\EagleFlt.dll] <N/A><N/A>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\Program Files\3721\shell\assecblk.dll] <3721><1, 0, 0, 5>
[C:\PROGRA~1\3721\assist\repair.dll] <北京三七二一科技有限公司><1, 0, 4, 1001>
[C:\PROGRA~1\3721\assist\asfsks.dll] <3721.com><2, 1, 1, 87>
[C:\PROGRA~1\3721\assist\optimum.dll] <N/A><N/A>
[c:\progra~1\3721\assist\adfilter.dll] < ><1, 0, 1, 6>
[C:\WINDOWS\system32\Macromed\Flash\flash.ocx] <Macromedia, Inc.><7,0,19,0>
[PID: 4016][C:\Program Files\Rising\Rav\RsAgent.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[PID: 2948][C:\WINDOWS\msagent\AgentSvr.exe] <Microsoft Corporation><2.00.0.3422>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 3160][C:\Program Files\WinRAR\WinRAR.exe] <Alexander Roshal><3.41>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>
[PID: 2340][C:\DOCUME~1\lenovo\LOCALS~1\Temp\Rar$EX00.578\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\Program Files\Lenovo\网络爸爸\EagleH.dll] <N/A><N/A>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

bh89757 - 2006-6-11 14:16:00

【回复“abc555efg”的帖子】把首页设为空页

我无邪 - 2006-6-11 14:39:00

网络爸爸卡马会认为是木马
不知是不是误报
建议卸载
还有，中搜，你可以到添加删除程序里去卸载掉它。
并没看出有问题来。

bh89757 - 2006-6-11 14:50:00

【回复“我无邪”的帖子】你不知道啊,我的电脑只要一设主页,就会弹出一个恶意网站,只要它一出来就有病毒而且是一下子就传开的啊.而且这网站的位置是在我的C盘里啊,难道这不是木马一类的吗?我已经找到了那位置可是它在一个重要文件里,不能打开也不能删,我用了20几种专杀没一样能查得出来的.所以我才来求你们这些高手帮的啊.求你帮帮我啊.

我无邪 - 2006-6-11 14:57:00

是什么网站，
建议你先卸载网络爸爸
网络爸爸默认下是不许修复主页的。

bh89757 - 2006-6-11 15:51:00

【回复“我无邪”的帖子】来啦完美卸载 - 系统检查检测报告!
建议:修复时请按照高手的反馈编号在修复工具中打勾进行修复.

--------------------------系统环境-------------------------
检测日期: 2006-6-11 15:33
Windows: Microsoft Windows XP
ServicePack: Service Pack 2
Update: 2600.xpsp_sp2_gdr.050301-1519
Internet Explorer: 6.0.2900.2180

-----------------------网络基础安全测试--------------------
密码安全检测:已经设置了管理员密码,建议:将密码复杂度和长度提高!
网络漏洞检测:空连接检查安全!

服务名称是否运行描述
RemoteRegistry [已停止] [说明:这个服务可能被利用远程操作注册表]
Windows Time [已停止] [说明:这个服务可能被黑客利用来启动木马]
Telnet [已停止] [说明:这个服务可能被黑客登录到您计算机]
Messenger [已停止] [说明:这个服务常被广告商用来发垃圾广告]
Server [已停止] [说明:如果你的电脑不用局域网中,可以关闭]
建议在[控制面板]-[管理工具]-[服务]中,找到这些服务关闭并设置为[禁用].

-----------------------计算机网络端口----------------------
协议端口号端口类型
TCP 135 微软DCE RPC end-point mapper服务
TCP 445 Microsoft-DS
TCP 6059 未知类型
TCP 1029 未知类型
TCP 139 微软Netbios Name服务(用于文件及打印机共享)
TCP 1253 未知类型
TCP 445 公共Internet文件系统(CIFS)
TCP 500 Internet密钥交换
TCP 1041 未知类型
TCP 1046 未知类型
TCP 4500 sae-urn
TCP 1900 未知类型
TCP 137 未知类型
TCP 138 未知类型
TCP 1900 未知类型
TCP 1900 未知类型

--------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:3]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:4]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:5]
[名称:C:\Program Files\Rising\Rav\CCenter.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright Rising 2002]

[编号:6]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:7]
[名称:C:\Program Files\Rising\Rav\Ravmond.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:8]
[名称:C:\WINDOWS\Explorer.EXE]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:9]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:10]
[名称:C:\Program Files\Rising\Rav\RavStub.exe]
[类型:运行进程]
[内容:RavStub Application Copyright (c) 1998-2005 Rising Corp.]

[编号:11]
[名称:C:\Program Files\Lenovo\网络爸爸\EagleSvr.exe]
[类型:运行进程]
[内容: ]

[编号:12]
[名称:C:\PROGRA~1\3721\assistse.exe]
[类型:运行进程]
[内容:未知]

[编号:13]
[名称:C:\Herosoft\HeroV8\SysExplr.EXE]
[类型:运行进程]
[内容:未知]

[编号:14]
[名称:C:\Program Files\Rising\Rav\RavTask.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright (c) 1998-2006 Rising Corp.]

[编号:15]
[名称:C:\Program Files\Rising\Rav\Ravmon.exe]
[类型:运行进程]
[内容:Rising Anti-Virus Monitor Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

bh89757 - 2006-6-11 15:53:00

【回复“我无邪”的帖子】第2页[编号:16]
[名称:C:\WINDOWS\VM303_STI.EXE]
[类型:运行进程]
[内容:BIGDOG Copyright (C) 2004 Vimicro Corporation]

[编号:17]
[名称:C:\Program Files\Messenger\msmsgs.exe]
[类型:运行进程]
[内容:Messenger Copyright (c) Microsoft Corporation 2004]

[编号:18]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:19]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:20]
[名称:D:\新建文件夹 (2)\征途\data\zhengtu.dat]
[类型:运行进程]
[内容:《征途》客户端上海征途网络科技有限公司。版权所有 (C) 2004]

[编号:21]
[名称:D:\新建文件夹\完美卸载V2006\WmSysPro.exe]
[类型:运行进程]
[内容:系统保护+网络防火墙版权所有 (C)剑锋工作室]

[编号:22]
[名称:D:\新建文件夹\完美卸载V2006\syssec.exe]
[类型:运行进程]
[内容:完美卸载V2006-ChinaHijackThis 版权所有 (C) 2006]

[编号:23]
[分隔符:---------------------------------------------------------------------]

[编号:24]
[名称:C:\Program Files\Rising\Rav\BWList.dll]
[类型:已加载DLL]
[内容:BWList Dynamic Link Library Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:25]
[名称:C:\Program Files\Rising\Rav\RsCommX.dll]
[类型:已加载DLL]
[内容:rising RsCommX Copyright ? 2002]

[编号:26]
[名称:C:\Program Files\Rising\Rav\RSAPPMGR.DLL]
[类型:已加载DLL]
[内容:Rising AntiVirus 2006 Copyright ? 2004 - 2005]

[编号:27]
[名称:C:\Program Files\Rising\Rav\CfgDll.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2006 Copyright ? 2004 - 2006]

[编号:28]
[名称:C:\Program Files\Rising\Rav\RSCOMMON.DLL]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2006 Rising Corp.]

[编号:29]
[名称:C:\Program Files\Rising\Rav\RsLog.dll]
[类型:已加载DLL]
[内容:RsLog Dynamic Link Library Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:30]
[名称:C:\Program Files\Rising\Rav\HOOKSYS.dll]
[类型:已加载DLL]
[内容:HOOKSYS Dynamic Link Library Copyright (C) 2005]

[编号:31]
[名称:C:\Program Files\Rising\Rav\Scanner.dll]
[类型:已加载DLL]
[内容:Rising RsScanner Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:32]
[名称:C:\Program Files\Rising\Rav\libload.dll]
[类型:已加载DLL]
[内容:rising libload Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:33]
[名称:C:\Program Files\Rising\Rav\VirusLib.dll]
[类型:已加载DLL]
[内容:Rising VirusLib Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

bh89757 - 2006-6-11 15:53:00

【回复“我无邪”的帖子】第3页[编号:34]
[名称:C:\Program Files\Rising\Rav\HookWeb.dll]
[类型:已加载DLL]
[内容:rising HookWeb Copyright ? 2004]

[编号:35]
[名称:C:\Program Files\Rising\Rav\MemMon.dll]
[类型:已加载DLL]
[内容:北京瑞星 MemMon Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:36]
[名称:C:\Program Files\Rising\Rav\MailMon.dll]
[类型:已加载DLL]
[内容:mailmon Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:37]
[名称:C:\Program Files\Rising\Rav\SpamEng.dll]
[类型:已加载DLL]
[内容: SpamEng Dynamic Link Library Copyright (C) 2004]

[编号:38]
[名称:C:\Program Files\Rising\Rav\engine.dll]
[类型:已加载DLL]
[内容:rising engine Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:39]
[名称:C:\Program Files\Rising\Rav\PostTrt.dll]
[类型:已加载DLL]
[内容:Rising PostTrt Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:40]
[名称:C:\Program Files\Rising\Rav\UnExe.dll]
[类型:已加载DLL]
[内容:rising UnExe Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:41]
[名称:C:\Program Files\Rising\Rav\ScanExec.dll]
[类型:已加载DLL]
[内容:rising ScanExec Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:42]
[名称:C:\Program Files\Rising\Rav\ScanEx.dll]
[类型:已加载DLL]
[内容:Rising ScanEX Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:43]
[名称:C:\Program Files\Rising\Rav\NvFile.dll]
[类型:已加载DLL]
[内容:rising NVFile Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:44]
[名称:C:\Program Files\Rising\Rav\ScanMac.dll]
[类型:已加载DLL]
[内容:rising ScanMac Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:45]
[名称:C:\Program Files\Rising\Rav\ScanSct.dll]
[类型:已加载DLL]
[内容:rising ScanSct Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:46]
[名称:C:\Program Files\Rising\Rav\Unpacker.dll]
[类型:已加载DLL]
[内容:rising UnPacker Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:47]
[名称:C:\Program Files\Rising\Rav\ExtOLE.dll]
[类型:已加载DLL]
[内容:rising ExtOLE Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]

[编号:48]
[名称:C:\WINDOWS\system32\RavExt.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2006 Rising Corp.]

[编号:49]
[名称:C:\Program Files\Lenovo\网络爸爸\EagleH.dll]
[类型:已加载DLL]
[内容:未知]

[编号:50]
[名称:C:\Program Files\Acrobatchs\ActiveX\PDFShell.dll]
[类型:已加载DLL]
[内容:Adobe PDF Shell Extension Copyright 2000-2004 Adobe Systems, Inc.]

[编号:51]
[名称:C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll]
[类型:已加载DLL]
[内容:AcroIEHelper Library Copyright 1984-2004 Adobe Systems Incorporated and its licensors. All rights reserved.]

[编号:52]
[名称:F:\软件\新建文件夹\ComDlls\XunLeiBHO_001.dll]
[类型:已加载DLL]
[内容:XunLeiBHO Module Copyright 2004-2006]

[编号:53]
[名称:C:\WINDOWS\EagleFlt.dll]
[类型:已加载DLL]
[内容:未知]

[编号:54]
[名称:C:\Program Files\WinRAR\rarext.dll]
[类型:已加载DLL]
[内容:未知]

[编号:55]
[名称:C:\WINDOWS\system32\Protect.sys]
[类型:已加载DLL]
[内容:未知]

[编号:56]
[名称:C:\Program Files\Lenovo\网络爸爸\eaglep.dll]
[类型:已加载DLL]
[内容:未知]

[编号:57]
[名称:C:\Program Files\Lenovo\网络爸爸\EglLogin.dll]
[类型:已加载DLL]
[内容:未知]

bh89757 - 2006-6-11 15:54:00

【回复“我无邪”的帖子】第4页[编号:58]
[名称:C:\Program Files\Lenovo\网络爸爸\eagler.dll]
[类型:已加载DLL]
[内容:未知]

[编号:59]
[名称:C:\Program Files\Lenovo\网络爸爸\eaglek.dll]
[类型:已加载DLL]
[内容:未知]

[编号:60]
[名称:C:\Program Files\Lenovo\网络爸爸\eaglet.dll]
[类型:已加载DLL]
[内容:未知]

[编号:61]
[名称:C:\Program Files\Lenovo\网络爸爸\EagleC.dll]
[类型:已加载DLL]
[内容:未知]

[编号:62]
[名称:C:\Program Files\Lenovo\网络爸爸\workdll.dll]
[类型:已加载DLL]
[内容:未知]

[编号:63]
[名称:C:\PROGRA~1\3721\shell\AsMenu.dll]
[类型:已加载DLL]
[内容:未知]

[编号:64]
[名称:C:\PROGRA~1\3721\Assist\assist.dll]
[类型:已加载DLL]
[内容:Assist Module Copyright 2003]

[编号:65]
[名称:C:\PROGRA~1\3721\shell\IEAngel.dll]
[类型:已加载DLL]
[内容:未知]

[编号:66]
[名称:C:\PROGRA~1\3721\shell\MenuInfo.dll]
[类型:已加载DLL]
[内容:未知]

[编号:67]
[名称:C:\PROGRA~1\3721\shell\assecblk.dll]
[类型:已加载DLL]
[内容:3721 SecNotify Copyright (C) 2004]

[编号:68]
[名称:c:\progra~1\3721\assist\adfilter.dll]
[类型:已加载DLL]
[内容: adfilter Copyright ? 2004]

[编号:69]
[名称:C:\PROGRA~1\3721\assist\optimum.dll]
[类型:已加载DLL]
[内容:未知]

[编号:70]
[名称:C:\PROGRA~1\3721\assist\repair.dll]
[类型:已加载DLL]
[内容: repair Copyright (c) 2004]

[编号:71]
[名称:C:\PROGRA~1\3721\assist\asfsks.dll]
[类型:已加载DLL]
[内容:fsk Module Copyright 2004]

[编号:72]
[名称:C:\Herosoft\HeroV8\HttpReq.dll]
[类型:已加载DLL]
[内容:未知]

[编号:73]
[名称:C:\Herosoft\HeroV8\CoolMenu.dll]
[类型:已加载DLL]
[内容:未知]

[编号:74]
[名称:C:\Herosoft\HeroV8\httphlp.dll]
[类型:已加载DLL]
[内容:未知]

[编号:75]
[名称:C:\Herosoft\HeroV8\AVCDROM.dll]
[类型:已加载DLL]
[内容:未知]

[编号:76]
[名称:C:\Herosoft\HeroV8\Sys936.DLL]
[类型:已加载DLL]
[内容:未知]

[编号:77]
[名称:C:\Program Files\Rising\Rav\RsGuiLib.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2006 Rising Corp.]

[编号:78]
[名称:C:\Program Files\Rising\Rav\PngDll.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2005 Rising Corp.]

[编号:79]
[名称:C:\WINDOWS\system32\msdmo.dll]
[类型:已加载DLL]
[内容:(null) (null)]

[编号:80]
[名称:D:\新建文件夹\完美卸载V2006\ScanEngine.dll]
[类型:已加载DLL]
[内容:ScanEngine 完美病毒引擎文件版权所有 (C) 2005]

bh89757 - 2006-6-11 15:55:00

【回复“我无邪”的帖子】第5页[编号:81]
[分隔符:---------------------------------------------------------------------]

[编号:82]
[名称:EagleEye]
[类型:开机启动]
[内容:C:\Program Files\Lenovo\网络爸爸\EagleSvr.exe]

[编号:83]
[名称:assistse]
[类型:开机启动]
[内容:"C:\PROGRA~1\3721\assistse.exe"]

[编号:84]
[名称:SysExplr]
[类型:开机启动]
[内容:C:\Herosoft\HeroV8\SysExplr.EXE]

[编号:85]
[名称:RavTask]
[类型:开机启动]
[内容:"C:\Program Files\Rising\Rav\RavTask.exe" -system]

[编号:86]
[名称:TkBellExe]
[类型:开机启动]
[内容:; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot]

[编号:87]
[名称:BigDog303]
[类型:开机启动]
[内容:C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)]

[编号:88]
[名称:helper.dll]
[类型:开机启动]
[内容:; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32]

[编号:89]
[名称:IMJPMIG8.1]
[类型:开机启动]
[内容:; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32]

[编号:90]
[名称:LHotkey]
[类型:开机启动]
[内容:; LHotkey.exe]

[编号:91]
[名称:MoveSearch]
[类型:开机启动]
[内容:; C:\Program Files\wsearch\Search.exe]

[编号:92]
[名称:PHIME2002A]
[类型:开机启动]
[内容:; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName]

[编号:93]
[名称:PHIME2002ASync]
[类型:开机启动]
[内容:; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC]

[编号:94]
[名称:RavMon]
[类型:开机启动]
[内容:; C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM]

[编号:95]
[名称:RavTimer]
[类型:开机启动]
[内容:; C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE]

[编号:96]
[名称:SoundMan]
[类型:开机启动]
[内容:; SOUNDMAN.EXE]

[编号:97]
[名称:VTTimer]
[类型:开机启动]
[内容:; VTTimer.exe]

[编号:98]
[名称:VTTrayp]
[类型:开机启动]
[内容:; VTtrayp.exe]

[编号:99]
[名称:ctfmon.exe]
[类型:开机启动]
[内容:C:\WINDOWS\system32\ctfmon.exe]

[编号:100]
[名称:MSMSGS]
[类型:开机启动]
[内容:"C:\Program Files\Messenger\msmsgs.exe" /background]

[编号:101]
[名称:Study]
[类型:开机启动]
[内容:; C:\Program Files\Lenovo\联想100分学校\study.exe]

[编号:102]

bh89757 - 2006-6-11 15:56:00

【回复“我无邪”的帖子】第6页啊[分隔符:---------------------------------------------------------------------]

[编号:103]
[名称:AFD]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\afd.sys]

[编号:104]
[名称:Service for WDM 3D Audio Driver]
[类型:服务:Copyright ? 2004 Sensaura Copyright ? 2004 Sensaura]
[内容:C:\WINDOWS\system32\drivers\alcxsens.sys]

[编号:105]
[名称:Service for Realtek AC97 Audio (WDM)]
[类型:服务:Windows (R) WDM driver for Realtek AC'97 Audio Copyright (c) Realtek Semiconductor Corp.1998-2004]
[内容:C:\WINDOWS\system32\drivers\alcxwdm.sys]

[编号:106]
[名称:CALLKEY_IO]
[类型:服务:未知]
[内容:c:\program files\lenovo\智能维护3.0\callkey.sys]

[编号:107]
[名称:CnsMinKP]
[类型:服务:Kernel Module Driver Copyright (c) 3721 Corporation.]
[内容:C:\WINDOWS\system32\drivers\cnsminkp.sys]

[编号:108]
[名称:DCOM Server Process Launcher]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:109]
[名称:ExpScaner]
[类型:服务:ExpScan.sys Copyright (C) 2004 Rising]
[内容:c:\program files\rising\rav\expscan.sys]

[编号:110]
[名称:VIA Rhine-Family Fast Ethernet Adapter Driver Service]
[类型:服务:VIA Rhine Family Fast Ethernet Adapter VIA Technologies, Inc. ]
[内容:C:\WINDOWS\system32\drivers\fetnd5bv.sys]

[编号:111]
[名称:VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver]
[类型:服务:VIA PCI 10/100Mb Fast Ethernet Adapter VIA Technologies, Inc. ]
[内容:C:\WINDOWS\system32\drivers\fetnd5.sys]

[编号:112]
[名称:HookCont]
[类型:服务:TDIHOOK Driver for Windows NT Copyright ]
[内容:c:\program files\rising\rav\hookcont.sys]

[编号:113]
[名称:HookSys]
[类型:服务:Hooksys Copyright (C) 2004]
[内容:c:\program files\rising\rav\hooksys.sys]

[编号:114]
[名称:MEMSCAN]
[类型:服务:MemScan Drivers for Windows NT Copyright (C) RFW Corp. 2000-2002]
[内容:c:\program files\rising\rav\memscan.sys]

[编号:115]
[名称:npkcrypt]
[类型:服务:nProtect KeyCrypt Driver Copyright (C) INCA Internet. 2000-2005]
[内容:c:\program files\tencent\qq\npkcrypt.sys]

[编号:116]
[名称:NTSIM]
[类型:服务:Network Device Monitor Utility VIA Networking Technologies, Inc. ]
[内容:c:\windows\system32\ntsim.sys]

[编号:117]
[名称:Remote Procedure Call (RPC)]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:118]
[名称:Rising Process Communication Center]
[类型:服务:Rising Antivirus Software Copyright Rising 2002]
[内容:"C:\Program Files\Rising\Rav\CCenter.exe"]

[编号:119]
[名称:RsRavMon Service]
[类型:服务:Rising Antivirus Software Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited]
[内容:"C:\Program Files\Rising\Rav\Ravmond.exe"]

[编号:120]
[名称:Secdrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\secdrv.sys]

[编号:121]
[名称:Terminal Services]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:122]
[名称:viagfx]
[类型:服务:UniChrome(Pro) IGP Driver Copyright (C) VIA Technologies, Inc. and S3 Graphics Co, Ltd. ? 2005]
[内容:C:\WINDOWS\system32\drivers\vtmini.sys]

[编号:123]
[名称:WmNdisDrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\wmndisdrv.sys]

[编号:124]
[名称:WmRegProDrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\wmregprodrv.sys]

[编号:125]
[名称:海天地摄像头301PLH]
[类型:服务: VM. 2005.]
[内容:C:\WINDOWS\system32\drivers\usbvm303.sys]

bh89757 - 2006-6-11 16:01:00

【回复“我无邪”的帖子】第7页[编号:126]
[分隔符:---------------------------------------------------------------------]

[编号:127]
[名称:Start Page]
[类型:IE主页-当前用户]
[内容:袙]

[编号:128]
[名称:Search Page]
[类型:IE搜索-当前用户]
[内容:袙]

[编号:129]
[名称:Start Page]
[类型:IE主页-所有用户]
[内容:about:blank]

[编号:130]
[名称:Search Page]
[类型:IE搜索-所有用户]
[内容:abou
]

[编号:131]
[名称:Default_Page_URL]
[类型:默认IE主页-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome]

[编号:132]
[名称:Default_Search_URL]
[类型:默认IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:133]
[分隔符:---------------------------------------------------------------------]

[编号:134]
[名称:AcroIEHlprObj Class]
[类型:IE 嵌入对象]
[内容:C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll]

[编号:135]
[名称:QQBrowserHelperObject Class]
[类型:IE 嵌入对象]
[内容:C:\Program Files\Tencent\QQ\QQIEHelper.dll]

[编号:136]
[名称:Thunder Browser Helper]
[类型:IE 嵌入对象]
[内容:F:\软件\新建文件夹\ComDlls\XunLeiBHO_001.dll]

[编号:137]
[名称:上网助手]
[类型:IE 嵌入对象]
[内容:C:\Program Files\3721\Assist\asbar.dll]

[编号:138]
[名称:DragSearch BHO]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\yisou\yisoub.dll]

[编号:139]
[分隔符:---------------------------------------------------------------------]

[编号:140]
[名称:{367E0A21-8601-4986-9C9A-153BF5ACA118}]
[类型:IE 扩展按钮]
[内容:豪杰超级解霸V8 路径:C:\Herosoft\HeroV8\STHSDVD.EXE]

[编号:141]
[名称:{c95fe080-8f5d-11d2-a20b-00aa003c157b}]
[类型:IE 扩展按钮]
[内容:QQ 路径:C:\Program Files\Tencent\QQ\QQ.EXE]

[编号:142]
[名称:{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}]
[类型:IE 扩展按钮]
[内容:C:\P 路径:C:\P ]

[编号:143]
[名称:{FB5F1910-F110-11d2-BB9E-00C04F795683}]
[类型:IE 扩展按钮]
[内容:Messenger 路径:C:\Program Files\Messenger\msmsgs.exe]

[编号:144]
[分隔符:---------------------------------------------------------------------]

[编号:145]
[名称:!搜一搜(&S)]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:146]
[名称:&使用迅雷下载]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:147]
[名称:&使用迅雷下载全部链接]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:148]
[名称:上传到QQ网络硬盘]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:149]
[名称:收藏此页到新浪ViVi]
[类型:IE 右键按钮]

bh89757 - 2006-6-11 16:02:00

【回复“我无邪”的帖子】第8页啊[内容: 路径:er\m ]

[编号:150]
[名称:新浪搜索]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:151]
[名称:添加到QQ自定义面板]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:152]
[名称:添加到QQ表情]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:153]
[名称:用QQ彩信发送该图片]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:154]
[名称:豪杰超级解霸V8实时播放]
[类型:IE 右键按钮]
[内容: 路径:er\m ]

[编号:155]
[分隔符:---------------------------------------------------------------------]

[编号:156]
[名称:{233A9694-667E-11D1-9DFB-006097D50408}]
[类型:Outlook Express Address Book <IE控件>]
[内容:%ProgramFiles%\Outlook Express\msoe.dll]

[编号:157]
[分隔符:---------------------------------------------------------------------]

[编号:158]
[名称:PostBootReminder]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:159]
[名称:CDBurn]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:160]
[名称:WebCheck]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\webcheck.dll]

[编号:161]
[名称:SysTray]
[类型:正常嵌入对象]
[内容:C:\WINDOWS\system32\stobject.dll]

[编号:162]
[分隔符:---------------------------------------------------------------------]

[编号:163]
[名称:]
[类型:EXE关联]
[内容:"%1" %*]

[编号:164]
[名称:]
[类型:TXT关联]
[内容:%SystemRoot%\system32\NOTEPAD.EXE %1]

[编号:165]
[名称:]
[类型:vbs关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:166]
[名称:]
[类型:Js关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:167]
[名称:]
[类型:htmlfile关联]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:168]
[名称:]
[类型:HTTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:169]
[名称:]
[类型:FTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" %1]

[编号:170]
[分隔符:---------------------------------------------------------------------]

[编号:171]
[名称:c:\windows\system32\vtdisply.dll]
[类型:第三方 COM/ActiveX组件]
[内容:S3Display Property Sheet---发布公司:Part of S3 Screen Toys Copyright (c) 2004-2005 S3 Graphics Co., Ltd.]

[编号:172]
[名称:c:\windows\system32\vtgamma2.dll]
[类型:第三方 COM/ActiveX组件]
[内容:S3Gamma2 Property Sheet---发布公司:S3 Screen Toys Utility Suite Copyright (c) 2004-2005 S3 Graphics Co., Ltd.]

[编号:173]
[名称:c:\windows\system32\vtinfo2.dll]
[类型:第三方 COM/ActiveX组件]
[内容:S3Info2 Property Sheet---发布公司:Part of S3 Screen Toys Copyright (c) 2004-2005 S3 Graphics Co., Ltd.]

[编号:174]

瑞星卡卡安全论坛