12   1  /  2  页   跳转

尊敬的斑竹,请进来看看!

收藏
qwjjj
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-08-25
  • 来自:
发表于: 2007-05-18 21:10 | 只看楼主 短消息 资料
字号: 1楼

尊敬的斑竹,请进来看看!

斑竹:
    您好!我总觉得自己的计算机中毒了,但始终杀不出来。最近不知为什么microsoft outlook 总是自行启动进行配置。不知为什么?请指教!

Logfile of HijackThis v1.99.1
Scan saved at 20:56:35, on 2007-5-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
d:\Program Files\Rising\Rav\Ravmond.exe
d:\program files\rising\rfw\rfwsrv.exe
d:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
E:\魔界Online_0.53客户端\魔界Online\gc.exe
E:\魔界Online_0.53客户端\魔界Online\gc.exe
D:\Program Files\Rising\Rav\Rav.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
G:\ha_hijackthis_1991\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &使用BitComet下载 - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下载全部链接 - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &使用BitComet下载本页视频 - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\Program Files\浩方对战平台\GameClient.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}? - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}? - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137745490357
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137747423812
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B440D74E-80F6-46C6-B576-FCB507EAD290}: NameServer = 202.96.69.38 202.96.64.68
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - d:\Program Files\MATLAB71\webserver\bin\win32\matlabserver.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\Ravmond.exe

最后编辑2007-05-19 23:24:21
分享到:
gototop
 
agee
头像
飘泊而立狮
  • 帖子:543
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-05-18 21:16 | 短消息 资料
字号: 2楼

用sre扫一个日志吧

下载 System Repair Engineer,
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来,不要修改
日志一次发不完,请分次发上来
gototop
 
qwjjj
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-08-25
  • 来自:
发表于: 2007-05-18 21:40 | 只看楼主 短消息 资料
字号: 3楼

#T0 SecAnalyst 分析报告 版本:0, 3, 2, 42
#操作系统 : Microsoft Windows XP Professional Service Pack 2 (Build 2600) (CHS)
#系统目录 : C:\WINDOWS\system32
#浏览器  : Internet Explorer 6.0.2900.2180
#生成时间 : 2007-5-18 21:26:43

#T2 请把报告贴到安全救援中心bbs.s-sos.net,我们的专家会为你做出诊断,另外,报告中的安全风险值仅仅表示可疑程度。
#Q1 (请在此输入你的电脑遇到的问题和异常情况..)


#O4  危险    自启动:[hkml\software\microsoft\windows\currentversion\run\StormCodec_Helper]-"d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
#O4  警告    自启动:[hkml\software\microsoft\windows\currentversion\run\SoundMan]-SOUNDMAN.EXE
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\RISING]-c:\windows\system32\ravext.dll
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\explorer\shellexecutehooks\Rising Execute File Exts hook]-c:\windows\system32\ravext.dll
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\WinRAR shell extension]-d:\program files\winrar\rarext.dll
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\The Core Media Player Shell Extension]-d:\progra~1\coreco~1\thecor~1\system\coresh~1.cll
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\run\RavTask]-"d:\Program Files\Rising\Rav\RavTask.exe" -system
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\run\RfwMain]-"d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\Display Panning CPL Extension]-deskpan.dll [file not found]
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\Microsoft Outlook Custom Icon Handler]-d:\progra~1\micros~1\office\olkfstub.dll



#O2  警告    BHO: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
#O2  低风险  BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
#O2  低风险  BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - [file not found]

#O3  低风险  Toolbar: {3F1ABCDB-A875-46c1-8345-B72A4567E486} - BitComet工具栏 - [file not found]

#M0  警告    DLL:C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
#M0  警告    DLL:D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
#M0  低风险  DLL:D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
#M0  低风险  DLL:d:\Program Files\Rising\Rav\RavScrCh.dll

#P0  警告    进程:c:\windows\soundman.exe
#P0  低风险  进程:d:\program files\rising\rfw\rfwmain.exe
#P0  低风险  进程:d:\program files\bitcomet\bitcomet.exe

#S0  危险    NT 服务: matlabserver - 启动方式: 自动 - 当前状态: 已停止 - d:\Program Files\MATLAB71\webserver\bin\win32\matlabserver.exe
#S0  危险    NT 服务: RfwService - 启动方式: 自动 - 当前状态: 已启动 - d:\program files\rising\rfw\rfwsrv.exe
#S0  警告    NT 服务: RsRavMon - 启动方式: 自动 - 当前状态: 已启动 - "d:\Program Files\Rising\Rav\Ravmond.exe"


#O18 警告    Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll

您的电脑整体安全风险为中(40分),请尽快咨询安全专家,协助处理!
gototop
 
qwjjj
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-08-25
  • 来自:
发表于: 2007-05-19 07:40 | 只看楼主 短消息 资料
字号: 4楼

自己顶一下!
gototop
 
qwjjj
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-08-25
  • 来自:
发表于: 2007-05-19 07:41 | 只看楼主 短消息 资料
字号: 5楼

我再顶!
gototop
 
天月来了
头像
版主
  • 帖子:76904
  • 注册: 2007-02-06
  • 来自:
发表于: 2007-05-19 07:49 | 短消息 资料
字号: 6楼

不要顶了,再去扫SRENG日志。
gototop
 
qwjjj
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-08-25
  • 来自:
发表于: 2007-05-19 09:53 | 只看楼主 短消息 资料
字号: 7楼

#T0 SecAnalyst 分析报告 版本:0, 3, 2, 42
#操作系统 : Microsoft Windows XP Professional Service Pack 2 (Build 2600) (CHS)
#系统目录 : C:\WINDOWS\system32
#浏览器  : Internet Explorer 6.0.2900.2180
#生成时间 : 2007-5-19 9:40:3

#T2 请把报告贴到安全救援中心bbs.s-sos.net,我们的专家会为你做出诊断,另外,报告中的安全风险值仅仅表示可疑程度。
#Q1 (请在此输入你的电脑遇到的问题和异常情况..)


#O4  危险    自启动:[hkml\software\microsoft\windows\currentversion\run\StormCodec_Helper]-"d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
#O4  警告    自启动:[hkml\software\microsoft\windows\currentversion\run\SoundMan]-SOUNDMAN.EXE
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\RISING]-c:\windows\system32\ravext.dll
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\explorer\shellexecutehooks\Rising Execute File Exts hook]-c:\windows\system32\ravext.dll
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\WinRAR shell extension]-d:\program files\winrar\rarext.dll
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\The Core Media Player Shell Extension]-d:\progra~1\coreco~1\thecor~1\system\coresh~1.cll
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\run\RavTask]-"d:\Program Files\Rising\Rav\RavTask.exe" -system
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\run\RfwMain]-"d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\Display Panning CPL Extension]-deskpan.dll [file not found]
#O4  低风险  自启动:[hkml\software\microsoft\windows\currentversion\shell extensions\approved\Microsoft Outlook Custom Icon Handler]-d:\progra~1\micros~1\office\olkfstub.dll



#O2  警告    BHO: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
#O2  低风险  BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
#O2  低风险  BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - [file not found]

#O3  低风险  Toolbar: {3F1ABCDB-A875-46c1-8345-B72A4567E486} - BitComet工具栏 - [file not found]

#M0  警告    DLL:C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
#M0  警告    DLL:D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
#M0  低风险  DLL:D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
#M0  低风险  DLL:d:\Program Files\Rising\Rav\RavScrCh.dll
#M0  低风险  DLL:d:\Program Files\Rising\Rav\RSCOMMON.DLL

#P0  警告    进程:c:\windows\soundman.exe
#P0  低风险  进程:d:\program files\rising\rfw\rfwmain.exe

#S0  危险    NT 服务: matlabserver - 启动方式: 自动 - 当前状态: 已停止 - d:\Program Files\MATLAB71\webserver\bin\win32\matlabserver.exe
#S0  危险    NT 服务: RfwService - 启动方式: 自动 - 当前状态: 已启动 - d:\program files\rising\rfw\rfwsrv.exe
#S0  警告    NT 服务: RsRavMon - 启动方式: 自动 - 当前状态: 已启动 - "d:\Program Files\Rising\Rav\Ravmond.exe"


#O18 警告    Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll

您的电脑整体安全风险为中(40分),请尽快咨询安全专家,协助处理!
gototop
 
天月来了
头像
版主
  • 帖子:76904
  • 注册: 2007-02-06
  • 来自:
发表于: 2007-05-19 10:22 | 短消息 资料
字号: 8楼

下载 System Repair Engineer,
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来,不要修改
日志一次发不完,请分次发上来


就这汉字表述的还不够吗?
gototop
 
qwjjj
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-08-25
  • 来自:
发表于: 2007-05-19 11:56 | 只看楼主 短消息 资料
字号: 9楼

[CODE]

2007-05-19,11:42:44

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <RavTask><"d:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <StormCodec_Helper><"d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
gototop
 
qwjjj
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-08-25
  • 来自:
发表于: 2007-05-19 11:57 | 只看楼主 短消息 资料
字号: 10楼

==================================
启动文件夹
N/A

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MATLAB Server / matlabserver][Stopped/Auto Start]
  <d:\Program Files\MATLAB71\webserver\bin\win32\matlabserver.exe><N/A>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"d:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"d:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\d:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\G:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 4.x) / sfsync04][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfsync04.sys><Protection Technology>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT