12   1  /  2  页   跳转

看看这是什么毒?总也杀不完!

收藏
wutong10001
头像
初生襁褓狮
  • 帖子:73
  • 注册: 2005-09-14
  • 来自:
发表于: 2006-11-05 17:56 | 只看楼主 短消息 资料
字号: 1楼

看看这是什么毒?总也杀不完!

杀毒显示是:Trojan PSW. zhen...  Trojan DL.Agent...  Trojan DL.VBS.A...HijackThis_zww汉化版扫描日志 V1.99.1
保存于      17:40:47, 日期 2006-11-5
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\system.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\KAV5\KAVSVC.EXE
C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\Sysrem4.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\Sysrem2.exe
C:\WINDOWS\system32\svchost.exe
D:\WEB迅雷\WebThunder.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\ylive.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Rising\Rfw\rfwmain.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\WinRAR.exe
C:\DOCUME~1\a\LOCALS~1\Temp\Rar$EX00.953\HijackThis1991zww.exe

R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\DownLoads\qq\QQIEHelper.dll
O2 - BHO: Router Layer - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - C:\WINDOWS\System32\aclayer.dll (file missing)
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - F:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - C:\PROGRA~1\yisou\yisoub.dll
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - e:\Kingsoft\FastAIT\IEBand.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - IE工具栏增项: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - F:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll
O3 - IE工具栏增项: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\yisou\yisou.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [YLive.exe] ; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [SysExplr] ; D:\SYSEXPLR.EXE
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [WebThunder] ; D:\WEB迅雷\WebThunder.exe
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [xy] C:\WINDOWS\Download\svhost32.exe
O4 - 启动项HKLM\\Run: [rzt] C:\WINDOWS\Intel\rundll32.exe
O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll935359] regsvr32 /s C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - IE右键菜单中的新增项目: !搜一搜(&S) - res://C:\Program Files\yisou\yisou.dll/232
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - D:\Program Files\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - D:\Program Files\getAllurl.htm
O8 - IE右键菜单中的新增项目: Google 搜索(&G) - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\DownLoads\qq\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用Web迅雷下载 - D:\WEB迅雷\GetUrl.htm
O8 - IE右键菜单中的新增项目: 使用Web迅雷下载全部链接 - D:\WEB迅雷\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\DownLoads\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\DownLoads\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\DownLoads\qq\SendMMS.htm
O9 - 浏览器额外的按钮: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - 浏览器额外的“工具”菜单项: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\DownLoads\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\DownLoads\qq\QQ.EXE
O9 - 浏览器额外的按钮: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\DownLoads\qq\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\DownLoads\qq\QQIEHelper.dll
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O11 - Options group: [TBH] 搜搜地址栏搜索
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {C07405FD-84D1-4A25-94E8-68609EA8335B} (iChatX Object) - http://chat.hdt.net.cn/ichatx.dll
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O16 - DPF: {EF6205C1-3F17-4829-BCB5-1336ED89E356} - http://club.jiangmin.com/kvscan/KvDown.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} - http://cache10.itv.mop.com/pCastCtl_1.0.0.87_20060601.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{917F612A-74DE-4731-A932-FC477BF1736F}: NameServer = 202.99.160.68 202.99.166.4
O20 - AppInit_DLLs: 235780M.BMP
O21 - SSODL: CDBurner - {D92D637A-0FB7-412D-A7E8-29340A580F7E} - C:\WINDOWS\Downloaded Program Files\jaasnt.dll (file missing)
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - c:\program files\internet explorer\PLUGINS\nppdf.dll
O23 - NT 服务: Kingsoft AntiVirus Service (KAVSvc) - kingsoft Antivirus - C:\KAV5\KAVSVC.EXE
O23 - NT 服务: P4P Service - Sohu.com Inc. - C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
最后编辑2006-11-06 08:08:08.233000000
分享到:
gototop
 
wutong10001
头像
初生襁褓狮
  • 帖子:73
  • 注册: 2005-09-14
  • 来自:
发表于: 2006-11-05 18:48 | 只看楼主 短消息 资料
字号: 2楼

【而且桌面总是过一回就会出现一个:h4xOr的程序是怎么回事?
gototop
 
水树雨下
头像
横据古稀狮
  • 帖子:8397
  • 注册: 2006-07-26
  • 来自:
发表于: 2006-11-05 18:52 | 短消息 资料
字号: 3楼

修复
O4 - 启动项HKLM\\Run: [xy] C:\WINDOWS\Download\svhost32.exe
O4 - 启动项HKLM\\Run: [rzt] C:\WINDOWS\Intel\rundll32.exe
O20 - AppInit_DLLs: 235780M.BMP
删除
C:\Program Files\Common Files\Microsoft Shared\MSINFO\system.exe
C:\WINDOWS\Download\svhost32.exe
C:\WINDOWS\Intel\rundll32.exe
235780M.BMP
用超级兔子清理流氓软件
gototop
 
wutong10001
头像
初生襁褓狮
  • 帖子:73
  • 注册: 2005-09-14
  • 来自:
发表于: 2006-11-05 19:31 | 只看楼主 短消息 资料
字号: 4楼

不行啊,我在安全模式下删的,可一开机又有了!怎么办啊?】
gototop
 
猪知山
头像
锋芒艾服狮
  • 帖子:1891
  • 注册: 2005-03-11
  • 来自:
发表于: 2006-11-05 19:39 | 短消息 资料
字号: 5楼

请到我的网盘:http://free5.ys168.com/?echowj下载 System Repair Engineer,使用“智能扫描”,勾选“检查进程模块的数字签名”按下“扫描”按钮进行扫描,扫描完成后按下“保存报告”按钮保存报告日志文件(SREng.LOG),把保存的报告日志文件内容复制-粘贴上来
日志一次粘不完,分次粘完,请不要修改。谢谢...
gototop
 
wutong10001
头像
初生襁褓狮
  • 帖子:73
  • 注册: 2005-09-14
  • 来自:
发表于: 2006-11-05 20:14 | 只看楼主 短消息 资料
字号: 6楼

【回复“猪知山”的帖子】
2006-11-05,19:58:31

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [N/A]
    <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [Yahoo! China]
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [Yahoo! China]
    <SysExplr><; D:\SYSEXPLR.EXE>  [N/A]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <WebThunder><; D:\WEB迅雷\WebThunder.exe>  [深圳市迅雷网络技术有限公司]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  [北京三七二一科技有限公司]
    <xy><C:\WINDOWS\Download\svhost32.exe>  [N/A]
    <rzt><C:\WINDOWS\Intel\rundll32.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <NowayHo><C:\Program Files\Common Files\Microsoft Shared\MSINFO\smss.exe>  [N/A]
    <NicePy><C:\Program Files\Common Files\Microsoft Shared\MSINFO\system.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><235780M.BMP>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\Program Files\Internet Explorer\PLUGINS\system16.sys>  [N/A]
    <{9A0CFC58-5A6F-41ba-9FFE-4320F4F62FB1}><C:\WINDOWS\system32\Cnscheck100.dll>  [N/A]
    <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll>  [YAHOO Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <CDBurner><C:\WINDOWS\Downloaded Program Files\jaasnt.dll>  [N/A]
    <AdobePDF><c:\program files\internet explorer\PLUGINS\nppdf.dll>  [N/A]

==================================
启动文件夹
[迅雷4]
  <C:\Documents and Settings\a\「开始」菜单\程序\启动\迅雷4.lnk --> D:\PROGRA~1\Thunder.exe [深圳市迅雷网络技术有限公司]><N>

==================================
服务
N/A

===============================
gototop
 
影子110
头像
叱咤花甲狮
  • 帖子:4210
  • 注册: 2005-04-10
  • 来自:怀黯
发表于: 2006-11-05 20:31 | 短消息 资料
字号: 7楼

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<xy><C:\WINDOWS\Download\svhost32.exe> [N/A]
<rzt><C:\WINDOWS\Intel\rundll32.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<NowayHo><C:\Program Files\Common Files\Microsoft Shared\MSINFO\smss.exe> [N/A]
<NicePy><C:\Program Files\Common Files\Microsoft Shared\MSINFO\system.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><235780M.BMP> [N/A]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\Program Files\Internet Explorer\PLUGINS\system16.sys> [N/A]
<{9A0CFC58-5A6F-41ba-9FFE-4320F4F62FB1}><C:\WINDOWS\system32\Cnscheck100.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<CDBurner><C:\WINDOWS\Downloaded Program Files\jaasnt.dll> [N/A]
<AdobePDF><c:\program files\internet explorer\PLUGINS\nppdf.dll> [N/A]
安全模式下清理上面的项(删除这些项!)
先显示所有
打开 我的电脑》工具》文件夹选项》查看》显示所有文件,不隐藏受保护的操作系统文件》确定

查找并删除下面的~
C:\WINDOWS\Download\svhost32.exe
C:\WINDOWS\Intel\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\smss.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\system.exe

235780M.BMP(这个要搜索下~)
C:\Program Files\Internet Explorer\PLUGINS\system16.sys
C:\WINDOWS\system32\Cnscheck100.dll
C:\WINDOWS\Downloaded Program Files\jaasnt.dll
c:\program files\internet explorer\PLUGINS\nppdf.dll

另,日志没帖全.
gototop
 
wutong10001
头像
初生襁褓狮
  • 帖子:73
  • 注册: 2005-09-14
  • 来自:
发表于: 2006-11-05 20:33 | 只看楼主 短消息 资料
字号: 8楼

驱动程序
[9 / 9]
  <\SystemRoot\system32\drivers\boot00.sys><N/A>
[99 / 99]
  <\SystemRoot\system32\drivers\boot00.sys><N/A>
[ADProt / ADProt]
  <\SystemRoot\system32\drivers\ADProt.sys><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Apaidi / Apaidi]
  <\??\C:\WINDOWS\system32\drivers\Apaidi.sys><N/A>
[BaseTDI / BaseTDI]
  <\??\C:\WINDOWS\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[GPKiller / GPKiller]
  <\SystemRoot\system32\drivers\gpkiller.sys><Yahoo!>
[HookCont / HookCont]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[KWatch2 / KWatch2]
  <\SystemRoot\system32\drivers\KWatch2.sys><Kingsoft Antivirus>
[MEMSCAN / MEMSCAN]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt]
  <\??\D:\DownLoads\qq\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nwlnksipx / nwlnksipx]
  <\??\C:\WINDOWS\system32\drivers\nwlnksipx.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>

==================================
浏览器加载项
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\DownLoads\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Router Layer]
  {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} <C:\WINDOWS\System32\aclayer.dll, N/A>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <F:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[DragSearch BHO]
  {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} <C:\PROGRA~1\yisou\yisoub.dll, >
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\DownLoads\qq\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\DownLoads\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <e:\Kingsoft\FastAIT\IEBand.dll, >
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <F:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[一搜工具条]
  {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} <C:\Program Files\yisou\yisou.dll, 3721>
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
[iChatX Object]
  {C07405FD-84D1-4A25-94E8-68609EA8335B} <C:\WINDOWS\Downloaded Program Files\ichatx.dll, 深圳市东方博雅科技有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\DOWNLO~1\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\WEB迅雷\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[一搜工具条]
  {115F6E46-FCBC-41ED-B3B5-3BDDD4AAB5E5} <C:\Program Files\yisou\yisou.dll, 3721>
[]
  {141BE591-D8F3-4FC5-9AFE-404EFD719088} <C:\WINDOWS\system32\Fvtti.dll, N/A>
[MyIEHelper Class]
  {16A770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IEHelper\IEHelper_8888.dll, Microsoft Corporation>
[]
  {19AACE88-33E2-4812-A096-36769082B0C7} <C:\WINDOWS\system32\Xmvdm.dll, N/A>
[assist]
  {1B0E7716-898E-48CC-9690-4E338E8DE1D3} <C:\Program Files\3721\Assist\assist.dll, >
[RealPlayer SMIL Download Handler]
  {224E833B-2CC6-42D9-AE39-90B6A38A4FA2} <C:\WINDOWS\System32\rmoc3260.dll, RealNetworks, Inc.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[]
  {3B8ECC8D-608E-4AEA-9662-FBC9D048A315} <C:\WINDOWS\system32\Cyklv.dll, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[]
  {423545F1-15C4-40D1-BDFA-928500B3BB03} <C:\WINDOWS\system32\Gbepah.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <F:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[WEBChatRoomOCX Control]
  {448A5F6B-8C03-4B54-A338-F00237C508AD} <E:\UCWEBChatRoom\UCWEBChatRoom.ocx, 北京新浪信息技术有限公司>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\DownLoads\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\Program Files\Yahoo!\Assistant\yalive.dll, yahoo! china>
[Router Layer]
  {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} <C:\WINDOWS\System32\aclayer.dll, N/A>
[KvScan Control]
  {626AEE7D-DC95-4405-8F9E-9FB1EA80AEDE} <C:\WINDOWS\KVSCAN~1\KvKill.ocx, jiangmin>
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[]
  {6668493D-22A5-474D-BAD2-7B09FCC7C4D2} <C:\WINDOWS\system32\Nozc.dll, N/A>
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <e:\Kingsoft\FastAIT\IEBand.dll, >
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <F:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\WEB迅雷\MediaAddin08.dll, Thunder Networking Technologies,LTD>
[AutoLive]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\Program Files\3721\AutoLive.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[LiveMediaOcx Control]
  {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} <D:\新建文~1\QQLive.ocx, Tencent>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[WebVGPlayer Class]
  {AA899B43-24BD-4B6B-BBD0-45557D8D11E0} <C:\PROGRA~1\VIEWGOOD\WEBPLA~1\VGPlayer.dll, >
[YLauncher Class]
  {AC036CB4-328D-4DB4-A707-4147B6C20266} <C:\WINDOWS\system\ephTool.dll, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[3721]
  {B83FC273-3522-4CC6-92EC-75CC86678DA4} <C:\WINDOWS\Downloaded Program Files\CnsMin.dll, 北京三七二一科技有限公司>
[]
  {BC73F0F8-B366-4171-BDCE-FFFCE464A734} <C:\WINDOWS\system32\Gwok.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[iChatX Object]
  {C07405FD-84D1-4A25-94E8-68609EA8335B} <C:\WINDOWS\Downloaded Program Files\ichatx.dll, 深圳市东方博雅科技有限公司>
[]
  {C10575ED-D597-44E6-B41B-4290F49EAA96} <C:\WINDOWS\system32\Demlw.dll, N/A>
[]
  {C1361798-C1D9-4056-89B3-0AA736CEBCF9} <C:\WINDOWS\system32\Glois.dll, N/A>
[]
  {C4A68AA1-0C94-4E0C-ABC7-B82DFDAAD377} <C:\WINDOWS\system32\Tsur.dll, N/A>
[]
  {C509772C-74D1-47FE-918C-0DE5A16001C6} <C:\WINDOWS\system32\Qxjfr.dll, N/A>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\System32\rmoc3260.dll, RealNetworks, Inc.>
[IEDown Class]
  {D0A29C6C-AA71-4423-8C4A-5998B774C448} <C:\WINDOWS\system32\GLIEDown2.dll, 联众公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[Infofo 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, N/A>
[NMChatX Control]
  {D7F0CC2E-FB09-4B38-B9A7-6807CBCD4859} <C:\WINDOWS\system32\NMChatX.ocx, Netmarble>
[]
  {D86B2031-3841-4EB4-909C-1D7EF6B34B77} <C:\WINDOWS\system32\Abtg.dll, N/A>
[]
  {D8805FC7-9472-4332-977B-08CC14507B09} <C:\WINDOWS\system32\Jjhx.dll, N/A>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[LocalLauncher Class]
  {E22BFF56-39F3-11D8-A0C7-000C6E7BB5AB} <C:\WINDOWS\system\BrowserEph.dll, >
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\DOWNLO~1\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[]
  {EE7A2E77-8EEB-44B3-AEF0-0C315B1ACB1B} <C:\WINDOWS\system32\Zxox.dll, N/A>
[DragSearch BHO]
  {EF1D17A9-089F-40CC-8D64-7324CDEBA0DB} <C:\PROGRA~1\yisou\yisoub.dll, >
[]
  {F11B9292-51D2-4FB7-A126-32718B830DC0} <C:\WINDOWS\system32\Rgaz.dll, N/A>
[Cytd Encipherment Memory]
  {F381FC65-D92D-4410-B865-E4E9713994E8} <C:\WINDOWS\cytdcli.dll, N/A>
gototop
 
wutong10001
头像
初生襁褓狮
  • 帖子:73
  • 注册: 2005-09-14
  • 来自:
发表于: 2006-11-05 20:34 | 只看楼主 短消息 资料
字号: 9楼

[完美网译通]
  {F43BD772-ABDD-43B7-A96A-3E9E61946EC0} <C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll, N/A>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[!搜一搜(&S)]
  <res://C:\Program Files\yisou\yisou.dll/232, N/A>
[&使用迅雷下载]
  <D:\Program Files\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\Program Files\getAllurl.htm, N/A>
[Google 搜索(&G)]
  <res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <D:\DownLoads\qq\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <D:\WEB迅雷\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <D:\WEB迅雷\GetAllUrl.htm, N/A>
[使用网际快车下载]
  <D:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <D:\DownLoads\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\DownLoads\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\DownLoads\qq\SendMMS.htm, N/A>

======================
gototop
 
wutong10001
头像
初生襁褓狮
  • 帖子:73
  • 注册: 2005-09-14
  • 来自:
发表于: 2006-11-05 20:35 | 只看楼主 短消息 资料
字号: 10楼

正在运行的进程
[PID: 432][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 480][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 504][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 548][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 560][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 712][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 832][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 952][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1064][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 32]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
    [c:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [c:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[PID: 1240][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[PID: 1540][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll]  [YAHOO Corporation Limited, 3, 0, 0, 1001]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 3, 1021]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 6, 1022]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll]  [Yahoo! China, 3, 0, 1, 1001]
    [F:\ske\contmenu.dll]  [N/A, N/A]
    [D:\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll]  [yahoo! china, 3, 3, 5, 1086]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 1, 1010]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  [Yahoo! China, 3, 0, 4, 1006]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  [yahoo! china, 3, 0, 1, 1001]
    [C:\PROGRA~1\yisou\yisoub.dll]  [, 1, 1, 2, 4]
    [C:\Program Files\3721\Assist\asbar.dll]  [3721, 1, 0, 1, 1001]
[PID: 1680][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 52]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 3, 1021]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 6, 1022]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
[PID: 1692][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll]  [Yahoo! China, 3, 0, 5, 1007]
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll]  [Yahoo! China, 3, 0, 0, 1001]
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll]  [Yahoo! China, 3, 0, 0, 1000]
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll]  [Yahoo! China, 3, 0, 1, 1001]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
[PID: 1700][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.05]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
[PID: 1708][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
[PID: 1748][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 3, 1021]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 6, 1022]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
[PID: 1768][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
[PID: 896][C:\KAV5\KAVSVC.EXE]  [kingsoft Antivirus, 2003, 5, 24, 13]
    [C:\KAV5\SvcComm.DLL]  [kingsoft Antivirus, 2003, 6, 3, 17]
    [C:\KAV5\SvcWatch.DLL]  [kingsoft Antivirus, 2003, 5, 24, 14]
    [C:\KAV5\SvcTimer.DLL]  [, 2003.6.1.15]
    [C:\KAV5\KavComm.dll]  [Kingsoft Corporation, 2003, 6, 1, 17]
    [C:\KAV5\RpcBrge.DLL]  [kingsoft, 2003, 5, 31, 10]
[PID: 924][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1172][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 172][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
[PID: 2708][C:\PROGRA~1\Yahoo!\ASSIST~1\ylive.exe]  [Yahoo! China, 3, 1, 6, 1022]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 6, 1022]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 3, 1021]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\system16.sys]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll]  [yahoo! china, 3, 3, 5, 1086]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 1, 1010]
    [C:\WINDOWS\system32\Cnscheck100.dll]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Ynotifier.dll]  [yahoo! china, 3, 0, 1, 1001]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT