瑞星打不开了,请版主帮我看看日志 bbs.ikaka.com

hongjiaen - 2008-5-11 20:22:00

启动项目

<{6A59145F-315D-BC23-AC1F-145DF81A34A6}><C:\WINDOWS\system32\zyzxfime.dll> [N/A]
<{22596546-2036-9451-6058-658402589722}><C:\WINDOWS\system32\opshbbty.dll> [N/A]
<{91698482-6555-3666-1222-954784129019}><C:\WINDOWS\system32\zxptejpg.dll> [N/A]
<{40940F85-F015-14F1-A05F-F69858AC6D04}><C:\WINDOWS\system32\zptlbsys.dll> [N/A]
<{50AF1289-F140-A140-D012-C1458759FC05}><C:\WINDOWS\system32\ypcqdhlp.dll> [N/A]
<{4B1AEF69-DDAE-FDAD-DCAB-698F026ABDB4}><C:\WINDOWS\system32\oohxcbyt.dll> [N/A]
<{47FD640A-158F-48AC-FD14-1597F14A9774}><C:\WINDOWS\system32\mndsdsrv.dll> [N/A]
<{4319A1F1-9410-9654-3201-345FFA349134}><C:\WINDOWS\system32\zywmdime.dll> [N/A]
<{5A041F13-A111-12A3-B0CF-F99818AA68A5}><C:\WINDOWS\system32\zxmsbwin.dll> [N/A]
<{71954FAC-1023-154F-895A-1458258AD817}><C:\WINDOWS\system32\ypdjebmp.dll> [N/A]
<{35671234-7890-ABCD-CDEF-567801237653}><C:\WINDOWS\system32\yxcschlp.dll> [N/A]
<{3C8D1401-A58D-A81C-CD24-A5915C4517C3}><C:\WINDOWS\system32\mnmhcsrv.dll> [N/A]
<{5490415F-65F8-B5C5-D8BA-9405FB120545}><C:\WINDOWS\system32\yzztemsn.dll> [N/A]
<{34FAE856-AD58-20CB-A025-CD4895FA6E43}><C:\WINDOWS\system32\pjjxcdwd.dll> [N/A]
<{4A069845-2036-6084-9054-6087502480A4}><C:\WINDOWS\system32\ozfydbyt.dll> [N/A]
<{35694105-5108-9405-3695-954187462153}><C:\WINDOWS\system32\mpwdcapi.dll> [N/A]
<{428DF602-9541-A985-210A-984A698C6F24}><C:\WINDOWS\system32\ptjhdhlp.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\45fghfd.exe]
<IFEO[45fghfd.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\5784sddfgiaa.exe]
<IFEO[5784sddfgiaa.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\appdllman.exe]
<IFEO[appdllman.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto.exe]
<IFEO[auto.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AutoRun.exe]
<IFEO[AutoRun.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cross.exe]
<IFEO[cross.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dfcxfg.exe]
<IFEO[dfcxfg.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Discovery.exe]
<IFEO[Discovery.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FuckAAAAAAA.exe]
<IFEO[FuckAAAAAAA.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guangd.exe]
<IFEO[guangd.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kernelwind32.exe]
<IFEO[kernelwind32.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\logogo.exe]
<IFEO[logogo.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSetup.exe]
<IFEO[NAVSetup.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pagefile.exe]
<IFEO[pagefile.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pagefile.pif]
<IFEO[pagefile.pif]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit32.Exe]
<IFEO[regedit32.Exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe]
<IFEO[rfwProxy.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDGames.exe]
<IFEO[SDGames.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\servet.exe]
<IFEO[servet.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sos.exe]
<IFEO[sos.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SSDtDiscovery.exe]
<IFEO[SSDtDiscovery.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TNT.Exe]
<IFEO[TNT.Exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TxoMoU.Exe]
<IFEO[TxoMoU.Exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\U.exe]
<IFEO[U.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UFO.exe]
<IFEO[UFO.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\USBoot.exe]
<IFEO[USBoot.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Wsyscheck.exe]
<IFEO[Wsyscheck.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\XP.exe]
<IFEO[XP.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xxxdgfdfg.exe]
<IFEO[xxxdgfdfg.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zxsweep.exe]
<IFEO[zxsweep.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~.exe]
<IFEO[~.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]

==================================
启动文件夹
==================================
服务
[Windows jxeo RunThem / jxeo][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\eszj\ocjt.dll><N/A>
[NetBI0S / NetBI0S][Running/Auto Start]
<C:\WINDOWS\system32\d4761.exe><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
[Portable Media Serial Number Service / WmdmPmSN][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system\mspmsnsv.dll><N/A>
==================================
驱动程序
[CdaC15BA / CdaC15BA][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[inok3z / inok3z2][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\inok3z2.sys><N/A>
[q6g4 / q6g4e][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\q6g4e.sys><N/A>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
<system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
[XNGAnti / XNGAnti][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\ReloadAnti.sys><N/A>
==================================
[]
{4B1AEF69-DDAE-FDAD-DCAB-698F026ABDB4} <C:\WINDOWS\system32\oohxcbyt.dll, N/A>
[]
{50AF1289-F140-A140-D012-C1458759FC05} <C:\WINDOWS\system32\ypcqdhlp.dll, N/A>
[]
{5490415F-65F8-B5C5-D8BA-9405FB120545} <C:\WINDOWS\system32\yzztemsn.dll, N/A>
[]
{5A041F13-A111-12A3-B0CF-F99818AA68A5} <C:\WINDOWS\system32\zxmsbwin.dll, N/A>
[]
{6A59145F-315D-BC23-AC1F-145DF81A34A6} <C:\WINDOWS\system32\zyzxfime.dll, N/A>
[]
{71954FAC-1023-154F-895A-1458258AD817} <C:\WINDOWS\system32\ypdjebmp.dll, N/A>
[Invoke Class]
{77929B3F-50EB-449b-9982-CAD99180EC0F} <C:\WINDOWS\system32\dd41.dll, >
[]
{91698482-6555-3666-1222-954784129019} <C:\WINDOWS\system32\zxptejpg.dll, N/A>
{070CA17A-4BD2-4612-83B4-32B1B9159B47} <C:\PROGRA~1\sina\UCLive\UCLIVE~1.OCX, 北京新浪信息技术有限公司>
[]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[]
{34FAE856-AD58-20CB-A025-CD4895FA6E43} <C:\WINDOWS\system32\pjjxcdwd.dll, N/A>
[]
{35671234-7890-ABCD-CDEF-567801237653} <C:\WINDOWS\system32\yxcschlp.dll, N/A>
[]
{35694105-5108-9405-3695-954187462153} <C:\WINDOWS\system32\mpwdcapi.dll, N/A>
[]
{3C8D1401-A58D-A81C-CD24-A5915C4517C3} <C:\WINDOWS\system32\mnmhcsrv.dll, N/A>
[]
{40940F85-F015-14F1-A05F-F69858AC6D04} <C:\WINDOWS\system32\zptlbsys.dll, N/A>
[]
{428DF602-9541-A985-210A-984A698C6F24} <C:\WINDOWS\system32\ptjhdhlp.dll, N/A>
[]
{4319A1F1-9410-9654-3201-345FFA349134} <C:\WINDOWS\system32\zywmdime.dll, N/A>
[]
{47FD640A-158F-48AC-FD14-1597F14A9774} <C:\WINDOWS\system32\mndsdsrv.dll, N/A>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[]
{4A069845-2036-6084-9054-6087502480A4} <C:\WINDOWS\system32\ozfydbyt.dll, N/A>
[]
{4B1AEF69-DDAE-FDAD-DCAB-698F026ABDB4} <C:\WINDOWS\system32\oohxcbyt.dll, N/A>
[]
{50AF1289-F140-A140-D012-C1458759FC05} <C:\WINDOWS\system32\ypcqdhlp.dll, N/A>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[]
{5490415F-65F8-B5C5-D8BA-9405FB120545} <C:\WINDOWS\system32\yzztemsn.dll, N/A>
[Thunder5下载]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\WINDOWS\ThunderBHONew64.dll, N/A>
[]
{5A041F13-A111-12A3-B0CF-F99818AA68A5} <C:\WINDOWS\system32\zxmsbwin.dll, N/A>
[]
{6A59145F-315D-BC23-AC1F-145DF81A34A6} <C:\WINDOWS\system32\zyzxfime.dll, N/A>
[]
{71954FAC-1023-154F-895A-1458258AD817} <C:\WINDOWS\system32\ypdjebmp.dll, N/A>
以上仅供参考

无敌vip - 2008-5-11 21:22:00

楼主按以下操作:

1. 杀毒前关闭系统还原(Win2000系统可以忽略）：右键我的电脑，属性，系统还原，在所有驱动器上关闭系统还原打勾即可。
清除IE的临时文件：打开IE 点工具-->Internet选项 : Internet临时文件，点“删除文件”按钮，将删除所有脱机内容打勾，点确定删除。
关闭QQ等应用程序。进行如下操作前，请不要进行任何双击打开磁盘的操作。所有下载的工具都直接放桌面上。
2.建议使用XDelBox删除以下文件：(XDelBox1.7下载) http://www.dodudou.com/down/index.php?dirpath=./01.原创软件&order=0
使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入不检查路径，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。
C:\WINDOWS\system32\d4761.exe
C:\WINDOWS\system32\vistaAA.exe
C:\Program Files\Windows NT\colbi.dll
C:\WINDOWS\system32\1d1.dll
C:\WINDOWS\system32\zyzxfime.dll
C:\WINDOWS\system32\opshbbty.dll
C:\WINDOWS\system32\zxptejpg.dll
C:\WINDOWS\system32\ypcqdhlp.dll
C:\WINDOWS\system32\zptlbsys.dll
C:\WINDOWS\system32\mndsdsrv.dll
C:\WINDOWS\system32\oohxcbyt.dll
C:\WINDOWS\system32\zywmdime.dll
C:\WINDOWS\system32\zxmsbwin.dll
C:\WINDOWS\system32\ypdjebmp.dll
C:\WINDOWS\system32\yxcschlp.dll
C:\WINDOWS\system32\mnmhcsrv.dll
C:\WINDOWS\system32\yzztemsn.dll
C:\WINDOWS\system32\pjjxcdwd.dll
C:\WINDOWS\system32\ozfydbyt.dll
C:\WINDOWS\system32\mpwdcapi.dll
C:\WINDOWS\system32\ptjhdhlp.dll

3.删除重启后使用SREng修复下面各项：
SREng详细操作方法： http://hi.baidu.com/peaset/blog/item/3114a7fb17dd19224e4aeadf.html
启动项目－－注册表之如下项删除：

<{6A59145F-315D-BC23-AC1F-145DF81A34A6}><C:\WINDOWS\system32\zyzxfime.dll> [N/A]
<{22596546-2036-9451-6058-658402589722}><C:\WINDOWS\system32\opshbbty.dll> [N/A]
<{91698482-6555-3666-1222-954784129019}><C:\WINDOWS\system32\zxptejpg.dll> [N/A]
<{40940F85-F015-14F1-A05F-F69858AC6D04}><C:\WINDOWS\system32\zptlbsys.dll> [N/A]
<{50AF1289-F140-A140-D012-C1458759FC05}><C:\WINDOWS\system32\ypcqdhlp.dll> [N/A]
<{4B1AEF69-DDAE-FDAD-DCAB-698F026ABDB4}><C:\WINDOWS\system32\oohxcbyt.dll> [N/A]
<{47FD640A-158F-48AC-FD14-1597F14A9774}><C:\WINDOWS\system32\mndsdsrv.dll> [N/A]
<{4319A1F1-9410-9654-3201-345FFA349134}><C:\WINDOWS\system32\zywmdime.dll> [N/A]
<{5A041F13-A111-12A3-B0CF-F99818AA68A5}><C:\WINDOWS\system32\zxmsbwin.dll> [N/A]
<{71954FAC-1023-154F-895A-1458258AD817}><C:\WINDOWS\system32\ypdjebmp.dll> [N/A]
<{35671234-7890-ABCD-CDEF-567801237653}><C:\WINDOWS\system32\yxcschlp.dll> [N/A]
<{3C8D1401-A58D-A81C-CD24-A5915C4517C3}><C:\WINDOWS\system32\mnmhcsrv.dll> [N/A]
<{5490415F-65F8-B5C5-D8BA-9405FB120545}><C:\WINDOWS\system32\yzztemsn.dll> [N/A]
<{34FAE856-AD58-20CB-A025-CD4895FA6E43}><C:\WINDOWS\system32\pjjxcdwd.dll> [N/A]
<{4A069845-2036-6084-9054-6087502480A4}><C:\WINDOWS\system32\ozfydbyt.dll> [N/A]
<{35694105-5108-9405-3695-954187462153}><C:\WINDOWS\system32\mpwdcapi.dll> [N/A]
<{428DF602-9541-A985-210A-984A698C6F24}><C:\WINDOWS\system32\ptjhdhlp.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\45fghfd.exe]
<IFEO[45fghfd.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\5784sddfgiaa.exe]
<IFEO[5784sddfgiaa.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\appdllman.exe]
<IFEO[appdllman.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto.exe]
<IFEO[auto.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AutoRun.exe]
<IFEO[AutoRun.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cross.exe]
<IFEO[cross.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dfcxfg.exe]
<IFEO[dfcxfg.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Discovery.exe]
<IFEO[Discovery.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FuckAAAAAAA.exe]
<IFEO[FuckAAAAAAA.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guangd.exe]
<IFEO[guangd.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kernelwind32.exe]
<IFEO[kernelwind32.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\logogo.exe]
<IFEO[logogo.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSetup.exe]
<IFEO[NAVSetup.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pagefile.exe]
<IFEO[pagefile.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pagefile.pif]
<IFEO[pagefile.pif]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit32.Exe]
<IFEO[regedit32.Exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe]
<IFEO[rfwProxy.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDGames.exe]
<IFEO[SDGames.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\servet.exe]
<IFEO[servet.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sos.exe]
<IFEO[sos.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SSDtDiscovery.exe]
<IFEO[SSDtDiscovery.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TNT.Exe]
<IFEO[TNT.Exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TxoMoU.Exe]
<IFEO[TxoMoU.Exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\U.exe]
<IFEO[U.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UFO.exe]
<IFEO[UFO.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\USBoot.exe]
<IFEO[USBoot.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Wsyscheck.exe]
<IFEO[Wsyscheck.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\XP.exe]
<IFEO[XP.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xxxdgfdfg.exe]
<IFEO[xxxdgfdfg.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zxsweep.exe]
<IFEO[zxsweep.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~.exe]
<IFEO[~.exe]><C:\WINDOWS\system32\vistaAA.exe> [N/A]

启动项目－－服务－－ Win32服务应用程序之如下项删除：

[NetBI0S / NetBI0S][Running/Auto Start]
<C:\WINDOWS\system32\d4761.exe><Microsoft Corporation>

启动项目－－服务－－驱动程序之如下项删除：
[HapDrv32 / HapDrv32][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\hapdrv2.sys><N/A>
[inok3z / inok3z2][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\inok3z2.sys><N/A>
[q6g4 / q6g4e][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\q6g4e.sys><N/A>
[XNGAnti / XNGAnti][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\ReloadAnti.sys><N/A>

系统修复－－　浏览器加载项之如下项删除：
[]
{4B1AEF69-DDAE-FDAD-DCAB-698F026ABDB4} <C:\WINDOWS\system32\oohxcbyt.dll, N/A>
[]
{50AF1289-F140-A140-D012-C1458759FC05} <C:\WINDOWS\system32\ypcqdhlp.dll, N/A>
[]
{5490415F-65F8-B5C5-D8BA-9405FB120545} <C:\WINDOWS\system32\yzztemsn.dll, N/A>
[]
{5A041F13-A111-12A3-B0CF-F99818AA68A5} <C:\WINDOWS\system32\zxmsbwin.dll, N/A>
[]
{6A59145F-315D-BC23-AC1F-145DF81A34A6} <C:\WINDOWS\system32\zyzxfime.dll, N/A>
[]
{71954FAC-1023-154F-895A-1458258AD817} <C:\WINDOWS\system32\ypdjebmp.dll, N/A>
[Invoke Class]
{77929B3F-50EB-449b-9982-CAD99180EC0F} <C:\WINDOWS\system32\dd41.dll, >
[]
{91698482-6555-3666-1222-954784129019} <C:\WINDOWS\system32\zxptejpg.dll, N/A>
[]
{22596546-2036-9451-6058-658402589722} <C:\WINDOWS\system32\opshbbty.dll, N/A>
[]
{34FAE856-AD58-20CB-A025-CD4895FA6E43} <C:\WINDOWS\system32\pjjxcdwd.dll, N/A>
[]
{35671234-7890-ABCD-CDEF-567801237653} <C:\WINDOWS\system32\yxcschlp.dll, N/A>
[]
{35694105-5108-9405-3695-954187462153} <C:\WINDOWS\system32\mpwdcapi.dll, N/A>
[]
{3C8D1401-A58D-A81C-CD24-A5915C4517C3} <C:\WINDOWS\system32\mnmhcsrv.dll, N/A>
[]
{40940F85-F015-14F1-A05F-F69858AC6D04} <C:\WINDOWS\system32\zptlbsys.dll, N/A>
[]
{428DF602-9541-A985-210A-984A698C6F24} <C:\WINDOWS\system32\ptjhdhlp.dll, N/A>
[]
{4319A1F1-9410-9654-3201-345FFA349134} <C:\WINDOWS\system32\zywmdime.dll, N/A>
[]
{47FD640A-158F-48AC-FD14-1597F14A9774} <C:\WINDOWS\system32\mndsdsrv.dll, N/A>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[]
{4A069845-2036-6084-9054-6087502480A4} <C:\WINDOWS\system32\ozfydbyt.dll, N/A>
[]
{4B1AEF69-DDAE-FDAD-DCAB-698F026ABDB4} <C:\WINDOWS\system32\oohxcbyt.dll, N/A>
[]
{50AF1289-F140-A140-D012-C1458759FC05} <C:\WINDOWS\system32\ypcqdhlp.dll, N/A>
[]
{5490415F-65F8-B5C5-D8BA-9405FB120545} <C:\WINDOWS\system32\yzztemsn.dll, N/A>
[]
{5A041F13-A111-12A3-B0CF-F99818AA68A5} <C:\WINDOWS\system32\zxmsbwin.dll, N/A>
[]
{6A59145F-315D-BC23-AC1F-145DF81A34A6} <C:\WINDOWS\system32\zyzxfime.dll, N/A>
[]
{71954FAC-1023-154F-895A-1458258AD817} <C:\WINDOWS\system32\ypdjebmp.dll, N/A>
[Invoke Class]
{77929B3F-50EB-449B-9982-CAD99180EC0F} <C:\WINDOWS\system32\dd41.dll, >
[]
{91698482-6555-3666-1222-954784129019} <C:\WINDOWS\system32\zxptejpg.dll, N/A>

打开 SREng ，依次点击“系统修复”->“HOSTS文件”->重置->确定
引用:
清理系统临时文件和IE临时文件夹
http://www.atribune.org/public-beta/ATF-Cleaner.exe
用金山清理专家清理恶意软件
http://client.download.duba.net/KASSetup_10_1.EXE
下载windows清理助手清理一遍
http://www.arswp.com/download/arswp2/arswp2.zip

宝玉兰 - 2008-5-12 10:16:00

我是菜鸟,看不懂,原以为有了杀软不用愁了,可现在连杀软也病了,太痛苦了!

日不懂啊 - 2008-5-12 10:22:00

他们给出的方法是手工杀毒的流程~

如果你做不来，看不懂，那么可以把系统盘的重要资料备份下，重新安装系统~

或者把硬盘拆下，挂到正常机器作为辅盘。用完好的瑞星杀软清除病毒。
你这个病毒，我在前几天已经上报给瑞星，没记错的话，20.43之后的版本都可以查杀了

风之子0 - 2008-5-12 10:30:00

看我发的帖子，有解决办法，试试吧。

WUHAOJI88 - 2008-5-14 19:34:00

谢谢各位网友,我现在就去试

WUHAOJI88 - 2008-5-14 22:56:00

各位网友,这是我现在的日志,电脑还是有毒,要解压缩后杀毒 [CODE]

2008-05-14,22:16:09

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<DAEMON Tools><"D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033> [(Verified)DAEMON Tools Code Signing Services]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<360Safetray><D:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
<runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and Technology Corporation Limited]
<360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [奇虎网]
<360Antiarp><D:\Program Files\360safe\antiarp\antiarp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
<fmsiocps><C:\WINDOWS\fmsiocps.exe> [N/A]
<LoveHebeAA><C:\WINDOWS\system32\vistaAA.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<77eb><rundll32 "C:\WINDOWS\Downlo~1\77eb.dll",Run> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><msosdohs00.dll,ieprot.dll> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\微软绿~1.SCR> [Microsoft]

WUHAOJI88 - 2008-5-14 22:57:00

各位网友,这是我现在的日志,电脑还是有毒,要解压缩后杀毒
==================================
启动文件夹
N/A

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
<C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[Human Intexxxce Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Windows jxeo RunThem / jxeo][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\eszj\ocjt.dll><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
<"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Portable Media Serial Number Service / WmdmPmSN][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system\mspmsnsv.dll><N/A>
[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>

==================================
驱动程序
[360AntiArp / 360AntiArp][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
[apcdli / apcdli][Running/Auto Start]
<\??\C:\Program Files\Microsoft Office\SYSTEM\apcdli.sys><N/A>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CdaC15BA / CdaC15BA][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[cdawdm / cdawdm][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\CDAWDM.sys><N/A>
[HookCont / HookCont][Running/System Start]
<\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
<\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
<\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
<\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[inok3z / inok3z2][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\inok3z2.sys><N/A>
[msfpfis64 / msfpfis64][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\msosmsfpfis64.sys><N/A>
[DDK PACKET Protocol / Packet][Running/Manual Start]
<system32\DRIVERS\ProtoDrv.sys><360安全中心>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[q6g4 / q6g4e][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\q6g4e.sys><N/A>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
<\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SmartCd / SmartCd][Stopped/Manual Start]
<System32\Drivers\SmartCd.sys><N/A>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[Vinyl AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
<system32\drivers\vinyl97.sys><VIA Technologies, Inc.>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
<system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
<system32\DRIVERS\wudfrd.sys><Microsoft Corporation>

==================================
浏览器加载项
[]
{6490415F-65F8-B5C5-D8BA-9405FB120546} <C:\WINDOWS\system32\yzztfmsn.dll, N/A>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360safe\safemon\safemon.dll, 360.CN>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[台州DVD 免费电影网]
{DD1A363E-7803-4d06-923D-367BEE305F94} <http://Tzdvd.Com, N/A>
[金山快译(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <D:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll, 金山软件股份有限公司>
[ScreenCapture Class]
{BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\WINDOWS\system32\TXGYMailActiveX.dll, Tencent Inc.>
[ULiveCtrl Control]
{070CA17A-4BD2-4612-83B4-32B1B9159B47} <C:\PROGRA~1\sina\UCLive\UCLIVE~1.OCX, 北京新浪信息技术有限公司>
[]
{1D698451-2015-6358-9871-2015987452D1} <C:\WINDOWS\system32\apzhatde.dll, N/A>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Thunder5下载]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\WINDOWS\ThunderBHONew64.dll, N/A>
[]
{6490415F-65F8-B5C5-D8BA-9405FB120546} <C:\WINDOWS\system32\yzztfmsn.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
{6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <D:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll, 金山软件股份有限公司>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\Program Files\360safe\live.dll, 360.cn>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Browser Enhanced Objects]
{986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2079.dll, Hangzhou Travel Inc.>
[WebVGPlayer Class]
{AA899B43-24BD-4B6B-BBD0-45557D8D11E0} <C:\Program Files\TzdvdPlayer\VGPlayer.dll, >
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360safe\safemon\safemon.dll, 360.CN>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[OWSClientMiscApis Class]
{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[OWSBrowserUI Class]
{BDEADE43-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[ScreenCapture Class]
{BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\WINDOWS\system32\TXGYMailActiveX.dll, Tencent Inc.>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[PasswordEditCtrl Class]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[Thunder5下载辅助]
{EA2FCCA9-F44F-43DD-9724-9339950D103C} <C:\WINDOWS\ThunderHelper05.dll, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
<D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 360 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 432 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 456 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 500 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 512 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[PID: 776 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 892 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 984 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\ravmond.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.76]
[C:\PROGRAM FILES\RISING\RAV\BWList.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.4]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[C:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16]
[C:\PROGRAM FILES\RISING\RAV\RsLog.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.34]
[C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\PROGRAM FILES\RISING\RAV\MonRule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.29]
[C:\PROGRAM FILES\RISING\RAV\Hooksys.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]
[C:\PROGRAM FILES\RISING\RAV\HookReg.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
[C:\PROGRAM FILES\RISING\RAV\HookNtos.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
[C:\PROGRAM FILES\RISING\RAV\rswalmon.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
[C:\PROGRAM FILES\RISING\RAV\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]
[C:\PROGRAM FILES\RISING\RAV\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
[C:\PROGRAM FILES\RISING\RAV\ffr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.8]
[C:\PROGRAM FILES\RISING\RAV\HookCont.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
[C:\Program Files\Rising\Rav\fakescan.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.13]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.36]
[C:\PROGRAM FILES\RISING\RAV\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
[C:\PROGRAM FILES\RISING\RAV\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\PROGRAM FILES\RISING\RAV\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.2]
[C:\PROGRAM FILES\RISING\RAV\extfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
[C:\PROGRAM FILES\RISING\RAV\pearc.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
[C:\PROGRAM FILES\RISING\RAV\nvfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
[C:\PROGRAM FILES\RISING\RAV\scanexec.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
[C:\PROGRAM FILES\RISING\RAV\unexe.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[C:\PROGRAM FILES\RISING\RAV\scanex.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 65]
[C:\PROGRAM FILES\RISING\RAV\scanpack.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[C:\PROGRAM FILES\RISING\RAV\revm.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
[C:\PROGRAM FILES\RISING\RAV\urutils.dll] [, 20, 0, 0, 6]
[C:\PROGRAM FILES\RISING\RAV\ur000.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
[C:\PROGRAM FILES\RISING\RAV\scriptci.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\PROGRAM FILES\RISING\RAV\uroutine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
[C:\PROGRAM FILES\RISING\RAV\extmail.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[C:\PROGRAM FILES\RISING\RAV\scansct.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[PID: 1108 / chen][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.0.0.86]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 8.0.0.0]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[D:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\WINDOWS\system32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 1168 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
[C:\WINDOWS\system32\CNMLM3y.DLL] [CANON INC., 1.52.2.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD3y.DLL] [CANON INC., 1.52.2.0]
[PID: 1392 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\RavStub.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.9]
[C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 1548 / chen][D:\Program Files\360safe\safemon\360tray.exe] [奇虎网, 4, 1, 5, 1005]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[D:\Program Files\360safe\safemon\SafeKrnl.dll] [奇虎网, 4, 1, 5, 1004]
[D:\Program Files\360safe\AntiAdwa.dll] [360Safe.com, 4, 1, 5, 1001]
[D:\Program Files\360safe\live.dll] [360.cn, 1, 0, 1, 1027]
[PID: 1556 / chen][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 5.0.0.16]
[C:\Program Files\Rising\AntiSpyware\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]

WUHAOJI88 - 2008-5-14 22:58:00

[PID: 1564 / chen][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.23]
[C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16]
[PID: 1604 / chen][C:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 20.0.01.19]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]
[C:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
[C:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
[C:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16]
[C:\Program Files\Rising\Rav\MonRule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.29]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[C:\Program Files\Rising\Rav\Rsguilib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
[C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 1632 / chen][D:\Program Files\360safe\antiarp\antiarp.exe] [360安全中心, 2, 0, 0, 1008]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[PID: 1744 / chen][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[PID: 1756 / chen][D:\Program Files\DAEMON Tools\daemon.exe] [DT Soft Ltd., 4.09.0.0]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[D:\Program Files\DAEMON Tools\daemon.dll] [DT Soft Ltd., 4.09.1.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll] [, 1.1.3.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\bwtmount.dll] [DT Soft Ltd., 1.00.0.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll] [DT Soft Ltd., 1.10.0.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\cuemount.dll] [DT Soft Ltd., 1.02.0.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\iszmount.dll] [DT Soft Ltd., 1.02.0.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll] [DT Soft Ltd., 1.22.0.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll] [DT Soft Ltd., 1.12.0.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll] [DT Soft Ltd., 1.01.0.0]
[D:\Program Files\DAEMON Tools\Plugins\Images\pfcmount.dll] [DT Soft Ltd., 1.00.0.0]
[D:\Program Files\DAEMON Tools\pfctoc.dll] [Padus(R), Inc., 1, 0, 0, 12]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[PID: 256 / chen][C:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.9]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[PID: 276 / chen][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3424]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[PID: 1080 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision, 4.20.020]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[PID: 1464 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[PID: 1828 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system\mspmsnsv.dll] [N/A, ]
[PID: 2208 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[PID: 2384 / chen][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[PID: 2472 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[PID: 2604 / chen][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[PID: 2740 / chen][I:\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
[I:\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

瑞星卡卡安全论坛