瑞星卡卡安全论坛
cop1025 - 2007-9-7 12:58:00
这个病毒怎么杀啊?Adware.Win32.Agent.de
老是杀不掉,重启了也还有的。到底该怎么办啊??
现在搞得网速慢死了,请教各位高人啊!!
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Poco 0.31)
日不懂啊 - 2007-9-7 13:08:00
下载 System Repair Engineer,
http://download.kztechs.com/files/sreng2.zip
1 解压缩sreng2.zip
2 运行SREngPS.EXE
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来,不要修改
cop1025 - 2007-9-8 12:20:00
[CODE]
2007-09-08,11:50:22
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<yok.exe><C:\Program Files\yok\yok.exe> [YOK.Com]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<WLRWPMWD><"C:\WINDOWS\system32\Regsvr32.exe" -s "C:\Program Files\Common Files\WLRWPMWD\WLRWPMWD.dll"> [N/A]
<a><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<IdnSvr><C:\Program Files\OCINS\idnsvr.exe> [(Verified)China Internet Network Information Center]
<prx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<tdrgltgnxjpx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<e><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ybznxw><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<qbehtvnobnubtxx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<o><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<f><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<h><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<mmpamf><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<bqjaadrnzenbio><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<jbdbkmwaw><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<bttarmyfgjee><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<cvnhfzrym><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<phlvgfyifmj><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<fomzwvo><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<phbmniepuk><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<dlbgfcweyfzu><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ueskoaudpul><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<tineugtr><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<vytkdshlat><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<unik><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<brwfq><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<oygvhcyqyzf><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<sjnpfcgrxragrkv><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<bn><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<raevazaol><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<mqnduxlnrly><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ryg><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<umxkeduvwgo><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<cla><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<asvuhydtudjn><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<heilkcustxdh><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<accfwetcaum><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<sx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ikrzkbzrnbt><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<iuyvffiznynyeee><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<rrpmiyoe><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<rpnlhov><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<qwdc><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<pszhvsnouariqhp><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<mql><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<pllvguihglkeboe><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<fjrd><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ynxifhfywii><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<kddfxnfn><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<zltozltsbinp><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<mtfflwdmcvidrzj><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<nqtvjyyqzmu><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ljvuevtr><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ykjjeqxuukss><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<bdg><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<zkhjk><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<conqhijabvmzbzp><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<fhfnszx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<qgafuqiasxb><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<r><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<iauptteyvm><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<rsvyqwfyrrujld><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<keqrxswqtqpdpy><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<oelgs><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<pxp><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ustanqp><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]
cop1025 - 2007-9-8 12:21:00
XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<toscbhbkspmts><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<gvqkysncyeb><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<i><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<nvsiqtggej><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<nhdtec><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<icgzfdlfxvjo><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ebnt><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ogljk><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<yoz><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ovhehbpzm><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ta><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<nycuaysyangqyv><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<iskfc><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<opbgtbkadimpbha><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<vodls><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<fexlrmjmqkhj><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<guzxevotdejy><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<nvdyuiwxz><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<edwhonvoqztle><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<bdzf><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ohyoaduwwrla><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<rqigmyngiqfmc><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<fgcirebw><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<cbbkqphskhgcy><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<b><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<lqkixljtvcuav><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<wlcwlrqxfnysgts><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<aruolb><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<hrbujtpzojsd><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<irhjgxkjdxxksom><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<d><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<vccmse><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<nijedakejfso><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<adte><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<qewlglmi><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<vbabfgcwd><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<tegoqxgrgwuwh><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<xnuuswruzlkwt><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<inrexihss><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ruimfmavtkuqhui><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><EXPLORER.EXE> [(Verified)Microsoft Windows Component Publisher]
<Userinit><userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
==================================
启动文件夹
[腾讯QQ珊瑚虫版]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk --> C:\PROGRA~1\Tencent\QQ\CoralQQ.exe [珊瑚虫工作室]><N>
==================================
服务
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[idztnd / idztnd][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\vdzttd\vdzttd.dll,Service -s><Microsoft Corporation>
[Navoct / Navoct][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< >
[P4P Service / P4P Service][Running/Auto Start]
<C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[Windows pamz RunThem / pamz][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\kvhu\ufre.dll><>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
==================================
cop1025 - 2007-9-8 12:22:00
驱动程序
[aegidk0 / aegidk04][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aegidk04.sys><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[anadxy41 / anadxy41][Stopped/Boot Start]
<\SystemRoot\system32\\drivers\\anadxy41.sys><N/A>
[barfci5 / barfci55][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\barfci55.sys><N/A>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[bfwaqw6 / bfwaqw65][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\bfwaqw65.sys><N/A>
[bildff7 / bildff70][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\bildff70.sys><N/A>
[bilpgp0 / bilpgp04][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\bilpgp04.sys><N/A>
[bmpugn4 / bmpugn44][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\bmpugn44.sys><N/A>
[citfmx2 / citfmx29][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\citfmx29.sys><N/A>
[cnprov / cnprov][Running/Boot Start]
<\SystemRoot\system32\drivers\cnprov.sys><中国互联网络信息中心(CNNIC)>
[cvwznd6 / cvwznd68][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cvwznd68.sys><N/A>
[cxoqhc6 / cxoqhc66][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cxoqhc66.sys><N/A>
[czwgse6 / czwgse61][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\czwgse61.sys><N/A>
[dblapdr / dblapdrv][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\dblapdrv.sys><N/A>
[dhjnoz1 / dhjnoz12][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\dhjnoz12.sys><N/A>
[djalhg3 / djalhg38][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\djalhg38.sys><N/A>
[dkqban2 / dkqban26][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\dkqban26.sys><N/A>
[efehrm6 / efehrm68][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\efehrm68.sys><N/A>
[elvjks6 / elvjks62][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\elvjks62.sys><N/A>
[eufexj9 / eufexj95][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\eufexj95.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[fbdiyq6 / fbdiyq64][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fbdiyq64.sys><N/A>
[feeloq7 / feeloq71][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\feeloq71.sys><N/A>
[fgdidhbi / fgdidhbi][Stopped/Boot Start]
<\SystemRoot\system32\drivers\fgdidhbi.sys><N/A>
[fhiqfo3 / fhiqfo31][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fhiqfo31.sys><N/A>
[fndtvu3 / fndtvu32][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fndtvu32.sys><N/A>
[gavmuu8 / gavmuu89][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\gavmuu89.sys><N/A>
[gdzuyv7 / gdzuyv75][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\gdzuyv75.sys><N/A>
[gmolvj9 / gmolvj90][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\gmolvj90.sys><N/A>
[govbkn0 / govbkn03][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\govbkn03.sys><N/A>
[gqbixe7 / gqbixe74][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\gqbixe74.sys><N/A>
[grhvme6 / grhvme67][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\grhvme67.sys><N/A>
[gsedhr0 / gsedhr02][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\gsedhr02.sys><N/A>
[hbjhcm5 / hbjhcm53][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hbjhcm53.sys><N/A>
[hkfgap2 / hkfgap21][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hkfgap21.sys><N/A>
[HookCont / HookCont][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[hqfogr9 / hqfogr91][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\hqfogr91.sys><N/A>
[huinmu6 / huinmu69][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\huinmu69.sys><N/A>
[iasmew3 / iasmew39][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\iasmew39.sys><N/A>
[idnaux / idnaux][Running/Auto Start]
<system32\drivers\idnaux.sys><中国互联网络信息中心(CNNIC)>
[iiaxyw5 / iiaxyw52][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\iiaxyw52.sys><N/A>
[iomaod0 / iomaod06][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\iomaod06.sys><N/A>
[ipdbldr / ipdbldrv][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ipdbldrv.sys><N/A>
[jdxywn5 / jdxywn54][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\jdxywn54.sys><N/A>
[jhxgds9 / jhxgds98][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\jhxgds98.sys><N/A>
[jhyuek6 / jhyuek64][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\jhyuek64.sys><N/A>
[jkeulc1 / jkeulc11][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\jkeulc11.sys><N/A>
[jomgdg9 / jomgdg95][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\jomgdg95.sys><N/A>
[jozotb4 / jozotb40][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\jozotb40.sys><N/A>
[jqmjzb8 / jqmjzb85][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\jqmjzb85.sys><N/A>
[jxrond9 / jxrond94][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\jxrond94.sys><N/A>
[keiqel6 / keiqel64][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\keiqel64.sys><N/A>
[kihzvp8 / kihzvp82][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\kihzvp82.sys><N/A>
[klafue8 / klafue89][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\klafue89.sys><N/A>
[koxesx1 / koxesx14][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\koxesx14.sys><N/A>
[kwhtif8 / kwhtif80][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\kwhtif80.sys><N/A>
[kyfbrq1 / kyfbrq17][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\kyfbrq17.sys><N/A>
[lgayle6 / lgayle60][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\lgayle60.sys><N/A>
[lluaho7 / lluaho74][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\lluaho74.sys><N/A>
[mbjsci4 / mbjsci42][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mbjsci42.sys><N/A>
[mbuirs8 / mbuirs87][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mbuirs87.sys><N/A>
[mdqizu3 / mdqizu35][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mdqizu35.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[mqieem5 / mqieem52][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mqieem52.sys><N/A>
[mtihfs2 / mtihfs22][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\mtihfs22.sys><N/A>
[nijjjg / nijjjg][Running/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\nijjjg.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[npuypb0 / npuypb01][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\npuypb01.sys><N/A>
[nrzfir7 / nrzfir75][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nrzfir75.sys><N/A>
[nuxzte7 / nuxzte76][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nuxzte76.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[oqjkcm1 / oqjkcm18][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\oqjkcm18.sys><N/A>
[oxenfj8 / oxenfj89][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\oxenfj89.sys><N/A>
[pskmxl8 / pskmxl81][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\pskmxl81.sys><N/A>
[psmlmy1 / psmlmy12][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\psmlmy12.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pvybzj8 / pvybzj80][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\pvybzj80.sys><N/A>
[qdvlvc4 / qdvlvc44][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qdvlvc44.sys><N/A>
[qfciak4 / qfciak42][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qfciak42.sys><N/A>
[qfcvhe1 / qfcvhe14][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qfcvhe14.sys><N/A>
[qjfcck8 / qjfcck83][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qjfcck83.sys><N/A>
[qjtmni5 / qjtmni50][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qjtmni50.sys><N/A>
[qlqtoy1 / qlqtoy12][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qlqtoy12.sys><N/A>
[qpdqvc3 / qpdqvc33][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qpdqvc33.sys><N/A>
[qumjdc0 / qumjdc09][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qumjdc09.sys><N/A>
[qwzycb8 / qwzycb83][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qwzycb83.sys><N/A>
[qywfpp1 / qywfpp14][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qywfpp14.sys><N/A>
[rasgpv8 / rasgpv89][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\rasgpv89.sys><N/A>
[reikrb9 / reikrb99][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\reikrb99.sys><N/A>
[rfkztu8 / rfkztu83][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\rfkztu83.sys><N/A>
[rmmsvb5 / rmmsvb56][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\rmmsvb56.sys><N/A>
[rosscq8 / rosscq82][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\rosscq82.sys><N/A>
[roxiam2 / roxiam26][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\roxiam26.sys><N/A>
[rqanzy7 / rqanzy71][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\rqanzy71.sys><N/A>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
cop1025 - 2007-9-8 12:24:00
[ruyipf5 / ruyipf53][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ruyipf53.sys><N/A>
[saszpp0 / saszpp09][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\saszpp09.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[skuzfm9 / skuzfm96][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\skuzfm96.sys><N/A>
[sqhvbi6 / sqhvbi64][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sqhvbi64.sys><N/A>
[sqpdnr8 / sqpdnr86][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sqpdnr86.sys><N/A>
[swmufi8 / swmufi80][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\swmufi80.sys><N/A>
[sygnck0 / sygnck01][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sygnck01.sys><N/A>
[SysTdSvr / SysTdSvr][Stopped/Boot Start]
<\SystemRoot\system32\\drivers\\SysTdSvr.sys><N/A>
[tcvmkh7 / tcvmkh71][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\tcvmkh71.sys><N/A>
[tiiigd4 / tiiigd40][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\tiiigd40.sys><N/A>
[tnhbjq3 / tnhbjq35][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\tnhbjq35.sys><N/A>
[twpqcq7 / twpqcq77][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\twpqcq77.sys><N/A>
[tzrhki1 / tzrhki10][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\tzrhki10.sys><N/A>
[uddgem9 / uddgem91][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uddgem91.sys><N/A>
[ueocgf2 / ueocgf20][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ueocgf20.sys><N/A>
[uhisac3 / uhisac37][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uhisac37.sys><N/A>
[ulvuwm4 / ulvuwm41][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ulvuwm41.sys><N/A>
[uramub6 / uramub62][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uramub62.sys><N/A>
[uvwoof9 / uvwoof90][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uvwoof90.sys><N/A>
[uxenah0 / uxenah03][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uxenah03.sys><N/A>
[vgeaccdh / vgeaccdh][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\vgeaccdh.sys><Yahoo! China Corporation>
[wjiaat6 / wjiaat67][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wjiaat67.sys><N/A>
[wmetrp3 / wmetrp32][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wmetrp32.sys><N/A>
[wopngy9 / wopngy97][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wopngy97.sys><N/A>
[wubucc1 / wubucc10][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wubucc10.sys><N/A>
[wufhri8 / wufhri86][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wufhri86.sys><N/A>
[wxqqdw1 / wxqqdw17][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wxqqdw17.sys><N/A>
[xbtptm1 / xbtptm12][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xbtptm12.sys><N/A>
[xmaavl8 / xmaavl88][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xmaavl88.sys><N/A>
[xnbewe3 / xnbewe34][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xnbewe34.sys><N/A>
[xnibty3 / xnibty33][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xnibty33.sys><N/A>
[xrbvyn8 / xrbvyn85][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xrbvyn85.sys><N/A>
[xrcooh7 / xrcooh72][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xrcooh72.sys><N/A>
[xwxvug1 / xwxvug12][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xwxvug12.sys><N/A>
[yaskp / yaskp][Stopped/Boot Start]
<\SystemRoot\system32\drivers\yaskp.sys><Copyright (C) yahoo Corporation.>
[yeibbq9 / yeibbq90][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\yeibbq90.sys><N/A>
[yknxjp0 / yknxjp04][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\yknxjp04.sys><N/A>
[ynhvke5 / ynhvke52][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ynhvke52.sys><N/A>
[ysbyxs3 / ysbyxs35][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ysbyxs35.sys><N/A>
[ytkcql8 / ytkcql82][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ytkcql82.sys><N/A>
[zpsmes4 / zpsmes49][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\zpsmes49.sys><N/A>
==================================
浏览器加载项
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\Program Files\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[LpkHlpr Class]
{00C104F7-0F5C-470C-ABCF-A5B2E70752F1} <C:\WINDOWS\system32\wpphlp.dll, N/A>
[CPub Object]
{0CA51D02-7739-43EA-8D9A-1E8AD4327B03} <C:\Program Files\P4P\sodaie.dll, Sogou.com Inc.>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Router Layer]
{5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} <C:\WINDOWS\System32\aclayer.dll, N/A>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[]
{75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} <C:\PROGRA~1\yok\toolbar.dll, YOK.com>
[IEAux Class]
{7605CC7C-00FD-4A5F-BAFD-828342DE6279} <C:\PROGRA~1\OCINS\ieaux.dll, 中国互联网络信息中心(CNNIC)>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[六易搜索组件项]
{AC1453C5-51E2-49f4-849F-D536745A8EE5} <C:\Program Files\sebar\sebar.dll, 61soo>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew, N/A>
[番茄花园]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[我的订阅]
{8755CE6E-0BF7-4441-8751-FB728941B0B4} <C:\Program Files\P4P\rss.dll, Sohu.com Inc.>
[启动WEB迅雷]
{962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[中文上网]
{B012491E-8FA4-4851-AA9B-22E33784FBAD} <C:\Program Files\OCINS\config.exe, 中国互联网络信息中心(CNNIC)>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[六易搜索组件项]
{AC1453C5-51E2-49f4-849F-D536745A8EE5} <C:\Program Files\sebar\sebar.dll, 61soo>
[搜狗工具条]
{DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} <C:\Program Files\P4P\ToolBar.dll, Sogou.com Inc.>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\Program Files\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[LpkHlpr Class]
{00C104F7-0F5C-470C-ABCF-A5B2E70752F1} <C:\WINDOWS\system32\wpphlp.dll, N/A>
[WebThunder Class]
{03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[CPub Object]
{0CA51D02-7739-43EA-8D9A-1E8AD4327B03} <C:\Program Files\P4P\sodaie.dll, Sogou.com Inc.>
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[WebThunder DapPlayer]
cop1025 - 2007-9-8 12:27:00
[ruyipf5 / ruyipf53][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ruyipf53.sys><N/A>
[saszpp0 / saszpp09][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\saszpp09.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[skuzfm9 / skuzfm96][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\skuzfm96.sys><N/A>
[sqhvbi6 / sqhvbi64][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sqhvbi64.sys><N/A>
[sqpdnr8 / sqpdnr86][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sqpdnr86.sys><N/A>
[swmufi8 / swmufi80][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\swmufi80.sys><N/A>
[sygnck0 / sygnck01][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sygnck01.sys><N/A>
[SysTdSvr / SysTdSvr][Stopped/Boot Start]
<\SystemRoot\system32\\drivers\\SysTdSvr.sys><N/A>
[tcvmkh7 / tcvmkh71][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\tcvmkh71.sys><N/A>
[tiiigd4 / tiiigd40][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\tiiigd40.sys><N/A>
[tnhbjq3 / tnhbjq35][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\tnhbjq35.sys><N/A>
[twpqcq7 / twpqcq77][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\twpqcq77.sys><N/A>
[tzrhki1 / tzrhki10][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\tzrhki10.sys><N/A>
[uddgem9 / uddgem91][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uddgem91.sys><N/A>
[ueocgf2 / ueocgf20][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ueocgf20.sys><N/A>
[uhisac3 / uhisac37][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uhisac37.sys><N/A>
[ulvuwm4 / ulvuwm41][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ulvuwm41.sys><N/A>
[uramub6 / uramub62][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uramub62.sys><N/A>
[uvwoof9 / uvwoof90][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uvwoof90.sys><N/A>
[uxenah0 / uxenah03][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\uxenah03.sys><N/A>
[vgeaccdh / vgeaccdh][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\vgeaccdh.sys><Yahoo! China Corporation>
[wjiaat6 / wjiaat67][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wjiaat67.sys><N/A>
[wmetrp3 / wmetrp32][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wmetrp32.sys><N/A>
[wopngy9 / wopngy97][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wopngy97.sys><N/A>
[wubucc1 / wubucc10][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wubucc10.sys><N/A>
[wufhri8 / wufhri86][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wufhri86.sys><N/A>
[wxqqdw1 / wxqqdw17][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\wxqqdw17.sys><N/A>
[xbtptm1 / xbtptm12][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xbtptm12.sys><N/A>
[xmaavl8 / xmaavl88][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xmaavl88.sys><N/A>
[xnbewe3 / xnbewe34][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xnbewe34.sys><N/A>
[xnibty3 / xnibty33][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xnibty33.sys><N/A>
[xrbvyn8 / xrbvyn85][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xrbvyn85.sys><N/A>
[xrcooh7 / xrcooh72][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xrcooh72.sys><N/A>
[xwxvug1 / xwxvug12][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\xwxvug12.sys><N/A>
[yaskp / yaskp][Stopped/Boot Start]
<\SystemRoot\system32\drivers\yaskp.sys><Copyright (C) yahoo Corporation.>
[yeibbq9 / yeibbq90][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\yeibbq90.sys><N/A>
[yknxjp0 / yknxjp04][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\yknxjp04.sys><N/A>
[ynhvke5 / ynhvke52][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ynhvke52.sys><N/A>
[ysbyxs3 / ysbyxs35][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ysbyxs35.sys><N/A>
[ytkcql8 / ytkcql82][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ytkcql82.sys><N/A>
[zpsmes4 / zpsmes49][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\zpsmes49.sys><N/A>
==================================
浏览器加载项
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\Program Files\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[LpkHlpr Class]
{00C104F7-0F5C-470C-ABCF-A5B2E70752F1} <C:\WINDOWS\system32\wpphlp.dll, N/A>
[CPub Object]
{0CA51D02-7739-43EA-8D9A-1E8AD4327B03} <C:\Program Files\P4P\sodaie.dll, Sogou.com Inc.>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
cop1025 - 2007-9-8 12:27:00
[Router Layer]
{5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} <C:\WINDOWS\System32\aclayer.dll, N/A>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[]
{75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} <C:\PROGRA~1\yok\toolbar.dll, YOK.com>
[IEAux Class]
{7605CC7C-00FD-4A5F-BAFD-828342DE6279} <C:\PROGRA~1\OCINS\ieaux.dll, 中国互联网络信息中心(CNNIC)>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[六易搜索组件项]
{AC1453C5-51E2-49f4-849F-D536745A8EE5} <C:\Program Files\sebar\sebar.dll, 61soo>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew, N/A>
[番茄花园]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[我的订阅]
{8755CE6E-0BF7-4441-8751-FB728941B0B4} <C:\Program Files\P4P\rss.dll, Sohu.com Inc.>
[启动WEB迅雷]
{962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[中文上网]
{B012491E-8FA4-4851-AA9B-22E33784FBAD} <C:\Program Files\OCINS\config.exe, 中国互联网络信息中心(CNNIC)>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[六易搜索组件项]
{AC1453C5-51E2-49f4-849F-D536745A8EE5} <C:\Program Files\sebar\sebar.dll, 61soo>
[搜狗工具条]
{DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} <C:\Program Files\P4P\ToolBar.dll, Sogou.com Inc.>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\Program Files\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[LpkHlpr Class]
{00C104F7-0F5C-470C-ABCF-A5B2E70752F1} <C:\WINDOWS\system32\wpphlp.dll, N/A>
[WebThunder Class]
{03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[CPub Object]
{0CA51D02-7739-43EA-8D9A-1E8AD4327B03} <C:\Program Files\P4P\sodaie.dll, Sogou.com Inc.>
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[WebThunder DapPlayer]
{2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <E:\Program Files\DownAndPlay\DapPlayer3.0.11.17.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\Assistant\yalive.dll, yahoo! china>
[Router Layer]
{5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} <C:\WINDOWS\System32\aclayer.dll, N/A>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[YOKHttpFilter Class]
{686D3343-D00D-49A1-96DF-66F3AF62F348} <C:\PROGRA~1\yok\adblock.dll, YOK.Com>
[XDRM]
{693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[YOKAdBlock Class]
{718F4AD3-70D4-425E-9159-5598DFC732ED} <C:\PROGRA~1\yok\adblock.dll, YOK.Com>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[]
cop1025 - 2007-9-8 12:28:00
{75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} <C:\PROGRA~1\yok\toolbar.dll, YOK.com>
[IEAux Class]
{7605CC7C-00FD-4A5F-BAFD-828342DE6279} <C:\PROGRA~1\OCINS\ieaux.dll, 中国互联网络信息中心(CNNIC)>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <E:\Program Files\InMedia\MediaAddin13.dll, Thunder Networking Technologies,LTD>
[YOKAutoLive]
{7D0E8987-BA21-483a-B1AC-149DA2F39A5A} <C:\Program Files\yok\autolive.dll, YOK.Com>
[我的订阅]
{8755CE6E-0BF7-4441-8751-FB728941B0B4} <C:\Program Files\P4P\rss.dll, Sohu.com Inc.>
[ContextSearch Class]
{88351CEF-BAC0-4A9B-8380-31A173E2926F} <C:\PROGRA~1\yok\toolbar.dll, YOK.com>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[相关搜索]
{A29F7F71-DCDB-412D-B19A-2002DC966E33} <C:\PROGRA~1\yok\relband.dll, YOK.Com>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[六易搜索组件项]
{AC1453C5-51E2-49F4-849F-D536745A8EE5} <C:\Program Files\sebar\sebar.dll, 61soo>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\system\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[搜狗工具条]
{DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} <C:\Program Files\P4P\ToolBar.dll, Sogou.com Inc.>
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[]
{F869BB38-FFEF-4589-B986-610B7AD0ADA2} <C:\PROGRA~1\yok\toolbar.dll, YOK.com>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[!搜一搜(&S)]
<res://C:\Program Files\YiSou\yisou.dll/232, N/A>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[&访问通用网址]
<C:\Program Files\OCINS\cnrbtn.html, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
<E:\Program Files\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
<E:\Program Files\GetAllUrl.htm, N/A>
[使用搜狗直通车下载]
<C:\Program Files\P4P\dl.htm, N/A>
[加入POCO网摘(&K)]
<http://my.poco.cn/fav/rightClick.php, N/A>
[发送图片到手机]
<C:\Program Files\P4P\cx.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[我的POCO网摘(&O)]
<http://my.poco.cn/fav/open_myfav.php, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[添加到“我的订阅”]
<C:\Program Files\P4P\rss.htm, N/A>
[添加到雅虎订阅(&Y)]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[珊瑚虫搜索]
<, N/A>
[珊瑚虫超级搜索]
<C:\PROGRA~1\yok\yoksch.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203, N/A>
==================================
正在运行的进程
[PID: 1508 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1580 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1604 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.5]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1648 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1660 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[PID: 1816 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1864 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[PID: 1932 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1948 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[c:\program files\iesnap\navoct.dll] [ , 1, 0, 0, 5]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 660 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[PID: 748 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[PID: 764 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
[C:\PROGRAM FILES\RISING\RAV\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\PROGRAM FILES\RISING\RAV\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\PROGRAM FILES\RISING\RAV\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\PROGRAM FILES\RISING\RAV\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\PROGRAM FILES\RISING\RAV\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\PROGRAM FILES\RISING\RAV\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\PROGRAM FILES\RISING\RAV\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\PROGRAM FILES\RISING\RAV\psapi.dll] [Microsoft Corporation, 4.00]
[C:\PROGRAM FILES\RISING\RAV\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[C:\PROGRAM FILES\RISING\RAV\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
[C:\PROGRAM FILES\RISING\RAV\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\PROGRAM FILES\RISING\RAV\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\PROGRAM FILES\RISING\RAV\HookCont.dll] [Rising, 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\SpamEng.dll] [, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 81]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
[C:\Program Files\Rising\Rav\RsVM.dll] [, 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 57]
[C:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[PID: 928 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1000 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
[C:\PROGRAM FILES\RISING\RAV\RsCommX.dll] [rising, 18, 0, 0, 1]
cop1025 - 2007-9-8 12:30:00
[C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 976 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\yok\yok.dll] [YOK.Com, 3, 0, 0, 1006]
[C:\Program Files\yok\protect.dll] [YOK.Com, 3, 0, 0, 1002]
[C:\Program Files\yok\adblock.dll] [YOK.Com, 3, 0, 0, 1003]
[C:\Program Files\yok\relband.dll] [YOK.Com, 3, 1, 0, 1005]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\yok\toolbar.dll] [YOK.com, 3, 1, 0, 1009]
[C:\Program Files\yok\buttonmail.dll] [YOK.com, 1, 0, 0, 1002]
[C:\Program Files\yok\autolive.dll] [YOK.Com, 3, 0, 0, 1002]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1040 / SYSTEM][C:\Program Files\Common Files\Sogou PXP\p2psvr.exe] [Sohu.com Inc., 2, 0, 0, 28]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[C:\Program Files\P4P\tbupdate.dll] [Sogou.com Inc., 1, 0, 1, 2]
[C:\Program Files\P4P\p4pipc.dll] [Sogou.com Inc., 1, 0, 0, 13]
[PID: 1224 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\progra~1\kvhu\ufre.dll] [, 5, 0, 0, 9]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[c:\progra~1\kvhu\zkwj.dll] [, 5, 0, 0, 9]
[c:\progra~1\kvhu\qbna.dll] [, 5, 0, 0, 9]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[PID: 2300 / Administrator][C:\Program Files\yok\yok.exe] [YOK.Com, 3, 0, 0, 1003]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\yok\protect.dll] [YOK.Com, 3, 0, 0, 1002]
[C:\Program Files\yok\adblock.dll] [YOK.Com, 3, 0, 0, 1003]
[C:\Program Files\yok\relband.dll] [YOK.Com, 3, 1, 0, 1005]
[C:\Program Files\yok\toolbar.dll] [YOK.com, 3, 1, 0, 1009]
[C:\Program Files\yok\buttonmail.dll] [YOK.com, 1, 0, 0, 1002]
[C:\Program Files\yok\autolive.dll] [YOK.Com, 3, 0, 0, 1002]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2332 / Administrator][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 46]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2368 / Administrator][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[PID: 2480 / Administrator][C:\Program Files\OCINS\idnsvr.exe] [中国互联网信息中心(CNNIC), 2, 6, 0, 0]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\OCINS\idnsvr.dll] [中国互联网信息中心(CNNIC), 2, 6, 0, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[PID: 2520 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2832 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2840 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2856 / Administrator][C:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3344 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[PID: 3776 / Administrator][C:\Program Files\Maxthon\Maxthon.exe] [Maxthon International Ltd., 1, 5, 9, 80]
[C:\Program Files\Maxthon\maxzlib.dll] [ , 1, 0, 0, 2]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[E:\Program Files\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
[C:\WINDOWS\system32\odbcbcp.dll] [Microsoft Corporation, 2000.085.1117.00 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[c:\PROGRA~1\iesnap\navpref.dll] [, 1, 0, 1, 6]
[c:\PROGRA~1\iesnap\navseg.dll] [, 1, 0, 1, 6]
[c:\PROGRA~1\iesnap\navneg.dll] [, 1, 0, 1, 6]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Maxthon\Services\RealTime\real_time.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[PID: 3784 / Administrator][C:\WINDOWS\system32\WgaTray.exe] [Microsoft Corporation, 1.7.0018.5]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 4028 / Administrator][c:\PROGRA~1\iesnap\navplay.exe] [, 1, 0, 1, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3096 / Administrator][C:\Program Files\Tencent\QQ\QQ.exe] [TENCENT, 0, 0, 0, 0]
[C:\Program Files\Tencent\QQ\CoralAssist.DLL] [Coral Team, 4.5.0 build 20060515]
[C:\Program Files\Tencent\QQ\CoralQQ.DLL] [Coral Team, 4.5.1 Build 20060620]
[C:\Program Files\Tencent\QQ\ipsearcher.dll] [, 1.0.0.4]
[C:\Program Files\Tencent\QQ\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
cop1025 - 2007-9-8 12:31:00
[C:\Program Files\Tencent\QQ\mfc42.dll] [Microsoft Corporation, 6.00.8665.0]
[C:\Program Files\Tencent\QQ\msvcp80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQHelperDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\BasicCtrlDll.dll] [Tencent, 5, 0, 200, 160]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Tencent\QQ\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
[C:\Program Files\Tencent\QQ\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
[C:\Program Files\Tencent\QQ\QQAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Tencent\QQ\LoginCtrl.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 3, 2, 1]
[C:\Program Files\Tencent\QQ\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[C:\Program Files\Tencent\QQ\QQRes.dll] [tencent, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQMainFrame.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\CQQApplication.dll] [N/A, ]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\NewSkin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\HostingMgr.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\CameraDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\MailSummary.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQSpace.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\vbscript.dll] [Microsoft Corporation, 5.6.0.7426]
[C:\Program Files\Tencent\QQ\QQAllInOne.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\GroupLive.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\SCCore.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQMMSender.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQSettingCtrl.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\Program Files\Tencent\QQ\QQGroupMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\UserDefinedHead.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQPlugin.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QRingMng.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\PhoneAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Tencent\QQ\QQAvatar.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\Program Files\Tencent\QQ\LongConnection.dll] [tencent, 5, 0, 200, 160]
[C:\Program Files\Tencent\QQ\QQPet.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQSysMsgMng.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\BQQApplication.dll] [N/A, ]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Tencent\QQ\CommercesMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[C:\Program Files\Tencent\QQ\QQUdpGetFileLib.dll] [tencent, 0, 2, 2, 3]
[C:\Program Files\Tencent\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 200]
[C:\Program Files\Tencent\QQ\QQSceneMng.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQPhoneHelper.dll] [腾讯科技(深圳)有限公司, 2, 1, 9, 95]
[PID: 3176 / Administrator][C:\Program Files\Tencent\QQ\TIMPlatform.exe] [tencent, 0, 3, 1, 8]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 3456 / Administrator][C:\Program Files\Tencent\QQ\QQ.exe] [TENCENT, 0, 0, 0, 0]
[C:\Program Files\Tencent\QQ\CoralAssist.DLL] [Coral Team, 4.5.0 build 20060515]
[C:\Program Files\Tencent\QQ\CoralQQ.DLL] [Coral Team, 4.5.1 Build 20060620]
[C:\Program Files\Tencent\QQ\ipsearcher.dll] [, 1.0.0.4]
[C:\Program Files\Tencent\QQ\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Tencent\QQ\mfc42.dll] [Microsoft Corporation, 6.00.8665.0]
[C:\Program Files\Tencent\QQ\msvcp80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQHelperDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\BasicCtrlDll.dll] [Tencent, 5, 0, 200, 160]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Tencent\QQ\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
[C:\Program Files\Tencent\QQ\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
[C:\Program Files\Tencent\QQ\QQAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Tencent\QQ\LoginCtrl.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 3, 2, 1]
[C:\Program Files\Tencent\QQ\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[C:\Program Files\Tencent\QQ\QQRes.dll] [tencent, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQMainFrame.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\CQQApplication.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\NewSkin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\HostingMgr.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\CameraDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\MailSummary.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQSpace.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\vbscript.dll] [Microsoft Corporation, 5.6.0.7426]
[C:\Program Files\Tencent\QQ\QQAllInOne.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\GroupLive.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\SCCore.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQMMSender.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQSettingCtrl.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\Program Files\Tencent\QQ\QQGroupMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\UserDefinedHead.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQPlugin.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\LongConnection.dll] [tencent, 5, 0, 200, 160]
[C:\Program Files\Tencent\QQ\QQSysMsgMng.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msadp32.acm] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Tencent\QQ\QQCustomFace.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\gdiplus.dll] [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Tencent\QQ\GroupConnection.dll] [Tencent, 5, 0, 202, 170]
[C:\Program Files\Tencent\QQ\QRingMng.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\PhoneAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
cop1025 - 2007-9-8 12:32:00
[C:\Program Files\Tencent\QQ\QQPet.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQAvatar.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\Program Files\Tencent\QQ\BQQApplication.dll] [N/A, ]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Tencent\QQ\CommercesMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[C:\Program Files\Tencent\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 200]
[C:\Program Files\Tencent\QQ\QQSceneMng.dll] [N/A, ]
[PID: 3832 / Administrator][C:\Program Files\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[C:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RavUI.Dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\MVEngine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\Engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 22]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 81]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
[C:\Program Files\Rising\Rav\RsVM.dll] [, 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 57]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[PID: 3996 / Administrator][C:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3172 / Administrator][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3424]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 900 / Administrator][E:\Program Files\WebThunder.exe] [深圳市迅雷网络技术有限公司, 1, 10, 2, 173]
[E:\Program Files\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[E:\Program Files\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 2, 1, 26]
[E:\Program Files\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 17, 5, 130]
[E:\Program Files\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[E:\Program Files\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 17, 5, 130]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
[E:\Program Files\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 16, 5, 59]
[E:\Program Files\CacheServer.dll] [, 1, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[E:\Program Files\XLSafe\WebThunderSafe.dll] [N/A, ]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[E:\Program Files\Inmedia\iEmbedShell.dll] [ , 1, 0, 0, 21]
[E:\Program Files\InMedia\iEmbed11.dll] [ , 3, 3, 2, 91]
[E:\Program Files\InMedia\PlayerHelper.dll] [thunder, 1, 1, 0, 24]
[E:\Program Files\DownAndPlay\WebDownAndPlay.dll] [ShenZhen Thunder Networking Technologies Ltd., 1, 0, 2, 20]
[E:\Program Files\XLStatistic\XLStatisticAddin.dll] [深圳市迅雷网络技术有限公司, 1, 1, 0, 1]
[E:\Program Files\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 2, 1, 9]
[PID: 956 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.000\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.000\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, ]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
C:\WINDOWS\system32\TcpIpDog0.dll(, N/A)
MSAFD Tcpip [UDP/IP]
C:\WINDOWS\system32\TcpIpDog0.dll(, N/A)
MSAFD Tcpip [RAW/IP]
C:\WINDOWS\system32\TcpIpDog0.dll(, N/A)
RSVP UDP Service Provider
C:\WINDOWS\system32\TcpIpDogR0.dll(, N/A)
RSVP TCP Service Provider
C:\WINDOWS\system32\TcpIpDogR0.dll(, N/A)
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
cop1025 - 2007-9-8 12:32:00
==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 2300, C:\PROGRAM FILES\YOK\YOK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2300, C:\PROGRAM FILES\YOK\YOK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2332, C:\WINDOWS\SOUNDMAN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2368, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2832, C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2856, C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3776, C:\PROGRAM FILES\MAXTHON\MAXTHON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4028, C:\PROGRA~1\IESNAP\NAVPLAY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3096, C:\PROGRAM FILES\TENCENT\QQ\QQ.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3176, C:\PROGRAM FILES\TENCENT\QQ\TIMPLATFORM.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3456, C:\PROGRAM FILES\TENCENT\QQ\QQ.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3832, C:\PROGRAM FILES\RISING\RAV\RAV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3996, C:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 900, E:\PROGRAM FILES\WEBTHUNDER.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
cop1025 - 2007-9-8 12:33:00
发上来了,好长啊,然后呢????
谢谢了
cop1025 - 2007-9-8 21:03:00
【回复“cop1025”的帖子】
帮我看看啊!!各位版主和高人,谢谢了
cop1025 - 2007-9-10 18:50:00
请高人看看啊!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
天月来了 - 2007-9-10 19:05:00
表说了!!!
全格重装新系统。
或者你再这样
下载 System Repair Engineer(2.5版本),到你的“Windows”文件夹里。
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 将SREngPs.exe运行.
3 智能扫描=》扫描=》保存报告
4 把日志中的报告文字内容完整复制分段贴上来,不要修改
5 也可以将日志的扩展名改为“.txt”,再以附件方式发来。
天月来了 - 2007-9-10 19:05:00
表说了!!!
全格重装新系统。
或者你再这样
下载 System Repair Engineer(2.5版本),到你的“Windows”文件夹里。
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 将SREngPs.exe运行.
3 智能扫描=》扫描=》保存报告
4 把日志中的报告文字内容完整复制分段贴上来,不要修改
5 也可以将日志的扩展名改为“.txt”,再以附件方式发来。
没有梦想的男人 - 2007-9-10 19:45:00
全是流氓插件,太多了吧,手工删除的话累都累死你,
http://www.arswp.com/
http://www.360safe.com/
去下载这二个然后安装升级到最新版本.如果安装不了先去http://360safe.qihoo.com/killer/k-cnnic.html下载cnnic专杀工具杀掉cnnic再安装.
然后重启按F8进入安全模式,打开360safe清理流氓插件,清空使用痕迹.再打开arswp全盘扫描清理.
日不懂啊 - 2007-9-10 19:52:00
天月大大已经教你了~~
你的日志真的是没见过,不认识....
怕怕了
<a><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<IdnSvr><C:\Program Files\OCINS\idnsvr.exe> [(Verified)China Internet Network Information Center]
<prx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<tdrgltgnxjpx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<e><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ybznxw><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<qbehtvnobnubtxx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<o><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<f><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<h><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<mmpamf><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<bqjaadrnzenbio><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<jbdbkmwaw><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<bttarmyfgjee><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<cvnhfzrym><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<phlvgfyifmj><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<fomzwvo><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<phbmniepuk><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<dlbgfcweyfzu><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ueskoaudpul><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<tineugtr><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<vytkdshlat><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<unik><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<brwfq><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<oygvhcyqyzf><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<sjnpfcgrxragrkv><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<bn><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<raevazaol><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<mqnduxlnrly><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ryg><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<umxkeduvwgo><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<cla><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<asvuhydtudjn><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<heilkcustxdh><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<accfwetcaum><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<sx><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<ikrzkbzrnbt><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<iuyvffiznynyeee><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<rrpmiyoe><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<rpnlhov><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
<qwdc><#D;]XJOEPXT]tztufn43]Svoemm43/fyf#!#D;]XJOEPXT]tztufn43]deoqsi/emm#-Tubsu> [N/A]
...........
这一大堆是什么,真的不明白
驱动程序里就
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
见过,其他都是什么呀
服务
[Navoct / Navoct][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< >
这个要删,其他对的
但你的注册表....我哭了
发现一个关键的坏蛋:
C:\WINDOWS\system32\TcpIpDog0.dll
找到,改名为1.dll 重起删除
不知道还有没有的救
Aasetup - 2007-9-10 20:00:00
日不懂啊 - 2007-9-10 20:09:00
天书啊~~~~
看8懂~~~~
LZ删吧~~~~
不知道会不会崩溃(估计会)
天月来了 - 2007-9-10 20:28:00
我只是想可能扫描时异常而已。还是建议再下载个新的。再扫个看看。
1
© 2000 - 2026 Rising Corp. Ltd.
