求杀Trojan.DL.Win32.Agent.ygw 病毒的方法 bbs.ikaka.com

天堂梦想 - 2007-9-16 14:26:00

瑞星发现后，提示重新启动后删除，但重启后依然存在，开机时提示某个dll文件拒绝访问。
用SREng扫描文件如下：求高手详细指点！先谢谢！
2007-09-16,14:00:31

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<ISBMgr.exe><C:\Program Files\Sony\ISB Utility\ISBMgr.exe> [Sony Corporation]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.]
<NvCplDaemon><; C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Publisher]
<igfxpers><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k> [N/A]
<CertificateRegistration><; SafeSignCertReg.exe> [A.E.T. Europe B.V.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]

==================================
启动文件夹
N/A

[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)

天堂梦想 - 2007-9-16 14:29:00

启动文件夹
N/A

==================================
服务
[Application Experience Lookup Services / AeLookupSvcs][Stopped/Auto Start]
<><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Image Converter video recording monitor for VAIO Entertainment / Image Converter video recording monitor for VAIO Entertainment][Stopped/Manual Start]
<C:\Program Files\Sony\Image Converter 2\IcVzMon.exe><Sony Corporation>
[MSCSPTISRV / MSCSPTISRV][Stopped/Manual Start]
<"C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe"><Sony Corporation>
[NVIDIA Display Driver Service / NVSvc][Stopped/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[PACSPTISVR / PACSPTISVR][Stopped/Manual Start]
<"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[PnP plug 0n Service / PnP plug 0n Service][Stopped/Auto Start]
<><N/A>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Sony SPTI Service / SPTISRV][Stopped/Manual Start]
<"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[SonicStage SCSI Service / SSScsiSV][Stopped/Manual Start]
<C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe><Sony Corporation>
[Symantec Core LC / Symantec Core LC][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation>
[VAIO Entertainment Aggregation and Control Service / VAIO Entertainment Aggregation and Control Service][Running/Manual Start]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe"><Sony Corporation>
[VAIO Entertainment Task Scheduler / VAIO Entertainment Task Scheduler][Stopped/Manual Start]
<"C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe"><Sony Corporation>
[VAIO Entertainment TV Device Arbitration Service / VAIO Entertainment TV Device Arbitration Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe"><Sony Corporation>
[VAIO Event Service / VAIO Event Service][Running/Auto Start]
<C:\Program Files\Sony\VAIO Event Service\VESMgr.exe><Sony Corporation>
[VAIO Media Integrated Server / VAIOMediaPlatform-IntegratedServer-AppServer][Stopped/Manual Start]
<C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe><Sony Corporation>
[VAIO Media Integrated Server (HTTP) / VAIOMediaPlatform-IntegratedServer-HTTP][Stopped/Manual Start]
<"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP"><Sony Corporation>
[VAIO Media Integrated Server (UPnP) / VAIOMediaPlatform-IntegratedServer-UPnP][Stopped/Manual Start]
<C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe><Sony Corporation>
[VAIO Media Gateway Server / VAIOMediaPlatform-Mobile-Gateway][Stopped/Manual Start]
<"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server"><Sony Corporation>
[VAIO Entertainment UPnP Client Adapter / Vcsw][Running/Manual Start]
<C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -RunBySCM><Sony Corporation>
[VAIO Entertainment Database Service / VzCdbSvc][Running/Auto Start]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"><Sony Corporation>
[VAIO Entertainment File Import Service / VzFw][Running/Auto Start]
<C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe><Sony Corporation>

天堂梦想 - 2007-9-16 14:30:00

==================================
驱动程序
[acpidisk / acpidisk][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[AEGIS Protocol (IEEE 802.1x) v3.4.10.0 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Alps Pointing-device Filter Driver / ApfiltrService][Running/Manual Start]
<system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[d8k / d8km][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\d8km.sys><N/A>
[Sony DMI Call service / DMICall][Running/System Start]
<system32\DRIVERS\DMICall.sys><Sony Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[usb Card Device / ft2kEnum][Running/Manual Start]
<system32\DRIVERS\ic2kenum.sys><OEM Corporation>
[USB Chip Holder Service / GDBaseSmc][Running/Manual Start]
<system32\DRIVERS\Chip_smc.sys><OEM>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
<system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[mProcRs / mProcRs][Running/Auto Start]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Sony Visual Communication Camera VGP-VCC2 / Mvc25U870_VID_1262&PID_25FD][Running/Manual Start]
<System32\Drivers\Mvc25U870.sys><Micro Vision Co.,Ltd>
[mxdispdr / mxdispdr][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\mxdispdr.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[SmartCard Reader Device / Reader_Device][Running/Manual Start]
<system32\DRIVERS\usbic2k.sys><OEM>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[WLAN 传输 / s24trans][Running/Auto Start]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 2.x) / sfsync02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfsync02.sys><Protection Technology>
[Sony HDD Protection Filter Driver / shpf][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\shpf.sys><Sony Corporation>
[Sony Notebook Control Device / SNC][Running/Manual Start]
<System32\Drivers\SonyNC.sys><Sony Corporation>
[Sony Image Conversion Filter Driver / SonyImgF][Running/Manual Start]
<system32\DRIVERS\SonyImgF.sys><Sony Corporation>
[Sony Programmable I/O Control Device / SPI][Running/Manual Start]
<system32\DRIVERS\SonyPI.sys><Sony Corporation>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\sthda.sys><SigmaTel, Inc.>
[SYMIDSCO / SYMIDSCO][Stopped/Manual Start]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20061215.005\symidsco.sys><N/A>
[symlcbrd / symlcbrd][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\symlcbrd.sys><Symantec Corporation>
[TC USB Kernel Driver / TcUsb][Running/Manual Start]
<System32\Drivers\tcusb.sys><UPEK Inc.>
[ti21sony / ti21sony][Running/Manual Start]
<system32\drivers\ti21sony.sys><Texas Instruments>
[usb token Device Driver / token][Stopped/Manual Start]
<system32\DRIVERS\eps2kt1.sys><>
[TOSHIBA Bluetooth HID port driver / toshidpt][Stopped/Manual Start]
<system32\drivers\Toshidpt.sys><TOSHIBA Corporation.>
[Bluetooth Port Driver from Toshiba / tosporte][Running/Manual Start]
<system32\DRIVERS\tosporte.sys><TOSHIBA Corporation>
[Bluetooth RFBUS from TOSHIBA / Tosrfbd][Stopped/Manual Start]
<System32\Drivers\tosrfbd.sys><TOSHIBA CORPORATION>
[Bluetooth RFBNEP from TOSHIBA / Tosrfbnp][Stopped/Manual Start]
<System32\Drivers\tosrfbnp.sys><TOSHIBA Corporation>
[Bluetooth RFCOMM from TOSHIBA / Tosrfcom][Running/System Start]
<System32\Drivers\tosrfcom.sys><TOSHIBA Corporation>
[Bluetooth RFHID from TOSHIBA / Tosrfhid][Stopped/Manual Start]
<system32\DRIVERS\Tosrfhid.sys><TOSHIBA Corporation.>
[Bluetooth Personal Area Network from TOSHIBA / tosrfnds][Stopped/Manual Start]
<system32\DRIVERS\tosrfnds.sys><TOSHIBA Corporation.>
[Bluetooth Audio Device (WDM) from TOSHIBA / TosRfSnd][Stopped/Manual Start]
<system32\drivers\TosRfSnd.sys><TOSHIBA Corporation>
[Bluetooth USB Controller / Tosrfusb][Stopped/Manual Start]
<System32\Drivers\tosrfusb.sys><TOSHIBA CORPORATION>
[vj67afqq / vj67afqq][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\vj67afqq.sys><N/A>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Stopped/Manual Start]
<system32\DRIVERS\w39n51.sys><Intel? Corporation>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
<system32\DRIVERS\yk51x86.sys><Marvell>

天堂梦想 - 2007-9-16 14:31:00

浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司>
[PopBlocker Class]
{7648AC4A-76F6-4d95-B2C4-F0DBD88E5DD5} <C:\WINDOWS\system32\svrhost.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_004.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[eachnet]
{FFB2385E-E812-4091-8C12-2370DC67F769} <http://www.eachnet.com/specials/digi.html?adid=dzcm_dza_000_soft0_digi, N/A>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[PopBlocker Class]
{7648AC4A-76F6-4D95-B2C4-F0DBD88E5DD5} <C:\WINDOWS\system32\svrhost.dll, Microsoft Corporation>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360safe.com>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_004.dll, Thunder Networking Technologies,LTD>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
<, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<, N/A>
[用QQ彩信发送该图片]
<, N/A>

天堂梦想 - 2007-9-16 14:33:00

正在运行的进程
[PID: 692][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 784][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2505 (xpsp.040806-1825)]
[C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.5]
[C:\WINDOWS\system32\winlib .dll] [N/A, ]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\WINDOWS\system32\msplrct.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 828][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 840][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\fusstub.dll] [UPEK Inc., 5.3.0.2815]
[C:\Program Files\Protector Suite QL\infra.dll] [UPEK Inc., 5.3.0.2815]
[C:\Program Files\Protector Suite QL\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Protector Suite QL\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Protector Suite QL\homefus.dll] [UPEK Inc., 5.3.0.2815]
[PID: 992][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1068][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1140][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1156][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1500][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 10, 1, 0, 1]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 0, 5]
[PID: 1556][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 10, 1, 0, 34]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10, 1, 0, 3]
[C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL] [N/A, ]
[PID: 1652][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1744][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[PID: 1760][C:\Program Files\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\Program Files\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[C:\Program Files\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\psapi.dll] [Microsoft Corporation, 4.00]
[C:\Program Files\Rising\Rav\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[C:\Program Files\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
[C:\Program Files\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\Program Files\Rising\Rav\HookCont.dll] [Rising, 19, 0, 0, 0]
[C:\Program Files\Rising\Rav\SpamEng.dll] [, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 83]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]

天堂梦想 - 2007-9-16 14:34:00

[C:\Program Files\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 1816][c:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 35]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[c:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[c:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[c:\program files\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00]
[c:\program files\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[c:\program files\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[c:\program files\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1984][C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 236][C:\Program Files\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 676][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 10, 1, 0, 1]
[PID: 1268][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1380][C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe] [Symantec Corporation, 1.9.1.843]
[C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll] [Symantec Corporation, 1.9.1.843]
[C:\WINDOWS\system32\MSVCR71.DLL] [Microsoft Corporation, 7.10.3052.4]
[PID: 1216][C:\Program Files\Sony\VAIO Event Service\VESMgr.exe] [Sony Corporation, 2.3.00.04130]
[C:\Program Files\Sony\VAIO Event Service\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\Sony\VAIO HDD Protection\VESStorageProtect.dll] [Sony Corporation, 2, 2, 1, 8110]
[C:\Program Files\Sony\VAIO HDD Protection\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll] [N/A, ]
[C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll] [Sony Corporation, 6, 3, 0, 10120]
[C:\Program Files\Common Files\Sony Shared\SXBIOS\sxbios.dll] [Sony Corporation, 4.02.8170]
[C:\Program Files\Sony\VAIO Event Service\VESSuEvent.dll] [Sony Corporation, 2.3.00.02240]
[C:\Program Files\Sony\VAIO Event Service\VESWndMsg.dll] [Sony Corporation, 2.3.00.03190]
[C:\Program Files\Sony\VAIO Event Service\VESWndMsgHook.dll] [Sony Corporation, 2.2.00.05200]
[C:\Program Files\Sony\VAIO Event Service\VESTransform.dll] [Sony Corporation, 2.3.00.03190]
[C:\Program Files\Sony\VAIO Event Service\MSVCP70.dll] [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\Sony\VAIO Power Management\VESPowerMgr.dll] [Sony Corporation, 2.3.00.03210]
[C:\Program Files\Sony\VAIO Event Service\VESSemiPnP.dll] [Sony Corporation, 2.3.00.05310]
[C:\Program Files\Sony\VAIO Event Service\VESSuPerform.dll] [Sony Corporation, 2.3.00.04270]
[C:\Program Files\Sony\VAIO Event Service\VESVideo.dll] [Sony Corporation, 2.3.00.03300]
[C:\Program Files\Sony\VAIO Event Service\VESPerform.dll] [Sony Corporation, 2.3.00.04270]
[C:\Program Files\Sony\VAIO Event Service\VESFnLock.dll] [Sony Corporation, 2.3.00.03190]
[C:\Program Files\Sony\VAIO Event Service\VESHKWndCommon.dll] [Sony Corporation, 2.3.00.05300]
[C:\WINDOWS\system32\IGFXEXPS.DLL] [Intel Corporation, 3.0.0.4436]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRsPS.dll] [Sony Corporation, 1.4.00.14090]
[PID: 1524][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_004.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\PROGRA~1\Sony\IMAGEC~1\CtxMenu.dll] [ , 1, 5, 0, 3300]
[C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[PID: 1800][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe] [Sony Corporation, 1.3.02.04040]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\sonyuppc.dll] [Sony Corporation, 7.0.00.11040]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\UPnPCtrl.dll] [Sony Corporation, 2, 0, 1, 10010]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll] [Sony Corporation, 1.3.01.06130]

天堂梦想 - 2007-9-16 14:35:00

[PID: 1840][C:\WINDOWS\system32\igfxext.exe] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\IGFXEXPS.DLL] [Intel Corporation, 3.0.0.4436]
[PID: 180][C:\WINDOWS\system32\igfxsrvc.exe] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4436]
[PID: 200][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe] [Sony Corporation, 1.2.11.04220]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbVcds.dll] [Sony Corporation, 1.2.11.04220]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSsDB.dll] [Sony Corporation, 1.2.11.04221]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbLocalDB.dll] [Sony Corporation, 1.2.11.04220]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll] [Sony Corporation, 1.3.01.06130]
[C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Metallic.dll] [Sony Corporation, 2.8.00.12140]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcps.dll] [Sony Corporation, 1.2.11.04220]
[PID: 296][c:\program files\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
[c:\program files\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[c:\program files\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[c:\program files\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[c:\program files\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[c:\program files\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 496][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe] [Sony Corporation, 1.2.11.04220]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFwImport.dll] [Sony Corporation, 1.2.11.06150]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdb.dll] [Sony Corporation, 1.2.11.05250]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcps.dll] [Sony Corporation, 1.2.11.04220]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCs.dll] [Sony Corporation, 1.6.00.10030]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[PID: 2400][C:\Program Files\Sony\ISB Utility\ISBMgr.exe] [Sony Corporation, 1, 0, 0, 2180]
[C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll] [Sony Corporation, 6, 3, 0, 10120]
[C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\Common Files\Sony Shared\SXBIOS\sxbios.dll] [Sony Corporation, 4.02.8170]
[C:\Program Files\Sony\ISB Utility\ISBRes.dll] [Sony Corporation, 1, 0, 1, 9290]
[PID: 2536][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[PID: 2560][C:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 2584][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3208]
[PID: 2648][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4436]
[PID: 2696][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4436]
[PID: 2728][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3116][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe] [Sony Corporation, 1.4.00.14090]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\System.dll] [Sony Corporation, 1.4.00.14090]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRsPS.dll] [Sony Corporation, 1.4.00.14090]
[PID: 3344][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3604][C:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[PID: 3640][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3424]

天堂梦想 - 2007-9-16 14:35:00

[PID: 2368][C:\Program Files\Maxthon2\Maxthon.exe] [Maxthon International ltd., 2, 0, 3, 4643]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\Program Files\Maxthon2\MxExt.dll] [N/A, ]
[C:\Program Files\Maxthon2\mxpp.dll] [Maxthon, 1, 0, 0, 61]
[C:\Program Files\Maxthon2\MxSk.dll] [Maxthon, 1, 0, 0, 119]
[C:\Program Files\Maxthon2\MxProxy2.dll] [, 1, 0, 0, 3531]
[C:\Program Files\Maxthon2\IMxWebBoost.dll] [Maxthon, 1, 0, 0, 67]
[C:\Program Files\Maxthon2\mxdb.dll] [N/A, ]
[C:\Program Files\Maxthon2\mxsafe.dll] [Maxthon, 1, 0, 0, 477]
[C:\Program Files\Maxthon2\MxFav.dll] [Maxthon, 1, 0, 0, 220]
[C:\Program Files\Maxthon2\maxzlib.dll] [, 1.2.3]
[C:\Program Files\Maxthon2\mxtool.dll] [, 1, 0, 0, 1]
[C:\Program Files\Maxthon2\mxfeedU.dll] [, 1, 0, 45, 82]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\Program Files\Internet Explorer\ieproxy.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3216][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\WINDOWS\system32\IEFRAME.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\WINDOWS\system32\IEUI.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\xmllite.dll] [Microsoft Corporation, 1.00.1018.0]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[C:\Program Files\Internet Explorer\ieproxy.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.0.4]
[C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll] [金泰丰(广州)科技有限公司, 2, 3, 0, 0]
[C:\WINDOWS\system32\svrhost.dll] [Microsoft Corporation, 1, 0, 0, 1]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_004.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
[C:\WINDOWS\system32\ieapfltr.dll] [Microsoft Corporation, 7.0.6000.16461]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[C:\WINDOWS\system32\upengine.dll] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[PID: 4076][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[PID: 2624][C:\DOCUME~1\yuqiming\LOCALS~1\Temp\Rar$EX29.422\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16512 (vista_gdr.070625-1522)]
[C:\DOCUME~1\yuqiming\LOCALS~1\Temp\Rar$EX29.422\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

天堂梦想 - 2007-9-16 14:36:00

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1556, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1216, C:\PROGRAM FILES\SONY\VAIO EVENT SERVICE\VESMGR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2400, C:\PROGRAM FILES\SONY\ISB UTILITY\ISBMGR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2536, C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2560, C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2584, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3604, C:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 4076, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================

[/CODE]

瑞星卡卡安全论坛