【求助】浏览器有问题 bbs.ikaka.com

阿不Joyce - 2006-6-23 13:57:00

2006-06-23,13:46:19

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [Microsoft Corporation]
<RegBar><regsvr32.exe /u C:\progra~1\blogmark\bocaitoolbar.dll /s /i /n> []
<KuGoo3><"E:\Program Files\KuGoo3\KuGoo.exe"> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<AboutSys><1> []
<MSAboutDialog><regsvr32.exe xadowner1.dll /s> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<SoundMan><SOUNDMAN.EXE> [Avance Logic, Inc.]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<BCUpdate><C:\WINDOWS\System32\BCUP.exe> []
<AddrPlus2><RUNDLL32.EXE C:\PROGRA~1\TENCENT\AddrPlus\QAHook.dll,Rundll32> []
<RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<AddrPlus3><C:\PROGRA~1\TENCENT\AddrPlus\Runner.exe C:\PROGRA~1\TENCENT\AddrPlus\QAHook.dll Rundll32> []
<PCSuiteTrayApplication><E:\Program Files\Nokia PC Suite 6\LaunchApplication.exe -onlytray> [Nokia]
<DataLayer><C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe> [Nokia Mobile Phones Ltd.]
<RfwMain><"C:\Program Files\rising\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<StormCodec_Helper><"E:\Program Files\Storm Codec\StormSet.exe" /S /opti> []
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [Yahoo!]
<PPHIDPAD><E:\PROGRA~1\WINPENJR\Win32\pphidpad.exe> []
<FixCamera><C:\WINDOWS\FixCamera.exe> []
<tsnpstd3><C:\WINDOWS\tsnpstd3.exe> []
<snpstd3><C:\WINDOWS\vsnpstd3.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><> []
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<Vision><C:\PROGRA~1\MMSASS~1\MMSASS~2.DLL> []
<SysTime><C:\PROGRA~1\winkld\winkld.dll> [www.88dog.com]

==================================

阿不Joyce - 2006-6-23 13:57:00

启动文件夹
[腾讯QQ]
<C:\Documents and Settings\a\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[Security Machine Manager / BUZOR]
<C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL,Export 1087><N/A>
[NVIDIA Driver Helper Service / NVSvc]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[StdService / StdService]
<C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\system32\STDSVER.DLL,Service><N/A>
[Network System / Universal Disk Manager]
<C:\Program Files\Common Files\SAND\Network.exe><COMENET TECHNOLOGY>
[winmum / winmum]
<><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v13.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <E:\Program Files\adbe\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[AdsHlpObj Class]
{49A94665-B1F5-4F05-B9C7-FB6E336E49BD} <C:\WINDOWS\System32\AdsObj.dll, N/A>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <E:\Program Files\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[MMSAssist BHO]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\MMSASS~2.DLL, >
[std software]
{6A512BF7-EC78-4e8d-9841-6C02E8FA9838} <C:\WINDOWS\SYSTEM32\stdup.dll, >
[AdsObj2 Class]
{7DDEA238-3E32-43FD-8223-A5E15D9666FF} <C:\WINDOWS\System32\AdsHlp2.dll, N/A>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <E:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <, N/A>
[AdsHlpObj Class]
{C74332D8-097F-41E7-8F8A-2E4D5A07A31E} <C:\WINDOWS\System32\AdsHlp.dll, N/A>
[手机短信]
{00000000-0000-0001-0001-596BAEDD1289} <http://sms.3721.com/ie/index.htm?pid=U_wanxiang_18961, N/A>
[Yahoo 1G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.mail.yahoo.com/promo/rd1, N/A>
[寻宝乐趣多]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=?allyesPara=816, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/?source=Cns, N/A>
[MMSAssistMenu]
{6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\MMSASS~2.DLL, >
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Program Files\QQ\QQ.EXE, TENCENT>
[易趣购物]
{DE607144-AC19-424e-869A-9D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\Program Files\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://assistant.3721.com/security1.htm?fb=Cns, N/A>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://assistant.3721.com/clean1.htm?fb=Cns, N/A>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <, N/A>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[实用搜索]
{15ADF205-4C54-4cfe-AC88-1EA0BA6D06A0} <C:\Program Files\ScanToolbar\ScanBar.dll, >
[IMCv1 Control]
{6924091F-CD97-41E1-B1D4-D9079409D413} <C:\WINDOWS\DOWNLO~1\imcv1.dll, 北京莲塘软件技术有限公司 Liantang Software Tech. Inc. (http://www.lotuspond.com.cn)>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\System32\muweb.dll, Microsoft Corporation>
[SLAProbe Control]
{7A97B026-F3BB-49F6-BEAC-75021AD45B4E} <C:\WINDOWS\DOWNLO~1\SLAProbe.ocx, AKAZAM Communications>
[Ppinstall Control]
{CF051549-EDE1-40F5-B440-BCD646CF2C25} <C:\WINDOWS\DOWNLO~1\PPINST~1.OCX, 网易 NetEase>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Flash.ocx, Macromedia, Inc.>
[VqqSpeedDlProxy Class]
{F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, Tencent>
[ >> 彩信发送 <<]
<res://C:\PROGRA~1\MMSASS~1\MMSASS~2.DLL/mms.htm, N/A>
[&RSDN Search]
<res://C:\Program Files\ScanToolbar\ScanBar.dll/GoRSDN.dll.htm, N/A>
[&使用迅雷下载]
<E:\Program Files\迅雷5.0\geturl.htm, N/A>
[&使用迅雷下载全部链接]
<E:\Program Files\迅雷5.0\getallurl.htm, N/A>
[上传到QQ网络硬盘]
<E:\Program Files\QQ\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
<E:\Program Files\KuGoo3\KuGoo3DownX.htm, N/A>
[添加到QQ自定义面板]
<E:\Program Files\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\Program Files\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\Program Files\QQ\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
<, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>

阿不Joyce - 2006-6-23 14:00:00

正在运行的进程
[PID: 428][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 484][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 508][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\System32\PLUG.dll] <Bokee><2, 1, 0, 1>
[PID: 560][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 572][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 728][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 780][C:\Program Files\rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 796][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 884][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 960][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1012][c:\program files\rising\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
[c:\program files\rising\rising\rfw\RfwRule.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
[c:\program files\rising\rising\rfw\rfwlog.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
[c:\program files\rising\rising\rfw\Rfwdrv.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
[c:\program files\rising\rising\rfw\MonDrv.dll] <rs><1, 0, 0, 4>
[c:\program files\rising\rising\rfw\ProcLib.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[c:\program files\rising\rising\rfw\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[PID: 1200][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[C:\WINDOWS\system32\CNMLM3C.DLL] <CANON INC.><1.50.2.6>
[C:\WINDOWS\system32\OLFMNT40.DLL] <Microsoft Corporation><9.0.98.0105>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD3C.DLL] <CANON INC.><1.50.2.6>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\olfpnt40.dll] <Microsoft Corporation><9.0.98.0105>
[PID: 1860][C:\WINDOWS\SOUNDMAN.EXE] <Avance Logic, Inc.><5.0.07>
[PID: 1892][C:\WINDOWS\System32\BCUP.exe] <N/A><N/A>
[PID: 1912][C:\Program Files\rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[PID: 1988][E:\Program Files\Nokia PC Suite 6\LaunchApplication.exe] <Nokia><6, 50, 14, 6>
[C:\WINDOWS\System32\ConnAPI.DLL] <Nokia.><6, 50, 12, 4>
[E:\Program Files\Nokia PC Suite 6\PCSCM.dll] <Nokia><6, 50, 36, 2>
[C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll] <Nokia><6, 50, 7, 0>
[E:\Program Files\Nokia PC Suite 6\Lang\LaunchApplication_chi-sc.NLR] <><6, 50, 11, 0>
[PID: 1996][C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe] <Nokia Mobile Phones Ltd.><6, 50, 101, 3>
[C:\Program Files\Common Files\PCSuite\DataLayer\Lang\DataLayer_chi-sc.nlr] <Nokia><6, 50, 8, 0>
[PID: 2032][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe] <Yahoo!><1, 0, 1, 1001>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll] <Yahoo><1, 0, 2, 1002>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll] <Yahoo><1, 0, 0, 2>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll] <Yahoo><1, 0, 1, 1001>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll] <Yahoo><1, 0, 1, 1006>
[PID: 2040][E:\PROGRA~1\WINPENJR\Win32\pphidpad.exe] <N/A><N/A>
[PID: 124][C:\WINDOWS\FixCamera.exe] <><1, 0, 0, 3>
[PID: 272][C:\WINDOWS\tsnpstd3.exe] <><1, 1, 3, 1>
[PID: 264][C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE] <Nokia.><6, 50, 28, 2>
[C:\WINDOWS\System32\NclTools.dll] <Nokia.><6, 50, 9, 1>
[C:\Program Files\Common Files\PCSuite\Transports\NCLIrDAMM.dll] <Nokia Corp.><6, 50, 13, 0>
[C:\Program Files\Common Files\PCSuite\Transports\NCLRSMM.dll] <Nokia><6, 50, 21, 1>
[C:\Program Files\Common Files\PCSuite\Transports\NCLUSBMM.dll] <Nokia><6, 50, 23, 1>
[PID: 248][C:\WINDOWS\vsnpstd3.exe] <><1, 0, 2, 2>
[PID: 216][C:\WINDOWS\System32\ctfmon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 1504][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 1708][C:\WINDOWS\System32\nvsvc32.exe] <NVIDIA Corporation><6.14.01.4345>
[PID: 1040][C:\WINDOWS\System32\rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\system32\STDSVER.DLL] <><3, 2, 1, 5>
[PID: 1968][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 332][C:\Program Files\Common Files\SAND\Network.exe] <COMENET TECHNOLOGY><1, 563, 15, 5>
[PID: 2360][C:\WINDOWS\System32\rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\SYSTEM32\stdup.dll] <><3, 2, 1, 5>
[PID: 2224][C:\WINDOWS\explorer.exe] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[C:\PROGRA~1\winkld\Winkld.dat] <www.88dog.com><2, 0, 0, 1>
[E:\Program Files\adbe\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><7.0.5.2005092300>
[C:\WINDOWS\System32\AdsObj.dll] <N/A><N/A>
[C:\WINDOWS\System32\AdsHlp2.dll] <N/A><N/A>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[E:\Program Files\Nokia PC Suite 6\PhoneBrowser.dll] <Nokia><6, 50, 78, 2>
[E:\Program Files\Nokia PC Suite 6\PCSCM.dll] <Nokia><6, 50, 36, 2>
[E:\Program Files\adbe\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[PID: 840][C:\WINDOWS\System32\conime.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 3948][C:\WINDOWS\System32\rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\System32\adscr.dll] <N/A><N/A>
[PID: 2420][E:\Program Files\QQ\IT\TTraveler.exe] <腾讯公司><3.0.0.238>
[E:\Program Files\QQ\IT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] <腾讯公司><1, 1, 0, 5>
[E:\Program Files\QQ\IT\Plugins\TWeather\TWeather.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\IT\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
[C:\Program Files\rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\WINDOWS\System32\Flash.ocx] <Macromedia, Inc.><7,0,19,0>
[C:\WINDOWS\System32\msdmo.dll] <N/A><N/A>
[C:\WINDOWS\System32\ffdshow.ax] <N/A><1.0.2.2605>

阿不Joyce - 2006-6-23 14:01:00

[PID: 2768][E:\Program Files\QQ\QQ.exe] <TENCENT><0, 0, 0, 0>
[E:\Program Files\QQ\QQBaseClassInDll.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\QQHelperDll.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\BasicCtrlDll.dll] <Tencent><5, 0, 200, 160>
[E:\Program Files\QQ\QQAPI.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\TIMProxy.dll] <tencent><0, 3, 2, 4>
[E:\Program Files\QQ\LoginCtrl.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\npkcntc.dll] <INCA Internet Co., Ltd.><2006, 3, 2, 1>
[E:\Program Files\QQ\npkpdb.dll] <INCA Internet Co., Ltd.><2003, 10, 1, 1>
[E:\Program Files\QQ\QQRes.dll] <tencent><1, 0, 0, 1>
[E:\Program Files\QQ\WizardCtrl.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\QQMainFrame.dll] <N/A><N/A>
[C:\WINDOWS\System32\Flash.ocx] <Macromedia, Inc.><7,0,19,0>
[E:\Program Files\QQ\CQQApplication.dll] <N/A><N/A>
[E:\Program Files\QQ\NewSkin.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\HostingMgr.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\CameraDll.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\MailSummary.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\QQSpace.dll] <><1, 0, 0, 1>
[C:\WINDOWS\System32\msdmo.dll] <N/A><N/A>
[E:\Program Files\QQ\QQGroupMng.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\GroupLive.dll] <N/A><N/A>
[C:\Program Files\rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[E:\Program Files\QQ\UserDefinedHead.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\QQPlugin.dll] <N/A><N/A>
[E:\Program Files\QQ\QQConfigPlugin.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\QRingMng.dll] <N/A><N/A>
[E:\Program Files\QQ\PhoneAPI.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\DialerAllinOne.dll] <tencent><1, 4, 0, 0>
[E:\Program Files\QQ\LongConnection.dll] <tencent><5, 0, 200, 160>
[E:\Program Files\QQ\QQAvatar.dll] <N/A><N/A>
[E:\Program Files\QQ\FlashAvatarDll.dll] <><1, 4, 0, 1>
[E:\Program Files\QQ\QQPet.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\BQQApplication.dll] <N/A><N/A>
[E:\Program Files\QQ\QQSettingCtrl.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\QQSysMsgMng.dll] <N/A><N/A>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[E:\Program Files\QQ\CommercesMng.dll] <><1, 0, 0, 1>
[E:\Program Files\QQ\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
[E:\Program Files\QQ\QQUdpGetFileLib.dll] <tencent><0, 2, 2, 3>
[E:\Program Files\QQ\QQAddr.dll] <深圳市腾讯计算机系统有限公司><5, 0, 101, 200>
[E:\Program Files\QQ\QQSceneMng.dll] <N/A><N/A>
[E:\Program Files\QQ\QQPhoneHelper.dll] <腾讯科技（深圳）有限公司><2, 0, 4, 40>
[PID: 3668][E:\Program Files\QQ\TIMPlatform.exe] <tencent><0, 3, 1, 8>
[E:\Program Files\QQ\TIMProxy.dll] <tencent><0, 3, 2, 4>
[PID: 1176][C:\Program Files\rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 26>
[C:\Program Files\rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
[C:\Program Files\rising\Rav\HOOKSYS.dll] <Rising><18, 1, 0, 9>
[C:\Program Files\rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\regmon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\rising\Rav\HookWeb.dll] <rising><18, 0, 0, 1>
[C:\Program Files\rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\rising\Rav\expscan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\rising\Rav\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[C:\Program Files\rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 6>
[C:\Program Files\rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
[C:\Program Files\rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
[C:\Program Files\rising\Rav\ExtOLE.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 4020][C:\Program Files\rising\Rav\RAVMON.EXE] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 26>
[C:\Program Files\rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
[C:\Program Files\rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>

阿不Joyce - 2006-6-23 14:01:00

[PID: 1316][C:\Program Files\rising\Rav\RavStub.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
[C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 3708][E:\Program Files\千千静听\TTPlayer.exe] <Alen Soft><4, 6, 0, 0>
[E:\Program Files\千千静听\ttpcomm.dll] <N/A><N/A>
[E:\Program Files\千千静听\ttpres.dll] <Alen Soft><4, 6, 5, 0>
[PID: 3732][E:\Program Files\QQ\QZone\QZone.exe] <腾讯公司><1, 1, 101, 25>
[PID: 3848][E:\Program Files\QQGame\QQGame.exe] <深圳市腾讯计算机系统有限公司><2, 0, 101, 34>
[E:\Program Files\QQGame\HelpDll.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\ResEx.dll] <深圳市腾讯计算机系统有限公司><0, 10, 0, 0>
[E:\Program Files\QQGame\factory.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\Global.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\MainLogi.dll] <N/A><N/A>
[E:\Program Files\QQGame\Res\ErrorDes.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\UIStyle.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\Login.dll] <N/A><N/A>
[E:\Program Files\QQGame\UI\CommonUI.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\Common\Common.dll] <N/A><N/A>
[E:\Program Files\QQGame\UI\MiscUI.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\Utility.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\Timer.dll] <N/A><N/A>
[E:\Program Files\QQGame\Res\QGString.dll] <N/A><N/A>
[E:\Program Files\QQGame\Storage\MiscStor.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\ChanAdd\DirChn.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\DlProxy.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\ProcMsg.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\Logic\LaFDown.dll] <N/A><N/A>
[E:\Program Files\QQGame\UI\MainUI.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\Common\Serial.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\Compress.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\SvrConn.dll] <N/A><N/A>
[E:\Program Files\QQGame\ProtHand\QQProt.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\Encrypt.dll] <N/A><N/A>
[E:\Program Files\QQGame\ProtHand\dirprot.dll] <N/A><N/A>
[C:\WINDOWS\System32\Flash.ocx] <Macromedia, Inc.><7,0,19,0>
[E:\Program Files\QQGame\Socket\NetMod.dll] <N/A><N/A>
[E:\Program Files\QQGame\ProtHand\BaseProt.dll] <N/A><N/A>
[E:\Program Files\QQGame\Storage\StorgSet.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\NetSpeed.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\ItemShop.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\ShopMgr.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\ImgLTSet.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\MRoomMgr.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\QQCorre.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\QQAvDld.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\SelfInfo.dll] <N/A><N/A>
[E:\Program Files\QQGame\UI\SelfUI.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\Logic\QQAvtShw.dll] <N/A><N/A>
[E:\Program Files\QQGame\ProtHand\SelfPro.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\Social.dll] <N/A><N/A>
[E:\Program Files\QQGame\UI\SocialUI.dll] <N/A><N/A>
[C:\Program Files\rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[E:\Program Files\QQGame\Logic\CAAddins\MGRoom.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\CAAddins\RInfComp.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\CAAddins\RUILComp.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\CAAddins\RPrcComp.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\ItemUse.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\Parsers\ChatPars.dll] <N/A><N/A>
[E:\Program Files\QQGame\ProtHand\MainProt.dll] <N/A><N/A>
[E:\Program Files\QQGame\UI\RoomCpUI.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\ProtHand\ItemProt.dll] <N/A><N/A>
[E:\Program Files\QQGame\UI\ItemUI.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\Logic\ComUILgi.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\CAAddins\GInterop.dll] <N/A><N/A>
[PID: 2884][E:\Program Files\QQGame\QQGameDl.exe] <N/A><N/A>
[E:\Program Files\QQGame\factory.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\Global.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\DlImpl.dll] <N/A><N/A>
[E:\Program Files\QQGame\Logic\DlProxy.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\ProcMsg.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\Common\Thread.dll] <><1, 0, 0, 1>
[E:\Program Files\QQGame\ProtHand\DlProt.dll] <N/A><N/A>
[E:\Program Files\QQGame\Socket\NetMod.dll] <N/A><N/A>
[E:\Program Files\QQGame\Common\Utility.dll] <N/A><N/A>
[PID: 3040][E:\Program Files\迅雷5.0\Thunder.exe] <Thunder Networking Technologies,LTD><5.1.2.166>
[E:\Program Files\迅雷5.0\UpdateDownload.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 2>
[E:\Program Files\迅雷5.0\download_interface.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 57>
[E:\Program Files\迅雷5.0\log4cplus.dll] <><1, 0, 2, 1>
[E:\Program Files\迅雷5.0\stlport_vc646.dll] <STLport Consulting, Inc.><4.6.2003.1031>
[E:\Program Files\迅雷5.0\msgmanage.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 13>
[E:\Program Files\迅雷5.0\historyinfo_manage.dll] <Thunder Networking Technologies,LTD><5, 2, 0, 148>
[E:\Program Files\迅雷5.0\iEmbed.dll] <Thunder Networking Technologies,LTD><1, 0, 1, 14>
[E:\Program Files\迅雷5.0\RegisterDll.dll] <Thunder Networking Technologies,LTD><1, 2, 0, 6>
[E:\Program Files\迅雷5.0\FloatBar.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 2>
[E:\Program Files\迅雷5.0\iTargetAd.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 51>
[C:\Program Files\rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\WINDOWS\System32\Flash.ocx] <Macromedia, Inc.><7,0,19,0>
[PID: 3064][G:\备份文件\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>

阿不Joyce - 2006-6-23 14:02:00

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

我无邪 - 2006-6-23 14:09:00

运行System Repair Engineer，点“启动项目，服务，点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务Security Machine Manager，StdService，Network System ，winmum 选择“删除服务”点“设置”选择“否”。（每一个逗号隔开的就是一个病毒的服务，请逐一删除）
建议你下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后，打开“超级兔子优化王”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载
卸载完后，请重启。
双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示确定更改时，单击“是”，清除“隐藏已知文件类型的扩展名
删除
C:\PROGRA~1\Yahoo!
C:\WINDOWS\System32\BCUP.exe
C:\PROGRA~1\MMSASS~1
C:\WINDOWS\System32\AdsObj.dll
C:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL
C:\WINDOWS\system32\STDSVER.DLL
C:\Program Files\Common Files\SAND
C:\WINDOWS\SYSTEM32\stdup.dll
C:\WINDOWS\System32\AdsHlp2.dll
C:\WINDOWS\System32\AdsHlp.dll
C:\WINDOWS\DOWNLO~1\imcv1.dll
C:\WINDOWS\System32\PLUG.dll

阿不Joyce - 2006-6-24 19:47:00

你让我删的那些东西都删不了.

阿不Joyce - 2006-6-24 19:49:00

还是会出现那样的情况
是不是没有办法啊

ceo800 - 2006-6-24 20:31:00

请尝试在安全模式下删除

我无邪 - 2006-6-24 20:42:00

一定要兔子卸载后，重启，才能正常删除。
请再修复后，再扫份日志粘上来。

阿不Joyce - 2006-6-25 9:59:00

一定要用兔子吗?我现在装是优化大师,不是一样用吗?

我无邪 - 2006-6-25 10:52:00

优化大师我不清楚，只要你能把流氓软件卸载掉，也是一样的。
你重启后，如果无法删除，就表示流氓软件并没有卸载。

梦飞的地方 - 2006-6-25 14:38:00

进安全模式,从系统里将与IE有关的东西全部删掉再从新装,应该就可以了

梦飞的地方 - 2006-6-25 14:42:00

一定要删干净再从装!!!周五那天我的ACDSee5.0也出现了这种问题,今天上午这样一弄就好了!!!

阿不Joyce - 2006-6-26 10:38:00

请问安全模式怎么进去啊??

我无邪 - 2006-6-26 13:25:00

修复后，请扫描一份日志粘上来。

阿不Joyce - 2006-6-26 14:56:00

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [Microsoft Corporation]
<KuGoo3><"E:\Program Files\KuGoo3\KuGoo.exe"> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<AboutSys><1> []
<MSAboutDialog><regsvr32.exe xadowner1.dll /s> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<SoundMan><SOUNDMAN.EXE> [Avance Logic, Inc.]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<AddrPlus2><RUNDLL32.EXE C:\PROGRA~1\TENCENT\AddrPlus\QAHook.dll,Rundll32> []
<RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<AddrPlus3><C:\PROGRA~1\TENCENT\AddrPlus\Runner.exe C:\PROGRA~1\TENCENT\AddrPlus\QAHook.dll Rundll32> []
<PCSuiteTrayApplication><E:\Program Files\Nokia PC Suite 6\LaunchApplication.exe -onlytray> [Nokia]
<DataLayer><C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe> [Nokia Mobile Phones Ltd.]
<RfwMain><"C:\Program Files\rising\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<StormCodec_Helper><"E:\Program Files\Storm Codec\StormSet.exe" /S /opti> []
<PPHIDPAD><E:\PROGRA~1\WINPENJR\Win32\pphidpad.exe> []
<FixCamera><C:\WINDOWS\FixCamera.exe> []
<tsnpstd3><C:\WINDOWS\tsnpstd3.exe> []
<snpstd3><C:\WINDOWS\vsnpstd3.exe> []
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<SysTime><C:\PROGRA~1\winkld\winkld.dll> [www.88dog.com]

==================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\a\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[NVIDIA Driver Helper Service / NVSvc]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[手机短信]
{00000000-0000-0001-0001-596BAEDD1289} <http://sms.3721.com/ie/index.htm?pid=U_wanxiang_18961, N/A>
[Yahoo 1G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.mail.yahoo.com/promo/rd1, N/A>
[寻宝乐趣多]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=?allyesPara=816, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/?source=Cns, N/A>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Program Files\QQ\QQ.EXE, TENCENT>
[易趣购物]
{DE607144-AC19-424e-869A-9D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\Program Files\QQ\QQIEHelper.dll, N/A>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://assistant.3721.com/security1.htm?fb=Cns, N/A>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://assistant.3721.com/clean1.htm?fb=Cns, N/A>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\System32\muweb.dll, Microsoft Corporation>
[SLAProbe Control]
{7A97B026-F3BB-49F6-BEAC-75021AD45B4E} <C:\WINDOWS\DOWNLO~1\SLAProbe.ocx, AKAZAM Communications>
[Ppinstall Control]
{CF051549-EDE1-40F5-B440-BCD646CF2C25} <C:\WINDOWS\DOWNLO~1\PPINST~1.OCX, 网易 NetEase>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Flash.ocx, Macromedia, Inc.>
[VqqSpeedDlProxy Class]
{F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, Tencent>
[&使用迅雷下载]
<E:\Program Files\迅雷5.0\geturl.htm, N/A>
[&使用迅雷下载全部链接]
<E:\Program Files\迅雷5.0\getallurl.htm, N/A>
[上传到QQ网络硬盘]
<E:\Program Files\QQ\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
<E:\Program Files\KuGoo3\KuGoo3DownX.htm, N/A>
[添加到QQ自定义面板]
<E:\Program Files\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\Program Files\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\Program Files\QQ\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
<, N/A>

阿不Joyce - 2006-6-26 14:56:00

正在运行的进程
[PID: 428][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 492][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 516][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 560][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 580][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 748][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 800][C:\Program Files\rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 816][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 924][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 952][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 968][C:\Program Files\rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 26>
[C:\Program Files\rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
[C:\Program Files\rising\Rav\HOOKSYS.dll] <Rising><18, 1, 0, 9>
[C:\Program Files\rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\regmon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\rising\Rav\HookWeb.dll] <rising><18, 0, 0, 1>
[C:\Program Files\rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\rising\Rav\expscan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\rising\Rav\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[C:\Program Files\rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 6>
[C:\Program Files\rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
[C:\Program Files\rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
[C:\Program Files\rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 1100][c:\program files\rising\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
[c:\program files\rising\rising\rfw\RfwRule.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
[c:\program files\rising\rising\rfw\rfwlog.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
[c:\program files\rising\rising\rfw\Rfwdrv.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
[c:\program files\rising\rising\rfw\MonDrv.dll] <rs><1, 0, 0, 4>
[c:\program files\rising\rising\rfw\ProcLib.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1208][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[C:\WINDOWS\system32\CNMLM3C.DLL] <CANON INC.><1.50.2.6>
[C:\WINDOWS\system32\OLFMNT40.DLL] <Microsoft Corporation><9.0.98.0105>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD3C.DLL] <CANON INC.><1.50.2.6>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\olfpnt40.dll] <Microsoft Corporation><9.0.98.0105>
[PID: 1296][C:\Program Files\rising\Rav\RavStub.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
[C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1608][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[C:\PROGRA~1\winkld\Winkld.dat] <www.88dog.com><2, 0, 0, 1>
[E:\Program Files\Winrar3.5\rarext.dll] <N/A><N/A>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[E:\Program Files\Nokia PC Suite 6\PhoneBrowser.dll] <Nokia><6, 50, 78, 2>
[E:\Program Files\Nokia PC Suite 6\PCSCM.dll] <Nokia><6, 50, 36, 2>
[C:\Program Files\rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[E:\Program Files\adbe\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[PID: 1784][c:\program files\rising\rising\rfw\RfwMain.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 51>
[c:\program files\rising\rising\rfw\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[c:\program files\rising\rising\rfw\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[c:\program files\rising\rising\rfw\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 2028][C:\WINDOWS\SOUNDMAN.EXE] <Avance Logic, Inc.><5.0.07>
[PID: 276][C:\Program Files\rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[PID: 260][C:\Program Files\rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 26>
[C:\Program Files\rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
[C:\Program Files\rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 224][E:\Program Files\Nokia PC Suite 6\LaunchApplication.exe] <Nokia><6, 50, 14, 6>
[C:\WINDOWS\System32\ConnAPI.DLL] <Nokia.><6, 50, 12, 4>
[E:\Program Files\Nokia PC Suite 6\PCSCM.dll] <Nokia><6, 50, 36, 2>
[C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll] <Nokia><6, 50, 7, 0>
[E:\Program Files\Nokia PC Suite 6\Lang\LaunchApplication_chi-sc.NLR] <><6, 50, 11, 0>
[PID: 156][C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe] <Nokia Mobile Phones Ltd.><6, 50, 101, 3>
[C:\Program Files\Common Files\PCSuite\DataLayer\Lang\DataLayer_chi-sc.nlr] <Nokia><6, 50, 8, 0>
[PID: 160][C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE] <Nokia.><6, 50, 28, 2>
[C:\WINDOWS\System32\NclTools.dll] <Nokia.><6, 50, 9, 1>
[C:\Program Files\Common Files\PCSuite\Transports\NCLIrDAMM.dll] <Nokia Corp.><6, 50, 13, 0>
[C:\Program Files\Common Files\PCSuite\Transports\NCLRSMM.dll] <Nokia><6, 50, 21, 1>
[C:\Program Files\Common Files\PCSuite\Transports\NCLUSBMM.dll] <Nokia><6, 50, 23, 1>
[PID: 408][E:\PROGRA~1\WINPENJR\Win32\pphidpad.exe] <N/A><N/A>
[PID: 460][C:\WINDOWS\FixCamera.exe] <><1, 0, 0, 3>
[PID: 476][C:\WINDOWS\tsnpstd3.exe] <><1, 1, 3, 1>
[PID: 584][C:\WINDOWS\vsnpstd3.exe] <><1, 0, 2, 2>
[PID: 908][C:\WINDOWS\System32\ctfmon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 1684][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 1764][C:\WINDOWS\System32\nvsvc32.exe] <NVIDIA Corporation><6.14.01.4345>
[PID: 1832][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 3136][G:\备份文件\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[PID: 3216][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[C:\Program Files\rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>

瑞星卡卡安全论坛