帮我看看有什么异常？

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛帮我看看有什么异常？

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

2 / 2 页

跳转页

天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆	发表于： 2005-09-04 14:29 \| 短消息资料字号：小中大 11楼 O4 - Startup: taskmgr.lnk = C:\WINNT\ServicePackFiles\i386\taskmgr.exe 这项是你自己设置的那就没问题。没其他异常了吧？去给系统打上所有关键更新
天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆

ranger 初生襁褓狮帖子:46 注册: 2004-12-17 来自:	发表于： 2005-09-04 14:33 \| 只看楼主短消息资料字号：小中大 12楼 Logfile of HijackThis v1.99.1 Scan saved at 14:35:53, on 2005-9-4 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE C:\PROGRAM FILES\RISING\RAV\Ravmond.exe C:\WINNT\system32\MSTask.exe C:\PROGRAM FILES\RISING\RAV\RavStub.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\Explorer.EXE C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\D-Tools\daemon.exe C:\WINNT\system32\ctfmon.exe C:\WINNT\ServicePackFiles\i386\taskmgr.exe c:\program files\rising\rfw\RfwMain.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\PROGRA~1\wnwb2005\wnwb.exe C:\Documents and Settings\Administrator\桌面\hijackthis\HijackThis.exe O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\software\chat\QQIEHelper.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file) O2 - BHO: update wnwb - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\KakaTool.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [DAEMON Tools-2052] "C:\Program Files\D-Tools\daemon.exe" -lang 2052 O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [NMGameX_AutoRun] C:\WINNT\system32\Rundll32.exe nmgamex.dll,LiveProcess /aa O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - Startup: taskmgr.lnk = C:\WINNT\ServicePackFiles\i386\taskmgr.exe O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - F:\software\chat\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - F:\software\chat\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\software\chat\SendMMS.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\software\chat\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\software\chat\QQ.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\software\chat\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\software\chat\QQIEHelper.dll O9 - Extra button: (no name) - {974AD624-EA50-4831-A6C0-3040F6665396} - C:\PROGRA~1\sina\UC\UCddt\rssband.dll (HKCU) O9 - Extra 'Tools' menuitem: 新浪点点通阅读器 - {974AD624-EA50-4831-A6C0-3040F6665396} - C:\PROGRA~1\sina\UC\UCddt\rssband.dll (HKCU) O9 - Extra button: 新浪点点通阅读器 - {F0646DC8-58CD-4C64-8F6B-525043914685} - C:\PROGRA~1\sina\UC\UCddt\rssband.dll (HKCU) O16 - DPF: {0400AC1C-EEF0-4638-A501-31D5A0DC2002} (VTPlug3 Class) - http://202.101.62.195:1995/VTrans.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409 O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/16e9bbe7ea1d16164915/netzip/RdxIE601_cn.cab O16 - DPF: {59CCB4A0-727D-11CF-AC36-00AA00A47DD2} (Timer Object) - http://www.xintv.com/download/ietimer.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1118387517062 O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://202.101.62.195:1995/talk.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7661DA13-5153-49E6-95A6-E28B1D2035D8}: NameServer = 202.101.113.55 202.101.98.55 O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe 这是我现在扫描的日志，再麻烦大哥帮我看看还有没有什么异常的？拜谢！
ranger 初生襁褓狮帖子:46 注册: 2004-12-17 来自:

天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆	发表于： 2005-09-04 14:42 \| 短消息资料字号：小中大 13楼应该没什么了，只是我不知道2000系统任务管理器是C:\WINNT\ServicePackFiles\i386\taskmgr.exe这个路径是否正确
天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆

ranger 初生襁褓狮帖子:46 注册: 2004-12-17 来自:	发表于： 2005-09-04 14:49 \| 只看楼主短消息资料字号：小中大 14楼应该是这个路径的吧？可能装了SP4的缘故吧，谢谢大哥免我重装系统的痛苦，再次拜谢！我修复了那几项，但是那C:\WINNT\system32\mswinsck.exe我没删除，请问这个文件要删掉吗？
ranger 初生襁褓狮帖子:46 注册: 2004-12-17 来自:

大版主

帖子:72578
注册: 2003-04-10
来自:

发表于： 2005-09-04 14:58 | 短消息资料

字号：小中大 15楼

引用:

【ranger的贴子】1:C:\WINNT\system32\mswinsck.exe
是不是系统文件？可以删除吗？
4：那个好象是WIN2000 SP4的目录吧？

我把这两个文件打包了：1.rar
...........................

1、结束病毒进程mswinsck.exe
2、删除病毒文件C:\windows\system32\mswinsck.exe
3、清理注册表：

（1）展开:HKEY_CURRENT_USER\Software\Microsoft\OLE
删除："Microsoft Winsock"="mswinsck.exe"

（2）展开:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
删除："Microsoft Winsock"="mswinsck.exe"

（3）展开:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
删除："Microsoft Winsock"="mswinsck.exe"

（4）展开:HKEY_CURRENT_USER\SYSTEM\CurrentControlSet\Control\Lsa
删除："Microsoft Winsock"="mswinsck.exe"

（5）展开:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole
删除："Microsoft Winsock"="mswinsck.exe"

（6）展开:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
删除："Microsoft Winsock"="mswinsck.exe"

（7）展开:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
删除："Microsoft Winsock"="mswinsck.exe"

（8）展开:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
删除："Microsoft Winsock"="mswinsck.exe"

4、杀毒后，运行WINDOWS UPDATE，打补丁。

独孤豪侠横据古稀狮帖子:11896 注册: 2005-08-10 来自:花果山	发表于： 2005-09-04 15:03 \| 短消息资料字号：小中大 16楼哇，这么麻烦呀。
独孤豪侠横据古稀狮帖子:11896 注册: 2005-08-10 来自:花果山

ranger 初生襁褓狮帖子:46 注册: 2004-12-17 来自:	发表于： 2005-09-04 19:48 \| 只看楼主短消息资料字号：小中大 17楼我快疯了，系统刚打完所有补丁，又来了msusvc.exe和perfhmon.exe这两个病毒，这是不是和我装的sql2000有关系？ Logfile of HijackThis v1.99.1 Scan saved at 19:51:18, on 2005-9-4 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe C:\WINNT\system32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE C:\PROGRAM FILES\RISING\RAV\Ravmond.exe C:\WINNT\system32\MSTask.exe C:\PROGRAM FILES\RISING\RAV\RavStub.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\inetsrv\inetinfo.exe c:\program files\rising\rfw\RfwMain.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\D-Tools\daemon.exe C:\WINNT\system32\ctfmon.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINNT\ServicePackFiles\i386\taskmgr.exe C:\Program Files\联想(北京)有限公司软件事业部\金山词霸.net\xdict.exe C:\WINNT\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Administrator\桌面\安全\HijackThis.exe O1 - Hosts: 128.250.24.84 onlineaccounts2.abbeynational.co.uk O1 - Hosts: 128.250.24.84 www3.aibgbonline.co.uk O1 - Hosts: 128.250.24.84 www.bank.alliance-leicester.co.uk O1 - Hosts: 128.250.24.84 login.iblogin.com O1 - Hosts: 128.250.24.84 ww2.bankofscotlandhalifax-online.co.uk O1 - Hosts: 128.250.24.84 inet.barclays.co.uk O1 - Hosts: 128.250.24.84 iibank.barclays.co.uk O1 - Hosts: 128.250.24.84 iibank.cahoot.com O1 - Hosts: 128.250.24.84 www3.coventrybuildingsociety.co.uk O1 - Hosts: 128.250.24.84 ww.hsbc.co.uk O1 - Hosts: 128.250.24.84 login.ebank.offshore.hsbc.co.je O1 - Hosts: 128.250.24.84 ww3.online-offshore.lloydstsb.com O1 - Hosts: 128.250.24.84 ww3.online-business.lloydstsb.co.uk O1 - Hosts: 128.250.24.84 ww3.online.lloydstsb.co.uk O1 - Hosts: 128.250.24.84 ww3.online.lloydstsb.co.uk O1 - Hosts: 128.250.24.84 ww3.online-business.lloydstsb.co.uk O1 - Hosts: 128.250.24.84 ob2.nationet.com O1 - Hosts: 128.250.24.84 ww3.onlinebanking.natwestoffshore.com O1 - Hosts: 128.250.24.84 ww1.nwolb.com O1 - Hosts: 128.250.24.84 ww1.onlinebanking.iombank.com O1 - Hosts: 128.250.24.84 ww1.www.rbsdigital.com O1 - Hosts: 128.250.24.84 welcome.smile.co.uk O1 - Hosts: 128.250.24.84 login.365online.com O1 - Hosts: 128.250.24.84 wvw.citizensbankonline.com O1 - Hosts: 128.250.24.84 esecure.regionsnet.com O1 - Hosts: 128.250.24.84 rollb.associatedbank.com O1 - Hosts: 128.250.24.84 upb.unionplanters.com O1 - Hosts: 128.250.24.84 www.onlinebanking.huntington.com O1 - Hosts: 128.250.24.84 inet.southtrustonlinebanking.com O1 - Hosts: 128.250.24.84 logon.personal.wamu.com O1 - Hosts: 128.250.24.84 login.compassweb.com O1 - Hosts: 128.250.24.84 logon.firstmeritib.com O1 - Hosts: 128.250.24.84 login.ccfcuonline.org O1 - Hosts: 128.250.24.84 ww3.etimebanker.bankofthewest.com O1 - Hosts: 128.250.24.84 ww2.onlinebanking.lasallebank.com O1 - Hosts: 128.250.24.84 wvw.totallyfreebanking.com O1 - Hosts: 128.250.24.84 www.online.wellsfargo.com O1 - Hosts: 128.250.24.84 www.onlinebanking.bankofoklahoma.com O1 - Hosts: 128.250.24.84 accounts4.keybank.com O1 - Hosts: 128.250.24.84 logon.bankone.com O1 - Hosts: 128.250.24.84 www.secure.tdbanknorth.com O1 - Hosts: 128.250.24.84 www.secure.mvnt4.com O1 - Hosts: 128.250.24.84 ww.mynfbonline.com O1 - Hosts: 128.250.24.84 login.forumcuonline.com O1 - Hosts: 128.250.24.84 www.eds.usersonlnet.com O1 - Hosts: 128.250.24.84 www.onlineid.bankofamerica.com O1 - Hosts: 128.250.24.84 wvw.e-gold.com O1 - Hosts: 128.250.24.84 pcbs.peoples.com O1 - Hosts: 128.250.24.84 www.global1.onlinebank.com O1 - Hosts: 128.250.24.84 ww2.mybranch.lafcu.com O1 - Hosts: 128.250.24.84 login.webbanking.comerica.com O1 - Hosts: 128.250.24.84 web.banking.firsttennessee.com O1 - Hosts: 128.250.24.84 logon.members1st.org O1 - Hosts: 128.250.24.84 www.cib.ibanking-services.com O1 - Hosts: 128.250.24.84 www.miwebbusbank.ebanking-services.com O1 - Hosts: 128.250.24.84 wvw.paypal.com O1 - Hosts: 128.250.24.84 www.signin.ebay.com O1 - Hosts: 128.250.24.84 wvw.etrade.com O1 - Hosts: 128.250.24.84 ww4.fleethomelink.fleet.com O1 - Hosts: 128.250.24.84 ww3.connect.skyfi.com O1 - Hosts: 128.250.24.84 www6.usbank.com O1 - Hosts: 128.250.24.84 www.bvi.bancodevalencia.es O1 - Hosts: 128.250.24.84 extrant.banesto.es O1 - Hosts: 128.250.24.84 banesnt.banesto.es O1 - Hosts: 128.250.24.84 activia.caixagalicia.es O1 - Hosts: 128.250.24.84 www.bancae.caixapenedes.com O1 - Hosts: 128.250.24.84 login.caixasabadell.net O1 - Hosts: 128.250.24.84 oii.cajamadrid.es O1 - Hosts: 128.250.24.84 login.cajamar.es O1 - Hosts: 128.250.24.84 login.ccm.es O1 - Hosts: 128.250.24.84 ww.unicaja.es O1 - Hosts: 128.250.24.84 www5.bancopopular.es O1 - Hosts: 128.250.24.84 ww3.bbvanet.com O1 - Hosts: 128.250.24.84 ww.bayernlb.de O1 - Hosts: 128.250.24.84 ww2.berliner-volksbank.de O1 - Hosts: 128.250.24.84 ww7.homebanking-berlin.de O1 - Hosts: 128.250.24.84 portal09.commerzbanking.de O1 - Hosts: 128.250.24.84 www.meine.deutsche-bank.de O1 - Hosts: 128.250.24.84 ww2.dresdner-privat.de O1 - Hosts: 128.250.24.84 ww.e-banking.helaba.de O1 - Hosts: 128.250.24.84 ww.hsh-nordbank.de O1 - Hosts: 128.250.24.84 www.my.hypovereinsbank.de O1 - Hosts: 128.250.24.84 ww3.homebanking-berlin.de O1 - Hosts: 128.250.24.84 ww3.homebanking-berlin.de O1 - Hosts: 128.250.24.84 www.banking.lbbw.de O1 - Hosts: 128.250.24.84 lrp.sparkasse-banking.de O1 - Hosts: 128.250.24.84 ww3.homebanking-niedersachsen.de O1 - Hosts: 128.250.24.84 www.onlinebanking.norisbank.de O1 - Hosts: 128.250.24.84 www.banking.postbank.de O1 - Hosts: 128.250.24.84 wvw.internetbanking.gad.de O1 - Hosts: 128.250.24.84 ww1.portal.izb.de O1 - Hosts: 128.250.24.84 wvw.kunden-service.lbs.de O1 - Hosts: 128.250.24.84 ibanking.seb.de O1 - Hosts: 128.250.24.84 bw7.sparkasse-banking.de O1 - Hosts: 128.250.24.84 ww2.homebanking-sparkasse.de O1 - Hosts: 128.250.24.84 ww2.vr-networld-ebanking.de O1 - Hosts: 128.250.24.84 ww.bics.fr O1 - Hosts: 128.250.24.84 www.co.caixabank.fr O1 - Hosts: 128.250.24.84 ww.creditmutuel.fr O1 - Hosts: 128.250.24.84 internetbank.intesabci.it O1 - Hosts: 128.250.24.84 ww.extensive.bancalombarda.it O2 - BHO: Microsoft Java Class - {6E28339B-7A2A-47B6-AEB2-46BA53782379} - C:\WINNT\system32\dllcache\java.dll O2 - BHO: update wnwb - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\KakaTool.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [DAEMON Tools-2052] "C:\Program Files\D-Tools\daemon.exe" -lang 2052 O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [NMGameX_AutoRun] C:\WINNT\system32\Rundll32.exe nmgamex.dll,LiveProcess /aa O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - Startup: taskmgr.lnk = C:\WINNT\ServicePackFiles\i386\taskmgr.exe O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - F:\software\chat\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - F:\software\chat\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\software\chat\SendMMS.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra button: (no name) - {974AD624-EA50-4831-A6C0-3040F6665396} - C:\PROGRA~1\sina\UC\UCddt\rssband.dll (HKCU) O9 - Extra 'Tools' menuitem: 新浪点点通阅读器 - {974AD624-EA50-4831-A6C0-3040F6665396} - C:\PROGRA~1\sina\UC\UCddt\rssband.dll (HKCU) O9 - Extra button: 新浪点点通阅读器 - {F0646DC8-58CD-4C64-8F6B-525043914685} - C:\PROGRA~1\sina\UC\UCddt\rssband.dll (HKCU) O16 - DPF: {0400AC1C-EEF0-4638-A501-31D5A0DC2002} (VTPlug3 Class) - http://202.101.62.195:1995/VTrans.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409 O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/16e9bbe7ea1d16164915/netzip/RdxIE601_cn.cab O16 - DPF: {59CCB4A0-727D-11CF-AC36-00AA00A47DD2} (Timer Object) - http://www.xintv.com/download/ietimer.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1118387517062 O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://202.101.62.195:1995/talk.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7661DA13-5153-49E6-95A6-E28B1D2035D8}: NameServer = 202.101.113.55 202.101.98.55 O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
ranger 初生襁褓狮帖子:46 注册: 2004-12-17 来自:

ranger 初生襁褓狮帖子:46 注册: 2004-12-17 来自:	发表于： 2005-09-04 20:25 \| 只看楼主短消息资料字号：小中大 18楼求助！
ranger 初生襁褓狮帖子:46 注册: 2004-12-17 来自:

<<上一主题|下一主题>>

2 / 2 页

跳转页

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 帮我看看有什么异常？

帮我看看有什么异常？

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛帮我看看有什么异常？