瑞星卡卡安全论坛
xyzmg - 2006-10-7 14:14:00
引用:【westbeck的贴子】
请到www.27814939.ys168.com,点“我的软件”下载KillBox.exe
清空IE临时文件夹
ALT+CTRL+DELETE调出任务管理器,终止1.exe
运行(双击)System Repair Engineer,点“启动项目,服务,点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务onServer / nServer选择“删除服务”点“设置”选择“否”
运行System Repair Engineer,使用“启动项目,注册表”来删除以下选项
<wdfmgr32><C:\WINDOWS\system32\wdfmgr32.exe>
<RavUpes><C:\WINDOWS\system32\agetltfes.exe>
<{25E1EECB-E580-4032-97A2-A456D33820D1}><C:\Program Files\Outlook Express\mqq.dll>
<{8A238B14-A6FF-11E0-9A84-00C04FD8DBD8}><C:\WINDOWS\system32\sysldr.dll>
双击打开KillBox.exe,分别删除
C:\WINDOWS\system32\wdfmgr32.exe
C:\WINDOWS\system32\agetltfes.exe
C:\Program Files\Outlook Express\mqq.dll
C:\WINDOWS\system32\sysldr.dll
C:\WINDOWS\system32\dumpres.dll
C:\WINDOWS\system.dll
C:\WINDOWS\system32\1.exe
C:\Program Files\Common Files\Microsoft Shared\MSInfo\MSINFO16.DLL
(删除时勾选“删除前先结束Explorer.EXE进程”)
注:后缀为.dll的文件如果无法删除,请勾选"反注册""再删除
………………
再到网上搜寻下载“System Repair Engineer”,
运行(双击)System Repair Engineer,点“启动项目,服务,点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务onServer / nServer选择“删除服务”点“设置”选择“否”
运行System Repair Engineer,使用“启动项目,注册表”来删除以下选项
<wdfmgr32><C:\WINDOWS\system32\wdfmgr32.exe>
<RavUpes><C:\WINDOWS\system32\agetltfes.exe>
<{25E1EECB-E580-4032-97A2-A456D33820D1}><C:\Program Files\Outlook Express\mqq.dll>
<{8A238B14-A6FF-11E0-9A84-00C04FD8DBD8}><C:\WINDOWS\system32\sysldr.dll>
xyzmg - 2006-10-7 14:23:00
以上是杀毒的具体操作方法,这是“westbeck”要求网友扫描日志后,针对某网友的日志提出的杀毒方法,不同的网友,日志文件可能略有不同,有些需删除的项目我的电脑中就没有,但我按该方法,已经把怎么都杀不掉的QQPass给杀干净了。
如此妙法不敢独享,赶紧贴出来,大家参考。
再次谢谢westbeck!!!
xyzmg - 2006-10-7 14:32:00
不过我还有一个问题:
杀干净病毒后,我的瑞星所有监控都被禁用了。卸载瑞星,再下载安装最新版瑞星18.47.40,重新启动,瑞星那把伞打开了(监控开启)。心中狂喜,但一启动ADSL拨号程序,瑞星的那把伞立马收了起来,再怎样都打不开了。呜呜呜呜...............
如果westbeck或是其他高手看到了,请帮帮我。
谢谢!
战神︻┻┳═一 - 2006-10-7 14:42:00
重新提下网卡/以前的搞掉
xyzmg - 2006-10-7 20:01:00
敬爱的“战神︻┻┳═一 ”,“重新提下网卡/以前的搞掉”是什么意思?请不吝赐教。
westbeck - 2006-10-7 20:11:00
请你扫个日志上来
执著于此 - 2006-10-25 14:38:00
我也中了同样的病毒,也是监控打不开了
日志如下:
2006-10-25,13:55:51
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Corporation]
<EXPLORER.EXE><EXPLORER.EXE> [Microsoft Corporation]
<wsctf.exe><wsctf.exe> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<HControl><C:\WINDOWS\ATK0100\HControl.exe> [(Verified)]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Intel Corporation]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Intel Corporation]
<Persistence><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Intel Corporation]
<SoundMan><SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp.]
<AlcWzrd><ALCWZRD.EXE> [(Verified)RealTek Semicoductor Corp.]
<Alcmtr><ALCMTR.EXE> [(Verified)Realtek Semiconductor Corp.]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<SoundMam><C:\WINDOWS\system32\SVOHOST.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><EXPLORER.EXE> [Microsoft Corporation]
<Userinit><userinit.exe,EXPLORER.EXE> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><TopThemesLogonUI.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<webwork><C:\WINDOWS\webwork\webwork.dll> [MSWebwork Cop.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
<WinlogonNotify: IntelWireless><C:\Program Files\Intel\Wireless\Bin\LgNotify.dll> [Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<ASUS Live Update><; C:\Program Files\ASUS\ASUS Live Update\ALU.exe> [N/A]
<EOUApp><; C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe> [Intel Corporation]
<IntelWireless><; C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless> [Intel Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<Power_Gear><; C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1> [N/A]
<RemoteControl><; "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"> [Cyberlink Corp.]
<SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Synaptics, Inc.]
<SynTPLpr><; C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Synaptics, Inc.]
执著于此 - 2006-10-25 15:07:00
(接上日志)
=================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\feifei\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>
[瑞星监控中心]
<C:\Documents and Settings\feifei\「开始」菜单\程序\启动\瑞星监控中心.lnk --> C:\PROGRA~1\Rising\Rav\RavMon.exe [Beijing Rising Technology Co., Ltd.]><N>
==================================
服务
[Application Management / AppMgmt]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[EvtEng / EvtEng]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[JMediaService / JMediaService]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><Microsoft Corporation>
[OwnershipProtocol / OwnershipProtocol]
<C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe><Intel Corporation>
[RegSrvc / RegSrvc]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Spectrum24 Event Monitor / S24EventMonitor]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Servicel / Servicel]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\jetspeed.dll><>
[Standard Update Net Service / stdupnet]
<C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\stdupnet.dll,Service -s><Microsoft Corporation>
执著于此 - 2006-10-25 15:08:00
(接上日志)
驱动程序
[AEGIS Protocol (IEEE 802.1x) v3.1.6.0 / AegisP]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Albus / Albus]
<\SystemRoot\system32\drivers\Albus.SYS><N/A>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[gwiopm / gwiopm]
<\??\C:\Program Files\Wom\gwiopm.sys><N/A>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HSFHWAZL / HSFHWAZL]
<system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
<system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ialm / ialm]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[Intel Wireless Connection Agent Miniport for Win XP / IWCA]
<system32\DRIVERS\iwca.sys><Intel Corporation>
[mdmxsdk / mdmxsdk]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[ATK0100 ACPI UTILITY / MTsensor]
<system32\DRIVERS\ATKACPI.sys><>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rimsptsk / rimsptsk]
<\SystemRoot\system32\DRIVERS\rimsptsk.sys><REDC>
[risdptsk / risdptsk]
<\SystemRoot\system32\DRIVERS\risdptsk.sys><REDC>
[RsFwDrv / RsFwDrv]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp]
<system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[WLAN Transport / s24trans]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[Synaptics TouchPad Driver / SynTP]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
执著于此 - 2006-10-25 15:11:00
正在运行的进程
[PID: 792][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Intel\Wireless\Bin\LgNotify.dll] [Intel Corporation, 9, 0, 1, 0]
[PID: 944][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 956][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1096][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1144][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1180][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\jetspeed.dll] [, 1, 0, 0, 1]
[PID: 1216][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 9, 0, 1, 12]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[PID: 1272][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 9, 0, 1, 41]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 1348][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1520][C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe] [Intel Corporation, 9, 0, 1, 51]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 1, 45]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 1, 56]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 1, 7]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 1, 31]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 1, 31]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 1, 1]
[C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll] [Intel Corporation, 9, 0, 1, 51]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, N/A]
[PID: 1600][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1644][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\WINDOWS\webwork\webwork.nls] [MSWebwork Cop., 1, 0, 0, 1]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] [, 1, 2, 0, 6]
[C:\PROGRA~1\MMSASS~1\albus.dll] [Albus, 1, 0, 0, 2]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4332]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4332]
[PID: 1656][c:\program files\rising\rfw\rfwproxy.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 7]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 11]
[c:\program files\rising\rfw\MonMid.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 2]
[PID: 1928][c:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 29]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 11]
[c:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
[c:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 19]
[c:\program files\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[c:\program files\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[PID: 324][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 504][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\MMSASS~1\MMSSVER.DLL] [, 1, 2, 0, 6]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 536][C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe] [Intel Corporation, 9, 0, 1, 3]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, N/A]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[PID: 560][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 9, 0, 1, 10]
[PID: 640][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\stdupnet.dll] [ , 4, 1, 0, 3]
[C:\WINDOWS\system32\albus.dll] [Albus, 1, 0, 0, 3]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\WINDOWS\system32\stdvote.dll] [ , 1, 0, 0, 5]
[PID: 1748][C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe] [Intel, 9, 0, 1, 35]
[C:\PROGRA~1\Intel\Wireless\Bin\IntelAE5.dll] [Meetinghouse Data Communications, 3, 0, 0, 44]
[C:\PROGRA~1\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\PROGRA~1\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, N/A]
[PID: 192][C:\WINDOWS\ATK0100\HControl.exe] [, 1043, 2, 15, 48]
[C:\WINDOWS\ATK0100\CMSSC.dll] [N/A, N/A]
[C:\WINDOWS\ATK0100\inter_f2.dll] [ATK, 1043, 2, 15, 46]
[C:\WINDOWS\ATK0100\ATKWLIOC.DLL] [ACTIONTEC Electronics,Inc, 2.01.02]
[C:\WINDOWS\ATK0100\SiSPkt.dll] [Silicon Integrated Systems Corp., 1, 0, 0, 45]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 1, 56]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 1, 7]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 1, 31]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 1, 31]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 1, 1]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, N/A]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.12.9 19Nov04]
执著于此 - 2006-10-25 15:12:00
正在运行的进程
[PID: 792][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Intel\Wireless\Bin\LgNotify.dll] [Intel Corporation, 9, 0, 1, 0]
[PID: 944][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 956][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1096][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1144][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1180][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\jetspeed.dll] [, 1, 0, 0, 1]
[PID: 1216][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 9, 0, 1, 12]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[PID: 1272][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 9, 0, 1, 41]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 1348][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1520][C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe] [Intel Corporation, 9, 0, 1, 51]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 1, 45]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 1, 56]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 1, 7]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 1, 31]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 1, 31]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 1, 1]
[C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll] [Intel Corporation, 9, 0, 1, 51]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, N/A]
[PID: 1600][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1644][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\WINDOWS\webwork\webwork.nls] [MSWebwork Cop., 1, 0, 0, 1]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] [, 1, 2, 0, 6]
[C:\PROGRA~1\MMSASS~1\albus.dll] [Albus, 1, 0, 0, 2]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4332]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4332]
[PID: 1656][c:\program files\rising\rfw\rfwproxy.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 7]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 11]
[c:\program files\rising\rfw\MonMid.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 2]
[PID: 1928][c:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 29]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 11]
[c:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
[c:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 19]
[c:\program files\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[c:\program files\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[PID: 324][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 504][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\MMSASS~1\MMSSVER.DLL] [, 1, 2, 0, 6]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 536][C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe] [Intel Corporation, 9, 0, 1, 3]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, N/A]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[PID: 560][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 9, 0, 1, 10]
[PID: 640][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\stdupnet.dll] [ , 4, 1, 0, 3]
[C:\WINDOWS\system32\albus.dll] [Albus, 1, 0, 0, 3]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\WINDOWS\system32\stdvote.dll] [ , 1, 0, 0, 5]
[PID: 1748][C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe] [Intel, 9, 0, 1, 35]
[C:\PROGRA~1\Intel\Wireless\Bin\IntelAE5.dll] [Meetinghouse Data Communications, 3, 0, 0, 44]
[C:\PROGRA~1\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\PROGRA~1\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, N/A]
[PID: 192][C:\WINDOWS\ATK0100\HControl.exe] [, 1043, 2, 15, 48]
[C:\WINDOWS\ATK0100\CMSSC.dll] [N/A, N/A]
[C:\WINDOWS\ATK0100\inter_f2.dll] [ATK, 1043, 2, 15, 46]
[C:\WINDOWS\ATK0100\ATKWLIOC.DLL] [ACTIONTEC Electronics,Inc, 2.01.02]
[C:\WINDOWS\ATK0100\SiSPkt.dll] [Silicon Integrated Systems Corp., 1, 0, 0, 45]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 1, 56]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 1, 7]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 14]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 1, 31]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 22]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 1, 31]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 1, 1]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, N/A]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.12.9 19Nov04]
执著于此 - 2006-10-25 15:14:00
[PID: 280][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4332]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4332]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4332]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4332]
[PID: 292][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 3.0.0.4332]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4332]
[PID: 496][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 1, 0, 0, 14]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 844][C:\WINDOWS\ALCMTR.EXE] [Realtek Semiconductor Corp., 1.6]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 820][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3208]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 1580][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 1608][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.3000]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 1564][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 2252][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 2976][C:\WINDOWS\ATK0100\ATKOSD.exe] [, 1043, 2, 15, 48]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 3368][c:\program files\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 45]
[c:\program files\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
[c:\program files\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[c:\program files\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 4052][C:\Program Files\Rising\Rav\RavMon.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 4032][C:\WINDOWS\system32\explorer.exe] [Microsoft Corporation, 6.2900.2180]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 4040][C:\WINDOWS\system32\wsctf.exe] [Microsoft Corporation, 5.2600.2180]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 2224][C:\WINDOWS\system32\taskmgr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 3352][C:\Program Files\锐捷网络\Ruijie Supplicant\8021x.exe] [锐捷网络, 2, 50, 0, 0]
[C:\WINDOWS\system32\W32N50.dll] [Printing Communications Assoc., Inc. (PCAUSA), 5.03.16.54]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 3632][C:\Program Files\Tencent\TT\TTraveler.exe] [腾讯公司, 3.1.0.259]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] [腾讯公司, 1, 1, 0, 5]
[C:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll] [, 1, 0, 0, 3]
[C:\Program Files\Tencent\TT\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[PID: 3748][C:\Program Files\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 75]
[C:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RavUI.Dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 65]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[C:\Program Files\Rising\Rav\RavUIMsg.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[PID: 2032][C:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[PID: 2880][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3422]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 3772][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\Program Files\Tencent\QQ\QQIEHelper.dll] [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] [, 1, 2, 0, 6]
[C:\PROGRA~1\MMSASS~1\albus.dll] [Albus, 1, 0, 0, 2]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_003.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[PID: 2376][C:\Program Files\Rising\Rav\RsLogVw.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\RsCommx.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\rsguilib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[PID: 1384][D:\D.工具\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
执著于此 - 2006-10-25 15:23:00
第一次发日志,也不知道发了这么多,高手们怎么看,如果发得不好多批评,以后改进
监控不开都不敢上网,但事情所逼,又不能不上,提心吊胆阿,我已经重装了一次瑞星,但监控还是红伞
执著于此 - 2006-10-25 15:25:00
我按搂主说的方法去查,但有些文件根本找不到,怎么用killbox删呢
1
© 2000 - 2026 Rising Corp. Ltd.