瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 瑞星杀毒软件不能用
AHZYGS - 2007-8-27 22:34:00
最近我的瑞星杀毒软件,一点开就跳掉,用橙色八月专杀工具杀毒后就能打开使用,但电脑重新启动后瑞星杀毒软件又打不开,再用橙色八月专杀工具杀毒后又能打开使用.请各位帮助.

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
火影忍者 - 2007-8-28 0:14:00

下载 System Repair Engineer,
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来,不要修改
日志一次发不完,请分次发上来
AHZYGS - 2007-8-28 1:08:00
我已将文件传给你了.谢谢帮助
美丽的温柔 - 2007-8-28 7:59:00
祝楼主早日解决,其实应该很好解决的,瑞星8错
自由使者80 - 2007-8-28 8:06:00
支持楼上的,瑞星确实不错的,我用了一年多了,没什么问题,挺好。
shaziyong182 - 2007-8-28 16:27:00
该用户帖子内容已被屏蔽
AHZYGS - 2007-8-28 19:26:00
【回[CODE]

2007-08-28,00:41:26

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SetDefPrt><C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe>  [Brother Industories, Ltd.]
    <ControlCenter2.0><C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun>  [Brother Industries, Ltd.]
    <psdoawu><C:\Program Files\Common Files\System\asgwmne.exe>  []
    <oxjsybe><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\PROGRAM FILES\RISING\RAV\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><C:\WINDOWS\system32\XPSTYLE_ThemePackage\Logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe]
    <IFEO[360rpt.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe]
    <IFEO[360Safe.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe]
    <IFEO[360tray.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe]
    <IFEO[adam.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe]
    <IFEO[AgentSvr.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe]
    <IFEO[AppSvc32.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ArSwp.exe]
    <IFEO[ArSwp.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe]
    <IFEO[AST.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe]
    <IFEO[autoruns.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe]
    <IFEO[avconsol.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe]
    <IFEO[avgrssvc.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe]
    <IFEO[AvMonitor.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com]
    <IFEO[avp.com]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]
    <IFEO[avp.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe]
    <IFEO[CCenter.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe]
    <IFEO[ccSvcHst.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []复“火影忍者”的帖子】
AHZYGS - 2007-8-28 19:28:00
【[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EGHOST.exe]
    <IFEO[EGHOST.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe]
    <IFEO[FileDsty.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe]
    <IFEO[FTCleanerShell.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FYFireWall.exe]
    <IFEO[FYFireWall.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe]
    <IFEO[HijackThis.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe]
    <IFEO[IceSword.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe]
    <IFEO[iparmo.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe]
    <IFEO[Iparmor.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe]
    <IFEO[isPwdSvc.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe]
    <IFEO[kabaload.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR]
    <IFEO[KaScrScn.SCR]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe]
    <IFEO[KASMain.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe]
    <IFEO[KASTask.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe]
    <IFEO[KAV32.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe]
    <IFEO[KAVDX.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe]
    <IFEO[KAVPF.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe]
    <IFEO[KAVPFW.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe]
    <IFEO[KAVSetup.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe]
    <IFEO[KAVStart.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe]
    <IFEO[KISLnchr.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe]
    <IFEO[KMailMon.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe]
    <IFEO[KMFilter.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe]
    <IFEO[KPFW32.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe]
    <IFEO[KPFW32X.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPfwSvc.exe]
    <IFEO[KPfwSvc.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe]
    <IFEO[KRegEx.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.com]
    <IFEO[KRepair.com]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe]
    <IFEO[KsLoader.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp]
    <IFEO[KVCenter.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe]
    <IFEO[KvDetect.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe]
    <IFEO[KvfwMcl.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp]
    <IFEO[KVMonXP.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp]
    <IFEO[KVMonXP_1.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe]
    <IFEO[kvol.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe]回复“火影忍者”的帖子】
AHZYGS - 2007-8-28 19:28:00
【  <IFEO[kvolself.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp]
    <IFEO[KvReport.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp]
    <IFEO[KVScan.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe]
    <IFEO[KVSrvXP.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp]
    <IFEO[KVStub.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe]
    <IFEO[kvupload.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe]
    <IFEO[kvwsc.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp]
    <IFEO[KvXP.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP_1.kxp]
    <IFEO[KvXP_1.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe]
    <IFEO[KWatch.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe]
    <IFEO[KWatch9x.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe]
    <IFEO[KWatchX.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe]
    <IFEO[loaddll.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe]
    <IFEO[MagicSet.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe]
    <IFEO[mcconsol.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe]
    <IFEO[mmqczj.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe]
    <IFEO[mmsk.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe]
    <IFEO[Navapsvc.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe]
    <IFEO[Navapw32.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe]
    <IFEO[nod32.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe]
    <IFEO[nod32krn.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe]
    <IFEO[nod32kui.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPFMntor.exe]
    <IFEO[NPFMntor.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe]
    <IFEO[PFW.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe]
    <IFEO[PFWLiveUpdate.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe]
    <IFEO[QHSET.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe]
    <IFEO[QQDoctor.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQKav.exe]
    <IFEO[QQKav.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe]
    <IFEO[Ras.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe]
    <IFEO[Rav.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe]
    <IFEO[RavMon.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe]
    <IFEO[RavMonD.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe]
    <IFEO[RavStub.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe]
    <IFEO[RavTask.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe]
    <IFEO[RegClean.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe]
    <IFEO[rfwcfg.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe]
    <IFEO[rfwmain.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe]
    <IFEO[rfwsrv.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe]
    <IFEO[RsAgent.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe]
    <IFEO[Rsaupd.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe]
    <IFEO[runiep.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe]
    <IFEO[safelive.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe]
    <IFEO[scan32.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe]
    <IFEO[shcfg32.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe]
    <IFEO[SmartUp.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE]
    <IFEO[SREng.EXE]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe]
    <IFEO[symlcsvc.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe]
    <IFEO[SysSafe.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe]
    <IFEO[TrojanDetector.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe]
    <IFEO[Trojanwall.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp]
    <IFEO[TrojDie.kxp]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []回复“火影忍者”的帖子】
AHZYGS - 2007-8-28 19:29:00
【[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe]
    <IFEO[UIHost.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe]
    <IFEO[UmxAgent.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe]
    <IFEO[UmxAttachment.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe]
    <IFEO[UmxCfg.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe]
    <IFEO[UmxFwHlp.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe]
    <IFEO[UmxPol.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upiea.exe]
    <IFEO[upiea.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe]
    <IFEO[UpLive.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\USBCleaner.exe]
    <IFEO[USBCleaner.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe]
    <IFEO[vsstat.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe]
    <IFEO[webscanx.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe]
    <IFEO[WoptiClean.exe]><C:\Program Files\Common Files\Microsoft Shared\eleicnd.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <AVP><; "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe">  [N/A]
    <BigDog305><; >  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <eMuleAutoStart><; D:\Program Files\eMule\emule.exe -AutoStart>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <hxgame-update><; >  [N/A]
    <RaidTool><; C:\Program Files\VIA\RAID\raid_tool.exe>  [VIA Technologies]
    <SoundMAX><; "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <SoundMAXPnP><; C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc.]
    <switch><; c:\windows\system32\壁纸自动换.exe>  []

==================================
启动文件夹
[Service Manager]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Service Manager.lnk --> C:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><>
[BrSplService / Brother XP spl Service][Running/Auto Start]
  <C:\WINDOWS\system32\brsvc01a.exe><brother Industries Ltd>
[Human Interface Device Access / HidServ][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE -i MSSQLSERVER><Microsoft Corporation>
回复“火影忍者”的帖子】
AHZYGS - 2007-8-28 19:30:00
【=================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[aeaudio / aeaudio][Running/Manual Start]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Brother USB Still Image driver / BrScnUsb][Running/Manual Start]
  <System32\Drivers\BrScnUsb.sys><Brother Industries Ltd.>
[Brother MFC Serial Port Interface WDM Driver / BrSerIf][Running/Manual Start]
  <System32\Drivers\BrSerIf.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Running/Manual Start]
  <System32\Drivers\BrUsbSer.sys><Brother Industries Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Intel(R) PRO/1000 Network Connection Driver / E1000][Running/Manual Start]
  <system32\DRIVERS\e1000325.sys><Intel Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[Kaspersky Anti-Virus NDIS Filter / klim5][Stopped/Manual Start]
  <system32\DRIVERS\klim5.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[MidiSyn / MidiSyn][Stopped/Manual Start]
  <system32\drivers\MidiSyn.sys><Analog Devices Inc>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\D:\Program Files\QQ2007\npkcrypt.sys><N/A>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Stopped/Disabled]
  <\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[senfilt / senfilt][Running/Manual Start]
  <system32\drivers\senfilt.sys><Sensaura>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[TDDI / TDDI][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\tddi.sys><SafeNet China Ltd.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[VIAMRAID / VIAMRAID][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[VIMICRO USB PC Camera V / ZSMC0305][Stopped/Manual Start]
  <System32\Drivers\usbVM305.sys><N/A>
回复“火影忍者”的帖子】
AHZYGS - 2007-8-28 19:31:00
【回=================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[aeaudio / aeaudio][Running/Manual Start]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Brother USB Still Image driver / BrScnUsb][Running/Manual Start]
  <System32\Drivers\BrScnUsb.sys><Brother Industries Ltd.>
[Brother MFC Serial Port Interface WDM Driver / BrSerIf][Running/Manual Start]
  <System32\Drivers\BrSerIf.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Running/Manual Start]
  <System32\Drivers\BrUsbSer.sys><Brother Industries Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Intel(R) PRO/1000 Network Connection Driver / E1000][Running/Manual Start]
  <system32\DRIVERS\e1000325.sys><Intel Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[Kaspersky Anti-Virus NDIS Filter / klim5][Stopped/Manual Start]
  <system32\DRIVERS\klim5.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[MidiSyn / MidiSyn][Stopped/Manual Start]
  <system32\drivers\MidiSyn.sys><Analog Devices Inc>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\D:\Program Files\QQ2007\npkcrypt.sys><N/A>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Stopped/Disabled]
  <\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[senfilt / senfilt][Running/Manual Start]
  <system32\drivers\senfilt.sys><Sensaura>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[TDDI / TDDI][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\tddi.sys><SafeNet China Ltd.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[VIAMRAID / VIAMRAID][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[VIMICRO USB PC Camera V / ZSMC0305][Stopped/Manual Start]
  <System32\Drivers\usbVM305.sys><N/A>
复“火影忍者”的帖子】
UFO不幸外人 - 2007-8-28 19:36:00
请看一下我的blog 有这个病毒的分析报告,http://blog.sina.com.cn/s/blog_56b232db01000a86.html  连接
不知道你的是不是新变种
newcenturymoon - 2007-8-28 19:37:00
专杀http://down.www.kingsoft.com/db/download/othertools/DubaTool_AV_Killer2.COM
用下载工具下载 然后全盘杀毒
幻得幻失 - 2007-8-29 22:32:00
有高人指路,可是你的福气呀,不过你可以下最新2008来试试的
1
查看完整版本: 瑞星杀毒软件不能用
© 2000 - 2026 Rising Corp. Ltd.