Trojan.DL.Agent.nxd和Rootkit.Agent.yj病毒杀不掉 bbs.ikaka.com

面……包 - 2007-9-17 11:49:00

2007-09-17,11:30:20

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Server Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<pyjj><C:\Program Files\jj4\jjsvr4.exe> [加加开发组]
<PcSync><C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog> [Time Information Services Ltd.]
<中国移动手机桌面助理><C:\Program Files\中国移动手机桌面助理\MDA.exe> [中国移动通信集团公司]
<ctfmon.exe><ctfmon.exe> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<EtherDetect><> [N/A]
<WebThunder><C:\Program Files\Thunder Network\WebThunder\WebThunder.exe> [深圳市迅雷网络技术有限公司]
<PCSuiteTrayApplication><C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup> [Nokia]
<runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.]
<RavTray><"C:\Program Files\Rising\Rav\RavTray.exe"> [Rising]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [(Verified)Yahoo! China]
<DAEMON Tools><"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033> [(Verified)DT Soft Ltd.]
<Windows木马防火墙><D:\MMQDF\Trojanwall.exe> [风云谷]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<CPushSetup><"C:\WINNT\system32\regsvr32.exe" /s "C:\Program Files\Common Files\CPUSH\cpush.dll"> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINNT\system32\Userinit.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINNT\DOWNLO~1\CnsHook.dll> [(Verified)国风因特软件（北京）有限公司]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><> [N/A]
<{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINNT\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Microsoft Office]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [Microsoft Corporation]><N>
[服务管理器]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MI6841~1\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>
[新浪点点通]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\新浪点点通.lnk --> C:\PROGRA~1\Sina\ddt\DDTDesk.exe [北京新浪信息技术有限公司]><N>
[腾讯QQ]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\qq\QQ.exe [TENCENT]><N>
[腾讯QQ珊瑚虫版]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk --> C:\PROGRA~1\Tencent\qq\CoralQQ.exe [珊瑚虫工作室]><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Routing Protect Access / MouTALS][Stopped/Disabled]
<C:\WINNT\SYSTEM32\RUNDLLFOROUR.EXE C:\WINNT\SYSTEM32\WBEM\GRPSD.DLL,Export 1087><N/A>
[Microsoft Search / MSSEARCH][Running/Auto Start]
<"C:\Program Files\Common Files\Microsoft Shared\MSSearch\Bin\mssearch.exe"><Microsoft Corporation>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
<C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
<C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[RavService / RavService][Running/Auto Start]
<"C:\Program Files\Rising\Rav\RavService.exe" /service><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[ServiceLayer / ServiceLayer][Running/Manual Start]
<"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
<C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
[QBICFTWV / UWNSFQCXPXPHQVD][Stopped/Auto Start]
<-->C:\Windows\system32\wbem\SPXAC.DLL><>
[WMDM PMSP Service / WMDM PMSP Service][Running/Auto Start]
<C:\WINNT\system32\mspmspsv.exe><Microsoft Corporation>

==================================
驱动程序
[atirage3 / atirage3][Running/Manual Start]
<System32\DRIVERS\atimpab.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[bootdrv / bootdrv][Running/Boot Start]
<\SystemRoot\System32\Drivers\bootdrv.sys><N/A>
[cexeqw0 / cexeqw03][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cexeqw03.sys><N/A>
[CnsMinKP / CnsMinKP][Running/Boot Start]
<\SystemRoot\system32\drivers\CnsMinKP.sys><国风因特软件（北京）有限公司>
[CnsStd / CnsStd][Running/Auto Start]
<\SystemRoot\System32\drivers\CnsStd.sys><国风因特软件（北京）有限公司>
[dmboot / dmboot][Stopped/Disabled]
<System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
<\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
<\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[Intel(R) PRO/1000 Adapter Driver / E1000][Running/Manual Start]
<System32\DRIVERS\e1000nt5.sys><Intel Corporation>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
<System32\DRIVERS\e100bnt5.sys><Intel Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
<\??\C:\PROGRAM FILES\RISING\RAV\HookApi.Sys><瑞星软件有限公司>
[HookCont / HookCont][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[kwgmrcak / kwgmrcak][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\kwgmrcak.sys><Yahoo! China Corporation>
[lbnanblf / lbnanblf][Running/Manual Start]
<\SystemRoot\\SystemRoot\System32\drivers\lbnanblf.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[mxdispdr / mxdispdr][Running/Auto Start]
<\??\C:\WINNT\system32\drivers\mxdispdr.sys><N/A>
[Nokia USB Generic / Nokia USB Generic][Stopped/Manual Start]
<system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem][Stopped/Manual Start]
<system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent][Stopped/Manual Start]
<system32\drivers\nmwcd.sys><Nokia>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\WINNT\system32\qqedit\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rfsafe / rfsafe][Running/Boot Start]
<\SystemRoot\system32\drivers\rfsafe.sys><sina>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[rtig / rtigr][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\rtigr.sys><N/A>
[Silicon Image SiI 3112 SATARaid Controller / si3112r][Running/Boot Start]
<\SystemRoot\system32\drivers\si3112r.sys><Silicon Image, Inc>
[Sony Memory Stick Driver(SONYPVM1) / SONYPVM1][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\SONYPVM1.SYS><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
<system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[sptd / sptd][Running/Manual Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[yaskp / yaskp][Running/Boot Start]
<\SystemRoot\system32\drivers\yaskp.sys><Copyright (C) yahoo Corporation.>
[R2A / R2A][Stopped/Disabled]
<\??\C:\WINNT\system32a2.sys><N/A>

面……包 - 2007-9-17 11:49:00

==================================
浏览器加载项
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IDDTInitObj Class]
{15DDE989-CD45-4561-BF99-D22C0D5C2B74} <C:\PROGRA~1\Sina\ddt\ddtinit.dll, 北京新浪信息技术有限公司>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[DragSearch]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ydragsearch.dll, yahoo! china>
[KillObj Class]
{66C28884-4E5D-494B-80C9-CAA27528FD6D} <C:\PROGRA~1\Sina\ddt\ddtkillw.ocx, 北京新浪信息技术有限公司>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINNT\DOWNLO~1\CnsHook.dll, 国风因特软件（北京）有限公司>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
{6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[中国移动手机桌面助理]
{8806E443-0E06-4ed9-86D3-0C2D959F83DD} <C:\Program Files\中国移动手机桌面助理\MDA.exe, 中国移动通信集团公司>
[启动WEB迅雷]
{962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[电雷超级下载]
{A6A84943-17AB-4363-A518-8D750FDF57C3} <"D:\Program Files\Dianlei\dianlei.exe", N/A>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[新浪点点通]
{F60C7D81-8471-4D40-AAFE-56D318F34C2D} <C:\PROGRA~1\Sina\ddt\DDTONG~1.DLL, 北京新浪信息技术有限公司>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[]
{974AD624-EA50-4831-A6C0-3040F6665396} <C:\PROGRA~1\Sina\ddt\rssband.dll, 北京新浪信息技术有限公司>
[新浪点点通阅读器]
{F0646DC8-58CD-4C64-8F6B-525043914685} <C:\PROGRA~1\Sina\ddt\rssband.dll, 北京新浪信息技术有限公司>
[新浪点点通]
{F60C7D81-8471-4D40-AAFE-56D318F34C2D} <C:\PROGRA~1\Sina\ddt\DDTONG~1.DLL, 北京新浪信息技术有限公司>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll, yahoo! china>
[ULiveCtrl Control]
{070CA17A-4BD2-4612-83B4-32B1B9159B47} <C:\WINNT\system32\UCLIVE~1.OCX, 北京新浪信息技术有限公司>
[Edit Class]
{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINNT\system32\CMBEdit.dll, N/A>
[Office Update Installation Engine]
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINNT\opuc.dll, Microsoft Corporation>
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINNT\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINNT\system32\muweb.dll, Microsoft Corporation>
[Tencent Safety Online Base Module]
{C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINNT\DOWNLO~1\TSOBase.ocx, Tencent Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[WebThunder Class]
{03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[WebThunder DapPlayer]
{2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.11.17.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, N/A>
[XDRM]
{693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\WebThunder\InMedia\MediaAddin13.dll, Thunder Networking Technologies,LTD>
[AutoLive]
{7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, 国风因特软件（北京）有限公司>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINNT\system32\msnetobj.dll, Microsoft Corporation>
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[&使用电雷下载]
<D:\Program Files\Dianlei\geturl.htm, N/A>
[使用MDA发送彩信]
<C:\Program Files\中国移动手机桌面助理\Html\SendMMS.htm, N/A>
[使用MDA发送短信]
<C:\Program Files\中国移动手机桌面助理\Html\SendSMS.htm, N/A>
[使用Web迅雷下载]
<C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
<C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll/203, N/A>

面……包 - 2007-9-17 11:51:00

==================================
正在运行的进程
[PID: 228][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 260][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 280][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[C:\WINNT\system32\msplrct.dll] [N/A, N/A]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[PID: 308][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 320][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011]
[PID: 500][C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 556][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 588][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.7059]
[C:\WINNT\system32\EBPMON2.DLL] [SEIKO EPSON CORPORATION, 2, 39, 0, 0]
[C:\WINNT\system32\spool\PRTPROCS\W32X86\BRPP2KA.DLL] [Brother Industries ,Ltd , 1.03]
[C:\WINNT\system32\spool\PRTPROCS\W32X86\vprproc.dll] [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[PID: 656][C:\Program Files\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 760][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 788][C:\WINNT\System32\llssrv.exe] [Microsoft Corporation, 5.00.2195.7021]
[PID: 872][C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe] [Microsoft Corporation, 2000.080.0194.00]
[PID: 932][C:\Program Files\Rising\Rav\RavService.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 55]
[C:\Program Files\Rising\Rav\DLCenter.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 3]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[PID: 940][C:\WINNT\system32\regsvc.exe] [Microsoft Corporation, 5.00.2195.6701]
[PID: 956][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972]
[PID: 1076][C:\WINNT\system32\stisvc.exe] [Microsoft Corporation, 5.00.2195.6656]
[PID: 1196][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[PID: 404][C:\WINNT\system32\mspmspsv.exe] [Microsoft Corporation, 7.10.00.3059]
[PID: 1272][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1296][C:\WINNT\system32\Dfssvc.exe] [Microsoft Corporation, 5.00.2195.6664]
[PID: 1320][C:\WINNT\System32\inetsrv\inetinfo.exe] [Microsoft Corporation, 5.00.0984]
[PID: 1416][C:\Program Files\Common Files\Microsoft Shared\MSSearch\Bin\mssearch.exe] [Microsoft Corporation, 9.107.5512.0]
[PID: 1672][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 448][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\shdocvw32.dll] [Microsoft Corporation, 6.00.3790.2783 ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\WINNT\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\WINNT\DOWNLO~1\CnsHook.dll] [国风因特软件（北京）有限公司, 2.5.1.6]
[C:\WINNT\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.7]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 7, 7, 1137]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ysearch.dll] [Yahoo! China, 3, 2, 5, 1030]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 8, 1010]
[C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.9.2006121800]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ydragsearch.dll] [yahoo! china, 3, 0, 4, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll] [Yahoo! China, 3, 1, 7, 1022]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\Program Files\Unlocker\UnlockerCOM.dll] [N/A, N/A]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\PROGRA~1\3721\ske\contmenu.dll] [N/A, N/A]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\ftc\FTCCommenu.dll] [Fygsoft and Microsoft, 3.0.0.71]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrepair.dll] [Yahoo! China, 3, 0, 9, 1012]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasfsks.dll] [Yahoo! China, 2, 1, 3, 89]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yoptimum.dll] [Yahoo! China, 3, 0, 2, 1006]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo, 1, 0, 3, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yXPStyle.dll] [Yahoo! China, 3, 0, 1, 1001]
[C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll] [Nokia, 6, 82, 63, 9]
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] [Nokia, 6, 82, 77, 0]
[C:\Program Files\PC Connectivity Solution\ConnAPI.DLL] [Nokia., 6, 82, 72, 2]
[C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr] [Nokia, 6, 82, 36, 1]
[C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 6, 82, 14, 0]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINNT\system32\Macromed\Flash\Flash9c.ocx] [Adobe Systems, Inc., 9,0,45,0]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll] [Yahoo! China, 3, 0, 5, 1009]
[PID: 1516][C:\Program Files\jj4\jjsvr4.exe] [加加开发组, 4.0.0.20]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1796][C:\WINNT\system32\Rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\WINNT\DOWNLO~1\CnsMinEx.dll] [国风因特软件（北京）有限公司, 2.5.0.4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]

面……包 - 2007-9-17 11:51:00

[PID: 1200][C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe] [Nokia, 6, 82, 70, 4]
[C:\Program Files\PC Connectivity Solution\ConnAPI.DLL] [Nokia., 6, 82, 72, 2]
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] [Nokia, 6, 82, 77, 0]
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSSupportSetup.DLL] [Nokia, 6, 82, 20, 2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\Program Files\PC Connectivity Solution\ConfServer.dll] [Nokia, 6, 82, 31, 0]
[C:\Program Files\Nokia\Nokia PC Suite 6\Lang\LaunchApplication_chi-sc.NLR] [Nokia, 6, 82, 69, 3]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1660][C:\Program Files\Rising\Rav\RavTray.exe] [Rising, 19, 0, 0, 16]
[C:\Program Files\Rising\Rav\RavUILib.dll] [, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RavTray936.dll] [Rising, 19, 0, 0, 16]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\Rav\RsCommx.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\BDEngine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[C:\Program Files\Rising\Rav\BDEX.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 3]
[C:\Program Files\Rising\Rav\BDLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1580][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] [Yahoo! China, 3, 2, 1, 1027]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 7, 7, 1137]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Ynotifier.dll] [yahoo! china, 3, 0, 2, 1002]
[PID: 1924][C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe] [Time Information Services Ltd., 2.00 (526)]
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] [Nokia, 6, 82, 77, 0]
[C:\Program Files\PC Connectivity Solution\ConnAPI.DLL] [Nokia., 6, 82, 72, 2]
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSL.dll] [Nokia, 6, 82, 9, 0]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\Lang\PcSync2_chi-sc.nlr] [Time Information Services Ltd., 9.00 (526)]
[C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\Resource\PcSync2_Nokia.ngr] [Time Information Services Ltd., 9.00 (526)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\PC Connectivity Solution\ConfServer.dll] [Nokia, 6, 82, 31, 0]
[C:\Program Files\Nokia\Nokia PC Suite 6\CommonSelectDevice.dll] [Nokia, 6, 82, 74, 0]
[C:\Program Files\Common Files\Nokia\MPAPI\MPAPIps.dll] [Nokia Corporation, 6.82.73.0]
[C:\Program Files\Common Files\Nokia\Adapters\NclSet.dll] [Nokia, 6.82.9.0]
[C:\Program Files\Common Files\Nokia\Adapters\Nclaeo.dsc] [Nokia Mobile Phones Ltd., 4.00.008]
[PID: 2160][C:\WINNT\system32\ctfmon.exe] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2196][C:\Program Files\PC Connectivity Solution\ServiceLayer.exe] [Nokia., 6, 82, 69, 3]
[C:\Program Files\PC Connectivity Solution\NclTools.dll] [Nokia, 6, 82, 26, 3]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\PC Connectivity Solution\Transports\NCLIrDAMM.dll] [Nokia Corp., 6, 82, 31, 0]
[C:\Program Files\PC Connectivity Solution\Transports\NCLRSMM.dll] [Nokia Corp., 6, 82, 39, 1]
[C:\Program Files\PC Connectivity Solution\Transports\NCLUSBMM.dll] [Nokia Corp., 6, 82, 48, 0]
[C:\Program Files\PC Connectivity Solution\NclDS.dll] [Nokia, 6, 82, 18, 0]
[PID: 2272][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe] [Microsoft Corporation, 2000.080.0194.00]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2308][C:\Program Files\Sina\ddt\DDTDesk.exe] [北京新浪信息技术有限公司, 1, 2, 2, 1]
[C:\Program Files\Sina\ddt\ImageSup.dll] [SRS International, 2.00.0000]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\PROGRA~1\Sina\ddt\ddtinit.dll] [北京新浪信息技术有限公司, 1, 2, 1, 7]
[C:\PROGRA~1\Sina\ddt\DDTUpdate.dll] [北京新浪信息技术有限公司, 1, 2, 1, 1]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\PROGRA~1\Sina\ddt\ddtmail.ocx] [北京新浪信息技术有限公司, 1, 1, 1, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\PROGRA~1\Sina\ddt\DDTcomm.dll] [北京新浪信息技术有限公司, 1, 1, 0, 3]
[PID: 2504][C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe] [Nokia Corporation, 6.82.162.0]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Common Files\Nokia\MPAPI\MPAPIps.dll] [Nokia Corporation, 6.82.73.0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2764][C:\WINNT\system32\conime.exe] [Microsoft Corporation, 5.00.2195.6655]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2864][C:\WINNT\system32\dllhost.exe] [Microsoft Corporation, 5.00.2195.6692]
[PID: 3216][D:\sein\bin070629_wl\poschk.exe] [N/A, N/A]
[D:\sein\bin070629_wl\PBVM70.dll] [Sybase Inc., 7.0.2.8046]
[D:\sein\bin070629_wl\libjcc.dll] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[D:\sein\bin070629_wl\pbdwe70.dll] [Sybase Inc., 7.0.2.8046]
[D:\sein\bin070629_wl\hasppb32.dll] [N/A, N/A]
[D:\sein\bin070629_wl\setrc.dll] [N/A, N/A]
[D:\sein\bin070629_wl\pbODB70.dll] [Sybase Inc., 7.0.2.8046]
[D:\sein\bin070629_wl\pbMSS70.dll] [Sybase Inc., 7.0.2.8046]
[D:\sein\bin070629_wl\seinsrc.dll] [N/A, N/A]
[D:\sein\bin070629_wl\mwrf32.dll] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3444][C:\Program Files\MSN Messenger\msnmsgr.exe] [Microsoft Corporation, 7.0.0816]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINNT\system32\shdocvw32.dll] [Microsoft Corporation, 6.00.3790.2783 ]
[C:\WINNT\system32\msdmo.dll] [N/A, N/A]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 4092][C:\Program Files\Microsoft Office\Office10\WINWORD.EXE] [Microsoft Corporation, 10.0.6826]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\WINNT\DOWNLO~1\CnsHook.dll] [国风因特软件（北京）有限公司, 2.5.1.6]
[C:\Program Files\Rising\Rav\RsPlugIn.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2276][D:\sein\bin070629_wl\ttime.exe] [N/A, N/A]
[D:\sein\bin070629_wl\PBVM70.dll] [Sybase Inc., 7.0.2.8046]
[D:\sein\bin070629_wl\libjcc.dll] [N/A, N/A]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[D:\sein\bin070629_wl\pbdwe70.dll] [Sybase Inc., 7.0.2.8046]
[D:\sein\bin070629_wl\hasppb32.dll] [N/A, N/A]
[D:\sein\bin070629_wl\setrc.dll] [N/A, N/A]
[D:\sein\bin070629_wl\pbODB70.dll] [Sybase Inc., 7.0.2.8046]
[D:\sein\bin070629_wl\pbMSS70.dll] [Sybase Inc., 7.0.2.8046]
[D:\sein\bin070629_wl\seinsrc.dll] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

面……包 - 2007-9-17 11:52:00

[PID: 4712][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\WINNT\DOWNLO~1\CnsHint.dll] [国风因特软件（北京）有限公司, 2.5.0.3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo! China, 3, 0, 3, 1004]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 7, 7, 1137]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\WINNT\system32\shdocvw32.dll] [Microsoft Corporation, 6.00.3790.2783 ]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll] [yahoo! china, 3, 4, 4, 1121]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ysearch.dll] [Yahoo! China, 3, 2, 5, 1030]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 8, 1010]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] [Yahoo! China, 3, 0, 4, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] [Yahoo! China, 3, 0, 5, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] [Yahoo! China, 3, 0, 5, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YSETTI~1.DLL] [yahoo! china, 3, 1, 5, 1026]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ymailp.dll] [Yahoo! China, 3, 0, 6, 1012]
[C:\WINNT\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\WINNT\DOWNLO~1\CnsHook.dll] [国风因特软件（北京）有限公司, 2.5.1.6]
[C:\WINNT\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.7]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.9.2006121800]
[C:\PROGRA~1\Sina\ddt\ddtinit.dll] [北京新浪信息技术有限公司, 1, 2, 1, 7]
[C:\PROGRA~1\Sina\ddt\DDTUpdate.dll] [北京新浪信息技术有限公司, 1, 2, 1, 1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [yahoo! china, 3, 0, 5, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ydragsearch.dll] [yahoo! china, 3, 0, 4, 1006]
[C:\PROGRA~1\Sina\ddt\ddtkillw.ocx] [北京新浪信息技术有限公司, 1, 1, 0, 5]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll] [Yahoo! China, 3, 1, 7, 1022]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINNT\system32\Macromed\Flash\Flash9c.ocx] [Adobe Systems, Inc., 9,0,45,0]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrepair.dll] [Yahoo! China, 3, 0, 9, 1012]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasfsks.dll] [Yahoo! China, 2, 1, 3, 89]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yoptimum.dll] [Yahoo! China, 3, 0, 2, 1006]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo, 1, 0, 3, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yXPStyle.dll] [Yahoo! China, 3, 0, 1, 1001]
[PID: 1692][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 4.0.0.18]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 4284][C:\Program Files\WinRAR\WinRAR.exe] [N/A, N/A]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll] [Nokia, 6, 82, 63, 9]
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] [Nokia, 6, 82, 77, 0]
[C:\Program Files\PC Connectivity Solution\ConnAPI.DLL] [Nokia., 6, 82, 72, 2]
[C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr] [Nokia, 6, 82, 36, 1]
[C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 6, 82, 14, 0]
[PID: 4532][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.640\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [国风因特软件（北京）有限公司, 2.5.1.2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 1, 3, 1031]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll] [Yahoo! China, 3, 2, 1, 1027]
[C:\WINNT\system32\PYJJ4.IME] [加加工作组, 4.0.0.21]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
API HOOK
N/A

==================================

瑞星卡卡安全论坛