瑞星卡卡安全论坛
絮絮妹妹 - 2007-3-23 19:01:00
WINDOWS下的PE病毒 Trojan.DL.Agent.gpq
WINDOWS下的PE病毒 Trojan.MnLess.dr
他说启动计算机后删除,可是还是没有删除
下面是细节
絮絮妹妹 - 2007-3-23 19:05:00
007-03-23,18:51:53
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<NBJ><"C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"> [Ahead Software AG]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [(Verified)Yahoo! China]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [(Verified)Yahoo! China]
<RavTask><"d:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<SKYNET Personal FireWall><C:\PROGRA~1\SkyNet\FireWall\pfw.exe> [N/A]
<runeip><D:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<DELC$><net share C$ /del> [N/A]
<DELD><net share D$ /del> [N/A]
<DELE><net share E$ /del> [N/A]
<DELF><net share F$ /del> [N/A]
<DELADMIN><net share admin$ /del> [N/A]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<QuickTime Task><"D:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
<WangWang><D:\Program Files\淘宝网\淘宝旺旺\WangWang.exe> [阿里软件(中国)有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\Userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll> [(Verified)YAHOO Corporation Limited]
<{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><> [N/A]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
==================================
启动文件夹
[星空极速]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\星空极速.lnk --> C:\PROGRA~1\ChinaNet\VNETCL~1.EXE []><N>
[Adobe Gamma]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\Adobe Gamma.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[星空极速]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\星空极速.lnk --> C:\PROGRA~1\ChinaNet\VNETCL~1.EXE []><N>
[腾讯QQ]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\PROGRA~1\QQ20063\QQ.exe [TENCENT]><N>
==================================
服务
[Adobe LM Service / Adobe LM Service]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Macromedia Licensing Service / Macromedia Licensing Service]
<"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy Service / RfwProxySrv]
<d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<D:\Program Files\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"d:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
==================================
驱动程序
[225140 / 225140]
<C:\WINDOWS\SYSTEM32\DRIVERS\225140.SYS><N/A>
[ADProt / ADProt]
<\SystemRoot\system32\drivers\ADProt.sys><N/A>
[aeaudio / aeaudio]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cdrbsvsd / cdrbsvsd]
<C:\WINDOWS\SYSTEM32\DRIVERS\cdrbsvsd.SYS><B.H.A Corporation>
[cgicdjig / cgicdjig]
<C:\WINDOWS\SYSTEM32\DRIVERS\cgicdjig.SYS><中国互联网络信息中心(CNNIC)>
[CSC / CSC]
<\??\C:\WINDOWS\system32\drivers\CSC.SYS><FeiTian Tech Co.,Ltd>
[GMSIPCI / GMSIPCI]
<\??\G:\INSTALL\GMSIPCI.SYS><N/A>
[heaegaab / heaegaab]
<C:\WINDOWS\SYSTEM32\DRIVERS\heaegaab.SYS><中国互联网络信息中心(CNNIC)>
[hjcbcfdd / hjcbcfdd]
<\SystemRoot\system32\drivers\hjcbcfdd.sys><中国互联网络信息中心(CNNIC)>
[HOOKAPI / HOOKAPI]
<\??\D:\PROGRAM FILES\RISING\RAV\HookApi.Sys><N/A>
[HookUrl / HookUrl]
<\??\d:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[kmsinput / kmsinput]
<\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[MidiSyn / MidiSyn]
<system32\drivers\MidiSyn.sys><Analog Devices, Inc.>
[mProcRs / mProcRs]
<\??\d:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[MSICPL / MSICPL]
<\??\G:\install4\MSICPL.sys><N/A>
[msqmx / msqmx]
<2 - 系统找不到指定的文件。
><N/A>
[npkcrypt / npkcrypt]
<\??\D:\Program Files\QQ20063\npkcrypt.sys><INCA Internet Co., Ltd.>
[NTACCESS / NTACCESS]
<\??\G:\NTACCESS.sys><N/A>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[pthw / pthww]
<\SystemRoot\System32\DRIVERS\pthww.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[qzxzbjrr / qzxzbjrr]
<\SystemRoot\System32\DRIVERS\qzxzbjrr.sys><Yahoo! China Corporation>
[RsAntiSpyware / RsAntiSpyware]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
絮絮妹妹 - 2007-3-23 19:07:00
[RsFwDrv / RsFwDrv]
<\??\d:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[SAMSUNG YP-NDU / SECYPUSB]
<System32\Drivers\SECYPUSB.sys><N/A>
[senfilt / senfilt]
<system32\drivers\senfilt.sys><Sensaura>
[SetupNTGLM7X / SetupNTGLM7X]
<\??\G:\NTGLM7X.sys><N/A>
[smwdm / smwdm]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[USB PC Camera (snppro) / SNPPRO]
<system32\DRIVERS\snppro.sys><>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
<system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
==================================
浏览器加载项
[Flashget Catch Url Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL, yahoo! china>
[FlashGet GetFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <D:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew, N/A>
[快车]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\Program Files\FlashGet\FlashGet.exe, FlashGet.com>
[拍拍乐影像家园 2006]
{E01D63E5-8758-4D4C-95DB-3C0529A5B450} <d:\Program Files\Foxshare\PixPlayer\PixPlayer.exe, 深圳市复兴科技有限公司>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[快车(FlashGet)]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[CEditCtrl
Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Flashget Catch Url Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[CEditCtrl
Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A>
[HHCtrl
Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll, yahoo! china>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL, yahoo! china>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[WangWangObj Class]
{6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\Program Files\淘宝网\淘宝旺旺\WangWangX4.dll, 阿里软件(中国)有限公司>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[快车(FlashGet)]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[CPasswordEditCtrl
Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[FlashGet GetFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <D:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[JetCarNetscape Class]
{FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <D:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[&使用快车(FlashGet)下载]
<D:\Program Files\FlashGet\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
<D:\Program Files\FlashGet\jc_all.htm, N/A>
[上传到QQ网络硬盘]
<D:\Program Files\QQ20063\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
<D:\Program Files\QQ20063\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\Program Files\QQ20063\AddEmotion.htm, N/A>
[添加图片到拍拍乐相册]
<d:\Program Files\Foxshare\PixPlayer\HTML\PPPastePix.html, N/A>
[用QQ彩信发送该图片]
<D:\Program Files\QQ20063\SendMMS.htm, N/A>
絮絮妹妹 - 2007-3-23 19:07:00
==================================
正在运行的进程
[PID: 528][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1604][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1628][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1676][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1688][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1844][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1908][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1988][d:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 2004][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 192][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 236][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 288][D:\Program Files\Rising\Rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 33]
[D:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[D:\Program Files\Rising\Rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[D:\Program Files\Rising\Rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[D:\Program Files\Rising\Rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[D:\Program Files\Rising\Rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[D:\Program Files\Rising\Rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 652][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 760][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll] [YAHOO Corporation Limited, 3, 0, 3, 1004]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\WINDOWS\system32\gprgy.dll] [N/A, N/A]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 6, 1008]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL] [yahoo! china, 3, 0, 4, 1006]
[PID: 984][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll] [yahoo! china, 3, 0, 2, 1002]
[PID: 992][D:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1000][D:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[D:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[PID: 1120][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1172][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3510]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1268][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8421]
[PID: 1276][D:\Program Files\淘宝网\淘宝旺旺\WangWang.exe] [阿里软件(中国)有限公司, 5, 0, 0, 0]
[D:\Program Files\淘宝网\淘宝旺旺\AliViewCtrl.dll] [阿里软件(中国)有限公司, 1, 0, 0, 2]
[D:\Program Files\淘宝网\淘宝旺旺\VLNetwork.dll] [阿里软件(中国)有限公司, 1, 0, 0, 6]
[D:\Program Files\淘宝网\淘宝旺旺\AliViewMedia.dll] [阿里软件(中国)有限公司, 1, 0, 0, 2]
[D:\Program Files\淘宝网\淘宝旺旺\VideoCap.dll] [, 1, 0, 0, 4]
[D:\Program Files\淘宝网\淘宝旺旺\VLAudio.dll] [阿里软件(中国)有限公司, 1, 0, 0, 5]
[D:\Program Files\淘宝网\淘宝旺旺\JsmShow.dll] [阿里软件(中国)有限公司, 1, 0, 0, 4]
[D:\Program Files\淘宝网\淘宝旺旺\AliSkin.dll] [TODO: <公司名>, 1.0.0.1]
[D:\Program Files\淘宝网\淘宝旺旺\zlib.dll] [N/A, 1.2.3]
[D:\Program Files\淘宝网\淘宝旺旺\ww_network.dll] [N/A, 1, 0, 1, 20]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\淘宝网\淘宝旺旺\MessageNotify.dll] [, 1, 0, 0, 1]
[D:\Program Files\淘宝网\淘宝旺旺\Ali_Res.DLL] [N/A, N/A]
[D:\PROGRA~1\淘宝网\淘宝旺旺\TBATAB~1.OCX] [alibaba, 1, 0, 0, 1]
[D:\Program Files\淘宝网\淘宝旺旺\WangWangX4.dll] [阿里软件(中国)有限公司, 1, 0, 0, 1]
[D:\Program Files\淘宝网\淘宝旺旺\RichOne.dll] [阿里软件(中国)有限公司, 1.0.0.1]
[D:\Program Files\淘宝网\淘宝旺旺\TBProgress.dll] [阿里软件(中国)有限公司, 1.0.0.1]
[D:\Program Files\淘宝网\淘宝旺旺\tbATabControl.ocx] [alibaba, 1, 0, 0, 1]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[PID: 1316][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1344][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1388][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1428][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1488][C:\Program Files\ChinaNet\VnetClient.exe] [, 2005, 1, 18, 1]
[C:\Program Files\ChinaNet\Communicate.dll] [0, 1, 0, 0, 1]
[C:\Program Files\ChinaNet\DialModule.dll] [, 2005, 1, 18, 1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\ChinaNet\CLIENT~1.DLL] [, 2004, 1, 10, 1]
[C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX] [, 2005, 1, 18, 1]
[C:\PROGRA~1\ChinaNet\sign.dll] [0, 2004, 12, 1, 1]
[C:\PROGRA~1\ChinaNet\SETUPP~1.DLL] [, 1, 0, 0, 1]
[C:\PROGRA~1\ChinaNet\PostPlug.dll] [, 2004, 12, 16, 2]
[C:\PROGRA~1\ChinaNet\ADVERT~1.OCX] [, 2004, 12, 30, 0]
[C:\PROGRA~1\ChinaNet\VnetBs.ocx] [, 2004, 11, 18, 1]
[C:\PROGRA~1\ChinaNet\ACCOUN~2.DLL] [, 2005, 1, 27, 1]
[C:\PROGRA~1\ChinaNet\AccountMgr.dll] [, 2005, 1, 25, 1]
[C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX] [, 2004, 11, 19, 2]
[C:\PROGRA~1\ChinaNet\NEWMES~1.DLL] [, 2004, 11, 25, 0]
[C:\PROGRA~1\ChinaNet\PassCtrl.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\wpcap.dll] [Politecnico di Torino, 3, 0, 0, 18]
[C:\WINDOWS\system32\pthreadVC.dll] [N/A, N/A]
[C:\WINDOWS\system32\packet.dll] [Politecnico di Torino, 3, 0, 0, 18]
[C:\PROGRA~1\ChinaNet\PlugPush.dll] [, 2004, 12, 9, 1]
[C:\PROGRA~1\ChinaNet\ALLINT~1.DLL] [, 2004, 11, 23, 1]
[C:\PROGRA~1\ChinaNet\VNetLog.ocx] [, 2005, 10, 9, 1]
[C:\PROGRA~1\ChinaNet\StatNum.dll] [, 2004, 11, 18, 1]
[C:\PROGRA~1\ChinaNet\VNETON~1.OCX] [, 2004, 11, 23, 1]
[C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL] [, 2005, 1, 28, 1]
[C:\PROGRA~1\ChinaNet\VnetOptLog.dll] [, 2004, 11, 23, 1]
[C:\PROGRA~1\ChinaNet\DialogStyle.dll] [, 1, 0, 0, 1]
[C:\PROGRA~1\ChinaNet\Timer.ocx] [, 2004, 11, 25, 1]
[C:\PROGRA~1\ChinaNet\VnetSkin.ocx] [GDDC, 1, 0, 0, 1]
[C:\PROGRA~1\ChinaNet\PlugIns\sms\SMSCON~1.DLL] [, 1, 0, 0, 1]
[C:\PROGRA~1\ChinaNet\PlugIns\sms\smsctl.dll] [, 1, 0, 0, 1]
[C:\PROGRA~1\ChinaNet\PlugIns\sms\MsgEg_DLL.dll] [, 1, 0, 0, 1]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] [Macromedia, Inc., 8,0,24,0]
[C:\PROGRA~1\ChinaNet\DlgSkin.ocx] [, 1, 0, 0, 1]
[PID: 1740][D:\Program Files\QQ20063\QQ.exe] [TENCENT, 0, 0, 0, 0]
[D:\Program Files\QQ20063\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\QQHelperDll.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\BasicCtrlDll.dll] [Tencent, 6, 0, 200, 320]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\QQ20063\QQAPI.dll] [, 1, 0, 0, 1]
絮絮妹妹 - 2007-3-23 19:07:00
[D:\Program Files\QQ20063\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[D:\Program Files\QQ20063\LoginCtrl.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 6, 27, 1]
[D:\Program Files\QQ20063\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[D:\Program Files\QQ20063\QQRes.dll] [tencent, 1, 0, 0, 1]
[D:\Program Files\QQ20063\QQMainFrame.dll] [N/A, N/A]
[D:\Program Files\QQ20063\CQQApplication.dll] [N/A, N/A]
[D:\Program Files\QQ20063\NewSkin.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\HostingMgr.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\CameraDll.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\MailSummary.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\QQKnowledgeSearch.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\QQAllInOne.dll] [N/A, N/A]
[D:\Program Files\QQ20063\GroupLive.dll] [N/A, N/A]
[D:\Program Files\QQ20063\SCCore.dll] [TENCENT, 2, 0, 0, 1]
[D:\Program Files\QQ20063\QQSpace.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\UserDefinedHead.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\QQPlugin.dll] [N/A, N/A]
[D:\Program Files\QQ20063\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] [Macromedia, Inc., 8,0,24,0]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[D:\Program Files\QQ20063\QRingMng.dll] [N/A, N/A]
[D:\Program Files\QQ20063\QQGroupMng.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\QQCustomFace.dll] [N/A, N/A]
[D:\Program Files\QQ20063\QQPet.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\LongConnection.dll] [tencent, 5, 0, 200, 160]
[D:\Program Files\QQ20063\QQSysMsgMng.dll] [N/A, N/A]
[D:\Program Files\QQ20063\QQAvatar.dll] [N/A, N/A]
[D:\Program Files\QQ20063\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[D:\Program Files\QQ20063\PhoneAPI.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[D:\Program Files\QQ20063\QQMagicFace.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\QQSceneMng.dll] [N/A, N/A]
[D:\Program Files\QQ20063\BQQApplication.dll] [N/A, N/A]
[D:\Program Files\QQ20063\CommercesMng.dll] [, 1, 0, 0, 1]
[D:\Program Files\QQ20063\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[D:\Program Files\QQ20063\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 271]
[D:\Program Files\QQ20063\GroupConnection.dll] [Tencent, 0, 3, 3, 5]
[D:\Program Files\QQ20063\QQPhoneHelper.dll] [腾讯科技(深圳)有限公司, 2, 1, 6, 60]
[PID: 396][D:\Program Files\QQ20063\TIMPlatform.exe] [tencent, 0, 3, 1, 8]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[D:\Program Files\QQ20063\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 2184][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2284][D:\Program Files\淘宝网\淘宝旺旺\WangWang.exe] [阿里软件(中国)有限公司, 5, 0, 0, 0]
[D:\Program Files\淘宝网\淘宝旺旺\AliViewCtrl.dll] [阿里软件(中国)有限公司, 1, 0, 0, 2]
[D:\Program Files\淘宝网\淘宝旺旺\VLNetwork.dll] [阿里软件(中国)有限公司, 1, 0, 0, 6]
[D:\Program Files\淘宝网\淘宝旺旺\AliViewMedia.dll] [阿里软件(中国)有限公司, 1, 0, 0, 2]
[D:\Program Files\淘宝网\淘宝旺旺\VideoCap.dll] [, 1, 0, 0, 4]
[D:\Program Files\淘宝网\淘宝旺旺\VLAudio.dll] [阿里软件(中国)有限公司, 1, 0, 0, 5]
[D:\Program Files\淘宝网\淘宝旺旺\JsmShow.dll] [阿里软件(中国)有限公司, 1, 0, 0, 4]
[D:\Program Files\淘宝网\淘宝旺旺\AliSkin.dll] [TODO: <公司名>, 1.0.0.1]
[D:\Program Files\淘宝网\淘宝旺旺\zlib.dll] [N/A, 1.2.3]
[D:\Program Files\淘宝网\淘宝旺旺\ww_network.dll] [N/A, 1, 0, 1, 20]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\淘宝网\淘宝旺旺\MessageNotify.dll] [, 1, 0, 0, 1]
[D:\Program Files\淘宝网\淘宝旺旺\Ali_Res.DLL] [N/A, N/A]
[D:\PROGRA~1\淘宝网\淘宝旺旺\TBATAB~1.OCX] [alibaba, 1, 0, 0, 1]
[D:\Program Files\淘宝网\淘宝旺旺\WangWangX4.dll] [阿里软件(中国)有限公司, 1, 0, 0, 1]
[D:\Program Files\淘宝网\淘宝旺旺\RichOne.dll] [阿里软件(中国)有限公司, 1.0.0.1]
[D:\Program Files\淘宝网\淘宝旺旺\TBProgress.dll] [阿里软件(中国)有限公司, 1.0.0.1]
[D:\Program Files\淘宝网\淘宝旺旺\tbATabControl.ocx] [alibaba, 1, 0, 0, 1]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[PID: 3724][D:\Program Files\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[D:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Program Files\Rising\Rav\RavUI.Dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[D:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[D:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[d:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[D:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[d:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[d:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[d:\Program Files\Rising\Rav\MVEngine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[D:\Program Files\Rising\Rav\Engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 26]
[D:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[D:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[D:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 41]
[D:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[d:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
[d:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[d:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[d:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
[d:\Program Files\Rising\Rav\RsVM.dll] [N/A, 19, 0, 0, 16]
[d:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
[d:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[d:\Program Files\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[d:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[d:\Program Files\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[d:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[d:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll] [YAHOO Corporation Limited, 3, 0, 3, 1004]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[d:\Program Files\Rising\Rav\ScanElf.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[PID: 3380][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [yahoo! china, 3, 3, 2, 1093]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ysearch.dll] [Yahoo! China, 3, 1, 6, 1016]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] [yahoo! china, 3, 0, 3, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 6, 1008]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] [Yahoo! China, 3, 0, 3, 1004]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] [Yahoo! China, 3, 0, 5, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] [Yahoo! China, 3, 0, 5, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YSETTI~1.DLL] [yahoo! china, 3, 1, 2, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ymailp.dll] [Yahoo! China, 3, 0, 4, 1010]
[C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll] [YAHOO Corporation Limited, 3, 0, 3, 1004]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[D:\Program Files\FlashGet\jccatch.dll] [www.flashget.com, 1, 8, 1, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [yahoo! china, 3, 0, 5, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL] [yahoo! china, 3, 0, 4, 1006]
[D:\Program Files\FlashGet\getflash.dll] [www.flashget.com, 1, 8, 1, 1002]
絮絮妹妹 - 2007-3-23 19:08:00
AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll] [Yahoo! China, 3, 0, 9, 1012]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll] [Yahoo! China, 2, 1, 3, 89]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll] [Yahoo, 1, 0, 1, 1001]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo! China, 3, 1, 6, 1022]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yxpstyle.dll] [Yahoo! China, 3, 0, 1, 1001]
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] [Macromedia, Inc., 8,0,24,0]
[PID: 700][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [yahoo! china, 3, 3, 2, 1093]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ysearch.dll] [Yahoo! China, 3, 1, 6, 1016]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] [yahoo! china, 3, 0, 3, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 6, 1008]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] [Yahoo! China, 3, 0, 3, 1004]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] [Yahoo! China, 3, 0, 5, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] [Yahoo! China, 3, 0, 5, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YSETTI~1.DLL] [yahoo! china, 3, 1, 2, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ymailp.dll] [Yahoo! China, 3, 0, 4, 1010]
[C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll] [YAHOO Corporation Limited, 3, 0, 3, 1004]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[D:\Program Files\FlashGet\jccatch.dll] [www.flashget.com, 1, 8, 1, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [yahoo! china, 3, 0, 5, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL] [yahoo! china, 3, 0, 4, 1006]
[D:\Program Files\FlashGet\getflash.dll] [www.flashget.com, 1, 8, 1, 1002]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] [Macromedia, Inc., 8,0,24,0]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll] [Yahoo! China, 3, 0, 9, 1012]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll] [Yahoo! China, 2, 1, 3, 89]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll] [Yahoo, 1, 0, 1, 1001]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo! China, 3, 1, 6, 1022]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yxpstyle.dll] [Yahoo! China, 3, 0, 1, 1001]
[PID: 3284][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [yahoo! china, 3, 3, 2, 1093]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ysearch.dll] [Yahoo! China, 3, 1, 6, 1016]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] [yahoo! china, 3, 0, 3, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 6, 1008]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] [Yahoo! China, 3, 0, 3, 1004]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] [Yahoo! China, 3, 0, 5, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] [Yahoo! China, 3, 0, 5, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YSETTI~1.DLL] [yahoo! china, 3, 1, 2, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ymailp.dll] [Yahoo! China, 3, 0, 4, 1010]
[C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll] [YAHOO Corporation Limited, 3, 0, 3, 1004]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[D:\Program Files\FlashGet\jccatch.dll] [www.flashget.com, 1, 8, 1, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [yahoo! china, 3, 0, 5, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL] [yahoo! china, 3, 0, 4, 1006]
[D:\Program Files\FlashGet\getflash.dll] [www.flashget.com, 1, 8, 1, 1002]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] [Macromedia, Inc., 8,0,24,0]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll] [Yahoo! China, 3, 0, 9, 1012]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll] [Yahoo! China, 2, 1, 3, 89]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll] [Yahoo, 1, 0, 1, 1001]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo! China, 3, 1, 6, 1022]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yxpstyle.dll] [Yahoo! China, 3, 0, 1, 1001]
[PID: 2432][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.172\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 3532][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.187\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. [C:\WINDOWS\hh.exe %1]
.HLP Error. [C:\WINDOWS\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS Error. ["d:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
乐影依翼 - 2007-3-23 19:59:00
我记得我删除Trojan.DL.Agent.xdw的时候是要关了瑞星监控才删除的了 我想Trojan.DL.Agent.gpq 是不是也要这样删除呢?
只是个建议啊
絮絮妹妹 - 2007-3-24 20:11:00
这样不行呀,还是删不掉,大虾怎么还不来,我热切的等待大侠的回答呢~~
newcenturymoon - 2007-3-24 21:28:00
报哪个文件是病毒?
絮絮妹妹 - 2007-3-25 0:49:00
WINDOWS下的PE病毒 Trojan.DL.Agent.gpq
WINDOWS下的PE病毒 Trojan.MnLess.dr
这两个病毒,日志已贴上来了
天月来了 - 2007-3-25 0:57:00
是问你杀软提示这两个病毒时,提示中的病毒文件是啥?在哪里?
还有扫日志时不能打开任何程序的。
你看那正在运行的里面多的我都看晕了。
桃子CiCi - 2007-3-25 2:23:00
【回复“天月来了”的帖子】
哈哈…………
好想你把眼睛也看爆掉
白鹭ξ夜行 - 2007-3-25 2:33:00
......又是trojan 应该说是病毒名叫Trojan.DL.Agent.gpq,感染了c/window/system32/drivers下的系统文件wtmbr.sys
Trojan.DL.Agent病毒系列:
1. WINDOWS下的PE病毒 Trojan.DL.Agent.ijn
2. WINDOWS下的PE病毒 Trojan.DL.Agent.ilv
3. 普通文件病毒 Trojan.DL.Agent.ilx
4. WINDOWS下的PE病毒 Trojan.DL.Agent.ily
5. WINDOWS下的PE病毒 Trojan.DL.Agent.ilz
6. WINDOWS下的PE病毒 Trojan.DL.Agent.ima
7. 普通文件病毒 Trojan.DL.Agent.imb
8. 普通文件病毒 Trojan.DL.Agent.imc
9. 普通文件病毒 Trojan.DL.Agent.imd
10. 普通文件病毒 Trojan.DL.Agent.ime
11. 普通文件病毒 Trojan.DL.Agent.imf
12. WINDOWS下的PE病毒 Trojan.DL.Agent.inc
13. WINDOWS下的PE病毒 Trojan.DL.Agent.ind
14. WINDOWS下的PE病毒 Trojan.DL.Agent.ine
15. WINDOWS下的PE病毒 Trojan.DL.Agent.ikr
16. WINDOWS下的PE病毒 Trojan.DL.Agent.iks
17. WINDOWS下的PE病毒 Trojan.DL.Agent.ikt
18. WINDOWS下的PE病毒 Trojan.DL.Agent.iku
19. WINDOWS下的PE病毒 Trojan.DL.Agent.ikv
20. WINDOWS下的PE病毒 Trojan.DL.Agent.ikw
天月来了 - 2007-3-25 2:40:00
哈哈!!!
桃子还了我一下!!!!
桃子CiCi - 2007-3-25 3:04:00
再不睡觉
你的眼睛估计也要爆掉了
紫墨蓝尘 - 2007-3-25 3:47:00
大哥````用
WINDOWS 清理助手:
官方下载地址:http://www.arswp.com/download/arswp/arswp.rar
恶意软件清理助手
霏凡下载地址:http://www.crsky.com/soft/6251.html
杀了再发日志上来
紫墨蓝尘 - 2007-3-25 3:48:00
用工具 SREng 删除如下各项
在SREng中 点 启动项目 --> 注册表 进入后 用鼠标左键在对应要修复的项上单击 然后点击"删除"
删除如下项目:
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [(Verified)Yahoo! China]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [(Verified)Yahoo! China]
<DELC$><net share C$ /del> [N/A]
<DELD><net share D$ /del> [N/A]
<DELE><net share E$ /del> [N/A]
<DELF><net share F$ /del> [N/A]
<DELADMIN><net share admin$ /del> [N/A]
<{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><> [N/A]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll> [(Verified)YAHOO Corporation Limited]
<NBJ><"C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"> [Ahead Software AG]
把天网卸了 有瑞星就够了
絮絮妹妹 - 2007-3-25 20:26:00
| 引用: |
【紫墨蓝尘的贴子】用工具 SREng 删除如下各项
你的这种方法没有用,我做了,可是那两个病毒还在,还有,我根本就没有装天网,哪来的天网?
请再看看我下面的图片
就是这两个病毒你的方法删除不了 下面一个贴子开是是我的日志,我会把所有程序都关掉的
附件: 8180212007325202320.jpg
絮絮妹妹 - 2007-3-25 20:37:00 2007-03-25,20:22:47 System Repair Engineer 2.2.6.605 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能 以下内容被选中: 所有的启动项目(包括注册表、启动文件夹、服务等) 浏览器加载项 正在运行的进程(包括进程模块信息) 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 启动项目 注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation] <BitTorrent><"D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized> [N/A] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation] <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation] <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation] <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation] <RavTask><"d:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.] <SKYNET Personal FireWall><C:\PROGRA~1\SkyNet\FireWall\pfw.exe> [N/A] <runeip><D:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.] <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.] <QuickTime Task><"D:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.] <WangWang><D:\Program Files\淘宝网\淘宝旺旺\WangWang.exe> [阿里软件(中国)有限公司] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Corporation] <Userinit><C:\WINDOWS\system32\Userinit.exe,> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.] ================================== 启动文件夹 [星空极速] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\星空极速.lnk --> C:\PROGRA~1\ChinaNet\VNETCL~1.EXE []><N> [Adobe Gamma] <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\Adobe Gamma.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N> [星空极速] <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\星空极速.lnk --> C:\PROGRA~1\ChinaNet\VNETCL~1.EXE []><N> [腾讯QQ] <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\PROGRA~1\QQ20063\QQ.exe [TENCENT]><N> ================================== 服务 [Adobe LM Service / Adobe LM Service] <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems> [Human Interface Device Access / HidServ] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [InstallDriver Table Manager / IDriverT] <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation> [Macromedia Licensing Service / Macromedia Licensing Service] <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A> [NVIDIA Display Driver Service / NVSvc] <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation> [Rising Proxy Service / RfwProxySrv] <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.> [Rising Personal Firewall Service / RfwService] <D:\Program Files\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.> [Rising Process Communication Center / RsCCenter] <"d:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [SoundMAX Agent Service / SoundMAX Agent Service (default)] <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.> ================================== 驱动程序 [225140 / 225140] <C:\WINDOWS\SYSTEM32\DRIVERS\225140.SYS><N/A> [ADProt / ADProt] <\SystemRoot\system32\drivers\ADProt.sys><N/A> [aeaudio / aeaudio] <system32\drivers\aeaudio.sys><Andrea Electronics Corporation> [Rising TDI Base Driver / BaseTDI] <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.> [cdrbsvsd / cdrbsvsd] <C:\WINDOWS\SYSTEM32\DRIVERS\cdrbsvsd.SYS><B.H.A Corporation> [cgicdjig / cgicdjig] <C:\WINDOWS\SYSTEM32\DRIVERS\cgicdjig.SYS><中国互联网络信息中心(CNNIC)> [CSC / CSC] <\??\C:\WINDOWS\system32\drivers\CSC.SYS><FeiTian Tech Co.,Ltd> [GMSIPCI / GMSIPCI] <\??\G:\INSTALL\GMSIPCI.SYS><N/A> [heaegaab / heaegaab] <C:\WINDOWS\SYSTEM32\DRIVERS\heaegaab.SYS><中国互联网络信息中心(CNNIC)> [hjcbcfdd / hjcbcfdd] <\SystemRoot\system32\drivers\hjcbcfdd.sys><中国互联网络信息中心(CNNIC)>
絮絮妹妹 - 2007-3-25 20:38:00 [HOOKAPI / HOOKAPI] <\??\D:\PROGRAM FILES\RISING\RAV\HookApi.Sys><N/A> [HookUrl / HookUrl] <\??\d:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.> [kmsinput / kmsinput] <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A> [MidiSyn / MidiSyn] <system32\drivers\MidiSyn.sys><Analog Devices, Inc.> [mProcRs / mProcRs] <\??\d:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.> [MSICPL / MSICPL] <\??\G:\install4\MSICPL.sys><N/A> [npkcrypt / npkcrypt] <\??\D:\Program Files\QQ20063\npkcrypt.sys><INCA Internet Co., Ltd.> [NTACCESS / NTACCESS] <\??\G:\NTACCESS.sys><N/A> [nv / nv] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [pthw / pthww] <\SystemRoot\System32\DRIVERS\pthww.sys><N/A> [Direct Parallel Link Driver / Ptilink] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [qzxzbjrr / qzxzbjrr] <\SystemRoot\System32\DRIVERS\qzxzbjrr.sys><Yahoo! China Corporation> [RsAntiSpyware / RsAntiSpyware] <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising> [RsFwDrv / RsFwDrv] <\??\d:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.> [RsNTGDI / RsNTGDI] <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.> [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139] <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation> [Secdrv / Secdrv] <system32\DRIVERS\secdrv.sys><N/A> [SAMSUNG YP-NDU / SECYPUSB] <System32\Drivers\SECYPUSB.sys><N/A> [senfilt / senfilt] <system32\drivers\senfilt.sys><Sensaura> [SetupNTGLM7X / SetupNTGLM7X] <\??\G:\NTGLM7X.sys><N/A> [smwdm / smwdm] <system32\drivers\smwdm.sys><Analog Devices, Inc.> [USB PC Camera (snppro) / SNPPRO] <system32\DRIVERS\snppro.sys><> [Sony USB Filter Driver (SONYPVU1) / SONYPVU1] <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation> ================================== 浏览器加载项 [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD> [Flashget Catch Url Class] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\Program Files\FlashGet\jccatch.dll, www.flashget.com> [Yahoo!Photo] {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China> [AntiFish Class] {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china> [VnetCookie Class] {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A> [DragSearch BHO] {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL, yahoo! china> [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} <D:\Program Files\FlashGet\getflash.dll, www.flashget.com> [雅虎助手] {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew, N/A> [启动Web迅雷] {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A> [快车] {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\Program Files\FlashGet\FlashGet.exe, FlashGet.com> [拍拍乐影像家园 2006] {E01D63E5-8758-4D4C-95DB-3C0529A5B450} <d:\Program Files\Foxshare\PixPlayer\PixPlayer.exe, 深圳市复兴科技有限公司> [雅虎助手] {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china> [快车(FlashGet)] {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\Program Files\FlashGet\fgiebar.dll, Amaze Soft> [CEditCtrl Object] {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com> [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD> [PeerDraw Class] {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation> [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, > [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation> [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A> [Flashget Catch Url Class] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\Program Files\FlashGet\jccatch.dll, www.flashget.com> [Yahoo!Photo] {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China> [AntiFish Class] {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china> [雅虎助手] {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china> [CEditCtrl Object] {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com> [VnetCookie Class] {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A> [HHCtrl Object]
絮絮妹妹 - 2007-3-25 20:38:00 {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll, yahoo! china>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL, yahoo! china>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[WangWangObj Class]
{6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\Program Files\淘宝网\淘宝旺旺\WangWangX4.dll, 阿里软件(中国)有限公司>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[快车(FlashGet)]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[FlashGet GetFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <D:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[JetCarNetscape Class]
{FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <D:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[&使用快车(FlashGet)下载]
<D:\Program Files\FlashGet\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
<D:\Program Files\FlashGet\jc_all.htm, N/A>
[上传到QQ网络硬盘]
<D:\Program Files\QQ20063\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
<d:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
<d:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[添加到QQ自定义面板]
<D:\Program Files\QQ20063\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\Program Files\QQ20063\AddEmotion.htm, N/A>
[添加图片到拍拍乐相册]
<d:\Program Files\Foxshare\PixPlayer\HTML\PPPastePix.html, N/A>
[用QQ彩信发送该图片]
<D:\Program Files\QQ20063\SendMMS.htm, N/A>
==================================
正在运行的进程
[PID: 508][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 604][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 648][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 868][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 948][d:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 964][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1036][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1152][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1292][D:\Program Files\Rising\Rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 34]
[D:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[D:\Program Files\Rising\Rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[D:\Program Files\Rising\Rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[D:\Program Files\Rising\Rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[D:\Program Files\Rising\Rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[D:\Program Files\Rising\Rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1304][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\WINDOWS\system32\gprgy.dll] [N/A, N/A]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[d:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll] [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 6, 1008]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~2.DLL] [yahoo! china, 3, 0, 4, 1006]
[PID: 1468][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1676][D:\Program Files\Rising\Rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[D:\Program Files\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[D:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[D:\Program Files\Rising\Rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[PID: 1732][D:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1784][D:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[D:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1792][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3510]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1900][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8421]
[PID: 2040][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 856][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 916][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1112][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1588][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 4020][C:\PROGRA~1\Yahoo!\ASSIST~1\ylive.exe] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 9, 1111]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll] [yahoo! china, 3, 0, 2, 1002]
[PID: 904][C:\Program Files\WinRAR\WinRAR.exe] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1604][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.281\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 1, 9, 1025]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. [C:\WINDOWS\hh.exe %1]
.HLP Error. [C:\WINDOWS\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS Error. ["d:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
絮絮妹妹 - 2007-3-25 20:39:00 好了,这次就一点点,哈哈,帮我弄一下吧~~~
絮絮妹妹 - 2007-3-26 22:08:00 还是删除不了呀,大虾,帮帮我呀~~
就是图中最上面两个病毒呀,日志已经贴上
絮絮妹妹 - 2007-3-26 22:09:00 | 引用: | 【紫墨蓝尘的贴子】用工具 SREng 删除如下各项
在SREng中 点 启动项目 --> 注册表 进入后 用鼠标左键在对应要修复的项上单击 然后点击"删除"
删除如下项目:
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [(Verified)Yahoo! China]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [(Verified)Yahoo! China]
<DELC$><net share C$ /del> [N/A]
<DELD><net share D$ /del> [N/A]
<DELE><net share E$ /del> [N/A]
<DELF><net share F$ /del> [N/A]
<DELADMIN><net share admin$ /del> [N/A]
<{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><> [N/A]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll> [(Verified)YAHOO Corporation Limited]
<NBJ><"C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"> [Ahead Software AG]
把天网卸了 有瑞星就够了
……………… |
你的方法我已经用过,现在STRNG里面已经没有你所说的程序,可是还是删除不了呀~~
newcenturymoon - 2007-3-26 22:10:00 | 引用: | 【紫墨蓝尘的贴子】用工具 SREng 删除如下各项
在SREng中 点 启动项目 --> 注册表 进入后 用鼠标左键在对应要修复的项上单击 然后点击"删除"
删除如下项目:
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [(Verified)Yahoo! China]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [(Verified)Yahoo! China]
<DELC$><net share C$ /del> [N/A]
<DELD><net share D$ /del> [N/A]
<DELE><net share E$ /del> [N/A]
<DELF><net share F$ /del> [N/A]
<DELADMIN><net share admin$ /del> [N/A]
<{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><> [N/A]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll> [(Verified)YAHOO Corporation Limited]
<NBJ><"C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"> [Ahead Software AG]
把天网卸了 有瑞星就够了
……………… |
<DELC$><net share C$ /del> [N/A] <DELD><net share D$ /del> [N/A] <DELE><net share E$ /del> [N/A] <DELF><net share F$ /del> [N/A] <DELADMIN><net share admin$ /del> [N/A]人家这个是禁止共享的批处理
絮絮妹妹 - 2007-3-27 21:47:00 【回复“newcenturymoon”的帖子】
不管是不是批处理,都已经被我删除了,可是还是删除不了病毒呀呀,5555谁能帮帮我呀~~`
枫笑九洲 - 2007-3-27 22:33:00 | 引用: | 【紫墨蓝尘的贴子】用工具 SREng 删除如下各项
在SREng中 点 启动项目 --> 注册表 进入后 用鼠标左键在对应要修复的项上单击 然后点击"删除"
删除如下项目:
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [(Verified)Yahoo! China]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [(Verified)Yahoo! China]
<DELC$><net share C$ /del> [N/A]
<DELD><net share D$ /del> [N/A]
<DELE><net share E$ /del> [N/A]
<DELF><net share F$ /del> [N/A]
<DELADMIN><net share admin$ /del> [N/A]
<{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><> [N/A]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll> [(Verified)YAHOO Corporation Limited]
<NBJ><"C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"> [Ahead Software AG]
把天网卸了 有瑞星就够了
……………… |
卸天网??? 瑞星防火墙肯定好不过天网
絮絮妹妹 - 2007-3-29 19:40:00 我根本没装天网
沧州中华 - 2007-3-29 19:52:00 【回复“天月来了”的帖子】
使用瑞星嵌杀啊!!!!!!!!!1
沧州中华 - 2007-3-29 19:55:00 【回复“枫笑九洲”的帖子】
太浪钱了枫笑九洲!!!!!!!!!!!!
1
© 2000 - 2026 Rising Corp. Ltd.
|