瑞星卡卡安全论坛
病急1乱1投医 - 2007-2-11 19:18:00
声音被关了,瑞星也显示转入后台工作,请高手帮忙,有6.ex iexp10re.exe fff.exe ddd.exe 等可疑文件可是不知道主文件是什么所以删除了还会在来请帮忙
Logfile of HijackThis v1.99.1
Scan saved at 18:53:17, on 2007-2-11
Platform: Windows XP SP2, v.2149 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2149)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\TEMP\6.exe
C:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Rising\Rav\Rav.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O3 - Toolbar: (no name) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - (no file)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\system32\dllcache\msconfig.exe /auto
O4 - HKCU\..\Run: [lkwiy61h3] C:\WINDOWS\iexpl0re.exe
O8 - Extra context menu item: &使用BitComet下载 - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下载全部链接 - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &使用BitComet下载本页视频 - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Tencent\QQ\SendMMS.htm
O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - E:\浩方对战平台\GameClient.exe
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\WINDOWS\system32\shdocvw.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FDE611C5-4C3B-4D17-8D7D-A79C8E7C099B}: NameServer = 61.128.99.134 61.128.99.133
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: dfgdf (dfgdfg) - Unknown owner - C:\WINDOWS\ffff.exe
O23 - Service: HTTP SLLL - With Force!! - C:\WINDOWS\windowsxp.bat
O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: ar (wer) - Unknown owner - C:\WINDOWS\ddd.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe (file missing
newcenturymoon - 2007-2-11 19:26:00
扫sreng日志
下载 System Repair Engineer,
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来,不要修改
友情提示:
扫描前关闭所有手工打开的软件和窗口,扫描后将日志发上来。但请不要用附件形式贴。
注意在没有进一步提示前,勿要胡乱修复,否则系统可能变的情况更糟。
如果发现SREng.exe运行无反应或者不能运行或者扫描出错,你可以将SREng.exe重命名为SREng.com(SREng.scr\SREng.bat\SREng.pif)或者abc.exe运行.
mopery - 2007-2-11 19:30:00
先修复
R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - (no file)
O4 - HKCU\..\Run: [lkwiy61h3] C:\WINDOWS\iexpl0re.exe
删除
C:\WINDOWS\iexpl0re.exe
O23 - Service: dfgdf (dfgdfg) - Unknown owner - C:\WINDOWS\ffff.exe
O23 - Service: ar (wer) - Unknown owner - C:\WINDOWS\ddd.exe (file missing)
安全模式...打开注册表编辑器,展开:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
搜索 dfgdfg 和 wer 删除...
删除
C:\WINDOWS\ffff.exe
yanmings - 2007-2-11 19:31:00
终止进程C:\WINDOWS\TEMP\6.exe
勾选修复
R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - (no file)
O4 - HKCU\..\Run: [lkwiy61h3] C:\WINDOWS\iexpl0re.exe
终止以下服务
O23 - Service: dfgdf (dfgdfg) - Unknown owner - C:\WINDOWS\ffff.exe
O23 - Service: HTTP SLLL - With Force!! - C:\WINDOWS\windowsxp.bat
O23 - Service: ar (wer) - Unknown owner - C:\WINDOWS\ddd.exe (file missing)
删除相关文件
然后下载SRENG2.3扫日志发上来
病急1乱1投医 - 2007-2-11 19:38:00
[CODE]
2007-02-11,19:26:06
System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2, v.2149 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe> [Analog Devices, Inc.]
<SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray> [Analog Devices, Inc.]
<BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)> [N/A]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<MSConfig><C:\WINDOWS\system32\dllcache\msconfig.exe /auto> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{DEC39E0E-F1F2-41E5-80B8-592A67AB0AA5}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk> [N/A]
病急1乱1投医 - 2007-2-11 19:39:00
启动文件夹
N/A
==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[HTTP SLLL / HTTP SLLL][Stopped/Auto Start]
<C:\WINDOWS\windowsxp.bat><N/A>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[ar / wer][Stopped/Auto Start]
<2 - 系统找不到指定的文件。
><N/A>
[Win32 Display Driver / Win32DDS][Stopped/Auto Start]
<C:\WINDOWS\system32\\rundll32.exe windds32.dll,input><Microsoft Corporation>
[Windows Media Player Network Sharing Service / WMPNetworkSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Media Player\wmpnetwk.exe"><N/A>
[dfgdf / dfgdfg][Stopped/Manual Start]
<2 - 系统找不到指定的文件。
><N/A>
病急1乱1投医 - 2007-2-11 19:41:00
驱动程序
[a320raid / a320raid][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[aar1210 / aar1210][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[abp480n5 / abp480n5][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[adpu320 / adpu320][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC6890 / AEC6890][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[aha154x / aha154x][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[asc / asc][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Stopped/Manual Start]
<2 - 系统找不到指定的文件。
><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[fasttrak / fasttrak][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[fasttx2k2 / fasttx2k2][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.>
[HookCont / HookCont][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[Hpt366 / Hpt366][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[HPT371 / HPT371][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[hpt374 / hpt374][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[Intel Integrated RAID / iaStor][Running/Boot Start]
<\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[ini910u / ini910u][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[ITERAID_Service_Install / iteraid][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[kmsinput / kmsinput][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[m5228 / m5228][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Running/Boot Start]
病急1乱1投医 - 2007-2-11 19:41:00
<\SystemRoot\system32\drivers\m5281.sys><ALi Corporation>
[MegaIDE / MegaIDE][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[MidiSyn / MidiSyn][Stopped/Manual Start]
<system32\drivers\MidiSyn.sys><Analog Devices Inc>
[mProcRs / mProcRs][Running/Auto Start]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mraid2k / mraid2k][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.>
[mraid35x / mraid35x][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\WINDOWS\system32\qqedit\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\D:\Tencent\QQ\npkycryp.sys><N/A>
[SiI 680 ATA Controller / Pnp680][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[ql10wnt / ql10wnt][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver / rtl8029][Stopped/Manual Start]
<system32\DRIVERS\RTL8029.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SiI-3512 SATALink Controller / SI3112][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[Silicon Image SiI 3512 SATARaid Controller / SI3112r][Running/Boot Start]
<\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc>
[SiI-3114 SATALink Controller / SI3114][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SiSRaid / SiSRaid][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid1 / SiSRaid1][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems>
[SiSV / SiSV][Stopped/Manual Start]
<system32\DRIVERS\SiSV.sys><Silicon Integrated Systems Corporation>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sparrow / sparrow][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[SVKP / SVKP][Running/Auto Start]
<\??\C:\WINDOWS\system32\SVKP.sys><AntiCracking>
[symc810 / symc810][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[UlSata / UlSata][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ultra / ultra][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[VIA ATA/ATAPI Host Controller / viapdsk][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viaraid / viaraid][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
[viasraid / viasraid][Running/Boot Start]
<\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Running/Boot Start]
<\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter / yukonx86][Running/Manual Start]
<system32\DRIVERS\yukonx86.sys><Marvell Semiconductor Inc.>
[Teclast WE 303 PC Camera / ZSMC303][Running/Manual Start]
<System32\Drivers\usbVM303.sys><Vimicro Corporation>
病急1乱1投医 - 2007-2-11 19:42:00
浏览器加载项
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
{0A155D3C-68E2-4215-A47A-E800A446447A} <E:\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <, N/A>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[ActiveMovieControl Object]
{05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <, N/A>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[TencentVmpCtl Class]
{D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[&使用BitComet下载]
<res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
<res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
<res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
<D:\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<D:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<D:\Tencent\QQ\SendMMS.htm, N/A>
病急1乱1投医 - 2007-2-11 19:42:00
正在运行的进程
[PID: 556][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 636][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 660][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4109]
[PID: 704][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 716][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 860][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4109]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2495]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 900][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 976][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1092][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1108][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1172][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1344][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1376][C:\Program Files\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\Program Files\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\psapi.dll] [Microsoft Corporation, 4.00]
[C:\Program Files\Rising\Rav\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[C:\Program Files\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[C:\Program Files\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\Program Files\Rising\Rav\HookCont.dll] [Rising, 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 40]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsVM.dll] [N/A, 19, 0, 0, 15]
病急1乱1投医 - 2007-2-11 19:43:00
[C:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[PID: 1476][c:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 33]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[c:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[c:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[c:\program files\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00]
[c:\program files\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[c:\program files\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[c:\program files\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1592][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 176][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4109]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2495]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 244][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 360][C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe] [Analog Devices, Inc., 4, 0, 4, 11]
[C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll] [Analog Device, Inc., 1, 0, 22, 26]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 372][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe] [Analog Devices, Inc., 4, 0, 4, 25]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 392][C:\WINDOWS\VM303_STI.EXE] [Vimicro, 4, 3, 625, 61]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\WINDOWS\system32\VM303Prp.Ax] [Vimicro, 4.3. 625.61]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 404][C:\Program Files\Rising\Rfw\rfwmain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[C:\Program Files\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[C:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\Program Files\Rising\Rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 420][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 440][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1040][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1060][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 496][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 3596][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3796][C:\WINDOWS\TEMP\6.exe] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1076][C:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1292][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3422]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3252][C:\Program Files\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[C:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RavUI.Dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RavQu.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\PSAPI.DLL] [Microsoft Corporation, 4.00]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk] [N/A, N/A]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[PID: 1212][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[C:\Program Files\BitComet\tools\BitCometBHO.dll] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[PID: 2584][C:\WINDOWS\TEMP\Rar$EX00.407\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\TEMP\Rar$EX00.407\Plugins\SRECXTMG.SRE] [Smallfrogs Studio, 1, 5, 0, 55]
病急1乱1投医 - 2007-2-11 19:44:00
文件关联
.TXT Error. [NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1cool.47555.com
127.0.0.1www.dosboy.com
127.0.0.1guajfskajiw.43242.com
127.0.0.1www.3448.com
127.0.0.1w25.hitbox.com
127.0.0.1web2.deja.com
127.0.0.1webads.bizservers.com
127.0.0.1www.PostMasterBannerNet.com
127.0.0.1www.ad-up.com
127.0.0.1www.admex.com
127.0.0.1www.alladvantage.com
127.0.0.1www.burstnet.com
127.0.0.1www.commission-junction.com
127.0.0.1www.eads.com
127.0.0.1www.freestats.com
127.0.0.1www.imaginemedia.com
127.0.0.1www.netdirect.nl
127.0.0.1www.oneandonlynetwork.com
127.0.0.1www.targetshop.com
127.0.0.1www.teknosurf2.com
127.0.0.1www.teknosurf3.com
127.0.0.1www.valueclick.com
127.0.0.1www.websitefinancing.com
127.0.0.1www2.burstnet.com
127.0.0.1www4.trix.net
127.0.0.1www80.valueclick.com
127.0.0.1z.extreme-dm.com
127.0.0.1z0.extreme-dm.com
127.0.0.1z1.extreme-dm.com
127.0.0.1ads.rediff.com
127.0.0.1ads.indya.com
127.0.0.1ads.adflight.com
127.0.0.1ads.beguide.net
127.0.0.1ads.mediaturf.net
127.0.0.1ad1.adcept.net
127.0.0.1ad2.adcept.net
127.0.0.1ad3.adcept.net
127.0.0.1ads.fortunecity.com
127.0.0.1www.139cn.com
127.0.0.1www.7liao.com
127.0.0.1chat.51liao.net
127.0.0.1www.51liao.net
127.0.0.1www.7liao.net
127.0.0.1www.6see.com
127.0.0.1bliao.com
127.0.0.1www.bliao.com
127.0.0.1hao123.net
127.0.0.1www.hao123.net
127.0.0.1www.hao222.net
127.0.0.1www.hao222.com
127.0.0.1www.v111.com
127.0.0.1music.v111.com
127.0.0.1www.qq165.com
127.0.0.1www.xicu.com
127.0.0.1www.haodx.com
127.0.0.1www.haohz.com
127.0.0.1www.265.com
127.0.0.1www.dj99.com
127.0.0.1www.dj99.net
127.0.0.1www.yqdj.com
127.0.0.1www.qq530.com
127.0.0.1www.tt67.com
127.0.0.1ad.t2t2.com
127.0.0.1www.yexr.com
127.0.0.1chat.9see.com
127.0.0.1www.ok816.com
127.0.0.1www.3399.net
127.0.0.1www.ads8.com
127.0.0.1www.5566.net
127.0.0.1www.t2t2.com
127.0.0.1popad.qq.com
127.0.0.1v.jsdownload.com
127.0.0.1www.linktoad.com
127.0.0.1club.homeway.com.cn
127.0.0.1sms1.ctn.com.cn
127.0.0.1sms2.ctn.com.cn
127.0.0.1sms3.ctn.com.cn
127.0.0.1www.331122.com
127.0.0.1mmpic.uni.cc
127.0.0.1www.love34.com
127.0.0.1www.free-movie.org
127.0.0.1www.skyhits.com
127.0.0.1www.rd18.com
127.0.0.1tadsweb.tencent.com
127.0.0.1www.vlike.com
127.0.0.1www.chinasee.net
127.0.0.1www.japansky.net
127.0.0.1www.225.com.cn
127.0.0.1ads.china.com
127.0.0.1www.yes521.com
127.0.0.1www.today6.com
127.0.0.1www.h2004.com
127.0.0.1www.movie4.com
127.0.0.1www.rm88.com
127.0.0.1www.qq300.com
127.0.0.1www.qq500.com
127.0.0.1www.av126.com
127.0.0.1www.kissmm.com
127.0.0.1www.cn808.net
127.0.0.1www.hao168.com
127.0.0.1www.mm91.com
127.0.0.1www.huole.com
127.0.0.1www.kan69.com
127.0.0.1ulinkdir.tom.com
127.0.0.1cpc.sohu.com
127.0.0.1images.sohu.com
127.0.0.1adv.pconline.com.cn
127.0.0.1goto.sohu.com
127.0.0.1images2.sohu.com
127.0.0.1www.sexy-books.com
127.0.0.1www.xxbooks.com
127.0.0.1www.18it.com
127.0.0.1www.cnxxx.com
127.0.0.1www.18-girl.net
127.0.0.1ad.tom.com
127.0.0.1ad4.sina.com.cn
127.0.0.1sina.allyes.com
127.0.0.1adtaobao.allyes.com
127.0.0.1smarttrade.allyes.com
127.0.0.1tom.allyes.com
127.0.0.1szwindow.allyes.com
127.0.0.1eachnetmember.allyes.com
127.0.0.1iplus.allyes.com
127.0.0.1sinatest.allyes.com
127.0.0.1casting9.allyes.com
127.0.0.1yinsha.allyes.com
127.0.0.1stockstar.allyes.com
127.0.0.1www.001x.com
127.0.0.1www.hksexweb.com
127.0.0.1www.99adultx.com
127.0.0.1www2.xfreehosting.com
127.0.0.1www1.xfreehosting.com
127.0.0.1www.w555.net
127.0.0.1www.excitecity.com
127.0.0.1www.0xing.com
127.0.0.1sba.3322.net
127.0.0.1www.zgxl.net
127.0.0.1www.qqpic.com
127.0.0.1webspacecn.com
127.0.0.1www.yeapple.com
127.0.0.1manage.link8.com
127.0.0.1www.web888.org
127.0.0.1www.432.cn
127.0.0.1www.kan123.com
127.0.0.1www.3tom.com
127.0.0.1www.sotop.com
127.0.0.1www3.7789.com
127.0.0.1www.66036.com
127.0.0.1www1.66036.com
127.0.0.1www2.66036.com
127.0.0.1www3.66036.com
127.0.0.1www4.66036.com
127.0.0.1www5.66036.com
127.0.0.1www6.66036.com
127.0.0.1www7.66036.com
127.0.0.1www8.66036.com
127.0.0.1www9.66036.com
127.0.0.1www10.66036.com
127.0.0.1tj4.7789.com
127.0.0.1tj5.7789.com
127.0.0.1tj6.7789.com
127.0.0.1tj7.7789.com
127.0.0.1www.7789.com
127.0.0.1count.zhao123.com
127.0.0.1count1.zhao123.com
127.0.0.1count2.zhao123.com
127.0.0.1count3.zhao123.com
127.0.0.1count4.zhaocount.com
127.0.0.1count5.zhaocount.com
127.0.0.1count6.zhaocount.com
127.0.0.1count7.zhaocount.com
127.0.0.1count8.zhaocount.com
127.0.0.1count9.zhaocount.com
127.0.0.1count10.zhaocount.com
127.0.0.1count11.zhaocount.com
127.0.0.1tj1.mytongji.com
127.0.0.1count1.99count.com
127.0.0.1www.99count.com
127.0.0.1bar.baidu.com
127.0.0.1www2.7789.com
127.0.0.1www.guang.org
127.0.0.1www.dlmovie.com
127.0.0.1www.91look.com
127.0.0.1www.kan51.com
127.0.0.1www.mewo.com
127.0.0.1coolsite21.com
127.0.0.1www.t3j4.com
127.0.0.1www.yun8.com
127.0.0.1film.yun8.com
127.0.0.1www.wo123.com
127.0.0.1www.da123.com
127.0.0.1www.1ya.cn
127.0.0.1www.sleazydream.com
127.0.0.1www.easypic2.com
127.0.0.1serv.sexushost.com
127.0.0.1www.xfreehosting.com
127.0.0.1www.888txt.com
127.0.0.1asiafriendfinder.com
127.0.0.1www3.cool168.com
127.0.0.1www2.cool168.com
127.0.0.1www1.cool168.com
127.0.0.1www.happy8.cn
127.0.0.1www.topsex2k.com
127.0.0.1topxxx.sexushost.com
127.0.0.1www.cool168.com
127.0.0.1www.s6.cn
127.0.0.1popme.163.com
127.0.0.1adclient.163.com
127.0.0.1fadama.com
127.0.0.1www.66vv.com
127.0.0.1www.qqee.com
127.0.0.1www.sohu123.com
127.0.0.1www.xgmm.com
127.0.0.1www.7t7t.com
127.0.0.1www.cnimg.com
127.0.0.1cdn2.cnnic.cn
127.0.0.1cool.vv66.com
127.0.0.1www.vv66.com
127.0.0.1www.freepicturepage.com
127.0.0.1www.snasty.com
127.0.0.1www.yourcage.com
127.0.0.1www.shagadelic.com
127.0.0.1hualiao.net
127.0.0.1www.qq163.com
127.0.0.1www.qq163.net
127.0.0.1www.superdown.com
127.0.0.1web.114.com.cn
127.0.0.1www.114.com.cn
127.0.0.1www.91f.cn
127.0.0.1wwww.tthao.com
127.0.0.1www.91f.org
127.0.0.1www.v23.com
127.0.0.1auto.search.msn.com
127.0.0.1x2.51link.com
127.0.0.1x1.51link.com
127.0.0.1www.textlink.cn
127.0.0.1stat.textclick.com
127.0.0.1www.easyhere.com
127.0.0.1www.xxx168.com
127.0.0.1ally.263.net
127.0.0.1www.hualiao.net
127.0.0.1www.xchina.com
127.0.0.1www.sex.com
127.0.0.1www.3xcn.com
127.0.0.1www.20girl.com
127.0.0.1www.x365x.com
127.0.0.1chat.263.net
127.0.0.1chat.yinsha.com
127.0.0.1chat.tom.com
127.0.0.1chat.xilu.com
127.0.0.1www.aliao.com
127.0.0.1chat.163.com
127.0.0.1www.haoliao.com
127.0.0.1www.liaoliao.com
127.0.0.1www.haoliao.net
127.0.0.1www.haoliao.cn
127.0.0.1www.qqliao.com
127.0.0.1www.qliao.com
127.0.0.1www.loveliao.com
127.0.0.1www.mmliao.com
127.0.0.1chat.qq.com
127.0.0.1vchat.xaonline.com
127.0.0.1www.loveliao.net
127.0.0.1www.chinamp3.com
127.0.0.1www.9sky.com
127.0.0.1www.sogua.com
127.0.0.1www.99music.net
127.0.0.1www.yzskdj.com
127.0.0.1music.feifa.com
127.0.0.1www.aisex.com
127.0.0.1www.movie-down.com
127.0.0.1www2.movie-down.com
127.0.0.1www.tt90.com
127.0.0.1www.tt78.com
127.0.0.1www.tiankong.net
127.0.0.1www.qqchat.cn
127.0.0.1www.yymp3.com
127.0.0.1www.9see.com
127.0.0.1www.woliao.net
127.0.0.1www.woliao.com
127.0.0.1www.kuro.com.cn
127.0.0.1www.wangzhiku.com
127.0.0.1hothack.home.chinaren.com
127.0.0.1www.777888.com
127.0.0.1www.5dsoft.com
127.0.0.1www.wokoo.net
127.0.0.1movie.sx.zj.cn
127.0.0.1xyxy68.8u8.net
127.0.0.1www.youmiss.com
127.0.0.1www.cctv8.net
127.0.0.1www.kuliao.com
127.0.0.1www.yyqy.com
127.0.0.1www.sunvod.com
127.0.0.1www.t168.com
127.0.0.1www.coolcdrom.com
127.0.0.1www.zhengdian.com
127.0.0.1girlchinese.com
127.0.0.1www.girl008.com
127.0.0.1xajh.15888.net
127.0.0.1www.51bug.com
127.0.0.1www.wplune.com
127.0.0.1www.777888.net
127.0.0.1pollen.my001.net
127.0.0.1www.yule21.com
127.0.0.1www.fish3000.com
127.0.0.1www.666e.com
127.0.0.1qm.8ok.com
127.0.0.1www.guosir.ccoo.com
127.0.0.1www.163mm.com
127.0.0.1www.cnooo.com
127.0.0.1www.es158.com
127.0.0.1www.aisa-girl.net
127.0.0.1www.boliwu.com
127.0.0.1www.89005.com
127.0.0.1www.cctv1.net
127.0.0.1www.play.cn.gs
127.0.0.1newyouth.3322.net
127.0.0.1chinabdkx.363.net
127.0.0.1www.zknew.com
127.0.0.1www.dhchao.com
127.0.0.1www.top666.net
127.0.0.1www.amoisonic.com
127.0.0.1www.markguide.com
127.0.0.1www.xyxc.ccoo.com
127.0.0.1www.flyingwalk.com
127.0.0.1www.yezine.net
127.0.0.1www.mmgirls.com
127.0.0.1www.wa***.net
127.0.0.1www.net5w.com
127.0.0.1www.fbstu.com
127.0.0.1www.qlwl.com
127.0.0.1www.yibinren.com
127.0.0.1www.yinshang.com
127.0.0.1www.ncunet.com
127.0.0.1www.555666.net
127.0.0.1www.fm1058.cc
127.0.0.1meim.y365.com
127.0.0.1www.qq520.net
127.0.0.1jjkafei.longcity.net
127.0.0.1chow.yesky.net
127.0.0.1oicq.hk.st
127.0.0.1www.my288.com
127.0.0.1www.laws-online.net
127.0.0.1www.hj168.net
127.0.0.116888.6to23.com
127.0.0.1www.love520.net
127.0.0.1www.qq520.com
127.0.0.1www.ezhgc.com
127.0.0.1www.eastedu.com.cn
127.0.0.1www.435000.com
127.0.0.1sdik.8ok.net
127.0.0.1feiying.coolwww.net
127.0.0.1zhongxuesheng.myrice.com
127.0.0.1www.yes9999.com
127.0.0.1www.nnptt.com
127.0.0.1vod.hengshui.com
127.0.0.1tv.megajoy.com
127.0.0.1www.h444.net
127.0.0.1update.myxq.com
127.0.0.1www.qq168.net
127.0.0.1www.777888.com
127.0.0.1www.5dsoft.com
127.0.0.1movie.sx.zj.cn
127.0.0.1www.yeapple.com
127.0.0.1winzheng.126.com
127.0.0.1www.boliwo.com
127.0.0.1www.pk.com
127.0.0.1www.unionsky.cn
127.0.0.1www.allyes.com
127.0.0.1www.xxx.com
127.0.0.1204.177.92.68
127.0.0.1www.fassia.net
127.0.0.1www.jinpin.net
127.0.0.1www.happy666.net
127.0.0.1www.myxq.com
127.0.0.1dvd.qq92.com
127.0.0.1www.16yi.com
127.0.0.1www.ye77.com
127.0.0.1www.7sese.com
127.0.0.1www.1yin.net
127.0.0.1www.77ttt.com
127.0.0.1www.7mao.com
127.0.0.1www.mydj2005.com
127.0.0.1www.vv78.com
127.0.0.1www.v119.com
127.0.0.1100.332233.com
127.0.0.1www.cashbackbuddy.com
127.0.0.1www.10uu.com
127.0.0.1fly950.nease.net
==================================
API HOOK
N/A
==================================
[/CODE]
病急1乱1投医 - 2007-2-11 19:45:00
以上就是扫描的 对吗?帮忙看看
病急1乱1投医 - 2007-2-11 19:54:00
我的启动项也打不开了,不过可以搜索到在打开
病急1乱1投医 - 2007-2-11 23:24:00
按2楼3楼的做法还是没有清理掉,请帮帮忙如下是,按以上操作后的结果,:
[CODE]
2007-02-11,23:12:00
System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2, v.2149 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<9zvmx44><C:\WINDOWS\iexpl0re.exe> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe> [Analog Devices, Inc.]
<SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray> [Analog Devices, Inc.]
<BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)> [N/A]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<MSConfig><C:\WINDOWS\system32\dllcache\msconfig.exe /auto> [(Verified)Microsoft Corporation]
<BaoFeng32><C:\WINDOWS\TEMP\6.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{DEC39E0E-F1F2-41E5-80B8-592A67AB0AA5}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk> [N/A]
==================================
启动文件夹
N/A
==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[dfgdf / dfgdfg][Stopped/Auto Start]
<C:\WINDOWS\ffff.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[HTTP SLLL / HTTP SLLL][Stopped/Auto Start]
<C:\WINDOWS\windowsxp.bat><N/A>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[Win32 Display Driver / Win32DDS][Stopped/Auto Start]
<C:\WINDOWS\system32\\rundll32.exe windds32.dll,input><Microsoft Corporation>
[Windows Media Player Network Sharing Service / WMPNetworkSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Media Player\wmpnetwk.exe"><N/A>
病急1乱1投医 - 2007-2-11 23:24:00
驱动程序
[a320raid / a320raid][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[aar1210 / aar1210][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[abp480n5 / abp480n5][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[adpu320 / adpu320][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC6890 / AEC6890][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[aha154x / aha154x][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[asc / asc][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[fasttrak / fasttrak][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[fasttx2k2 / fasttx2k2][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.>
[HookCont / HookCont][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[Hpt366 / Hpt366][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[HPT371 / HPT371][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[hpt374 / hpt374][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[Intel Integrated RAID / iaStor][Running/Boot Start]
<\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[ini910u / ini910u][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[ITERAID_Service_Install / iteraid][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[kmsinput / kmsinput][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[m5228 / m5228][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Running/Boot Start]
<\SystemRoot\system32\drivers\m5281.sys><ALi Corporation>
[MegaIDE / MegaIDE][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[MidiSyn / MidiSyn][Stopped/Manual Start]
<system32\drivers\MidiSyn.sys><Analog Devices Inc>
[mProcRs / mProcRs][Running/Auto Start]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mraid2k / mraid2k][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.>
[mraid35x / mraid35x][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\WINDOWS\system32\qqedit\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\D:\Tencent\QQ\npkycryp.sys><N/A>
[SiI 680 ATA Controller / Pnp680][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[ql10wnt / ql10wnt][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver / rtl8029][Stopped/Manual Start]
<system32\DRIVERS\RTL8029.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SiI-3512 SATALink Controller / SI3112][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[Silicon Image SiI 3512 SATARaid Controller / SI3112r][Running/Boot Start]
<\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc>
病急1乱1投医 - 2007-2-11 23:25:00
[SiI-3114 SATALink Controller / SI3114][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SiSRaid / SiSRaid][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid1 / SiSRaid1][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems>
[SiSV / SiSV][Stopped/Manual Start]
<system32\DRIVERS\SiSV.sys><Silicon Integrated Systems Corporation>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sparrow / sparrow][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[SVKP / SVKP][Running/Auto Start]
<\??\C:\WINDOWS\system32\SVKP.sys><AntiCracking>
[symc810 / symc810][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[UlSata / UlSata][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ultra / ultra][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[VIA ATA/ATAPI Host Controller / viapdsk][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viaraid / viaraid][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
[viasraid / viasraid][Running/Boot Start]
<\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Running/Boot Start]
<\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter / yukonx86][Running/Manual Start]
<system32\DRIVERS\yukonx86.sys><Marvell Semiconductor Inc.>
[Teclast WE 303 PC Camera / ZSMC303][Running/Manual Start]
<System32\Drivers\usbVM303.sys><Vimicro Corporation>
病急1乱1投医 - 2007-2-11 23:25:00
浏览器加载项
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
{0A155D3C-68E2-4215-A47A-E800A446447A} <E:\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <, N/A>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[ActiveMovieControl Object]
{05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <, N/A>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[TencentVmpCtl Class]
{D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[&使用BitComet下载]
<res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
<res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
<res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
<D:\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<D:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<D:\Tencent\QQ\SendMMS.htm, N/A>
病急1乱1投医 - 2007-2-11 23:26:00
正在运行的进程
[PID: 556][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 636][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 660][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4109]
[PID: 704][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 716][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 860][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4109]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2495]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 888][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 976][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1072][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1088][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1144][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1288][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1308][C:\Program Files\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\Program Files\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\psapi.dll] [Microsoft Corporation, 4.00]
[C:\Program Files\Rising\Rav\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[C:\Program Files\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[C:\Program Files\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\Program Files\Rising\Rav\HookCont.dll] [Rising, 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 40]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsVM.dll] [N/A, 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
[C:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[PID: 1476][c:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 33]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[c:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[c:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[c:\program files\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00]
[c:\program files\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[c:\program files\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[c:\program files\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1596][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1980][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4109]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2495]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2040][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\MgSym.dll] [N/A, N/A]
[PID: 348][C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe] [Analog Devices, Inc., 4, 0, 4, 11]
[C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll] [Analog Device, Inc., 1, 0, 22, 26]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 356][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe] [Analog Devices, Inc., 4, 0, 4, 25]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 388][C:\WINDOWS\VM303_STI.EXE] [Vimicro, 4, 3, 625, 61]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\WINDOWS\system32\VM303Prp.Ax] [Vimicro, 4.3. 625.61]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 424][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 476][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 496][c:\program files\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[c:\program files\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[c:\program files\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[c:\program files\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[c:\program files\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[c:\program files\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 608][C:\WINDOWS\TEMP\6.exe] [N/A, N/A]
病急1乱1投医 - 2007-2-11 23:28:00
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1244][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1272][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 1264][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[PID: 600][c:\program files\rising\rfw\RfwCfg.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 1, 46]
[c:\program files\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[c:\program files\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[c:\program files\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[c:\program files\rising\rfw\ProxyCtr.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[c:\program files\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[c:\program files\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk] [N/A, N/A]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\MgSym.dll] [N/A, N/A]
[PID: 2396][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[C:\Program Files\BitComet\tools\BitCometBHO.dll] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\MgSym.dll] [N/A, N/A]
[PID: 3060][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 364][C:\WINDOWS\iexpl0re.exe] [N/A, N/A]
[C:\WINDOWS\system32\MgSym.dll] [N/A, N/A]
[PID: 4008][G:\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\MgSym.dll] [N/A, N/A]
==================================
文件关联
.TXT Error. [NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1cool.47555.com
127.0.0.1www.dosboy.com
127.0.0.1guajfskajiw.43242.com
127.0.0.1www.3448.com
127.0.0.1w25.hitbox.com
127.0.0.1web2.deja.com
127.0.0.1webads.bizservers.com
127.0.0.1www.PostMasterBannerNet.com
127.0.0.1www.ad-up.com
127.0.0.1www.admex.com
127.0.0.1www.alladvantage.com
127.0.0.1www.burstnet.com
127.0.0.1www.commission-junction.com
127.0.0.1www.eads.com
127.0.0.1www.freestats.com
127.0.0.1www.imaginemedia.com
127.0.0.1www.netdirect.nl
病急1乱1投医 - 2007-2-11 23:29:00
127.0.0.1www.oneandonlynetwork.com
127.0.0.1www.targetshop.com
127.0.0.1www.teknosurf2.com
127.0.0.1www.teknosurf3.com
127.0.0.1www.valueclick.com
127.0.0.1www.websitefinancing.com
127.0.0.1www2.burstnet.com
127.0.0.1www4.trix.net
127.0.0.1www80.valueclick.com
127.0.0.1z.extreme-dm.com
127.0.0.1z0.extreme-dm.com
127.0.0.1z1.extreme-dm.com
127.0.0.1ads.rediff.com
127.0.0.1ads.indya.com
127.0.0.1ads.adflight.com
127.0.0.1ads.beguide.net
127.0.0.1ads.mediaturf.net
127.0.0.1ad1.adcept.net
127.0.0.1ad2.adcept.net
127.0.0.1ad3.adcept.net
127.0.0.1ads.fortunecity.com
127.0.0.1www.139cn.com
127.0.0.1www.7liao.com
127.0.0.1chat.51liao.net
127.0.0.1www.51liao.net
127.0.0.1www.7liao.net
127.0.0.1www.6see.com
127.0.0.1bliao.com
127.0.0.1www.bliao.com
127.0.0.1hao123.net
127.0.0.1www.hao123.net
127.0.0.1www.hao222.net
127.0.0.1www.hao222.com
127.0.0.1www.v111.com
127.0.0.1music.v111.com
127.0.0.1www.qq165.com
127.0.0.1www.xicu.com
127.0.0.1www.haodx.com
127.0.0.1www.haohz.com
127.0.0.1www.265.com
127.0.0.1www.dj99.com
127.0.0.1www.dj99.net
127.0.0.1www.yqdj.com
127.0.0.1www.qq530.com
127.0.0.1www.tt67.com
127.0.0.1ad.t2t2.com
127.0.0.1www.yexr.com
127.0.0.1chat.9see.com
127.0.0.1www.ok816.com
127.0.0.1www.3399.net
127.0.0.1www.ads8.com
127.0.0.1www.5566.net
127.0.0.1www.t2t2.com
127.0.0.1popad.qq.com
127.0.0.1v.jsdownload.com
127.0.0.1www.linktoad.com
127.0.0.1club.homeway.com.cn
127.0.0.1sms1.ctn.com.cn
127.0.0.1sms2.ctn.com.cn
127.0.0.1sms3.ctn.com.cn
127.0.0.1www.331122.com
127.0.0.1mmpic.uni.cc
127.0.0.1www.love34.com
127.0.0.1www.free-movie.org
127.0.0.1www.skyhits.com
127.0.0.1www.rd18.com
127.0.0.1tadsweb.tencent.com
127.0.0.1www.vlike.com
127.0.0.1www.chinasee.net
127.0.0.1www.japansky.net
127.0.0.1www.225.com.cn
127.0.0.1ads.china.com
127.0.0.1www.yes521.com
127.0.0.1www.today6.com
127.0.0.1www.h2004.com
127.0.0.1www.movie4.com
127.0.0.1www.rm88.com
127.0.0.1www.qq300.com
127.0.0.1www.qq500.com
127.0.0.1www.av126.com
127.0.0.1www.kissmm.com
127.0.0.1www.cn808.net
127.0.0.1www.hao168.com
127.0.0.1www.mm91.com
127.0.0.1www.huole.com
127.0.0.1www.kan69.com
127.0.0.1ulinkdir.tom.com
127.0.0.1cpc.sohu.com
127.0.0.1images.sohu.com
127.0.0.1adv.pconline.com.cn
127.0.0.1goto.sohu.com
127.0.0.1images2.sohu.com
127.0.0.1www.sexy-books.com
127.0.0.1www.xxbooks.com
127.0.0.1www.18it.com
127.0.0.1www.cnxxx.com
127.0.0.1www.18-girl.net
127.0.0.1ad.tom.com
127.0.0.1ad4.sina.com.cn
127.0.0.1sina.allyes.com
127.0.0.1adtaobao.allyes.com
127.0.0.1smarttrade.allyes.com
127.0.0.1tom.allyes.com
127.0.0.1szwindow.allyes.com
127.0.0.1eachnetmember.allyes.com
127.0.0.1iplus.allyes.com
127.0.0.1sinatest.allyes.com
127.0.0.1casting9.allyes.com
127.0.0.1yinsha.allyes.com
127.0.0.1stockstar.allyes.com
127.0.0.1www.001x.com
127.0.0.1www.hksexweb.com
127.0.0.1www.99adultx.com
127.0.0.1www2.xfreehosting.com
127.0.0.1www1.xfreehosting.com
127.0.0.1www.w555.net
127.0.0.1www.excitecity.com
127.0.0.1www.0xing.com
127.0.0.1sba.3322.net
127.0.0.1www.zgxl.net
127.0.0.1www.qqpic.com
127.0.0.1webspacecn.com
127.0.0.1www.yeapple.com
127.0.0.1manage.link8.com
127.0.0.1www.web888.org
127.0.0.1www.432.cn
127.0.0.1www.kan123.com
127.0.0.1www.3tom.com
127.0.0.1www.sotop.com
127.0.0.1www3.7789.com
127.0.0.1www.66036.com
127.0.0.1www1.66036.com
127.0.0.1www2.66036.com
127.0.0.1www3.66036.com
127.0.0.1www4.66036.com
127.0.0.1www5.66036.com
127.0.0.1www6.66036.com
127.0.0.1www7.66036.com
127.0.0.1www8.66036.com
127.0.0.1www9.66036.com
127.0.0.1www10.66036.com
127.0.0.1tj4.7789.com
127.0.0.1tj5.7789.com
127.0.0.1tj6.7789.com
127.0.0.1tj7.7789.com
127.0.0.1www.7789.com
127.0.0.1count.zhao123.com
127.0.0.1count1.zhao123.com
127.0.0.1count2.zhao123.com
127.0.0.1count3.zhao123.com
127.0.0.1count4.zhaocount.com
127.0.0.1count5.zhaocount.com
127.0.0.1count6.zhaocount.com
127.0.0.1count7.zhaocount.com
127.0.0.1count8.zhaocount.com
127.0.0.1count9.zhaocount.com
127.0.0.1count10.zhaocount.com
127.0.0.1count11.zhaocount.com
127.0.0.1tj1.mytongji.com
127.0.0.1count1.99count.com
127.0.0.1www.99count.com
127.0.0.1bar.baidu.com
127.0.0.1www2.7789.com
127.0.0.1www.guang.org
127.0.0.1www.dlmovie.com
127.0.0.1www.91look.com
127.0.0.1www.kan51.com
127.0.0.1www.mewo.com
127.0.0.1coolsite21.com
127.0.0.1www.t3j4.com
127.0.0.1www.yun8.com
127.0.0.1film.yun8.com
127.0.0.1www.wo123.com
127.0.0.1www.da123.com
127.0.0.1www.1ya.cn
127.0.0.1www.sleazydream.com
127.0.0.1www.easypic2.com
127.0.0.1serv.sexushost.com
127.0.0.1www.xfreehosting.com
127.0.0.1www.888txt.com
127.0.0.1asiafriendfinder.com
127.0.0.1www3.cool168.com
127.0.0.1www2.cool168.com
127.0.0.1www1.cool168.com
127.0.0.1www.happy8.cn
127.0.0.1www.topsex2k.com
127.0.0.1topxxx.sexushost.com
127.0.0.1www.cool168.com
127.0.0.1www.s6.cn
127.0.0.1popme.163.com
127.0.0.1adclient.163.com
127.0.0.1fadama.com
127.0.0.1www.66vv.com
127.0.0.1www.qqee.com
127.0.0.1www.sohu123.com
127.0.0.1www.xgmm.com
127.0.0.1www.7t7t.com
127.0.0.1www.cnimg.com
127.0.0.1cdn2.cnnic.cn
127.0.0.1cool.vv66.com
127.0.0.1www.vv66.com
127.0.0.1www.freepicturepage.com
127.0.0.1www.snasty.com
127.0.0.1www.yourcage.com
127.0.0.1www.shagadelic.com
127.0.0.1hualiao.net
127.0.0.1www.qq163.com
127.0.0.1www.qq163.net
127.0.0.1www.superdown.com
127.0.0.1web.114.com.cn
127.0.0.1www.114.com.cn
127.0.0.1www.91f.cn
127.0.0.1wwww.tthao.com
127.0.0.1www.91f.org
127.0.0.1www.v23.com
127.0.0.1auto.search.msn.com
127.0.0.1x2.51link.com
127.0.0.1x1.51link.com
127.0.0.1www.textlink.cn
127.0.0.1stat.textclick.com
127.0.0.1www.easyhere.com
127.0.0.1www.xxx168.com
127.0.0.1ally.263.net
127.0.0.1www.hualiao.net
127.0.0.1www.xchina.com
127.0.0.1www.sex.com
127.0.0.1www.3xcn.com
127.0.0.1www.20girl.com
127.0.0.1www.x365x.com
127.0.0.1chat.263.net
127.0.0.1chat.yinsha.com
127.0.0.1chat.tom.com
127.0.0.1chat.xilu.com
127.0.0.1www.aliao.com
127.0.0.1chat.163.com
127.0.0.1www.haoliao.com
127.0.0.1www.liaoliao.com
127.0.0.1www.haoliao.net
127.0.0.1www.haoliao.cn
127.0.0.1www.qqliao.com
127.0.0.1www.qliao.com
127.0.0.1www.loveliao.com
127.0.0.1www.mmliao.com
127.0.0.1chat.qq.com
127.0.0.1vchat.xaonline.com
127.0.0.1www.loveliao.net
127.0.0.1www.chinamp3.com
127.0.0.1www.9sky.com
127.0.0.1www.sogua.com
127.0.0.1www.99music.net
127.0.0.1www.yzskdj.com
127.0.0.1music.feifa.com
127.0.0.1www.aisex.com
127.0.0.1www.movie-down.com
127.0.0.1www2.movie-down.com
127.0.0.1www.tt90.com
127.0.0.1www.tt78.com
127.0.0.1www.tiankong.net
127.0.0.1www.qqchat.cn
127.0.0.1www.yymp3.com
127.0.0.1www.9see.com
127.0.0.1www.woliao.net
127.0.0.1www.woliao.com
127.0.0.1www.kuro.com.cn
127.0.0.1www.wangzhiku.com
127.0.0.1hothack.home.chinaren.com
127.0.0.1www.777888.com
127.0.0.1www.5dsoft.com
127.0.0.1www.wokoo.net
127.0.0.1movie.sx.zj.cn
127.0.0.1xyxy68.8u8.net
127.0.0.1www.youmiss.com
127.0.0.1www.cctv8.net
127.0.0.1www.kuliao.com
127.0.0.1www.yyqy.com
127.0.0.1www.sunvod.com
127.0.0.1www.t168.com
127.0.0.1www.coolcdrom.com
127.0.0.1www.zhengdian.com
127.0.0.1girlchinese.com
127.0.0.1www.girl008.com
127.0.0.1xajh.15888.net
127.0.0.1www.51bug.com
127.0.0.1www.wplune.com
127.0.0.1www.777888.net
127.0.0.1pollen.my001.net
127.0.0.1www.yule21.com
127.0.0.1www.fish3000.com
127.0.0.1www.666e.com
127.0.0.1qm.8ok.com
127.0.0.1www.guosir.ccoo.com
127.0.0.1www.163mm.com
127.0.0.1www.cnooo.com
127.0.0.1www.es158.com
127.0.0.1www.aisa-girl.net
127.0.0.1www.boliwu.com
127.0.0.1www.89005.com
127.0.0.1www.cctv1.net
127.0.0.1www.play.cn.gs
127.0.0.1newyouth.3322.net
127.0.0.1chinabdkx.363.net
127.0.0.1www.zknew.com
127.0.0.1www.dhchao.com
127.0.0.1www.top666.net
127.0.0.1www.amoisonic.com
127.0.0.1www.markguide.com
127.0.0.1www.xyxc.ccoo.com
127.0.0.1www.flyingwalk.com
127.0.0.1www.yezine.net
127.0.0.1www.mmgirls.com
127.0.0.1www.wa***.net
127.0.0.1www.net5w.com
127.0.0.1www.fbstu.com
127.0.0.1www.qlwl.com
127.0.0.1www.yibinren.com
127.0.0.1www.yinshang.com
127.0.0.1www.ncunet.com
127.0.0.1www.555666.net
127.0.0.1www.fm1058.cc
127.0.0.1meim.y365.com
127.0.0.1www.qq520.net
127.0.0.1jjkafei.longcity.net
127.0.0.1chow.yesky.net
127.0.0.1oicq.hk.st
127.0.0.1www.my288.com
127.0.0.1www.laws-online.net
127.0.0.1www.hj168.net
127.0.0.116888.6to23.com
127.0.0.1www.love520.net
127.0.0.1www.qq520.com
127.0.0.1www.ezhgc.com
127.0.0.1www.eastedu.com.cn
127.0.0.1www.435000.com
127.0.0.1sdik.8ok.net
127.0.0.1feiying.coolwww.net
127.0.0.1zhongxuesheng.myrice.com
127.0.0.1www.yes9999.com
127.0.0.1www.nnptt.com
127.0.0.1vod.hengshui.com
127.0.0.1tv.megajoy.com
127.0.0.1www.h444.net
127.0.0.1update.myxq.com
127.0.0.1www.qq168.net
127.0.0.1www.777888.com
127.0.0.1www.5dsoft.com
127.0.0.1movie.sx.zj.cn
127.0.0.1www.yeapple.com
127.0.0.1winzheng.126.com
127.0.0.1www.boliwo.com
127.0.0.1www.pk.com
127.0.0.1www.unionsky.cn
127.0.0.1www.allyes.com
127.0.0.1www.xxx.com
127.0.0.1204.177.92.68
127.0.0.1www.fassia.net
127.0.0.1www.jinpin.net
127.0.0.1www.happy666.net
127.0.0.1www.myxq.com
127.0.0.1dvd.qq92.com
127.0.0.1www.16yi.com
127.0.0.1www.ye77.com
127.0.0.1www.7sese.com
127.0.0.1www.1yin.net
127.0.0.1www.77ttt.com
127.0.0.1www.7mao.com
127.0.0.1www.mydj2005.com
127.0.0.1www.vv78.com
127.0.0.1www.v119.com
127.0.0.1100.332233.com
127.0.0.1www.cashbackbuddy.com
127.0.0.1www.10uu.com
127.0.0.1fly950.nease.net
==================================
API HOOK
N/A
==================================
[/CODE]
病急1乱1投医 - 2007-2-11 23:30:00
各位大虾帮我搞一下啊,为什么没人回我啊,在你们看来简单可是在我们就难了啊,帮一下
病急1乱1投医 - 2007-2-11 23:40:00
Trojan.PSW.JHOnline.fcz Backdoor.Gpigeon.lxi 提示是这两种病毒但是无法清除请帮忙
1
© 2000 - 2026 Rising Corp. Ltd.