瑞星卡卡安全论坛
shdjfhskjhfsjkf - 2007-7-12 17:29:00
Trojan.DL.Agent.bkj瑞星总是提示发现病毒 并且把文件也删了 可一开机就会有 ..
南宫古竑 - 2007-7-12 18:34:00
我遇到一个类似的病毒,和这差不多,瑞星提示已跳过该脚本,是不是问题就解决了。文件存在temp目录下的一个*.tmp文件中。
agee - 2007-7-12 21:26:00
下载 System Repair Engineer,
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 关掉所有手动打开的东西
4 智能扫描=》扫描=》保存报告
5 把日志中的报告完整拷贝贴上来,不要修改,(一次贴不完分多次贴)!
aqez - 2007-7-12 21:33:00
这个用nod32杀的掉!!!
lixinhang001 - 2007-8-13 16:09:00
[CODE]
2007-08-13,15:36:57
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
lixinhang001 - 2007-8-13 16:10:00
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<switch><c:\windows\system32\壁纸自动换.exe> []
<helper.dll><C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32> []
<CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<nwiz><nwiz.exe /install> []
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SoundMan><SOUNDMAN.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Cmaudio><RunDll32 cmicnfg.cpl,CMICtrlWnd> [N/A]
<RavTask><"E:\瑞星\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"E:\瑞星\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<RavStub><"E:\瑞星\Rising\Rav\ravstub.exe" /RUNONCE> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll> [北京三七二一科技有限公司]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
==================================
lixinhang001 - 2007-8-13 16:10:00
启动文件夹
N/A
==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<e:\瑞星\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<e:\瑞星\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"E:\瑞星\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"E:\瑞星\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
<System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
<system32\drivers\cmuda.sys><C-Media Inc>
[CnsMinKP / CnsMinKP][Running/Boot Start]
<\SystemRoot\system32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\E:\瑞星\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/Auto Start]
<\??\E:\瑞星\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\E:\瑞星\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\E:\瑞星\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\E:\瑞星\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\E:\瑞星\Rising\Rav\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[mProcRs / mProcRs][Running/Auto Start]
<\??\e:\瑞星\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\E:\瑞星\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\E:\瑞星\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver / RTL8023][Running/Manual Start]
<system32\DRIVERS\Rtlnic51.sys><Realtek Semiconductor Corporation>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Stopped/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[R2A / R2A][Stopped/Disabled]
<\??\C:\WINDOWS\system32a2.sys><N/A>
==================================
浏览器加载项
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[SrchHook Class]
{F08555B0-9CC3-11D2-AA8E-000000000000} <C:\WINDOWS\system32\IEBHO.dll, N/A>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
{6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[IE搜索工具条]
{BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[AutoLive]
{7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, >
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[IE搜索工具条]
{BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[SrchHook Class]
{F08555B0-9CC3-11D2-AA8E-000000000000} <C:\WINDOWS\system32\IEBHO.dll, N/A>
[使用迅雷下载]
<C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 440 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 576 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 588 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 740 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860 / SYSTEM][E:\瑞星\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 904 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 992 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1068 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1096 / SYSTEM][E:\瑞星\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
lixinhang001 - 2007-8-13 16:11:00
[E:\瑞星\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[E:\瑞星\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[E:\瑞星\Rising\Rav\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[E:\瑞星\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[E:\瑞星\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[E:\瑞星\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[E:\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[E:\瑞星\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[E:\瑞星\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[E:\瑞星\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[E:\瑞星\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[E:\瑞星\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[E:\瑞星\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[E:\瑞星\Rising\Rav\psapi.dll] [Microsoft Corporation, 4.00]
[E:\瑞星\Rising\Rav\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[E:\瑞星\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
[E:\瑞星\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[E:\瑞星\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[E:\瑞星\Rising\Rav\HookCont.dll] [Rising, 19, 0, 0, 0]
[E:\瑞星\Rising\Rav\SpamEng.dll] [, 18, 0, 0, 6]
[E:\瑞星\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[E:\瑞星\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[E:\瑞星\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[E:\瑞星\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[E:\瑞星\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 74]
[E:\瑞星\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[E:\瑞星\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[E:\瑞星\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[E:\瑞星\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[E:\瑞星\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
[E:\瑞星\Rising\Rav\RsVM.dll] [, 19, 0, 0, 20]
[E:\瑞星\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 50]
[E:\瑞星\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[PID: 1256 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 1, 0, 4, 2]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\PROGRA~1\3721\alrex.dll] [, 1, 0, 1, 1001]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[E:\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\PROGRA~1\3721\autolive.dll] [, 1, 1, 9, 1329]
[C:\PROGRA~1\3721\alLiveEx.dll] [ , 1, 0, 3, 1006]
[C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[PID: 1284 / SYSTEM][e:\瑞星\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 35]
[e:\瑞星\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[e:\瑞星\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[e:\瑞星\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[e:\瑞星\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00]
[e:\瑞星\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[e:\瑞星\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[e:\瑞星\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1452 / Administrator][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\WINDOWS\DOWNLO~1\CnsMinIO.dll] [北京三七二一科技有限公司, 1, 0, 3, 7]
[C:\WINDOWS\DOWNLO~1\cnsio.dll] [北京三七二一科技有限公司, 1, 0, 2, 8]
[C:\WINDOWS\DOWNLO~1\CnsMinEx.dll] [国风因特软件(北京)有限公司, 1, 0, 3, 5]
[PID: 1460 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1580 / SYSTEM][E:\瑞星\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
[E:\瑞星\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[E:\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1692 / Administrator][e:\瑞星\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
[e:\瑞星\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[e:\瑞星\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[e:\瑞星\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[e:\瑞星\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[e:\瑞星\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 268 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8198]
[PID: 372 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1556 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1744 / Administrator][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\PROGRA~1\3721\autolive.dll] [, 1, 1, 9, 1329]
[C:\PROGRA~1\3721\notifier.dll] [, 1, 0, 0, 5]
[C:\PROGRA~1\3721\alLiveEx.dll] [ , 1, 0, 3, 1006]
[PID: 1776 / Administrator][C:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.10.8198]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.8198]
[PID: 1796 / Administrator][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 52]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[PID: 1804 / Administrator][C:\WINDOWS\system32\RunDll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system\cmicnfg.cpl] [C-Media Corporation, 1, 0, 41, 6]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\WINDOWS\System32\udaprop.dll] [C-Media Corporation, 1.0.2.2]
[PID: 1912 / Administrator][E:\瑞星\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[E:\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[E:\瑞星\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[E:\瑞星\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[E:\瑞星\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[PID: 1768 / Administrator][E:\瑞星\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
lixinhang001 - 2007-8-13 16:12:00
[E:\瑞星\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[E:\瑞星\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[E:\瑞星\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[E:\瑞星\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[E:\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[E:\瑞星\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[E:\瑞星\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[E:\瑞星\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[PID: 2096 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[PID: 2360 / Administrator][E:\瑞星\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[E:\瑞星\Rising\Rav\PlugIn\RsPgScan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[E:\瑞星\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[E:\瑞星\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[E:\瑞星\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[E:\瑞星\Rising\Rav\RavUI.Dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[E:\瑞星\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[E:\瑞星\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[E:\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[E:\瑞星\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[E:\瑞星\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[E:\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[E:\瑞星\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[E:\瑞星\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[E:\瑞星\Rising\Rav\MVEngine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[E:\瑞星\Rising\Rav\Engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[E:\瑞星\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[E:\瑞星\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 22]
[E:\瑞星\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[E:\瑞星\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 74]
[E:\瑞星\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[E:\瑞星\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[E:\瑞星\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[E:\瑞星\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[E:\瑞星\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[E:\瑞星\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[E:\瑞星\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
[E:\瑞星\Rising\Rav\RsVM.dll] [, 19, 0, 0, 20]
[E:\瑞星\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 50]
[E:\瑞星\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[E:\瑞星\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[E:\瑞星\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 1, 0, 4, 2]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[E:\瑞星\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[E:\瑞星\Rising\Rav\ScanElf.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[E:\瑞星\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[E:\瑞星\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 2428 / Administrator][E:\瑞星\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[E:\瑞星\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[PID: 2456 / Administrator][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3424]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3592 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\PROGRA~1\3721\scrblock.dll] [3721, 1, 0, 1, 1000]
[C:\PROGRA~1\3721\alrex.dll] [, 1, 0, 1, 1001]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\WINDOWS\DOWNLO~1\CnsHint.dll] [3721, 1, 0, 1, 2]
[C:\PROGRA~1\3721\autolive.dll] [, 1, 1, 9, 1329]
[C:\PROGRA~1\3721\alLiveEx.dll] [ , 1, 0, 3, 1006]
[C:\WINDOWS\DOWNLO~1\cnsplus.dll] [3721, 1, 0, 0, 2]
[C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 1, 0, 4, 2]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[E:\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[PID: 2276 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 4, 0]
[C:\Documents and Settings\Administrator\桌面\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
lixinhang001 - 2007-8-13 16:13:00
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
219.153.32.215 auto.search.msn.com
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1692, E:\瑞星\RISING\RFW\RFWMAIN.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1912, E:\瑞星\RISING\RAV\RAVTASK.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1768, E:\瑞星\RISING\RAV\RAVMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2360, E:\瑞星\RISING\RAV\RAV.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2428, E:\瑞星\RISING\RAV\RSAGENT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2428, E:\瑞星\RISING\RAV\RSAGENT.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
端木兆棠 - 2007-8-26 0:26:00
我也中了!!!!!各位帮忙看下!![CODE]
2007-08-26,00:02:18
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<jiajiasr><D:\Program Files\jj4\jiajiasr.exe> [加加工作组]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<ATIPTA><"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"> [ATI Technologies, Inc.]
<SigmatelSysTrayApp><stsystra.exe> [SigmaTel, Inc.]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<OrderReminder><C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe> [Hewlett-Packard]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"D:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)"Apple Computer, Inc."]
<StormCodec_Helper><"D:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> []
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
<{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\aurora.scr> [Axialis Software]
==================================
启动文件夹
N/A
==================================
服务
[Apple Mobile Device / Apple Mobile Device][Stopped/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[iPod 服务 / iPod Service][Running/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
==================================
驱动程序
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start]
<system32\DRIVERS\e100b325.sys><Intel Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[mProcRs / mProcRs][Running/Auto Start]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
<\??\F:\Program Files\Tencent\qq\npkcrypt.sys><N/A>
[npkcusb / npkcusb][Stopped/Auto Start]
<\??\F:\Program Files\Tencent\qq\npkcusb.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\sthda.sys><SigmaTel, Inc.>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\TesSafe.sys><N/A>
端木兆棠 - 2007-8-26 0:28:00
浏览器加载项
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[番茄花园]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[ScreenCapture Class]
{B4D9857D-8A55-4442-A577-6B3ED5D4E41B} <C:\WINDOWS\system32\FMO.dll, Tencent Inc.>
[PasswordEditCtrl Class]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[Fade]
{16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[XML DOM Document 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, Microsoft Corporation>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[QQPlayerSvr Proxy Control]
{CD108273-D434-43E6-AA90-1469F97EB398} <F:\Program Files\Tencent\qq\QQPlayerProxy.dll, Tencent>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[&使用迅雷下载]
<D:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<D:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
<F:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[导出到 Microsoft Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<F:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
<F:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<F:\Program Files\Tencent\qq\SendMMS.htm, N/A>
端木兆棠 - 2007-8-26 0:30:00
正在运行的进程
[PID: 596 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 656 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 684 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 728 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 740 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4118]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 924 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1124 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1140 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)]
[PID: 1248 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1344 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[PID: 1368 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
[C:\PROGRAM FILES\RISING\RAV\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\PROGRAM FILES\RISING\RAV\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\PROGRAM FILES\RISING\RAV\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\PROGRAM FILES\RISING\RAV\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\PROGRAM FILES\RISING\RAV\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\PROGRAM FILES\RISING\RAV\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\PROGRAM FILES\RISING\RAV\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\PROGRAM FILES\RISING\RAV\psapi.dll] [Microsoft Corporation, 4.00]
[C:\PROGRAM FILES\RISING\RAV\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[C:\PROGRAM FILES\RISING\RAV\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
[C:\PROGRAM FILES\RISING\RAV\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\PROGRAM FILES\RISING\RAV\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\PROGRAM FILES\RISING\RAV\HookCont.dll] [Rising, 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\SpamEng.dll] [, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 80]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
[C:\Program Files\Rising\Rav\RsVM.dll] [, 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 56]
[C:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[C:\Program Files\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[C:\Program Files\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
端木兆棠 - 2007-8-26 0:30:00
正在运行的进程
[PID: 596 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 656 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 684 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 728 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 740 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4118]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 924 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1124 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1140 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)]
[PID: 1248 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1344 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[PID: 1368 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
[C:\PROGRAM FILES\RISING\RAV\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\PROGRAM FILES\RISING\RAV\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\PROGRAM FILES\RISING\RAV\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\PROGRAM FILES\RISING\RAV\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\PROGRAM FILES\RISING\RAV\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\PROGRAM FILES\RISING\RAV\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\PROGRAM FILES\RISING\RAV\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\PROGRAM FILES\RISING\RAV\psapi.dll] [Microsoft Corporation, 4.00]
[C:\PROGRAM FILES\RISING\RAV\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[C:\PROGRAM FILES\RISING\RAV\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
[C:\PROGRAM FILES\RISING\RAV\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\PROGRAM FILES\RISING\RAV\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\PROGRAM FILES\RISING\RAV\HookCont.dll] [Rising, 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\SpamEng.dll] [, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 80]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
[C:\Program Files\Rising\Rav\RsVM.dll] [, 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 56]
[C:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[C:\Program Files\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[C:\Program Files\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
端木兆棠 - 2007-8-26 0:32:00
[PID: 284 / 唐晨尧][C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe] [Hewlett-Packard, 2, 0, 1, 26]
[PID: 396 / 唐晨尧][D:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.3.1.3]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[D:\Program Files\iTunes\iTunesHelper.Resources\zh_CN.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.3.0.54]
[D:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.3.1.3]
[C:\WINDOWS\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
[C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx] [Apple Computer, Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx] [Apple Computer, Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx] [Apple Inc., 7.2]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx] [Apple Inc., 7.2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx] [Apple Inc., 7.2]
[C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx] [Apple Inc., 7.2]
[C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 3, 85, 0]
[PID: 1208 / 唐晨尧][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3292]
[C:\WINDOWS\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1320 / 唐晨尧][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1412 / 唐晨尧][D:\Program Files\jj4\jiajiasr.exe] [加加工作组, 4, 1, 0, 47]
[C:\WINDOWS\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2420 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.3.1.3]
[C:\Program Files\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.3.0.54]
[C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.3.1.3]
[PID: 3268 / 唐晨尧][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 188 / 唐晨尧][D:\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\WINDOWS\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[D:\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
端木兆棠 - 2007-8-26 0:32:00
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 192, C:\WINDOWS\STSYSTRA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 164, C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 196, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 220, C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 284, C:\PROGRAM FILES\HEWLETT-PACKARD\ORDERREMINDER\ORDERREMINDER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1208, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1412, D:\PROGRAM FILES\JJ4\JIAJIASR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3996, D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2568, C:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
乐影依翼 - 2007-8-26 1:56:00
LZ先下个恶意软件清理助手 把你电脑里恶意软件给杀了再扫个日志上来吧
202020 - 2007-10-12 12:31:00
[CODE]
2007-10-11,22:45:13
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<switch><c:\windows\system32\壁纸自动换.exe> []
<BigDogPath><C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera> [N/A]
<SkyTel><SkyTel.EXE> [(Verified)Beijing Rising Science and Technology Corporation Limited]
<RTHDCPL><RTHDCPL.EXE> [(Verified)Microsoft Windows Publisher]
<Alcmtr><ALCMTR.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<ATICCC><"C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"> []
<RavTask><"F:\工具\瑞星\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and Technology Corporation Limited]
<helper.dll><C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32> [(Verified)"INTER CHINA NETWORK SOFTWARE (BEIJING) CO., LTD."]
<CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [(Verified)"INTER CHINA NETWORK SOFTWARE (BEIJING) CO., LTD."]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [Yahoo! China]
<DOT1xSUPP><F:\\工具\\校园网客户端\\DigitalChinaSupplicant.exe> []
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [Yahoo!]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [(Verified)Beijing Rising Science and Technology Corporation Limited]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll> [(Verified)"INTER CHINA NETWORK SOFTWARE (BEIJING) CO., LTD."]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
==================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> F:\工具\QQ\QQ.exe [TENCENT]><N>
==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[ForceWare Intelligent Application Manager (IAM) / ForceWare Intelligent Application Manager (IAM)][Running/Auto Start]
<C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ForceWare IP service / nSvcIp][Running/Auto Start]
<C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe><NVIDIA Corporation>
[Qvod Terminal / Qvod Terminal][Running/Auto Start]
<F:\工具\P2P客户端\QvodPlayer\QvodTerminal.exe><Shenzhen TASK Technology Co.,Ltd>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"F:\工具\瑞星\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"F:\工具\瑞星\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[AliIde / AliIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD Processor Driver / AmdK8][Running/System Start]
<System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[CnsMinKP / CnsMinKP][Running/Boot Start]
<\SystemRoot\system32\drivers\CnsMinKP.sys><国风因特软件(北京)有限公司>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
<\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
<\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
<\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
<\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kfqcsg / kfqcsg][Running/System Start]
<2 - 系统找不到指定的文件。
><N/A>
[Netgroup Packet Filter / NPF][Running/Manual Start]
<system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
<system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[Driver for Xinli GRE Protocol Device / XinliGREProtocol][Running/Manual Start]
<system32\DRIVERS\XinliGREProtocol.sys><西安信利软件有限公司>
[VIMICRO USB PC Camera / ZSMC302][Running/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>
[R2A / R2A][Stopped/Disabled]
<\??\C:\WINDOWS\system32a2.sys><N/A>
[mjmdkc / mjmdkc][Running/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\mjmdkc.sys><N/A>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
==================================
202020 - 2007-10-12 12:32:00
浏览器加载项
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[Thunder Browser Helper]
{38928D4F-8A48-44C2-945F-D2F23F771410} <F:\工具\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 国风因特软件(北京)有限公司>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\工具\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[豪杰超级解霸V8]
{367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
{6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[易趣购物]
{EE60714F-AC17-427e-861A-FD60CBDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=160, N/A>
[精彩图铃]
{EE60714F-AC27-427e-861A-FD60CBDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=163, N/A>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[Thunder Browser Helper]
{38928D4F-8A48-44C2-945F-D2F23F771410} <F:\工具\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 国风因特软件(北京)有限公司>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[QvodCtrl Class]
{F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\WINDOWS\system32\QvodInsert.dll, Shenzhen TASK Technology Co.,Ltd>
[Save豪杰超级解霸V8实时播放]
<F:\工具\豪杰解霸\MPURLGET.HTM, N/A>
[使用迅雷下载]
<F:\工具\迅雷\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<F:\工具\迅雷\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[易趣购物]
<C:\Program Files\AD4All\link1\ebaylink.htm, N/A>
[添加到QQ表情]
<F:\工具\QQ\AddEmotion.htm, N/A>
[添加到雅虎订阅(&Y)]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[精彩图铃]
<C:\Program Files\AD4All\link2\phone.htm, N/A>
[豪杰超级解霸V8实时播放]
<C:\Herosoft\HeroV8\MPURLGET.HTM, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>
==================================
正在运行的进程
[PID: 732 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4142]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 892 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 1052 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4142]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2504]
[PID: 1096 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1180 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 1328 / SYSTEM][F:\工具\瑞星\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
[PID: 1344 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 1408 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 1432 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4142]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2504]
[C:\WINDOWS\system32\ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4142]
[PID: 1656 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 1720 / SYSTEM][F:\工具\瑞星\RISING\RAV\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.55]
[F:\工具\瑞星\RISING\RAV\BWList.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.4]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\工具\瑞星\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[F:\工具\瑞星\RISING\RAV\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.5]
[F:\工具\瑞星\RISING\RAV\RsLog.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.27]
[F:\工具\瑞星\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[F:\工具\瑞星\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[F:\工具\瑞星\RISING\RAV\MonRule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.24]
[F:\工具\瑞星\RISING\RAV\Hooksys.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 7]
[F:\工具\瑞星\RISING\RAV\HookReg.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
[F:\工具\瑞星\RISING\RAV\HookNtos.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
[F:\工具\瑞星\RISING\RAV\rswalmon.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
[F:\工具\瑞星\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.8]
[F:\工具\瑞星\RISING\RAV\HookCont.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
[F:\工具\瑞星\Rising\Rav\fakescan.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.13]
[F:\工具\瑞星\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.32]
[F:\工具\瑞星\Rising\Rav\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[F:\工具\瑞星\Rising\Rav\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 7]
[F:\工具\瑞星\Rising\Rav\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
[F:\工具\瑞星\Rising\Rav\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 11]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[F:\工具\瑞星\RISING\RAV\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.2]
[F:\工具\瑞星\Rising\Rav\ffr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
[F:\工具\瑞星\Rising\Rav\nvfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[F:\工具\瑞星\Rising\Rav\scanexec.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 10]
[F:\工具\瑞星\Rising\Rav\unexe.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[F:\工具\瑞星\Rising\Rav\scanex.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 11]
[F:\工具\瑞星\Rising\Rav\pearc.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[F:\工具\瑞星\Rising\Rav\scanpack.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 2]
[F:\工具\瑞星\Rising\Rav\revm.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
[F:\工具\瑞星\Rising\Rav\uroutine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[F:\工具\瑞星\Rising\Rav\scansct.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
[F:\工具\瑞星\Rising\Rav\scriptci.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 2]
[F:\工具\瑞星\Rising\Rav\posttrt.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
[PID: 1972 / SYSTEM][F:\工具\瑞星\RISING\RAV\RavStub.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.9]
[F:\工具\瑞星\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[F:\工具\瑞星\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[F:\工具\瑞星\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
202020 - 2007-10-12 12:34:00
[PID: 152 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 448 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\3721\alrex.dll] [国风因特软件(北京)有限公司, 2.5.1.1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [国风因特软件(北京)有限公司, 2.5.1.6]
[C:\PROGRA~1\3721\autolive.dll] [国风因特软件(北京)有限公司, 2.5.6.1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [, 2, 2, 0, 1050]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [ , 2, 0, 1, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [Yahoo!, 2, 2, 0, 1050]
[F:\工具\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\VM31bPrp.Ax] [Vimicro, 1.00.01.00]
[C:\WINDOWS\system32\wiasf.ax] [, ]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\WINDOWS\DOWNLO~1\CnsMinIO.dll] [国风因特软件(北京)有限公司, 2.5.0.6]
[C:\WINDOWS\DOWNLO~1\cnsio.dll] [国风因特软件(北京)有限公司, 2.5.0.4]
[PID: 584 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe] [NVIDIA Corporation, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll] [NVIDIA, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common_firewall.dll] [NVIDIA, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\NMI.dll] [NVIDIA Corporation, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\SpecialCase.dll] [NVIDIA, 2, 2, 0, 464]
[PID: 792 / SYSTEM][F:\工具\P2P客户端\QvodPlayer\QvodTerminal.exe] [Shenzhen TASK Technology Co.,Ltd, 2, 0, 0, 47]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 1244 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1284 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1540 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe] [, 1, 0, 1, 0]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\NMI.dll] [NVIDIA Corporation, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll] [NVIDIA, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\SpecialCase.dll] [NVIDIA, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common_firewall.dll] [NVIDIA, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_resource_L1033.dll] [NVIDIA Corporation, 1, 0, 1, 0]
[PID: 1624 / Administrator][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\DOWNLO~1\CnsMinIO.dll] [国风因特软件(北京)有限公司, 2.5.0.6]
[C:\WINDOWS\DOWNLO~1\cnsio.dll] [国风因特软件(北京)有限公司, 2.5.0.4]
[C:\WINDOWS\DOWNLO~1\CnsMinEx.dll] [国风因特软件(北京)有限公司, 2.5.0.4]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 2432 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 2556 / Administrator][C:\WINDOWS\VM_STI.EXE] [BIGDOG, 4, 2, 610, 4]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\VM31bPrp.Ax] [Vimicro, 1.00.01.00]
[PID: 3204 / Administrator][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.0.8.7]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[PID: 3252 / Administrator][F:\工具\瑞星\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.19]
[F:\工具\瑞星\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[F:\工具\瑞星\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[F:\工具\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[F:\工具\瑞星\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[F:\工具\瑞星\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.5]
[PID: 3260 / Administrator][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\PROGRA~1\3721\autolive.dll] [国风因特软件(北京)有限公司, 2.5.6.1011]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 3276 / Administrator][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] [Yahoo! China, 2, 0, 7, 1010]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [, 2, 2, 0, 1050]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [ , 2, 0, 1, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll] [, 1, 0, 0, 5]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 3284 / Administrator][F:\工具\校园网客户端\DigitalChinaSupplicant.exe] [, 3, 3, 2004, 308]
[F:\工具\校园网客户端\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 3296 / Administrator][F:\工具\瑞星\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.98]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\工具\瑞星\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[F:\工具\瑞星\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[F:\工具\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[F:\工具\瑞星\Rising\Rav\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[F:\工具\瑞星\Rising\Rav\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 7]
[F:\工具\瑞星\Rising\Rav\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
[F:\工具\瑞星\Rising\Rav\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 11]
[F:\工具\瑞星\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[F:\工具\瑞星\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.5]
[F:\工具\瑞星\Rising\Rav\MonRule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.24]
[F:\工具\瑞星\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[F:\工具\瑞星\Rising\Rav\Rsguilib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 79]
[F:\工具\瑞星\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 3364 / Administrator][C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE] [ATI Technologies Inc., 1.11.0.0]
202020 - 2007-10-12 12:35:00
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\622f69bd73788146990a936a138bd4fe\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\68fc3f4c2291214a813c80907eaf1780\System.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3476b56d008da741a2e15d581601013d\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a86c483e65b82749a6ffcdb70fa0ed45\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Implementation.dll] [ATI Technologies Inc., 1.2.2425.37029]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29985]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29986]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll] [ATI Technologies Inc., 1.2.2425.37184]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll] [ATI Technologies Inc., 1.2.2208.29991]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll] [ATI Technologies Inc., 1.2.2425.37184]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\0a7255c72d125c4e9e5f8ac702617f3a\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\d50f4a5d6482a945bcebf4a955d63325\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37188]
[C:\Program Files\ATI Technologies\ATI.ACE\ATICCCom.dll] [ATI Technologies Inc., 1.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\AEM.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29985]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29987]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37179]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.Shared.dll] [ATI Technologies Inc., 1.2.2208.29988]
[C:\Program Files\ATI Technologies\ATI.ACE\DEM.Foundation.dll] [ATI Technologies Inc., 1.11.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0601.dll] [ATI Technologies Inc., 2.0.2344.17361]
[C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.DisplaysManager.Shared.dll] [ATI Technologies Inc., 1.11.0.0]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\27c96342aebc4f47a79e4e8f8546634c\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\system32\ATIDEMGR.dll] [ATI Technologies Inc., 1.2.2425.37013]
[C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU3.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37065]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU3.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2302.19274]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37025]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29991]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37090]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.30001]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37065]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29993]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37106]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3DLegacy.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37104]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37071]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.30007]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37137]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29990]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37121]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.30001]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37097]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29989]
[C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.VideoOverlay.Shared.dll] [ATI Technologies Inc., 1.11.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37101]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37095]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29988]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37092]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37156]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2236.29147]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT2.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37077]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2236.29162]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37147]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29994]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37071]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29993]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37153]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2341.28028]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.CustomFormats.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2341.28007]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37080]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2341.28018]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37144]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37140]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37150]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2341.28013]
202020 - 2007-10-12 12:37:00
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP2.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37074]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2341.28023]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37113]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2279.31385]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37118]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37110]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29989]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37131]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37125]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37128]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29990]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37084]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.30002]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2232.28756]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3DLegacy.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2232.28758]
[C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0600.dll] [ATI Technologies Inc., 1.11.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29990]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2390.25922]
[C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0602.dll] [ATI Technologies Inc., 1.11.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29987]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29986]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2307.27448]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2307.27453]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2279.31374]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29993]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29988]
[C:\Program Files\ATI Technologies\ATI.ACE\APM.Foundation.dll] [ATI Technologies Inc., 1.2.2208.30002]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16]
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [国风因特软件(北京)有限公司, 2.5.1.6]
[PID: 3504 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[PID: 3884 / Administrator][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[PID: 3032 / Administrator][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe] [ATI Technologies Inc., 1.11.0.0]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\622f69bd73788146990a936a138bd4fe\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\68fc3f4c2291214a813c80907eaf1780\System.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3476b56d008da741a2e15d581601013d\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a86c483e65b82749a6ffcdb70fa0ed45\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Implementation.dll] [ATI Technologies Inc., 1.2.2425.37029]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29985]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29986]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll] [ATI Technologies Inc., 1.2.2425.37184]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll] [ATI Technologies Inc., 1.2.2208.29991]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll] [ATI Technologies Inc., 1.2.2425.37184]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\0a7255c72d125c4e9e5f8ac702617f3a\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\d50f4a5d6482a945bcebf4a955d63325\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37057]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.Clients.dll] [ATI Technologies Inc., 1.2.2208.29986]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Wizard.Shared.dll] [ATI Technologies Inc., 1.2.2208.29987]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37188]
[C:\Program Files\ATI Technologies\ATI.ACE\ATICCCom.dll] [ATI Technologies Inc., 1.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29987]
[C:\Program Files\ATI Technologies\ATI.ACE\AEM.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29985]
[C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.DisplaysManager.Shared.dll] [ATI Technologies Inc., 1.11.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37060]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Wizard.Shared.dll] [ATI Technologies Inc., 1.2.2208.29990]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37047]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37050]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37042]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37066]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37037]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37040]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37054]
202020 - 2007-10-12 12:38:00
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Wizard.dll] [ , 1.2.2425.37029]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37032]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.TransCode.Local.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37025]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Wizard.dll] [ATI Technologies Inc., 1.2.2425.37034]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2341.28028]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29987]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.CustomFormats.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2341.28007]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2341.28018]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29986]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29994]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29993]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2307.27453]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2307.27448]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2232.28756]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.30001]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.TransCode.Local.Shared.dll] [ATI Technologies Inc., 1.2.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\atixclib.dll] [ , 1.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29990]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\27c96342aebc4f47a79e4e8f8546634c\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID: 3048 / Administrator][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe] [ATI Technologies Inc., 1.11.0.0]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\622f69bd73788146990a936a138bd4fe\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\68fc3f4c2291214a813c80907eaf1780\System.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3476b56d008da741a2e15d581601013d\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a86c483e65b82749a6ffcdb70fa0ed45\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Implementation.dll] [ATI Technologies Inc., 1.2.2425.37029]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29985]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29986]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll] [ATI Technologies Inc., 1.2.2425.37184]
[C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll] [ATI Technologies Inc., 1.2.2208.29991]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll] [ATI Technologies Inc., 1.2.2425.37184]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\0a7255c72d125c4e9e5f8ac702617f3a\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\d50f4a5d6482a945bcebf4a955d63325\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Systemtray.dll] [ATI Technologies Inc., 1.2.2425.37164]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll] [ATI Technologies Inc., 1.2.2208.29987]
[C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.dll] [ATI Technologies Inc., 1.2.2425.37188]
[C:\Program Files\ATI Technologies\ATI.ACE\ATICCCom.dll] [ATI Technologies Inc., 1.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.DisplaysManager.Shared.dll] [ATI Technologies Inc., 1.11.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\AEM.Foundation.dll] [ATI Technologies Inc., 1.2.2208.29985]
[C:\Program Files\ATI Technologies\ATI.ACE\APM.Foundation.dll] [ATI Technologies Inc., 1.2.2208.30002]
[C:\Program Files\ATI Technologies\ATI.ACE\zh-CHS\CLI.Component.Systemtray.resources.dll] [ATI Technologies Inc., 1.2.2425.37164]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\27c96342aebc4f47a79e4e8f8546634c\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID: 248 / Administrator][F:\工具\校园网客户端\虚拟ADSL客户端\Bin\XinliGREClient.exe] [西安信利软件有限公司, 1.0.6]
[F:\工具\校园网客户端\虚拟ADSL客户端\Bin\MFC71D.DLL] [Microsoft Corporation, 7.10.3077.0]
[F:\工具\校园网客户端\虚拟ADSL客户端\Bin\MSVCR71D.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\工具\校园网客户端\虚拟ADSL客户端\Bin\DialControl.dll] [西安信利软件有限公司, 1, 0, 6, 0]
[F:\工具\校园网客户端\虚拟ADSL客户端\Bin\des.dll] [N/A, ]
[F:\工具\校园网客户端\虚拟ADSL客户端\Bin\XinliGreInt.dll] [, 1, 0, 6, 0]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[PID: 268 / Administrator][F:\工具\芊芊静听\TTPlayer.exe] [Alen Soft, 5, 0, 1, 0]
[F:\工具\芊芊静听\ttpcomm.dll] [N/A, ]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[F:\工具\芊芊静听\ttpres.dll] [Alen Soft, 5, 0, 1, 0]
[F:\工具\芊芊静听\msdmo.dll] [Microsoft Corporation, 6.03.01.0400]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[F:\工具\芊芊静听\AddIn\ttp_asf.dll] [N/A, ]
[F:\工具\芊芊静听\AddIn\ttp_lrcsh.dll] [N/A, ]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[F:\工具\芊芊静听\AddIn\ttp_aac.dll] [N/A, ]
[F:\工具\芊芊静听\AddIn\ttp_ac3dts.dll] [N/A, ]
[F:\工具\芊芊静听\wmadmod.dll] [Microsoft Corporation, 10.00.00.3646]
[F:\工具\芊芊静听\AddIn\ttp_rm.dll] [N/A, ]
[PID: 2848 / Administrator][F:\工具\QQ\QQ.exe] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQBaseClassInDll.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQHelperDll.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\BasicCtrlDll.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[F:\工具\QQ\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
[F:\工具\QQ\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
[F:\工具\QQ\QQAPI.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[F:\工具\QQ\LoginCtrl.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\LoginCtrlRes.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQRes.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\WizardCtrl.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQMainFrame.dll] [N/A, ]
[F:\工具\QQ\gdiplus.dll] [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
202020 - 2007-10-12 12:38:00
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[F:\工具\QQ\CQQApplication.dll] [N/A, ]
[F:\工具\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[F:\工具\QQ\NewSkin.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\HostingMgr.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\CameraDll.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\MailSummary.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQKnowledgeSearch.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQAllInOne.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\SCCore.dll] [TENCENT, 1, 6, 0, 2]
[F:\工具\QQ\QQSpace.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\vbscript.dll] [Microsoft Corporation, 5.6.0.7426]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[F:\工具\QQ\QQGroupMng.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\UserDefinedHead.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQPlugin.dll] [N/A, ]
[F:\工具\QQ\QQConfigPlugin.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQAvatar.dll] [N/A, ]
[F:\工具\QQ\QQCustomFace.dll] [N/A, ]
[F:\工具\QQ\QRingMng.dll] [N/A, ]
[F:\工具\QQ\LongConnection.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQPet.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\PhoneAPI.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[F:\工具\QQ\BQQApplication.dll] [N/A, ]
[F:\工具\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[F:\工具\QQ\QQSysMsgMng.dll] [N/A, ]
[F:\工具\QQ\CommercesMng.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[F:\工具\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 320]
[F:\工具\QQ\QQSceneMng.dll] [N/A, ]
[F:\工具\QQ\AddrSearch.dll] [腾讯科技(深圳)有限公司, 2, 1, 9, 95]
[C:\WINDOWS\system32\msadp32.acm] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[F:\工具\QQ\QQSettingCtrl.dll] [TENCENT, 7,0,365,1701]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[PID: 3860 / Administrator][F:\工具\QQ\TIMPlatform.exe] [TENCENT, 7,0,365,1701]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[F:\工具\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 3532 / Administrator][F:\工具\QQ\QQ.exe] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQBaseClassInDll.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQHelperDll.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\BasicCtrlDll.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[F:\工具\QQ\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
[F:\工具\QQ\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
[F:\工具\QQ\QQAPI.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[F:\工具\QQ\LoginCtrl.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\LoginCtrlRes.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQRes.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQMainFrame.dll] [N/A, ]
[F:\工具\QQ\gdiplus.dll] [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
[F:\工具\QQ\CQQApplication.dll] [N/A, ]
[F:\工具\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[F:\工具\QQ\NewSkin.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\HostingMgr.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\CameraDll.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\MailSummary.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQKnowledgeSearch.dll] [TENCENT, 7,0,365,1701]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[F:\工具\QQ\QQAllInOne.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\SCCore.dll] [TENCENT, 1, 6, 0, 2]
[F:\工具\QQ\QQSpace.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\vbscript.dll] [Microsoft Corporation, 5.6.0.7426]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[F:\工具\QQ\QQGroupMng.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\UserDefinedHead.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQPlugin.dll] [N/A, ]
[F:\工具\QQ\QQConfigPlugin.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQAvatar.dll] [N/A, ]
[F:\工具\QQ\QQCustomFace.dll] [N/A, ]
[F:\工具\QQ\QRingMng.dll] [N/A, ]
[F:\工具\QQ\LongConnection.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\PhoneAPI.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[F:\工具\QQ\QQPet.dll] [TENCENT, 7,0,365,1701]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[F:\工具\QQ\QQSysMsgMng.dll] [N/A, ]
[F:\工具\QQ\ImageOle.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQLiveQMng.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQSceneMng.dll] [N/A, ]
[F:\工具\QQ\BQQApplication.dll] [N/A, ]
[C:\WINDOWS\system32\msadp32.acm] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[F:\工具\QQ\QQMagicFace.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\VqqModule.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\VqqAllInOne.dll] [Tencent, 1, 6, 0, 2]
[F:\工具\QQ\InPlus.dll] [Tencent, 1, 6, 0, 2]
[F:\工具\QQ\tencent-proto1.dll] [tencent, 1, 6, 0, 2]
[F:\工具\QQ\tencent-comlib.dll] [tencent, 1, 6, 0, 2]
[F:\工具\QQ\tencent-proto2.dll] [tencent, 1, 6, 0, 2]
[F:\工具\QQ\CommercesMng.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[F:\工具\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 320]
[F:\工具\QQ\QQFileTransfer.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\AddrSearch.dll] [腾讯科技(深圳)有限公司, 2, 1, 9, 95]
[F:\工具\QQ\GroupConnection.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQ\QQSettingCtrl.dll] [TENCENT, 7,0,365,1701]
[F:\工具\QQGame\GamePublic.dll] [N/A, ]
[F:\工具\QQGame\Common\Utility.dll] [N/A, ]
[F:\工具\QQGame\Factory.dll] [N/A, ]
[F:\工具\QQGame\Logic\UIStyle.dll] [N/A, ]
[F:\工具\QQGame\ProtHand\QQProt.dll] [N/A, ]
[F:\工具\QQGame\Socket\NetMod.dll] [N/A, ]
[F:\工具\QQGame\ProtHand\BaseProt.dll] [N/A, ]
[F:\工具\QQGame\ProtHand\ScatProt.dll] [N/A, ]
[F:\工具\QQGame\Common\Compress.dll] [N/A, ]
[F:\工具\QQ\QQZip.dll] [TENCENT, 7,0,365,1701]
[C:\WINDOWS\system32\VM31bPrp.Ax] [Vimicro, 1.00.01.00]
[PID: 5536 / Administrator][F:\工具\瑞星\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 54]
[F:\工具\瑞星\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[F:\工具\瑞星\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[F:\工具\瑞星\Rising\Rav\Rsguilib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 79]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\工具\瑞星\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[F:\工具\瑞星\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[F:\工具\瑞星\Rising\Rav\RsCommon.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[F:\工具\瑞星\Rising\Rav\ravpagem.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.68]
[F:\工具\瑞星\Rising\Rav\htmllib.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16]
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [国风因特软件(北京)有限公司, 2.5.1.6]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[F:\工具\瑞星\Rising\Rav\ravpagew.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 73]
[F:\工具\瑞星\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[F:\工具\瑞星\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.5]
[F:\工具\瑞星\Rising\Rav\fakescan.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.13]
[F:\工具\瑞星\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.32]
[F:\工具\瑞星\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.4]
[F:\工具\瑞星\Rising\Rav\SysMail.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[F:\工具\瑞星\Rising\Rav\monrule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.24]
[F:\工具\瑞星\Rising\Rav\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
202020 - 2007-10-12 12:39:00
[F:\工具\瑞星\Rising\Rav\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 7]
[F:\工具\瑞星\Rising\Rav\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
[F:\工具\瑞星\Rising\Rav\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 11]
[F:\工具\瑞星\Rising\Rav\mvengine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[F:\工具\瑞星\Rising\Rav\posttrt.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
[F:\工具\瑞星\Rising\Rav\ffr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
[F:\工具\瑞星\Rising\Rav\nvfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[F:\工具\瑞星\Rising\Rav\scanexec.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 10]
[F:\工具\瑞星\Rising\Rav\unexe.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[F:\工具\瑞星\Rising\Rav\scanex.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 11]
[F:\工具\瑞星\Rising\Rav\pearc.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[F:\工具\瑞星\Rising\Rav\extfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 11]
[F:\工具\瑞星\Rising\Rav\scanpack.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 2]
[F:\工具\瑞星\Rising\Rav\revm.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
[F:\工具\瑞星\Rising\Rav\uroutine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[F:\工具\瑞星\Rising\Rav\extmail.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 7]
[F:\工具\瑞星\Rising\Rav\extole.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
[F:\工具\瑞星\Rising\Rav\scansct.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
[F:\工具\瑞星\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.8]
[F:\工具\瑞星\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.27]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[F:\工具\瑞星\Rising\Rav\scriptci.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 2]
[F:\工具\瑞星\Rising\Rav\scanmac.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[PID: 5548 / Administrator][F:\工具\瑞星\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.7]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[F:\工具\瑞星\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[F:\工具\瑞星\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[PID: 3964 / Administrator][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3424]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 4996 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\3721\alrex.dll] [国风因特软件(北京)有限公司, 2.5.1.1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo, 1, 0, 2, 1002]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\WINDOWS\DOWNLO~1\CnsHint.dll] [国风因特软件(北京)有限公司, 2.5.0.3]
[C:\PROGRA~1\3721\autolive.dll] [国风因特软件(北京)有限公司, 2.5.6.1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [, 2, 2, 0, 1050]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [ , 2, 0, 1, 1007]
[C:\WINDOWS\DOWNLO~1\cnsplus.dll] [国风因特软件(北京)有限公司, 2.5.0.3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [Yahoo!, 2, 2, 0, 1050]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] [Yahoo, 1, 0, 2, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] [Yahoo, 1, 0, 4, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] [, 1, 1, 4, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] [Yahoo, 1, 0, 0, 1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 1, 1, 3, 1035]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] [Yahoo! China, 1, 0, 1, 1015]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16]
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [国风因特软件(北京)有限公司, 2.5.1.6]
[F:\工具\迅雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
[F:\工具\迅雷\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 4]
[F:\工具\迅雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [Yahoo., 1, 0, 9, 1010]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [, 1, 2, 8, 1009]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[F:\工具\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[F:\工具\迅雷\Components\DownAndPlay\DapPlayer_Now.dll] [XunLei, 1, 0, 1, 44]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [ , 1, 0, 3, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll] [Yahoo, 1, 0, 9, 1322]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll] [Yahoo, 1, 0, 1, 1001]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo, 1, 0, 3, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yXPStyle.dll] [Yahoo, 1, 0, 2, 1309]
[C:\WINDOWS\DOWNLO~1\CnsMinIO.dll] [国风因特软件(北京)有限公司, 2.5.0.6]
[C:\WINDOWS\DOWNLO~1\cnsio.dll] [国风因特软件(北京)有限公司, 2.5.0.4]
[PID: 4948 / Administrator][F:\工具\迅雷\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5, 6, 8, 329]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[F:\工具\迅雷\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 26]
[F:\工具\迅雷\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 16, 2, 108]
[F:\工具\迅雷\Program\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[F:\工具\迅雷\Program\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 16, 2, 108]
202020 - 2007-10-12 12:40:00
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
[F:\工具\迅雷\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
[F:\工具\迅雷\Components\DownAndPlay\DownAndPlay.dll] [, 1, 0, 0, 18]
[F:\工具\迅雷\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 29]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[F:\工具\迅雷\Components\InMedia\iEmbedShell.dll] [ , 1, 0, 0, 19]
[F:\工具\迅雷\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1, 2, 1, 36]
[F:\工具\迅雷\Components\Security\ThunderSafe.dll] [深圳市迅雷网络技术有限公司, 1, 0, 3, 18]
[F:\工具\迅雷\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 4, 15]
[F:\工具\迅雷\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 2, 60]
[F:\工具\迅雷\Program\LiveUpdate.dll] [Thunder Networking Technologies,LTD, 1, 2, 1, 20]
[F:\工具\迅雷\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
[F:\工具\迅雷\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 1, 4, 72]
[F:\工具\迅雷\Components\VPSHELL\VPSHELL.dll] [XunLei, 1, 2, 0, 10]
[F:\工具\迅雷\Components\UserExperience\UserExperience.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[F:\工具\迅雷\Components\ResWorker\DsXlCom.dll] [, 1, 0, 0, 16]
[F:\工具\迅雷\Components\InMedia\iEmbed10.dll] [ , 3, 3, 1, 83]
[F:\工具\迅雷\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
[F:\工具\迅雷\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[F:\工具\迅雷\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 2, 1, 9]
[F:\工具\迅雷\Plugins\GouGouTop\GouGouTop.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[F:\工具\迅雷\Plugins\BhoAdv\bho_adv.dll] [深圳市迅雷网络技术有限公司, 1.0.1.0]
[F:\工具\迅雷\Components\DownloadStat\DownloadStat.dll] [深圳市迅雷网络技术有限公司, 1, 2, 0, 4]
[F:\工具\迅雷\Components\VPSHELL\VideoPicture.dll] [XunLei, 1, 2, 0, 11]
[F:\工具\迅雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
[F:\工具\迅雷\Components\ResWorker\MediaWorker.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 18]
[F:\工具\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[F:\工具\迅雷\Components\DownAndPlay\DapPlayer_Now.dll] [XunLei, 1, 0, 1, 44]
[PID: 4520 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nmp.dll] [NVIDIA Corporation, 2, 2, 0, 464]
[C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll] [NVIDIA, 2, 2, 0, 464]
[PID: 4744 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.937\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\PROGRA~1\3721\helper.dll] [国风因特软件(北京)有限公司, 2.5.3.1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 9, 1027]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [国风因特软件(北京)有限公司, 2.5.1.2]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.937\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\nvappfilter.dll] [NVIDIA, 1, 0, 2, 0]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
NVIDIA App Filter over [MSAFD Tcpip [TCP/IP]]
C:\WINDOWS\system32\nvappfilter.dll(NVIDIA, NVIDIA IAM LSP)
NVIDIA App Filter over [MSAFD Tcpip [UDP/IP]]
C:\WINDOWS\system32\nvappfilter.dll(NVIDIA, NVIDIA IAM LSP)
NVIDIA App Filter over [MSAFD Tcpip [RAW/IP]]
C:\WINDOWS\system32\nvappfilter.dll(NVIDIA, NVIDIA IAM LSP)
NVIDIA App Filter
C:\WINDOWS\system32\nvappfilter.dll(NVIDIA, NVIDIA IAM LSP)
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 584, C:\PROGRAM FILES\NVIDIA CORPORATION\NETWORKACCESSMANAGER\BIN\NSVCIP.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2556, C:\WINDOWS\VM_STI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2556, C:\WINDOWS\VM_STI.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3276, C:\PROGRA~1\YAHOO!\ASSIST~1\YLIVE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3276, C:\PROGRA~1\YAHOO!\ASSIST~1\YLIVE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3284, F:\工具\校园网客户端\DIGITALCHINASUPPLICANT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3284, F:\工具\校园网客户端\DIGITALCHINASUPPLICANT.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3364, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3364, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3032, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3032, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3048, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3048, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 248, F:\工具\校园网客户端\虚拟ADSL客户端\BIN\XINLIGRECLIENT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 248, F:\工具\校园网客户端\虚拟ADSL客户端\BIN\XINLIGRECLIENT.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 268, F:\工具\芊芊静听\TTPLAYER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 268, F:\工具\芊芊静听\TTPLAYER.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 4948, F:\工具\迅雷\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4948, F:\工具\迅雷\PROGRAM\THUNDER5.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
1
© 2000 - 2026 Rising Corp. Ltd.