急Trojan.Spy.Agent.bat这个病毒杀力量又有 bbs.ikaka.com

阿辉侠客 - 2006-7-24 8:40:00

2006-07-24,08:26:57

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<boot-hf><c:\windows\BOOT-hf.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
<run><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [Intel Corporation]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [Intel Corporation]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<!ewido><"C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX23.656\ewido4.0\ewido anti-malware 4.0\ewido.exe" /minimized> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]

==================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\new\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[]
{CF2464EB-AE06-42A7-BFB7-A9B22344DE95} <C:\DOCUME~1\new\APPLIC~1\GIGANO~1\IE_HEL~1.DLL, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\腾讯qq\QQ.EXE, TENCENT>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[]
{01D79E50-0FA4-4E86-90FA-50C99CBB9DE3} <C:\WINDOWS\system32\Pbqq.dll, N/A>
[]
{04ADD367-27CD-4589-A41F-6142C1231CEF} <C:\WINDOWS\system32\Sjckq.dll, N/A>
[]
{1338819F-B529-421C-98E9-16FC706E1B6B} <C:\WINDOWS\system32\Rzakiv.dll, N/A>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[]
{1BE9A735-826A-4EE5-ADE2-684185104D5B} <C:\WINDOWS\system32\Ipnajz.dll, N/A>
[]
{1C3A80B1-C4BE-420D-99F0-C6A0FC8E5A4F} <C:\WINDOWS\system32\Xnvwxp.dll, N/A>
[]
{1D96925A-9A57-47F9-8455-CA2E4BB8803A} <C:\WINDOWS\system32\Lrhqrt.dll, N/A>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[]
{266E72C4-E154-4C55-8CB3-757EFED82B9F} <C:\WINDOWS\system32\Whvbb.dll, N/A>
[]
{2687387B-9312-451A-8AA1-3F42E7E5C5A5} <C:\WINDOWS\system32\Eosjwe.dll, N/A>
[]
{29275023-1B66-4146-9AF5-CAFD6EAE4B3B} <C:\WINDOWS\system32\Gopa.dll, N/A>
[]
{3F4E7016-8EFC-4AAF-9CB7-C6A04B535B04} <C:\WINDOWS\system32\Fkcwdu.dll, N/A>
[]
{4045B014-F8EA-4518-A7A8-ED101F78B186} <C:\WINDOWS\system32\Cubdy.dll, N/A>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <F:\超级兔子\MagicSet\haokanbar.dll, Xiang Feng Technology>
[]
{489EDC29-33D7-4B82-BE59-C3AFA2FBB22C} <C:\WINDOWS\system32\Efjr.dll, N/A>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[]
{5303A8BC-2C62-4908-B43F-FD4B844797F5} <C:\WINDOWS\system32\Iprspa.dll, N/A>
[]
{54E088D3-62CB-41C4-80C6-960B3DAAC4BE} <C:\WINDOWS\system32\Oyva.dll, N/A>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <F:\腾讯qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\MicrosoftNet.dll, N/A>
[]
{5A223AE7-97DD-4012-AA80-E4F287E6D9DA} <C:\WINDOWS\system32\Vqnco.dll, N/A>
[]
{5B57D1D4-4F23-4DE3-8751-726D3A3CFE8E} <C:\WINDOWS\system32\Klzmw.dll, N/A>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <F:\超级兔子\MagicSet\haokanbar.dll, Xiang Feng Technology>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <F:\迅雷\Components\InMedia\MediaAddin06.dll, Thunder Networking Technologies,LTD>
[]
{76983871-7470-48BC-90E3-9EDB2544838A} <C:\WINDOWS\system32\Hmzy.dll, N/A>
[]
{7D5A3A6D-AA39-43FF-9F5F-B8EA809887C5} <C:\WINDOWS\system32\Hzhumj.dll, N/A>
[]
{84A0993B-C81D-41CE-A2BA-4529AAFA39E3} <C:\WINDOWS\system32\Sesk.dll, N/A>
[]
{85ACA77B-4D7B-4D82-B2CA-79468AF2E46E} <C:\WINDOWS\system32\Ontq.dll, N/A>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <F:\迅雷\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[]
{89D1D4C2-1971-4399-BC80-2D4F0A439B40} <C:\WINDOWS\system32\Zjnh.dll, N/A>
[]
{8DC99FC4-4854-47BC-A5DE-4487CF5F9F80} <C:\WINDOWS\system32\Rapqh.dll, N/A>
[]
{8E1FCFBD-E454-495A-8C2A-2AE3CF1FCFAA} <C:\WINDOWS\system32\Yeskx.dll, N/A>
[]
{912D7839-B6B6-4FAE-9C25-EDBD5E8B7131} <C:\WINDOWS\system32\Polbh.dll, N/A>
[]
{914ECE1A-F28B-4D15-BB23-54F5829E2E97} <C:\WINDOWS\system32\Inwqdj.dll, N/A>
[LiveMediaOcx Control]
{9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} <F:\QQ直播\QQLive.ocx, Tencent>
[]
{972749C5-4071-4183-AFEE-D89EA104FD5E} <C:\WINDOWS\system32\Dcgn.dll, N/A>
[]
{A19094DB-A164-4C65-8338-DAE0C9685284} <C:\WINDOWS\system32\Bzgqs.dll, N/A>
[]
{A34648C8-DC4B-47FF-B7D0-D985F0009018} <C:\WINDOWS\system32\Qrcxeo.dll, N/A>
[]
{A413179E-6C67-488D-AC29-678201EFD54C} <C:\WINDOWS\system32\Eotfg.dll, N/A>
[]
{A5286475-B276-4402-B6CF-9018E73CC313} <C:\WINDOWS\system32\Fsraqv.dll, N/A>
[]
{A544A937-D4BE-4285-BD5C-8E46FB5A8621} <C:\WINDOWS\system32\Abobm.dll, N/A>
[PhotoUploadCtrl Control]
{A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <F:\腾讯qq\QZone\PHOTOU~1.OCX, tencent>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[]
{AD641CD9-6336-4697-9C9B-9F65C1DA6380} <C:\WINDOWS\system32\Skmy.dll, N/A>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[]
{B4FBCDF6-1EB6-4149-942A-26FDA8E77146} <C:\WINDOWS\system32\Vati.dll, N/A>
[]
{B729FB53-916D-4433-AA54-D67AD90DAF3D} <C:\WINDOWS\system32\Iyiuef.dll, N/A>
[]
{B992992A-6C81-428B-B475-5E45DB51C190} <C:\WINDOWS\system32\Acftm.dll, N/A>
[]
{BA49F7A1-9B30-4C63-B2D1-7B825F4FB329} <C:\WINDOWS\system32\Etxi.dll, N/A>
[]
{C53CD1C4-CE93-4BE5-A4C1-AD7C5825B989} <C:\WINDOWS\system32\Atwqo.dll, N/A>
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[]
{C836438E-1454-4E69-9F45-B582EDFB64E5} <C:\WINDOWS\system32\Ssayqw.dll, N/A>
[AUDIO__MP3 Moniker Class]

阿辉侠客 - 2006-7-24 8:43:00

{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[]
{CDE32E77-E48D-4228-8270-DE5E2F0FCB33} <C:\WINDOWS\system32\Zvifp.dll, N/A>
[]
{CEB383C8-68FB-4DDF-974F-795F4A9D2810} <C:\WINDOWS\system32\Jdeoz.dll, N/A>
[]
{CF2464EB-AE06-42A7-BFB7-A9B22344DE95} <C:\DOCUME~1\new\APPLIC~1\GIGANO~1\IE_HEL~1.DLL, N/A>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[TencentVmpCtl Class]
{D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[TaaYiinf Class]
{D9DD5AEA-5A39-15D6-A459-270D63B1CC33} <C:\WINDOWS\DOWNLO~1\ecdngsa.dll, rekrysoft>
[]
{DB9301C5-CA67-46F3-A126-892383C6F4CB} <C:\WINDOWS\system32\Tofz.dll, N/A>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[]
{E033909F-8597-4276-9C71-F3169060A00C} <C:\WINDOWS\system32\Dyzxde.dll, N/A>
[]
{E330347C-4C64-4FD9-8CBB-0B479D5CC53E} <C:\WINDOWS\system32\Hzwu.dll, N/A>
[]
{E6AA22FD-CBD6-4F4E-84CB-4BB78C430806} <C:\WINDOWS\system32\Spterl.dll, N/A>
[]
{E8658FCB-33D2-4A4B-9AA8-44355AEEB1FB} <C:\WINDOWS\system32\Uxfzkp.dll, N/A>
[]
{EA32CB14-D162-441C-AE67-C74B13623CA6} <C:\WINDOWS\system32\Wkrwvb.dll, N/A>
[]
{F0362015-1CB7-4D2A-A74F-F899B480B07A} <C:\WINDOWS\system32\Xkvu.dll, N/A>
[]
{F4DD37A7-96DB-4356-92FD-23C841CC6EE8} <C:\WINDOWS\system32\Bauq.dll, N/A>
[]
{F64A0EE7-A241-42AB-B2A5-0D1B9CF312AD} <C:\WINDOWS\system32\Nxqa.dll, N/A>
[&使用迅雷下载]
<F:\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<F:\迅雷\Program\GetAllUrl.htm, N/A>
[Google 搜索(&G)]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
<F:\腾讯qq\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
<F:\腾讯qq\AddPanel.htm, N/A>
[添加到QQ表情]
<F:\腾讯qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<F:\腾讯qq\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
<E:\BitSpirit\bsurl.htm, N/A>

==================================
正在运行的进程
[PID: 436][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 492][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 516][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 560][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 572][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 720][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 768][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 864][C:\Program Files\Rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 884][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 960][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1052][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1064][C:\Program Files\Rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 29>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
[C:\Program Files\Rising\Rav\HOOKSYS.dll] <Rising><18, 1, 0, 9>
[C:\Program Files\Rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\Rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\regmon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\HookWeb.dll] <rising><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\Rising\Rav\expscan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[C:\Program Files\Rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\Rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\Rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
[C:\Program Files\Rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
[C:\Program Files\Rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\Program Files\Rising\Rav\RsStore.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\Rav\ExtOLE.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[PID: 1228][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\igfxpph.dll] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\hccutils.DLL] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxres.dll] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxsrvc.dll] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxdev.dll] <Intel Corporation><3.0.0.3924>
[F:\迅雷\ComDlls\XunLeiBHO_001.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 1>
[C:\DOCUME~1\new\APPLIC~1\GIGANO~1\IE_HEL~1.DLL] <N/A><N/A>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1256][c:\program files\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
[c:\program files\rising\rfw\RfwRule.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
[c:\program files\rising\rfw\rfwlog.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
[c:\program files\rising\rfw\Rfwdrv.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
[c:\program files\rising\rfw\MonDrv.dll] <rs><1, 0, 0, 4>
[c:\program files\rising\rfw\ProcLib.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1416][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1512][C:\Program Files\Rising\Rav\RavStub.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1672][c:\program files\rising\rfw\RfwMain.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 51>
[c:\program files\rising\rfw\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[c:\program files\rising\rfw\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[c:\program files\rising\rfw\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 2036][C:\WINDOWS\SOUNDMAN.EXE] <Realtek Semiconductor Corp.><5.1.0.34>
[PID: 2044][C:\WINDOWS\system32\igfxtray.exe] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\hccutils.DLL] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxdev.dll] <Intel Corporation><3.0.0.3924>

阿辉侠客 - 2006-7-24 8:43:00

[C:\WINDOWS\system32\igfxsrvc.dll] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxres.dll] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxress.dll] <Intel Corporation><3.0.0.3924>
[PID: 120][C:\WINDOWS\system32\hkcmd.exe] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\hccutils.DLL] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxdev.dll] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxsrvc.dll] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxhk.dll] <Intel Corporation><3.0.0.3924>
[C:\WINDOWS\system32\igfxres.dll] <Intel Corporation><3.0.0.3924>
[PID: 156][C:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[PID: 184][C:\Program Files\Rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 30>
[C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 208][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 664][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 2088][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2520][F:\迅雷\Program\Thunder5.exe] <Thunder Networking Technologies,LTD><5.1.6.198>
[F:\迅雷\Program\UpdateDownload.dll] <Thunder Networking Technologies,LTD><1, 0, 1, 3>
[F:\迅雷\Program\download_interface.dll] <Thunder Networking Technologies,LTD><1, 0, 2, 69>
[F:\迅雷\Program\log4cplus.dll] <><1, 0, 2, 1>
[F:\迅雷\Program\stlport_vc646.dll] <STLport Consulting, Inc.><4.6.2003.1031>
[F:\迅雷\Program\asyn_dns.dll] <N/A><N/A>
[F:\迅雷\Program\msgmanage.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 15>
[F:\迅雷\Program\historyinfo_manage.dll] <Thunder Networking Technologies,LTD><5, 2, 0, 148>
[F:\迅雷\Program\RegisterDll.dll] <Thunder Networking Technologies,LTD><1, 2, 0, 7>
[F:\迅雷\Program\FloatBar.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 2>
[F:\迅雷\Plugins\TingTing\TingTing.dll] <Thunder Networking Technologies,LTD><1, 1, 1, 9>
[F:\迅雷\Components\InMedia\iEmbedShell.dll] <　><1, 0, 0, 10>
[F:\迅雷\Components\InMedia\iEmbed03.dll] <　><2, 2, 1, 33>
[F:\迅雷\Components\P4PClient\P4PClient.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 4>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[F:\迅雷\Program\iTargetAd.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 60>
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 3372][C:\Program Files\Chinanet\VnetClient.exe] <><2005, 11, 14, 1>
[C:\Program Files\Chinanet\Communicate.dll] <0><2005, 3, 3, 1>
[C:\Program Files\Chinanet\DialModule.dll] <GDCN><2005, 11, 15, 1>
[C:\PROGRA~1\Chinanet\CLIENT~1.DLL] <><2004, 2, 28, 1>
[C:\PROGRA~1\Chinanet\PLUGIN~1.OCX] <><2005, 7, 27, 1>
[C:\PROGRA~1\Chinanet\sign.dll] <0><2004, 12, 1, 1>
[C:\PROGRA~1\Chinanet\WEBPLU~1.DLL] <><2005, 8, 18, 1>
[C:\PROGRA~1\Chinanet\PostPlug.dll] <><2004, 12, 16, 2>
[C:\PROGRA~1\Chinanet\ADVERT~1.OCX] <><2005, 10, 13, 1>
[C:\PROGRA~1\Chinanet\Gif89a.dll] <><2005, 6, 21, 1>
[C:\PROGRA~1\Chinanet\VnetBs.ocx] <><2004, 11, 18, 1>
[C:\PROGRA~1\Chinanet\ACCOUN~2.DLL] <><2005, 11, 14, 1>
[C:\PROGRA~1\Chinanet\AccountMgr.dll] <><2005, 11, 14, 17>
[C:\PROGRA~1\Chinanet\VnetSkin.ocx] <GDDC><2005, 11, 14, 1>
[C:\PROGRA~1\Chinanet\DialogStyle.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\Chinanet\Timer.ocx] <><2005, 10, 9, 14>
[C:\PROGRA~1\Chinanet\PLUGIN~2.OCX] <><2005, 2, 24, 1>
[C:\PROGRA~1\Chinanet\NEWMES~1.DLL] <><2005, 8, 26, 1>
[C:\PROGRA~1\Chinanet\PassCtrl.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\Chinanet\PlugPush.dll] <><2004, 12, 21, 1>
[C:\PROGRA~1\Chinanet\ALLINT~1.DLL] <><2004, 11, 23, 1>
[C:\PROGRA~1\Chinanet\VNetLog.ocx] <><2005, 10, 9, 1>
[C:\PROGRA~1\Chinanet\StatNum.dll] <><2004, 11, 18, 1>
[C:\PROGRA~1\Chinanet\VNETON~1.OCX] <><2005, 3, 2, 1>
[C:\PROGRA~1\Chinanet\ALLFUN~1.DLL] <GDCN><2005, 10, 9, 1>
[C:\PROGRA~1\Chinanet\VnetOptLog.dll] <><2005, 9, 13, 9>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\PROGRA~1\Chinanet\DlgSkin.ocx] <><2005, 11, 14, 1>
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 3052][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[c:\program files\google\googletoolbar1.dll] <Google Inc.><3, 0, 131, 0>
[C:\WINDOWS\system32\KakaTool.dll] <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
[C:\DOCUME~1\new\APPLIC~1\GIGANO~1\IE_HEL~1.DLL] <N/A><N/A>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 880][C:\Program Files\Rising\Rav\RsAgent.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[PID: 2840][C:\WINDOWS\msagent\AgentSvr.exe] <Microsoft Corporation><2.00.0.3422>
[PID: 376][C:\Program Files\WinRAR\WinRAR.exe] <N/A><N/A>
[PID: 1128][C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.000\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. [hh.exe %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [notepad.exe %1]
.INF Error. [notepad.exe %1]
.VBS Error. [wscript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

瑞星卡卡安全论坛