瑞星卡卡安全论坛
★無&詺★ - 2007-1-30 13:47:00
这些病毒怎么杀也杀不没啊! 有些还需要解压后删除!
病毒名称
RootKit.AdProt.p
Trojan.Spy.Agent.cmk
Dropper.AXT.d
Dropper.Agent.fzj
Trojan.DL.Xuhai.a
Dropper.AXT.d
Dropper.AXT.d
Trojan.Clicker.Delf.sh
RootKit.AdProt.p
Trojan.Spy.Agent.cmk
RootKit.AdProt.p
Trojan.Spy.Agent.cmk
Worm.Cnt.w
RootKit.AdProt.p
Trojan.Spy.Agent.cmk
Trojan.Spy.Neweb.h
附件:
8334142007130133814.jpg
我是来来 - 2007-1-30 13:55:00
扫个SREng2。
★無&詺★ - 2007-1-30 13:58:00
SREng2。
是什么啊? 不明白!
能不能说得通俗点?
xiaoyueIQ - 2007-1-30 14:15:00
Sreng下载地址:http://www.kztechs.com/sreng/download.html
点智能扫描
扫完后保存报告...再把报告贴上来
一次贴不完分几次进行
★無&詺★ - 2007-1-30 14:33:00
2007-01-30,14:18:12
System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<BigDogPath><C:\WINDOWS\VM_STI.EXE 新泰超级摄像头> [N/A]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\System32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><%SystemRoot%\system32\logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
★無&詺★ - 2007-1-30 14:33:00
==================================
启动文件夹
N/A
==================================
服务
[AE906EE4 / AE906EE4][Stopped/Auto Start]
<C:\WINDOWS\system32\AE906EE4.EXE -service><N/A>
[DB793B16 / DB793B16][Stopped/Auto Start]
<C:\WINDOWS\system32\DB793B16.EXE -service><N/A>
[Help and Support / helpsvc][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[KVSrvXP / KVSrvXP][Running/Auto Start]
<C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe /Service><Jiangmin Co., Ltd.>
[KVWSC / KVWSC][Running/Auto Start]
<"C:\Program Files\JiangMin\AntiVirus\KVWSC.exe"><Jiangmin Co.,Ltd>
[NVIDIA Display Driver Service / NVSvc][Stopped/Disabled]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
★無&詺★ - 2007-1-30 14:36:00
驱动程序
[2310_00 / 2310_00][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\2310_00.sys><HighPoint Technologies, Inc.>
[3WAREDRV / 3WAREDRV][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\3WAREDRV.SYS><N/A>
[3WAREGSM / 3WAREGSM][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\3waregsm.sys><N/A>
[3WDRV100 / 3WDRV100][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\3WDRV100.SYS><N/A>
[A320RAID / A320RAID][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\a320raid.sys><Adaptec, Inc.>
[AAC / AAC][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aac.sys><Adaptec, Inc.>
[AACSAS / AACSAS][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aacsas.sys><Adaptec, Inc.>
[AAR81XX / AAR81XX][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aar81xx.sys><Adaptec, Inc.>
[AARSI3X / AARSI3X][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aarsi3x.sys><Adaptec, Inc.>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[ADP94XX / ADP94XX][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\adp94xx.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\adpu160m.sys><Microsoft Corporation>
[ADPU320 / ADPU320][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\adpu320.sys><Adaptec, Inc.>
[AEC6210 / AEC6210][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aec6210.sys><ACARD Technology Corp.>
[AEC6260 / AEC6260][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aec6260.sys><ACARD Technology Corp.>
[AEC6280 / AEC6280][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aec6280.sys><ACARD Technology Corp.>
[AEC67160 / AEC67160][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aec67160.sys><ACARD Technology Corp.>
[AEC67162 / AEC67162][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aec67162.sys><ACARD Technology Corp.>
[AEC671X / AEC671X][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\AEC671X.sys><ACARD Technology Corp.>
[AEC6880 / AEC6880][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\AEC6880.sys><ACARD Technology Corp.>
[AEC6897 / AEC6897][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aec6897.sys><ACARD Technology Corp.>
[AEC68X5 / AEC68X5][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aec68x5.sys><ACARD Technology Corp.>
[aic78u2 / aic78u2][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\aic78xx.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ARCM_X86 / ARCM_X86][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\arcm_x86.sys><ARECA Technology Corporation>
[asc / asc][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\asc.sys><Advanced System Products, Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[BCHTSW32 / BCHTSW32][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\bchtsw32.sys><Broadcom Corporation>
[BsDeamon / BsDeamon][Running/System Start]
<\??\C:\PROGRA~1\JiangMin\ANTIVI~1\BsDeamon.sys><Jiangmin Co.,Ltd.>
[buslogic / buslogic][Stopped/Boot Start]
<\SystemRoot\System32\bird\buslogic.sys><Microsoft Corporation>
[CDA1000 / CDA1000][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\cda1000.sys><Adaptec, Inc.>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\System32\BIRD\cmdide.sys><CMD Technology, Inc.>
[CPQARRY2 / CPQARRY2][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\cpqarry2.sys><Compaq Computer Corporation>
[CPQCISSM / CPQCISSM][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\cpqcissm.sys><Hewlett-Packard Company>
[CSB6IDE / CSB6IDE][Running/Boot Start]
<\SystemRoot\System32\BIRD\csb6ide.sys><ServerWorks Corporation>
[dac2w2k / dac2w2k][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\dac2w2k.sys><Mylex Corporation>
[DMX3191 / DMX3191][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\DMX3191.sys><Microsoft Corporation>
[DMX3194 / DMX3194][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\dmx3194.sys><Microsoft Corporation>
[dpti2o / dpti2o][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\dpti2o.sys><Microsoft Corporation>
[DPTSCSI / DPTSCSI][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\dptscsi.sys><Distributed Processing Technology Corp.>
[eb_pws / eb_pws][Running/Boot Start]
<\SystemRoot\system32\drivers\eb_pws.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[FASTSX / FASTSX][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\fastsx.sys><Promise Technology, Inc.>
[FASTTRAK / FASTTRAK][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\fasttrak.sys><Promise Technology, Inc.>
[FASTTX2K / FASTTX2K][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\fasttx2k.sys><Promise Technology, Inc.>
[fd16_700 / fd16_700][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\fd16_700.sys><Microsoft Corporation>
[fireport / fireport][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\fireport.sys><Microsoft Corporation>
[flashpnt / flashpnt][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\flashpnt.sys><Mylex,Corp.>
[FT8300 / FT8300][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ft8300.sys><Promise Technology, Inc.>
[FTSATA2 / FTSATA2][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ftsata2.sys><N/A>
[GD31244 / GD31244][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\gd31244.sys><Intel Corporation>
[HdFw_slot / HdFw_slot][Running/Manual Start]
<\??\C:\PROGRA~1\JiangMin\KVFW\HdFw.sys><Jiangmin Co., Ltd.>
[HookCont / HookCont][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HPCISSS2 / HPCISSS2][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\hpcisss2.sys><Hewlett-Packard Company>
[HPT371 / HPT371][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\HPT371.sys><HighPoint Technologies, Inc.>
[HPT374 / HPT374][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\hpt374.sys><HighPoint Technologies, Inc.>
[HPT3XX / HPT3XX][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\hpt3xx.sys><HighPoint Technologies, Inc.>
[IASTOR / IASTOR][Running/Boot Start]
<\SystemRoot\System32\BIRD\iaStor.sys><Intel Corporation>
[IFT2000 / IFT2000][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ift2000.sys><Infortrend Technology, Inc.>
[ini910u / ini910u][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ini910u.sys><Microsoft Corporation>
[INIA100 / INIA100][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\INIA100.sys><Initio corp.>
[IPSRAIDN / IPSRAIDN][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ipsraidn.sys><IBM Corporation>
[ITERAID / ITERAID][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\iteraid.sys><Integrated Technology Express, Inc.>
★無&詺★ - 2007-1-30 14:37:00
[JiaoCap, WDM Video Capture for JiaoVideo / JiaoCap][Running/Manual Start]
<system32\DRIVERS\JiaoCap.sys><Jiao System, Ltd.>
[JiaoIO / JiaoIO][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\JiaoIO.sys><Windows (R) 2000 DDK provider>
[JRAID / JRAID][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\JRAID.SYS><JMicron Technology Corp.>
[KRegEx / KRegEx][Running/System Start]
<\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KRegEx.sys><Jiangmin Co. Ltd.>
[Jiangmin Antivirus Software / KSysCall][Running/System Start]
<\??\C:\PROGRA~1\JiangMin\common\KSysCall.sys><Jiangmin Co., Ltd.>
[KSysMon / KSysMon][Running/System Start]
<\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KSysMon.sys><Jiangmin Co. Ltd.>
[KVDP / KVDP][Running/Manual Start]
<\??\C:\Program Files\JiangMin\AntiVirus\KVDP.sys><Jiangmin Co., Ltd.>
[KVRedir / KVRedir][Running/System Start]
<\??\C:\Program Files\JiangMin\AntiVirus\KVREDIR.SYS><Jiangmin Co., Ltd.>
[M5228 / M5228][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\m5228.sys><ALi Corporation.>
[M5281 / M5281][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\m5281.sys><ALi Corporation>
[M5287 / M5287][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\m5287.sys><ULi Electronics Inc.>
[M5288 / M5288][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\m5288.sys><ULi Electronics Inc.>
[M5289 / M5289][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\m5289.sys><ULi Electronics Inc.>
[MEGAIDE / MEGAIDE][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mraid35x / mraid35x][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\mraid35x.sys><LSI Logic Corporation>
[NFRD960 / NFRD960][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\nfrd960.sys><IBM Corporation>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVATABUS / NVATABUS][Running/Boot Start]
<\SystemRoot\System32\BIRD\NVATABUS.SYS><NVIDIA Corporation>
[Service for NVIDIA(R) nForce(TM) MIDI UART / nvmpu401][Running/Manual Start]
<system32\drivers\nvmpu401.sys><NVIDIA Corporation>
[NVRAID / NVRAID][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\NVRAID.SYS><NVIDIA Corporation>
[perc2 / perc2][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\perc2.sys><Adaptec, Inc.>
[PNP649R / PNP649R][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\pnp649r.sys><CMD Technology, Inc.>
[PNP680 / PNP680][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\pnp680.sys><Silicon Image, Inc.>
[PNP680R / PNP680R][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\pnp680r.sys><Silicon Image, Inc>
[Pnpnt / Pnpnt][Stopped/Boot Start]
<\SystemRoot\System32\Drivers\pnpnt.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ql1280.sys><QLogic Corporation>
[RAIDSRC / RAIDSRC][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\raidsrc.sys><Intel/ICP>
[RR232X / RR232X][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\rr232x.sys><HighPoint Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Stopped/Disabled]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Others/Auto Start]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[S150SX8 / S150SX8][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\S150sx8.sys><Promise Technology, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SI3112 / SI3112][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\SI3112.sys><Silicon Image, Inc.>
[SI3112R / SI3112R][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\SI3112r.sys><Silicon Image, Inc>
[SI3114 / SI3114][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\SI3114.sys><Silicon Image, Inc.>
[SI3114R / SI3114R][Stopped/Boot Start]
<\SystemRoot\SYSTEM32\BIRD\SI3114R.sys><Silicon Image, Inc>
[SI3114R5 / SI3114R5][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\Si3114r5.sys><Silicon Image, Inc>
[SI3124 / SI3124][Stopped/Boot Start]
<\SystemRoot\SYSTEM32\BIRD\SI3124.sys><Silicon Image, Inc.>
[SI3124R / SI3124R][Stopped/Boot Start]
<\SystemRoot\SYSTEM32\BIRD\SI3124R.sys><Silicon Image, Inc>
[SI3124R5 / SI3124R5][Stopped/Boot Start]
<\SystemRoot\SYSTEM32\BIRD\Si3124r5.sys><Silicon Image, Inc>
[SI3132 / SI3132][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\SI3132.sys><Silicon Image, Inc.>
[SI3132R5 / SI3132R5][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\Si3132r5.sys><Silicon Image, Inc>
[SIS AGP Bus Filter / sisagp][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[SISRAID / SISRAID][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\SiSRaid.sys><Silicon Integrated Systems>
[SISRAID2 / SISRAID2][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\SiSRaid2.sys><Silicon Integrated Systems Corp>
[SISRAID4 / SISRAID4][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\SiSRaid4.sys><Silicon Integrated Systems>
[SPTRAK / SPTRAK][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\sptrak.sys><Promise Technology, Inc.>
[ST8350 / ST8350][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\st8350.sys><Promise Technology, Inc.>
[symc810 / symc810][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\symc8xx.sys><LSI Logic>
[SYMMPI / SYMMPI][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\symmpi.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\sym_u3.sys><LSI Logic>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TRM3X5 / TRM3X5][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\trm3x5.sys><Tekram Technology Co., Ltd.>
[ULSATA / ULSATA][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ulsata.sys><Promise Technology, Inc.>
[ULSATA2 / ULSATA2][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ulsata2.sys><Promise Technology, Inc.>
[ULTIMA / ULTIMA][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\Ultima.sys><Aralion INC.>
[ULTIMARX / ULTIMARX][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\UltimaRX.sys><Aralion INC.>
[ultra / ultra][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\ultra.sys><Promise Technology, Inc.>
[VIAMRAID / VIAMRAID][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\viamraid.sys><VIA Technologies inc,.ltd>
[W2KADV / W2KADV][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\w2kadv.sys><ConnectCom Solutions, Inc.>
[WD7296A / WD7296A][Stopped/Boot Start]
<\SystemRoot\System32\BIRD\wd7296a.sys><Western Digital Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[新泰超级摄像头 / ZSMC301b][Running/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>
★無&詺★ - 2007-1-30 14:37:00
浏览器加载项
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <, N/A>
[JUJU猫]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.jujumao.com, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Symantec AntiVirus scanner]
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\avsniff.dll, Symantec Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Symantec RuFSI Utility Class]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[Cpua_sd Control]
{76146408-A665-4BCD-B536-04EEAAFF2545} <C:\WINDOWS\system32\cpua_sd.ocx, ChinaPay>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <, N/A>
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
★無&詺★ - 2007-1-30 14:38:00
正在运行的进程
[PID: 432][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 588][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 796][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 868][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 884][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 960][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1040][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1060][C:\Program Files\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\Program Files\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[C:\Program Files\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[C:\Program Files\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\Program Files\Rising\Rav\HookCont.dll] [Rising, 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 38]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsVM.dll] [N/A, 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[C:\Program Files\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[C:\Program Files\Rising\Rav\ScanElf.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[PID: 1216][c:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[c:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[c:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[c:\program files\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[c:\program files\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[c:\program files\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1252][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd, 1, 0, 6, 1026]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1107]
[C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng] [N/A, N/A]
[C:\Program Files\Media Player Classic\Codecs\mmfinfo.dll] [N/A, N/A]
[C:\Program Files\Media Player Classic\Codecs\mkunicode.dll] [N/A, N/A]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.7181]
[C:\Program Files\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd, 1, 0, 6, 1201]
[C:\Program Files\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd., 7, 1, 0, 200]
★無&詺★ - 2007-1-30 14:39:00
[PID: 1536][c:\program files\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[c:\program files\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 31]
[c:\program files\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[c:\program files\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[c:\program files\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[c:\program files\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1712][C:\WINDOWS\VM_STI.EXE] [Vimicro, 4, 2, 1225, 6]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\WINDOWS\system32\VM31bPrp.Ax] [Vimicro, 1.00.01.00]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1736][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1752][C:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1760][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1768][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1968][C:\Program Files\JiangMin\AntiVirus\KVWSC.exe] [Jiangmin Co.,Ltd, 1, 0, 6, 919]
[C:\Program Files\JiangMin\Kernel\EngFace_1.dll] [Jiangmin Co., Ltd., 2, 0, 7, 119]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1107]
[PID: 2008][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2024][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 240][C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe] [Jiangmin Co., Ltd., 10, 0, 6, 1202]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1107]
[C:\Program Files\JiangMin\Kernel\Scan.dll] [Jiangmin Co., Ltd., 2.0.7.119]
[C:\Program Files\JiangMin\Kernel\EngFace_1.dll] [Jiangmin Co., Ltd., 2, 0, 7, 119]
[C:\Program Files\JiangMin\AntiVirus\SvcSafe.dll] [Jiangmin Co., Ltd., 10, 0, 6, 1113]
[C:\Program Files\JiangMin\AntiVirus\lang\SvcSafe0804.lng] [N/A, N/A]
[C:\Program Files\JiangMin\AntiVirus\FileGuard.dll] [Jiangmin Co., Ltd., 1, 0, 6, 803]
[C:\Program Files\JiangMin\AntiVirus\FileGuardNT.dll] [Jiangmin Co., Ltd., 10, 2, 0, 1202]
[C:\Program Files\JiangMin\KVOL\autoUpdate.dll] [Jiangmin Co.Ltd, 1, 0, 6, 1027]
[C:\Program Files\JiangMin\AntiVirus\NetGuard.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1203]
[C:\Program Files\JiangMin\AntiVirus\GuardPS.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1110]
[C:\Program Files\JiangMin\KVOL\UpdatePlugIn.dll] [Jiangmin Co., Ltd., 1, 0, 6, 831]
[PID: 2228][C:\Program Files\辽宁证券\lnzq.exe] [上海核新软件技术有限公司, 2006, 5, 15, 70]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2656][C:\Program Files\辽宁证券\LiveUpdate.exe] [上海核新软件技术有限公司, 2005, 12, 3, 0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3772][C:\Program Files\辽宁证券\xiadan.exe] [核新软件技术有限公司, 2006, 7, 24, 0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\辽宁证券\VirusScan.dll] [上海核新软件技术有限公司, 2006, 3, 8, 0]
[PID: 3800][C:\PROGRA~1\hexin\sslproxy\sslcnt.exe] [杭州核新软件技术有限公司, 1.107.2005.0425]
[C:\PROGRA~1\hexin\sslproxy\crypteng.dll] [杭州核新软件技术有限公司, 1.44.2003.0426]
[C:\PROGRA~1\hexin\sslproxy\sslproxy.dll] [杭州核新软件技术有限公司, 1.52.2002.326]
[C:\PROGRA~1\hexin\sslproxy\CAsAPI.dll] [杭州核新软件技术有限公司, 1.49.2002.422]
[C:\PROGRA~1\hexin\sslproxy\Scard.dll] [杭州核新软件技术有限公司, 1.02.2001.0529]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 300][C:\Program Files\Tencent\QQ\QQ.exe] [TENCENT, 0, 0, 0, 0]
[C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQHelperDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\BasicCtrlDll.dll] [Tencent, 5, 0, 200, 160]
[C:\Program Files\Tencent\QQ\RICHED20.dll] [Jiangmin Co Ltd, 10, 0, 0, 831]
[C:\Program Files\Tencent\QQ\QQAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Tencent\QQ\LoginCtrl.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 3, 2, 1]
[C:\Program Files\Tencent\QQ\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[C:\Program Files\Tencent\QQ\QQRes.dll] [tencent, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\WizardCtrl.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQMainFrame.dll] [N/A, N/A]
[C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx] [Macromedia, Inc., 8,0,24,0]
★無&詺★ - 2007-1-30 14:39:00
[C:\Program Files\Tencent\QQ\CQQApplication.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\NewSkin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\HostingMgr.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\CameraDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\MailSummary.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQSpace.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQGroupMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\GroupLive.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QRingMng.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\videodevice.dll] [Tencent, 1.5.0.0]
[C:\Program Files\Tencent\QQ\inplus.dll] [Tencent, 1.5.0.0]
[C:\WINDOWS\system32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[C:\Program Files\Tencent\QQ\LongConnection.dll] [tencent, 5, 0, 200, 160]
[C:\Program Files\Tencent\QQ\QQPlugin.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\ShareFiles.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQZip.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Tencent\QQ\QQAllInOne.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\SCCore.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQCustomFace.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\GroupConnection.dll] [Tencent, 5, 0, 202, 170]
[C:\Program Files\Tencent\QQ\QQSysMsgMng.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\UserDefinedHead.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\Program Files\Tencent\QQ\QQAvatar.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQPet.dll] [, 1, 0, 0, 1]
[C:\Program Files\JiangMin\AntiVirus\KVGuard.dll] [Jiangmin Co Ltd, 10, 0, 0, 831]
[C:\Program Files\JiangMin\AntiVirus\lang\KVGuard0804.lng] [JiangMin Ltd., 10, 0, 6, 812]
[C:\Program Files\JiangMin\AntiVirus\KVAddrDb.dll] [Jiangmin Co., Ltd., 10, 0, 6, 1103]
[C:\Program Files\Tencent\QQ\ImageOle.dll] [TODO: <Company name>, 1.0.0.1]
[C:\Program Files\Tencent\QQ\QQSceneMng.dll] [N/A, N/A]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\Program Files\Tencent\QQ\PhoneAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[C:\Program Files\Tencent\QQ\QQFileTransfer.dll] [Tencent, 5, 0, 202, 180]
[C:\Program Files\Tencent\QQ\BQQApplication.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[C:\Program Files\Tencent\QQ\CommercesMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 200]
[C:\Program Files\Tencent\QQ\QQPhoneHelper.dll] [腾讯科技(深圳)有限公司, 2, 1, 3, 30]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Tencent\QQ\QQMagicFace.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQGame\GameLogCore.Dll] [, 0, 10, 106, 13]
[C:\Program Files\Tencent\QQGame\Core.dll] [é??úêDìú???????ú?μí3óD?T1???, 0, 10, 0, 0]
[C:\Program Files\Tencent\QQGame\NetCenter.dll] [é??úêDìú???????ú?μí3óD?T1???, 0, 10, 0, 0]
[C:\Program Files\Tencent\QQGame\CmdCenter.dll] [深圳市腾讯计算机系统有限公司, 0, 10, 0, 0]
[C:\Program Files\Tencent\QQGame\HelpDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQGame\ResEx.dll] [深圳市腾讯计算机系统有限公司, 0, 10, 0, 0]
[C:\Program Files\Tencent\QQGame\GameLogAidMgr.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQGame\COMToolKit.dll] [, 1, 0, 0, 3]
[C:\Program Files\Tencent\QQGame\QQGameAvatar.dll] [深圳市腾讯计算机系统有限公司 Tencent Computer System Ltd., 0, 10, 0, 0]
[C:\Program Files\Tencent\QQGame\GamePublic.dll] [, 1, 0, 0, 1]
[PID: 1144][C:\Program Files\Tencent\QQ\TIMPlatform.exe] [tencent, 0, 3, 1, 8]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 3324][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3422]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3248][C:\Program Files\JiangMin\AntiVirus\FrogAgent.exe] [Jiangmin Co., Ltd., 10, 0, 6, 1106]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1107]
[C:\Program Files\JiangMin\AntiVirus\lang\FrogRes0804.lng] [N/A, 1, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3608][C:\Program Files\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[C:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RavUI.Dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RavQu.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[PID: 3512][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd, 1, 0, 6, 1026]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1107]
[C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng] [N/A, N/A]
[C:\Program Files\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd, 1, 0, 6, 1201]
[C:\Program Files\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd., 7, 1, 0, 200]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx] [Macromedia, Inc., 8,0,24,0]
[C:\Program Files\Media Player Classic\Codecs\mmfinfo.dll] [N/A, N/A]
[C:\Program Files\Media Player Classic\Codecs\mkunicode.dll] [N/A, N/A]
[C:\WINDOWS\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[PID: 2208][C:\Program Files\XnView\xnview.exe] [XnView, http://www.xnview.com, 1.82 RC2 (unstable)]
[C:\Program Files\XnView\language\xnviewzh.dll] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2744][C:\Program Files\Rising\Rav\RsLogVw.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\RsCommx.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\rsguilib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[PID: 2612][C:\Documents and Settings\Administrator\桌面\sreng2\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
API HOOK
N/A
我是来来 - 2007-1-30 14:48:00
估计是上QQ中毒了
xiaoyueIQ - 2007-1-30 15:09:00
你用的到底是江民还是瑞星啊...
QQ卸了重装
★無&詺★ - 2007-1-30 15:12:00
讲民 瑞星 全装上了!
但都不好用!
QQ? 好吧 重装一下
xiaoyueIQ - 2007-1-30 15:13:00
你最好选择一个
有的时候是杀软在做的怪
★無&詺★ - 2007-1-30 15:20:00
我开始一直用瑞星!但这个问题处理不了!就又装了江民,昨天才装的,江民杀了些病毒,但还不好用!
一点左右 - 2007-1-30 15:34:00
看 晕 了~~~
★無&詺★ - 2007-1-30 15:42:00
看晕了?这事没让你贪上!!你贪上会更晕!
QQ重新装了 先试试看什么样子
能是QQ的问题吗?
远古飞鹰 - 2007-1-30 15:55:00
江民和瑞星可以同时装啊,不起冲突么?
桃子CiCi - 2007-1-30 16:40:00
| 引用: |
【★無&詺★的贴子】讲民 瑞星 全装上了!
但都不好用!
QQ? 好吧 重装一下
……………… |
晕
只装一个吧
lsogdu - 2007-1-30 16:43:00
同情你,这个问题我也很困扰.......
★無&詺★ - 2007-1-30 17:34:00
QQ重新装过了!还是不行!
重新启动以后又出来这么个玩意了!
病毒名称:RootKit.AdProt.p
文件路径: C:\WINDOWS\system32\drivers\eb_pws.sys
★無&詺★ - 2007-1-30 19:13:00
每次重新启动 回来都有病毒查杀出来
是怎么回事?
RootKit.AdProt.p
Trojan.Spy.Agent.cmk
soood - 2007-1-30 19:38:00
还原系统吧
独孤剑客 - 2007-1-31 9:25:00
服务
[AE906EE4 / AE906EE4][Stopped/Auto Start]
<C:\WINDOWS\system32\AE906EE4.EXE -service><N/A>
[DB793B16 / DB793B16][Stopped/Auto Start]
<C:\WINDOWS\system32\DB793B16.EXE -service><N/A>
万恶我为首 - 2007-1-31 9:37:00
【回复“★無&詺★”的帖子】
“广告Rootkit(Rootkit.AD***)”病毒
警惕程度★★★☆通过恶意网站传播
依赖系统:WIN9X/NT/2000/XP。
该病毒运行后,会在系统目录下生成名为****.sys的文件(一般在windows/system32/drivers下。因为现在这个病毒已有不少变种,所以文件名可能会各不相同),并创建名为pe386的系统服务以实现随系统启动自动运行。该病毒会自动将用户的IE浏览器主页锁定为一个名为“piaoxue(飘雪)上网导航”的网站,以提高该恶意网站的访问量。病毒采用Rootkit技术,隐藏自身文件和注册表信息,使它很难被一般用户发现和清除。
你可以用这个软件来处理试试:
按上文提供的文件名称搜索你的系统盘,搜索时注意选中“更多高级选项下的搜索隐藏的文件和文件夹”,将搜索到结果里提供的路径记下来
1.下载一个软件:冰刃(http://www.ttian.net/website/2005/0829/391.html)
这是一个绿色软件,下载解压缩后即可使用。
然后重启机器到安全模式下
2.在冰刃左侧的栏里通过“文件”直接定位到这个文件所在的文件夹下,找到这个文件
3.通过按钮“创建时间”对这个文件夹下的文件进行排序,仔细查看与这个文件在创建时间是同一天的所有文件(但是不是都是与它一样是病毒文件,需要你判断)。右击它们一一删除。
用同样的方法对System32这个文件夹进行下排查
4.在这个软件的界面里直接搜索注册表里这个文件的键值,删除搜索到的。
5.重启电脑,这个东西应该清除干净了。
万恶我为首 - 2007-1-31 9:38:00
这么多毒不一个一个给你说了
你去下个木马杀客2007的包你搞定
不行找我,哪有那么多毒?
我放火墙都不开,监控也不开都没事
kandtom - 2007-1-31 9:55:00
asdnbkjasfsd fjkdshfjdgdfgdkfvn
Jummmiy - 2007-1-31 9:56:00
好多 啊 这怎么看啊
1
© 2000 - 2026 Rising Corp. Ltd.