【求助】如何删除RootKit.Agent.pg病毒 bbs.ikaka.com

amanda0919 - 2007-1-25 20:09:00

[CODE]

2007-01-25,19:30:54

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<igfxtray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Intel Corporation]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Synaptics, Inc.]
<RavTask><"D:\瑞星2006\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<runeip><D:\瑞星2006\Rising\卡卡助手\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"D:\瑞星2006\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
<WinlogonNotify: IntelWireless><C:\Program Files\Intel\Wireless\Bin\LgNotify.dll> [Intel Corporation]

amanda0919 - 2007-1-25 20:16:00

==================================
启动文件夹
N/A

==================================
服务
[Security Machine Manager / BRGNS][Stopped/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\MBZBX.DLL,Export 1087><N/A>
[Volume Optimization / ClipArt][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\lcmtz.dll><Microsoft Corporation>
[EvtEng / EvtEng][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NICCONFIGSVC / NICCONFIGSVC][Running/Auto Start]
<C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe><Dell Inc.>
[RegSrvc / RegSrvc][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<d:\瑞星2006\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<d:\瑞星2006\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"D:\瑞星2006\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"D:\瑞星2006\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[WLANKEEPER / WLANKEEPER][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe><Intel? Corporation>
[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>

==================================
驱动程序
[AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[APPDRV / APPDRV][Running/System Start]
<\SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS><Dell Inc>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Stopped/Manual Start]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\D:\瑞星2006\Rising\Rav\ExpScan.sys><>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
<\??\D:\瑞星2006\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\D:\瑞星2006\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\D:\瑞星2006\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\D:\瑞星2006\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
<system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Stopped/Manual Start]
<system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel Wireless Connection Agent Miniport for Win XP / IWCA][Running/Manual Start]
<system32\DRIVERS\iwca.sys><Intel Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\D:\瑞星2006\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
<\??\d:\瑞星2006\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\D:\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[ocpm / ocpmx][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ocpmx.sys><N/A>
[OMCI / OMCI][Running/System Start]
<\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS><Dell Computer Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\D:\瑞星2006\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\D:\瑞星2006\Rising\Rav\RSPPSYS.sys><Rising>
[WLAN 传输 / s24trans][Running/Auto Start]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\sthda.sys><SigmaTel, Inc.>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[CHINA USB MODEM Composite Device driver (WDM) / td_cbus][Running/Manual Start]
<system32\DRIVERS\td_cbus.sys><MCCI>
[CHINA USB MODEM Filter / td_cmdfl][Running/Manual Start]
<system32\DRIVERS\td_cmdfl.sys><MCCI>
[CHINA USB MODEM Drivers / td_cmdm][Running/Manual Start]
<system32\DRIVERS\td_cmdm.sys><MCCI>
[CHINA USB MODEM Diagnostic Serial Port (WDM) / td_cserd][Running/Manual Start]
<system32\DRIVERS\td_cserd.sys><MCCI>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
<system32\drivers\UIUSys.sys><N/A>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Stopped/Manual Start]
<system32\DRIVERS\w29n51.sys><Intel? Corporation>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
<system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
<system32\DRIVERS\wudfrd.sys><Microsoft Corporation>

amanda0919 - 2007-1-25 20:17:00

==================================
浏览器加载项
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\讯雷\Thunder.exe, Thunder Networking Technologies,LTD>
[豪杰超级解霸9]
{367E0A21-8601-4986-9C9A-153BF5ACA118} <D:\豪杰超级解霸9\STHSDVD.EXE, herosoft>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\QQ2006\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? <D:\QQ2006\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683}? <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Java Plug-in 1.4.2_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[Java Plug-in 1.4.2_03]
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} <C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[实用搜索工具条2.0]
{03465FF5-00AE-411A-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\QQ2006\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\讯雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Java Plug-in 1.4.2_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[&使用迅雷下载]
<D:\讯雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<D:\讯雷\Program\GetAllUrl.htm, N/A>
[Google 搜索(&G)]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
<D:\QQ2006\AddToNetDisk.htm, N/A>
[使用超级解霸播放]
<D:\豪杰超级解霸9\MPURLGET.HTM, N/A>
[添加到QQ自定义面板]
<D:\QQ2006\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\QQ2006\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<D:\QQ2006\SendMMS.htm, N/A>
[翻译英文字词(&T)]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html, N/A>

amanda0919 - 2007-1-25 20:36:00

==================================
正在运行的进程
[PID: 376][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 440][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 464][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Intel\Wireless\Bin\LgNotify.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4410]
[PID: 508][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 664][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 744][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780][D:\瑞星2006\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 800][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 832][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 2, 11]
[PID: 928][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 2, 11]
[PID: 972][C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe] [Intel? Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, N/A]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 2, 11]
[PID: 1028][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1060][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1076][D:\瑞星2006\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
[D:\瑞星2006\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\瑞星2006\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\瑞星2006\Rising\Rav\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[D:\瑞星2006\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\瑞星2006\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\瑞星2006\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[D:\瑞星2006\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[D:\瑞星2006\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[D:\瑞星2006\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[D:\瑞星2006\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\瑞星2006\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[D:\瑞星2006\Rising\Rav\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[D:\瑞星2006\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[D:\瑞星2006\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[D:\瑞星2006\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[D:\瑞星2006\Rising\Rav\HookCont.dll] [Rising, 19, 0, 0, 0]
[D:\瑞星2006\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[D:\瑞星2006\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
[D:\瑞星2006\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
[D:\瑞星2006\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[D:\瑞星2006\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[D:\瑞星2006\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[D:\瑞星2006\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[D:\瑞星2006\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[D:\瑞星2006\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[D:\瑞星2006\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[D:\瑞星2006\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[D:\瑞星2006\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[D:\瑞星2006\Rising\Rav\RsVM.dll] [N/A, 19, 0, 0, 15]
[D:\瑞星2006\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
[D:\瑞星2006\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[D:\瑞星2006\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[PID: 1172][d:\瑞星2006\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
[d:\瑞星2006\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[d:\瑞星2006\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[d:\瑞星2006\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[d:\瑞星2006\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[d:\瑞星2006\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[d:\瑞星2006\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1292][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1448][D:\瑞星2006\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
[D:\瑞星2006\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\瑞星2006\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1548][C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, N/A]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 2, 11]
[C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll] [Intel Corporation, 9, 0, 2, 11]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1724][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\WINDOWS\system32\wbpox.dll] [N/A, N/A]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[D:\讯雷\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[C:\WINDOWS\system32\WNWBIO.IME] [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4410]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4410]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4410]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4410]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4410]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]

amanda0919 - 2007-1-25 20:39:00

[PID: 1788][d:\瑞星2006\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[d:\瑞星2006\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 31]
[d:\瑞星2006\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[d:\瑞星2006\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[d:\瑞星2006\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[d:\瑞星2006\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1952][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 8.2.4.6 08Mar06]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 8.2.4.6 08Mar06]
[C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 8.2.4.6 08Mar06]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1996][D:\瑞星2006\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\瑞星2006\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\瑞星2006\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2036][D:\瑞星2006\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[D:\瑞星2006\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[D:\瑞星2006\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\瑞星2006\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\瑞星2006\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\瑞星2006\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 132][D:\瑞星2006\Rising\卡卡助手\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 4]
[D:\瑞星2006\Rising\卡卡助手\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 224][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3427]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 260][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 484][D:\瑞星2006\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[D:\瑞星2006\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 624][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3424]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1116][C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe] [Dell Inc., 7, 0, 7, 0]
[PID: 948][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 9, 0, 2, 11]
[PID: 2332][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2412][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3044][D:\国泰君安\国泰君安大智慧\internet\hypwise.exe] [N/A, N/A]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3064][D:\国泰君安\国泰君安大智慧\internet\hypmain.exe] [GreatWise, 5.4.5.3002]
[D:\国泰君安\国泰君安大智慧\internet\borlndmm.dll] [Inprise Corporation, 5.0.6.18]
[D:\国泰君安\国泰君安大智慧\internet\tcpip.dll] [, 1, 0, 0, 1]
[D:\国泰君安\国泰君安大智慧\wt\gtja\fy\bin\flyingfish.dll] [N/A, N/A]
[D:\国泰君安\国泰君安大智慧\internet\investdll.dll] [, 1, 0, 0, 3]
[D:\国泰君安\国泰君安大智慧\internet\wgdll.dll] [N/A, N/A]
[D:\国泰君安\国泰君安大智慧\internet\zlib.dll] [N/A, N/A]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3616][d:\瑞星2006\rising\rfw\RfwCfg.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 1, 41]
[d:\瑞星2006\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 31]
[d:\瑞星2006\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[d:\瑞星2006\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[d:\瑞星2006\rising\rfw\ProxyCtr.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[d:\瑞星2006\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[d:\瑞星2006\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[d:\瑞星2006\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1732][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[c:\program files\google\googletoolbar1.dll] [Google Inc., 3, 0, 131, 0]
[C:\Program Files\superutilbar\superutilbar.dll] [www.shiyongsousuo.com, 2, 1, 8, 24]
[C:\WINDOWS\system32\KakaTool.dll] [Beijing Rising Technology Co., Ltd., 2, 0, 2, 6]
[D:\QQ2006\QQIEHelper.dll] [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
[D:\讯雷\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[PID: 3272][D:\QQ2006\QQ.exe] [TENCENT, 0, 0, 0, 0]
[D:\QQ2006\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[D:\QQ2006\QQHelperDll.dll] [, 1, 0, 0, 1]
[D:\QQ2006\BasicCtrlDll.dll] [Tencent, 5, 0, 200, 370]
[D:\QQ2006\QQAPI.dll] [, 1, 0, 0, 1]
[D:\QQ2006\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[D:\QQ2006\LoginCtrl.dll] [, 1, 0, 0, 1]
[D:\QQ2006\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 6, 27, 1]
[D:\QQ2006\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[D:\QQ2006\QQRes.dll] [tencent, 1, 0, 0, 1]
[D:\QQ2006\QQMainFrame.dll] [N/A, N/A]
[D:\QQ2006\CQQApplication.dll] [N/A, N/A]
[D:\QQ2006\NewSkin.dll] [, 1, 0, 0, 1]
[D:\QQ2006\HostingMgr.dll] [, 1, 0, 0, 1]
[D:\QQ2006\CameraDll.dll] [, 1, 0, 0, 1]
[D:\QQ2006\MailSummary.dll] [, 1, 0, 0, 1]
[D:\QQ2006\QQSpace.dll] [, 1, 0, 0, 1]
[D:\QQ2006\QQAllInOne.dll] [N/A, N/A]
[D:\QQ2006\GroupLive.dll] [N/A, N/A]
[D:\QQ2006\SCCore.dll] [TENCENT, 2, 0, 0, 1]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[D:\QQ2006\QQGroupMng.dll] [, 1, 0, 0, 1]
[D:\QQ2006\UserDefinedHead.dll] [, 1, 0, 0, 1]
[D:\QQ2006\QQPlugin.dll] [N/A, N/A]
[D:\QQ2006\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[D:\QQ2006\QQSysMsgMng.dll] [N/A, N/A]
[D:\QQ2006\QRingMng.dll] [N/A, N/A]
[D:\QQ2006\PhoneAPI.dll] [, 1, 0, 0, 1]
[D:\QQ2006\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[D:\QQ2006\VPortal.dll] [, 1, 0, 0, 4]
[D:\QQ2006\QQAvatar.dll] [N/A, N/A]
[D:\QQ2006\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[D:\QQ2006\LongConnection.dll] [tencent, 5, 0, 200, 160]
[D:\QQ2006\QQPet.dll] [, 1, 0, 0, 1]
[D:\QQ2006\BQQApplication.dll] [N/A, N/A]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\QQ2006\CommercesMng.dll] [, 1, 0, 0, 1]
[D:\QQ2006\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[D:\QQ2006\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
[D:\QQ2006\QQSceneMng.dll] [N/A, N/A]
[D:\QQ2006\QQPhoneHelper.dll] [腾讯科技（深圳）有限公司, 2, 1, 3, 30]

amanda0919 - 2007-1-25 20:40:00

[PID: 3376][D:\QQ2006\TIMPlatform.exe] [tencent, 0, 3, 1, 8]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[D:\QQ2006\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 1000][C:\WINDOWS\regedit.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3432][D:\瑞星2006\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[D:\瑞星2006\Rising\Rav\PlugIn\RsPgScan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\瑞星2006\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\瑞星2006\Rising\Rav\RavUI.Dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[D:\瑞星2006\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[D:\瑞星2006\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[D:\瑞星2006\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[D:\瑞星2006\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\瑞星2006\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\RavQu.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\瑞星2006\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[D:\瑞星2006\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[PID: 3356][D:\讯雷\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.4.0.226]
[D:\讯雷\Program\UpdateDownload.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
[D:\讯雷\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 0, 0, 1]
[D:\讯雷\Program\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[D:\讯雷\Program\log4cplus.dll] [, 1, 0, 2, 1]
[D:\讯雷\Program\asyn_dns.dll] [N/A, N/A]
[D:\讯雷\Program\msgmanage.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
[D:\讯雷\Program\historyinfo_manage.dll] [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
[D:\讯雷\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 1, 0, 18]
[D:\讯雷\Program\FloatBar.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
[D:\讯雷\Components\InMedia\iEmbedShell.dll] [　, 1, 0, 0, 11]
[D:\讯雷\Components\InMedia\iEmbed04.dll] [　, 2, 3, 0, 37]
[D:\讯雷\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 10]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\讯雷\Program\iTargetAd.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 59]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[D:\瑞星2006\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3764][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[c:\program files\google\googletoolbar1.dll] [Google Inc., 3, 0, 131, 0]
[C:\Program Files\superutilbar\superutilbar.dll] [www.shiyongsousuo.com, 2, 1, 8, 24]
[C:\WINDOWS\system32\KakaTool.dll] [Beijing Rising Technology Co., Ltd., 2, 0, 2, 6]
[D:\QQ2006\QQIEHelper.dll] [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
[D:\讯雷\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[D:\瑞星2006\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[PID: 3500][C:\Program Files\WinRAR\WinRAR.exe] [N/A, N/A]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3520][D:\sreng\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[D:\瑞星2006\Rising\卡卡助手\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[D:\sreng\Plugins\SRECXTMG.SRE] [Smallfrogs Studio, 1, 5, 0, 55]

amanda0919 - 2007-1-25 20:41:00

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[E:\]
[autorun]
Shellexecute=copy.exe

==================================
HOSTS 文件
127.0.0.1 www.qq3344.com
127.0.0.1 www.dj3344.com
127.0.0.1 www.yysky.net
127.0.0.1 www.qq168.net
127.0.0.1 www.777888.com
127.0.0.1 www.5dsoft.com
127.0.0.1 www.wokoo.net
127.0.0.1 www.coolcdrom.com
127.0.0.1 www.mtv51.com
127.0.0.1 www.yibinren.com
127.0.0.1 yeapple.com
127.0.0.1 movie.sx.zj.cn
127.0.0.1 www.cctv8.net
127.0.0.1 www.kuliao.com
127.0.0.1 www.yyqy.com
127.0.0.1 www.sunvod.com
127.0.0.1 www.t168.com
127.0.0.1 www.boliwo.com
127.0.0.1 www.zhengdian.com
127.0.0.1 girlchinese.com
127.0.0.1 www.37021.com
127.0.0.1 www.cnqb.net
127.0.0.1 www.58589.com
127.0.0.1 www.pixpox.com
127.0.0.1 www.k163.com
127.0.0.1 www.pk.com
127.0.0.1 www.xxx.com
127.0.0.1 www.ehomeday.com
127.0.0.1 www.jinpin.net
127.0.0.1 www.es158.com
127.0.0.1 www.aisa-girl.net
127.0.0.1 www.boliwu.com
127.0.0.1 www.cctv1.net
127.0.0.1 www.play.cn.gs
127.0.0.1 www.nnptt.com
127.0.0.1 vod.hengshui.com
127.0.0.1 tv.megajoy.com
127.0.0.1 www.my288.com
127.0.0.1 www.youmiss.com
127.0.0.1 www.laws-online.net
127.0.0.1 www.435000.com
127.0.0.1 www.eastedu.com.cn
127.0.0.1 www.ezhgc.com
127.0.0.1 www.mmgirls.com
127.0.0.1 www.qq520.com
127.0.0.1 www.love520.net
127.0.0.1 www.hj168.net
127.0.0.1 www.wwmmww.com
127.0.0.1 www.wo265.com
127.0.0.1 www.9911.com
127.0.0.1 36920.com
127.0.0.1 www.piaoxue.com

==================================
API HOOK
N/A

==================================

[/CODE]

瑞星卡卡安全论坛