baohe斑竹关于昨天下午你的回复

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 baohe斑竹关于昨天下午你的回复

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

123

2 / 3 页

跳转页

健康舞勺狮

帖子:207
注册: 2005-06-23
来自:

发表于： 2006-05-29 17:47 | 只看楼主 短消息资料

字号：小中大 11楼

引用:

【baohe的贴子】【回复“三醉”的帖子】
请贴一个SREng或autoruns的日志看看。
...........................

这2个是软件吧。论坛有下载吗？我去找找

大版主

帖子:72578
注册: 2003-04-10
来自:

发表于： 2006-05-29 17:49 | 短消息资料

字号：小中大 12楼

引用:

【三醉的贴子】还有一个：开机后，SSM进程监控下显示一条：
program files\internet iexplore\iexplore.exe
但是我并未开任何网页
...........................

有木马插入了IE浏览器吧。
鸽子的可能性较大。

三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:	发表于： 2006-05-30 08:59 \| 只看楼主短消息资料字号：小中大 13楼 baohe斑竹以下是日志：
三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:

三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:	发表于： 2006-05-30 09:02 \| 只看楼主短消息资料字号：小中大 14楼 hijackthis日志当前运行的进程： C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINNT\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINNT\Explorer.exe C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Rising\Rfw\rfwmain.exe C:\Program Files\Rising\Rav\RavMon.exe E:\程序\HijackThis1\HijackThis1991汉化版\HijackThis1991zww.exe O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\System32\xunleibho_v5.dll O2 - BHO: Acrobat IE Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINNT\system\ctldlg32.dll O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon O4 - 启动项HKLM\\Run: [RfwMain] C:\Program Files\Rising\Rfw\rfwmain.exe O8 - IE右键菜单中的新增项目： &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm O8 - IE右键菜单中的新增项目： &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getAllurl.htm O8 - IE右键菜单中的新增项目：上传到QQ网络硬盘 - E:\程序\tec\AddToNetDisk.htm O8 - IE右键菜单中的新增项目：导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - IE右键菜单中的新增项目：添加到QQ自定义面板 - E:\程序\tec\AddPanel.htm O8 - IE右键菜单中的新增项目：添加到QQ表情 - E:\程序\tec\AddEmotion.htm O8 - IE右键菜单中的新增项目：用QQ彩信发送该图片 - E:\程序\tec\SendMMS.htm O9 - 浏览器额外的按钮： Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的“工具”菜单项： Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的按钮：易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - 浏览器额外的“工具”菜单项：易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O20 - Winlogon Notify: System Safety Monitor - C:\WINNT\SYSTEM32\SSMWinlogonEx.dll O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:

三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:	发表于： 2006-05-30 09:11 \| 只看楼主短消息资料字号：小中大 15楼 SRENG日志启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <Synchronization Manager><mobsync.exe /logon> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <RfwMain><C:\Program Files\Rising\Rfw\rfwmain.exe> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <Userinit><C:\WINNT\system32\userinit.exe,> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> ================================== 启动文件夹服务 [Logical Disk Manager Administrative Service / dmadmin] <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.> [Rising Personal Firewall Service / RfwService] <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Corporation Limited> [Rising Process Communication Center / RsCCenter] <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [RsRavMon Service / RsRavMon] <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.> ================================== 浏览器加载项 [ThunderIEHelper Class] {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINNT\System32\xunleibho_v5.dll, > [] {06849E9F-C8D7-4D59-B87D-784B7D6BE083} <C:\WINNT\system\ctldlg32.dll, N/A> [@shdoclc.dll,-866] {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A> [易趣购物] {DE60714F-AC17-427e-861A-FD60CBDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=1, N/A> [电台(&R)] {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.> [&使用迅雷下载] <C:\Program Files\Thunder Network\Thunder\geturl.htm, N/A> [&使用迅雷下载全部链接] <C:\Program Files\Thunder Network\Thunder\getAllurl.htm, N/A> [上传到QQ网络硬盘] <E:\程序\tec\AddToNetDisk.htm, N/A> [导出到 Microsoft Excel(&x)] <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A> [添加到QQ自定义面板] <E:\程序\tec\AddPanel.htm, N/A> [添加到QQ表情] <E:\程序\tec\AddEmotion.htm, N/A> [用QQ彩信发送该图片] <E:\程序\tec\SendMMS.htm, N/A> ================================== 正在运行的进程 [PID: 140][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.00.2170.1> [PID: 168][\??\C:\WINNT\system32\csrss.exe] <Microsoft Corporation><5.00.2137.1> [PID: 164][\??\C:\WINNT\system32\winlogon.exe] <Microsoft Corporation><5.00.2182.1> [C:\WINNT\system32\SSMWinlogonEx.dll] <System Safety Limited><2.0.7.570> [PID: 216][C:\WINNT\system32\services.exe] <Microsoft Corporation><5.00.2134.1> [C:\WINNT\system32\dmserver.dll] <VERITAS Software Corp.><2191.1.296.2> [PID: 228][C:\WINNT\system32\lsass.exe] <Microsoft Corporation><5.00.2184.1> [PID: 380][c:\program files\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Corporation Limited><3, 1, 0, 26> [c:\program files\rising\rfw\Rfwdrv.dll] <Beijing Rising Technology Corporation Limited><3, 0, 1, 4> [c:\program files\rising\rfw\rfwrule.dll] <Beijing Rising Technology Corporation Limited><3, 1, 0, 0> [c:\program files\rising\rfw\rfwlog.dll] <Beijing Rising Technology Corporation Limited><3, 1, 0, 2> [PID: 392][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 436][C:\Program Files\Rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3> [PID: 460][C:\Program Files\Rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 19> [C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16> [C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1> [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2> [C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10> [C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [C:\Program Files\Rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18> [C:\Program Files\Rising\Rav\HOOKSYS.dll] <Rising><18, 1, 0, 9> [C:\Program Files\Rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28> [C:\Program Files\Rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10> [C:\Program Files\Rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10> [C:\Program Files\Rising\Rav\regmon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6> [C:\Program Files\Rising\Rav\HookWeb.dll] <rising><18, 0, 0, 1> [C:\Program Files\Rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8> [C:\Program Files\Rising\Rav\expscan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [C:\Program Files\Rising\Rav\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3> [C:\Program Files\Rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5> [C:\Program Files\Rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 6> [C:\Program Files\Rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28> [C:\Program Files\Rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9> [C:\Program Files\Rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11> [C:\Program Files\Rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11> [C:\Program Files\Rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8> [C:\Program Files\Rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7> [C:\Program Files\Rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7> [C:\Program Files\Rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15> [C:\Program Files\Rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3> [C:\Program Files\Rising\Rav\ExtMail.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13> [PID: 496][C:\WINNT\system32\spoolsv.exe] <Microsoft Corporation><5.00.2161.1> [PID: 536][C:\WINNT\System32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 572][C:\WINNT\system32\regsvc.exe] <Microsoft Corporation><5.00.2155.1> [PID: 588][C:\WINNT\system32\MSTask.exe] <Microsoft Corporation><4.71.2137.1> [PID: 652][C:\WINNT\System32\WBEM\WinMgmt.exe] <Microsoft Corporation><1.50.1085.0001> [PID: 796][C:\Program Files\Rising\Rav\RavStub.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13> [C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1> [C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [PID: 1064][C:\WINNT\Explorer.exe] <Microsoft Corporation><5.00.2920.0000> [C:\WINNT\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13> [C:\WINNT\System32\xunleibho_v5.dll] <><4, 3, 3, 30> [C:\WINNT\system\ctldlg32.dll] <N/A><N/A> [PID: 920][C:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22> [C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2> [C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10> [C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1> [PID: 1080][C:\Program Files\Rising\Rfw\rfwmain.exe] <Beijing Rising Technology Corporation Limited><3, 1, 0, 15> [C:\Program Files\Rising\Rfw\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><17, 0, 0, 40> [C:\Program Files\Rising\Rfw\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><17, 0, 0, 17> [C:\Program Files\Rising\Rfw\PngDll.dll] <Rising><17, 0, 0, 2> [PID: 292][C:\Program Files\Rising\Rav\RavMon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 17> [C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24> [C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16> [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2> [C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10> [C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1> [C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5> [PID: 1040][E:\程序\HijackThis1\HijackThis1991汉化版\HijackThis1991zww.exe] <Soeperman Enterprises Ltd.><1.99.0001> [C:\WINNT\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13> [PID: 1392][E:\程序\sreng2\SREng.exe] <Smallfrogs Studio><2.0.12.350> ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINNT\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}]
三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:

三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:	发表于： 2006-05-30 09:14 \| 只看楼主短消息资料字号：小中大 16楼 autoruns日志：HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit + C:\WINNT\system32\userinit.exeUserinit Logon ApplicationMicrosoft Corporationc:\winnt\system32\userinit.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell + Explorer.exeWindows ExplorerMicrosoft Corporationc:\winnt\explorer.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run + RavTaskRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtask.exe + RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Corporation Limitedc:\program files\rising\rfw\rfwmain.exe + Synchronization ManagerMicrosoft Synchronization ManagerMicrosoft Corporationc:\winnt\system32\mobsync.exe HKLM\SOFTWARE\Classes\Protocols\Filter + Class Install HandlerOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + deflateOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + gzipOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + lzdhtmlOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + text/webviewhtmlWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll HKLM\SOFTWARE\Classes\Protocols\Handler + aboutMicrosoft (R) HTML ViewerMicrosoft Corporationc:\winnt\system32\mshtml.dll + cdlOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + cdoMicrosoft SharePoint Portal Server Object ModelMicrosoft Corporationc:\program files\common files\microsoft shared\web folders\pkmcdo.dll + fileOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + ftpOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + gopherOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + httpOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + httpsOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + itsMicrosoft? InfoTech Storage System LibraryMicrosoft Corporationc:\winnt\system32\itss.dll + javascriptMicrosoft (R) HTML ViewerMicrosoft Corporationc:\winnt\system32\mshtml.dll + localOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + mailtoMicrosoft (R) HTML ViewerMicrosoft Corporationc:\winnt\system32\mshtml.dll + mhtmlMicrosoft Internet Messaging APIMicrosoft Corporationc:\winnt\system32\inetcomm.dll + mkOLE32 Extensions for Win32Microsoft Corporationc:\winnt\system32\urlmon.dll + ms-itsMicrosoft? InfoTech Storage System LibraryMicrosoft Corporationc:\winnt\system32\itss.dll + mso-offdapMicrosoft Office XP Web ComponentsMicrosoft Corporationc:\program files\common files\microsoft shared\web components\10\owc10.dll + resMicrosoft (R) HTML ViewerMicrosoft Corporationc:\winnt\system32\mshtml.dll + sysimageMicrosoft (R) HTML ViewerMicrosoft Corporationc:\winnt\system32\mshtml.dll + vbscriptMicrosoft (R) HTML ViewerMicrosoft Corporationc:\winnt\system32\mshtml.dll + vnd.ms.radioWindows Media Player 2 ActiveX ControlMicrosoft Corporationc:\winnt\system32\msdxm.ocx HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components + Address Book 5Outlook Express Setup LibraryMicrosoft Corporationc:\program files\outlook express\setup50.exe + CRLUpdateUPDCRLMicrosoft Corporationc:\winnt\system32\updcrl.exe
三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:

三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:	发表于： 2006-05-30 09:17 \| 只看楼主短消息资料字号：小中大 17楼 + Internet Explorer 6IE 5.0 Per-User Install UtilityMicrosoft Corporationc:\winnt\system32\ie4uinit.exe + Microsoft Outlook Express 6Outlook Express Setup LibraryMicrosoft Corporationc:\program files\outlook express\setup50.exe + Microsoft Windows Media PlayerADVPACKMicrosoft Corporationc:\winnt\system32\advpack.dll + NetMeeting 3.01ADVPACKMicrosoft Corporationc:\winnt\system32\advpack.dll + Windows 桌面更新Microsoft(C) Register ServerMicrosoft Corporationc:\winnt\system32\regsvr32.exe + 自定义浏览器Microsoft Internet Explorer Customization DLLMicrosoft Corporationc:\winnt\system32\iedkcs32.dll HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler + Browseui 预加载程序Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 组件类别缓存程序Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad + Network.ConnectionTrayNetwork Connections ShellMicrosoft Corporationc:\winnt\system32\netshell.dll + SysTraySystray shell service objectMicrosoft Corporationc:\winnt\system32\stobject.dll + WebCheckWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks + Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\winnt\system32\ravext.dll + shell32.dllWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved + .CAB file viewerCabinet File Viewer Shell ExtensionMicrosoft Corporationc:\winnt\system32\cabview.dll + ActiveDesktopWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + ActiveX 高速缓存文件夹Object Control ViewerMicrosoft Corporationc:\winnt\system32\occache.dll + BandProxyShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Briefcase FolderWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + CDF Extension Copy HookShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Channel MenuChannel Definition File ViewerMicrosoft Corporationc:\winnt\system32\cdfview.dll + Channel PropertiesChannel Definition File ViewerMicrosoft Corporationc:\winnt\system32\cdfview.dll + CmdFileIconWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Code Download AgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + ConnectionAgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + Crypto PKO ExtensionCrypto Shell ExtensionsMicrosoft Corporationc:\winnt\system32\cryptext.dll + Crypto Sign ExtensionCrypto Shell ExtensionsMicrosoft Corporationc:\winnt\system32\cryptext.dll + Darwin App PublisherShell Application ManagerMicrosoft Corporationc:\winnt\system32\appwiz.cpl + Directory Context Menu VerbsDirectory Service Common UIMicrosoft Corporationc:\winnt\system32\dsuiext.dll + Directory NamespaceDirectory Service UIMicrosoft Corporationc:\winnt\system32\dsfolder.dll + Directory Object FindDirectory Service FindMicrosoft Corporationc:\winnt\system32\dsquery.dll + Directory Property UIDirectory Service Common UIMicrosoft Corporationc:\winnt\system32\dsuiext.dll + Directory Query UIDirectory Service FindMicrosoft Corporationc:\winnt\system32\dsquery.dll + Directory Start/Search FindDirectory Service FindMicrosoft Corporationc:\winnt\system32\dsquery.dll + Disk Copy ExtensionWindows DiskCopyMicrosoft Corporationc:\winnt\system32\diskcopy.dll + Disk Quota UIWindows Shell Disk Quota UI DLLMicrosoft Corporationc:\winnt\system32\dskquoui.dll + Display Adapter CPL ExtensionAdvanced display adapter propertiesMicrosoft Corporationc:\winnt\system32\deskadp.dll + Display Control Panel HTML ExtensionsWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Display Monitor CPL ExtensionAdvanced display monitor propertiesMicrosoft Corporationc:\winnt\system32\deskmon.dll + Display Panning CPL ExtensionFile not found: deskpan.dll
三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:

三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:	发表于： 2006-05-30 09:18 \| 只看楼主短消息资料字号：小中大 18楼 + Display TroubleShoot CPL ExtensionAdvanced display performance propertiesMicrosoft Corporationc:\winnt\system32\deskperf.dll + DS Security PageDirectory Service Security UIMicrosoft Corporationc:\winnt\system32\dssec.dll + Favorites BandShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + File Property Page ExtensionWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + File Types PageWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Folder Options Property Page ExtensionWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + HTML 缩略图的解压缩程序Thumbnail View ExtensionMicrosoft Corporationc:\winnt\system32\thumbvw.dll + HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\winnt\system32\hticons.dll + ICC 配置文件Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\winnt\system32\icmui.dll + ICM 打印机管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\winnt\system32\icmui.dll + ICM 监视器管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\winnt\system32\icmui.dll + ICM 扫描仪管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\winnt\system32\icmui.dll + IE4 套件初始屏幕Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Installed Apps EnumeratorShell Application ManagerMicrosoft Corporationc:\winnt\system32\appwiz.cpl + InternetShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Internet Name SpaceShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Internet 临时文件Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Internet 临时文件Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + InternetShortcutShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + ISFBand OCShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + IShellFolderBandShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + LNK 文件缩略图接口代理程序Thumbnail View ExtensionMicrosoft Corporationc:\winnt\system32\thumbvw.dll + Microsoft AutoCompleteShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Microsoft Browser ArchitectureShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Microsoft BrowserBandShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Microsoft CopyTo ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Microsoft Internet 工具栏Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Microsoft MoveTo ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Microsoft New Object ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Microsoft Office HTML Icon HandlerMicrosoft Office XP componentMicrosoft Corporationc:\program files\microsoft office\office10\msohev.dll + Microsoft SendTo ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Microsoft Url History 服务Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Microsoft Url 搜索挂接Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Microsoft 多个自动完成列表容器Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Microsoft 历史自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Microsoft 外壳文件夹自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + MIME File Types HookWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + MMC Icon HandlerMMC Shell Extension DLLMicrosoft Corporationc:\winnt\system32\mmcshext.dll + MRU 自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Multimedia File Property SheetControl Panel Drivers AppletMicrosoft Corporationc:\winnt\system32\mmsys.cpl + MyDocs Copy HookMy Documents Folder UIMicrosoft Corporationc:\winnt\system32\mydocs.dll + MyDocs Drop TargetMy Documents Folder UIMicrosoft Corporationc:\winnt\system32\mydocs.dll + MyDocs FolderMy Documents Folder UIMicrosoft Corporationc:\winnt\system32\mydocs.dll + MyDocs PropertiesMy Documents Folder UIMicrosoft Corporationc:\winnt\system32\mydocs.dll + NTFS Security PageSecurity Shell ExtensionMicrosoft Corporationc:\winnt\system32\rshx32.dll + Office 图形筛选器缩略图的解压缩程序Thumbnail View ExtensionMicrosoft Corporationc:\winnt\system32\thumbvw.dll + Offline Files Folder OptionsClient Side Caching UIMicrosoft Corporationc:\winnt\system32\cscui.dll + Offline Files MenuClient Side Caching UIMicrosoft Corporationc:\winnt\system32\cscui.dll + OLE Docfile Property PageOLE DocFile Property PageMicrosoft Corporationc:\winnt\system32\docprop.dll + Open With Context Menu HandlerWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + PlusPack CPL ExtensionEffects Control Panel extensionMicrosoft Corporationc:\winnt\system32\plustab.dll + PostAgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll
三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:

三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:	发表于： 2006-05-30 09:19 \| 只看楼主短消息资料字号：小中大 19楼 + Printers Security PageSecurity Shell ExtensionMicrosoft Corporationc:\winnt\system32\rshx32.dll + RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\winnt\system32\ravext.dll + Search Assistant OCShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Sendmail serviceSend MailMicrosoft Corporationc:\winnt\system32\sendmail.dll + Sendmail serviceSend MailMicrosoft Corporationc:\winnt\system32\sendmail.dll + Shell Application ManagerShell Application ManagerMicrosoft Corporationc:\winnt\system32\appwiz.cpl + Shell Automation Folder ViewWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Shell Automation Inproc ServiceShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Shell Automation ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Shell Band Site MenuShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Shell DocObject ViewerShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + Shell Drag and Drop helperWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Shell extensions for Microsoft Windows Network objectsNetwork object shell UIMicrosoft Corporationc:\winnt\system32\ntlanui2.dll + Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.c:\program files\real\realplayer\rpshell.dll + Shell extensions for sharingShell extensions for sharingMicrosoft Corporationc:\winnt\system32\ntshrui.dll + Shell extensions for sharingShell extensions for sharingMicrosoft Corporationc:\winnt\system32\ntshrui.dll + Shell Favorite FolderWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + Shell properties for a DS objectDirectory Service UIMicrosoft Corporationc:\winnt\system32\dsfolder.dll + Shell Scrap DataHandlerShell scrap object handlerMicrosoft Corporationc:\winnt\system32\shscrap.dll + Subscription MgrWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + Tasks Folder Icon HandlerTask Scheduler interface DLLMicrosoft Corporationc:\winnt\system32\mstask.dll + Tasks Folder Shell ExtensionTask Scheduler interface DLLMicrosoft Corporationc:\winnt\system32\mstask.dll + TrayAgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + TridentImageExtractorShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + Web FoldersMicrosoft Web FoldersMicrosoft Corporationc:\program files\common files\microsoft shared\web folders\msonsext.dll + Web Printer Shell ExtensionPrint UI DLLMicrosoft Corporationc:\winnt\system32\printui.dll + Web 搜索Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + WebCheckWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + WebCheck SyncMgr HandlerWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + WebCheckChannelAgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + WebCheckWebCrawlerWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + Windows Script Host 的外壳扩展Microsoft (r) Shell Extension for Windows Script HostMicrosoft Corporationc:\winnt\system32\wshext.dll + WinRAR shell extensionc:\program files\winrar\rarext.dll + 补充的外壳文件夹Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 补充的外壳文件夹 2Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 菜单条Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 菜单外壳文件夹Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 菜单站点Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 菜单桌面栏Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 窗格中的搜索Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 地址 EditBoxShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 地址(&A)Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 地址条解析程序Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 跟踪弹出栏Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 跟踪外壳菜单Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 公文包Windows BriefcaseMicrosoft Corporationc:\winnt\system32\syncui.dll
三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:

三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:	发表于： 2006-05-30 09:20 \| 只看楼主短消息资料字号：小中大 20楼 + 将加密项添加到资源管理器的上下文菜单中Windows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + 开始菜单Windows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + 可访问的Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 历史记录Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll + 链接(&L)Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 媒体区Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 频道句柄对象Channel Definition File ViewerMicrosoft Corporationc:\winnt\system32\cdfview.dll + 频道快捷方式Channel Definition File ViewerMicrosoft Corporationc:\winnt\system32\cdfview.dll + 频道文件Channel Definition File ViewerMicrosoft Corporationc:\winnt\system32\cdfview.dll + 全局文件夹设置Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 任务计划Task Scheduler interface DLLMicrosoft Corporationc:\winnt\system32\mstask.dll + 搜索区Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 缩略图Thumbnail View ExtensionMicrosoft Corporationc:\winnt\system32\thumbvw.dll + 脱机文件夹Client Side Caching UIMicrosoft Corporationc:\winnt\system32\cscui.dll + 外壳 DeskBarShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 外壳 DeskBarAppShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 外壳 Rebar BandSiteShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 网络和拨号连接Network Connections ShellMicrosoft Corporationc:\winnt\system32\netshell.dll + 微缩图图像Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 文件夹快捷方式Windows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + 我的电脑Windows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + 下载状态Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 已装好的卷Windows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + 用户(&P)...Find PeopleMicrosoft Corporationc:\program files\outlook express\wabfind.dll + 用户帮助Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 预订文件夹Web Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll + 摘要信息缩略图处理程序(DOCFILES)Thumbnail View ExtensionMicrosoft Corporationc:\winnt\system32\thumbvw.dll + 注册数目路选项实用程序Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 自定义 MRU 自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll + 字体Windows Font FolderMicrosoft Corporationc:\winnt\system32\fontext.dll + 浏览器栏Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll HKLM\Software\Classes\Folder\Shellex\ColumnHandlers + Fax Tiff Data Column ProviderFax Tiff Data Column ProviderMicrosoft Corporationc:\winnt\system32\faxshell.dll + ShAVColumnProvider classDocProp2Microsoft Corporationc:\winnt\system32\docprop2.dll + Version Column ProviderDocProp2Microsoft Corporationc:\winnt\system32\docprop2.dll + {0D2E74C4-3C34-11d2-A27E-00C04FC30871}Windows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + {24F14F01-7B1C-11d1-838f-0000F80461CF}Windows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll + {24F14F02-7B1C-11d1-838f-0000F80461CF}Windows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects + ThunderIEHelper Classxunleibho Modulec:\winnt\system32\xunleibho_v5.dll + {06849E9F-C8D7-4D59-B87D-784B7D6BE083}c:\winnt\system\ctldlg32.dll HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
三醉健康舞勺狮帖子:207 注册: 2005-06-23 来自:

<<上一主题|下一主题>>

123

2 / 3 页

跳转页