哪位大虾帮我看看我的电脑怎么了？？ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛哪位大虾帮我看看我的电脑怎么了？？

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

哪位大虾帮我看看我的电脑怎么了？？

zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:	发表于： 2008-05-05 09:26 \| 只看楼主短消息资料字号：小中大 1楼哪位大虾帮我看看我的电脑怎么了？？ [CODE] 2008-05-05,08:55:16 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <bgswitch><C:\WINDOWS\system32\bgswitch.exe> [] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation] <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A] <StormCodec_Helper><"d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [] <RavTask><"d:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and Technology Corporation Limited] <nwiz><nwiz.exe /install> [(Verified)Microsoft Windows Publisher] <runeip><"d:\Program Files\Rising\KakaToolBar\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.] <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.] <fmsiocps><C:\WINDOWS\fmsiocps.exe> [N/A] <dionpis><C:\WINDOWS\dionpis.exe> [N/A] <dbhlp32><C:\WINDOWS\dbhlp32.exe> [N/A] <WINSvr64><C:\WINDOWS\WINSvr64.exe> [N/A] <anistio><C:\WINDOWS\anistio.exE> [N/A] <hyknpwzw><C:\WINDOWS\ynwwqtjc.exe> [N/A] <Knight V><> [N/A] <WinSysM><C:\WINDOWS\75976M.exe> [N/A] <bincdwsa><C:\WINDOWS\bincdwsa.exe> [] <fmsjhif><C:\WINDOWS\fmsjhif.exe> [] <fmsbbqi><C:\WINDOWS\fmsbbqi.exe> [] <dndsioc><C:\WINDOWS\dndsioc.exe> [] <mfchlp64><C:\WINDOWS\mfchlp64.exe> [] <yuiabct><C:\WINDOWS\yuiabct.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <KKDelay><D:\Program Files\Rising\KakaToolBar\RunOnce.exe> [Beijing Rising Technology Co., Ltd.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher] <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><ieprot.dll,msosmhfp00.dll,msosdohs01.dll,msosping00.dll> [Beijing Rising Technology Co., Ltd.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [(Verified)Beijing Rising Science and Technology Corporation Limited] <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\system32\sgrefg.dll> [N/A] <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\system32\zjydcx.dll> [] <{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\system32\hhrdxd.dll> [] <{841529CB-7F77-4B99-A895-B5441E0D302F}><C:\WINDOWS\system32\jfrwdh.dll> [N/A] <{F99DEFDD-200B-4410-B572-E90883D527D2}><C:\WINDOWS\system32\wrqszl.dll> [N/A] <{40AF1289-F140-A140-D012-C1458759FC04}><C:\WINDOWS\system32\ypcqchlp.dll> [N/A] <{84143967-B645-4BFF-B873-DA1DC886E9A7}><C:\WINDOWS\system32\cedafb.dll> [N/A] <{B29583D8-033A-4B9F-8553-7C5458F3FB8E}><C:\WINDOWS\system32\jdsaex.dll> [] <{1DB3C525-5271-46F7-887A-D4E1ADAA7632}><C:\WINDOWS\system32\hfrdzx.dll> [N/A] <{EB71E0B3-E97D-4D30-8733-E28266467617}><C:\WINDOWS\system32\wyhesm.dll> [N/A] <{28EB3777-3E23-4E72-8449-A992D09D24C3}><C:\WINDOWS\system32\zgfdet.dll> [N/A] <{25671234-7890-ABCD-CDEF-567801237652}><C:\WINDOWS\system32\yxcsbhlp.dll> [N/A] <{2A698102-5904-AFD0-20DF-CD1A65829CA2}><C:\WINDOWS\system32\zycbbime.dll> [N/A] <{3319A1F1-9410-9654-3201-345FFA349133}><C:\WINDOWS\system32\zywmcime.dll> [N/A] <{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}><C:\WINDOWS\system32\wyrsdj.dll> [] <{48074740-A5D7-4EFC-8949-971003C5BE3C}><C:\WINDOWS\system32\hmuyhx.dll> [N/A] <{AA1A5CFB-22EA-4D08-87C1-E474E70FB37C}><C:\WINDOWS\system32\foogls.dll> [N/A] <{DC3D30AE-0380-4151-8934-EE98A34B0370}><C:\WINDOWS\system32\mfdesy.dll> [N/A] <{C0595A7E-2E2F-4B34-A83A-019270A0A464}><C:\WINDOWS\system32\tdffdl.dll> [] <{0D20FFFF-9EEE-4994-9A2B-861290887E28}><C:\WINDOWS\system32\seprhg.dll> [] <{6BBAA1E6-CF54-4139-AB9C-8491A9F909D7}><C:\WINDOWS\system32\wfrdvq.dll> [] <{5fd0c12b-da0b-4446-82fd-b8041a46492b}><C:\WINDOWS\system32\ttDXYDXY1014.dll> [] <{6E6CA8A1-81BC-4707-A54C-F4903DD70BAD}><C:\WINDOWS\system32\zgxfdx.dll> [] <{7FA4A83B-F99A-4bfc-A8E2-6A62B05D2C82}><C:\WINDOWS\TEMP\dat9.tmp> [] <{3cc67dc4-e953-4b2f-ae22-fcb4dcc3903a}><C:\WINDOWS\system32\ttNNBNNB1056.dll> [] <{a580305f-b902-4723-ac26-06e4cb4279a5}><C:\WINDOWS\system32\ttHADHAD1071.dll> [] <{7914E0AA-ECCB-4311-B584-C49538227824}><C:\WINDOWS\system32\jhfrxz.dll> [] <{0E26E4B5-2634-4FEF-B9CA-8F57969134E0}><C:\WINDOWS\system32\hikadx.dll> [] <{5E907A48-400E-4EA8-9792-FFAE052D59E9}><C:\WINDOWS\system32\pedadt.dll> [] <{E4360774-E6E2-45FC-B4A6-7341A6BF8D89}><C:\WINDOWS\system32\jgnomr.dll> [] <{C36ECF8F-EAD9-44BD-8DD0-C4240A06F51C}><C:\WINDOWS\system32\sqavpw0.dll> [] <{875E07B1-0614-43D9-A76E-D76A28AB3D7B}><C:\WINDOWS\system32\tfsdmz.dll> [] <{3E387664-C799-4D62-B196-25776EF35C51}><C:\WINDOWS\system32\mxavpw0.dll> [] <{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}><C:\WINDOWS\system32\fsrgeb.dll> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <WPDShServiceObj><?{AAA288BA-9A4C-45B0-95D7-94D524869DB5}> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Beijing Rising Science and Technology Corporation Limited] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] ================================== 启动文件夹 N/A ================================== 服务 [A542E9B5 / A542E9B5][Stopped/Auto Start] <C:\WINDOWS\system32\69CC5417.EXE -d><N/A> [BoBoTurbo / BoBoTurbo][Running/Auto Start] <C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe><广州易播信息科技有限公司> [Human Intexxxce Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [MATLAB Server / matlabserver][Stopped/Manual Start] <d:\matlab6.5\webserver\bin\win32\matlabserver.exe><N/A> [NVIDIA Driver Helper Service / NVSvc][Running/Auto Start] <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation> [P4P Service / P4P Service][Stopped/Disabled] <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.> [Rising Process Communication Center / RsCCenter][Stopped/Auto Start] <"d:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"D:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.> ================================== 驱动程序 [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start] <system32\drivers\ac97intc.sys><Intel Corporation> [dohs / dohs][Stopped/Auto Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\tmpC.tmp><N/A> [D-Link DFE-530TX PCI Fast Ethernet Adapter Driver / FETNDIS][Running/Manual Start] <system32\DRIVERS\dlkfet5b.sys><D-Link> [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd> [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd> [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd> [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd> [mhfp / mhfp][Stopped/Auto Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\tmpA.tmp><N/A> [mnsf / mnsf][Stopped/Auto Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\tmp14.tmp><N/A> [msfpfis64 / msfpfis64][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\msosmsfpfis64.sys><N/A> [msp2p32 / msp2p32][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\msosmsp2p32.sys><N/A> [npkcrypt / npkcrypt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkcrypt.sys><N/A> [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkycryp.sys><N/A> [nv / nv][Running/Manual Start] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [oamind / oamind][Running/Boot Start] <\SystemRoot\\SystemRoot\System32\drivers\oamind.sys><N/A> [oreans32 / oreans32][Running/System Start] <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A> [Phyhd / Phyhd][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\Phyhd.sys><N/A> [ping / ping][Stopped/Auto Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\tmp16.tmp><N/A> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [QuakeDRV / QuakeDRV][Running/Boot Start] <\SystemRoot\system32\DRIVERS\quakedrv.sys><N/A> [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><N/A> [sys_flt / sys_flt][Stopped/Manual Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\~15.tmp><N/A> [NEC WMC Portable Phone Composite Device driver (WDM) / tfwnbus][Stopped/Manual Start] <system32\DRIVERS\tfwnbus.sys><MCCI> [NEC WMC Portable Phone Modem Filter / tfwnmdfl][Stopped/Manual Start] <system32\DRIVERS\tfwnmdfl.sys><MCCI> [NEC WMC Portable Phone Modem Drivers / tfwnmdm][Stopped/Manual Start] <system32\DRIVERS\tfwnmdm.sys><MCCI> [TQAT_Hooker By FZH / TQAT][Stopped/Manual Start] <\??\E:\huang\war3\my1.0\TQAT\tqat.sys><N/A> ================================== 浏览器加载项 [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD> [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD> [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, > [] {25671234-7890-ABCD-CDEF-567801237652} <C:\WINDOWS\system32\yxcsbhlp.dll, N/A> [] {2A698102-5904-AFD0-20DF-CD1A65829CA2} <C:\WINDOWS\system32\zycbbime.dll, N/A> [] {3319A1F1-9410-9654-3201-345FFA349133} <C:\WINDOWS\system32\zywmcime.dll, N/A> [] {40AF1289-F140-A140-D012-C1458759FC04} <C:\WINDOWS\system32\ypcqchlp.dll, N/A> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD> [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <d:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD> [浩方对战平台] {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\Program Files\浩方对战平台\GameClient.exe, N/A> [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation> [PPLive] {95B3F550-91C4-4627-BCC4-521288C52977} <D:\Program Files\PPLive\PPLive.exe, N/A> 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:	分享到：

zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:	发表于： 2008-05-05 09:26 \| 只看楼主短消息资料字号：小中大 2楼回复：哪位大虾帮我看看我的电脑怎么了？？ [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.> [MMCPlayer Class] {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.> [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, > [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, > [QQChatInstallerHelper Class] {C4DC211B-EDED-4EE1-9821-48E807DAF121} <C:\WINDOWS\system32\QQChatInstaller.dll, TODO: <Company name>> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.> [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司> [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD> [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD> [WebThunder Class] {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A> [ActiveMovieControl Object] {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation> [MMCPlayer Class] {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.> [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, > [GerneralPeerID Class] {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <d:\Program Files\Thunder Network\Thunder\Components\InMedia\peerid.dll, > [PeerDraw Class] {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation> [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation> [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A> [] {25671234-7890-ABCD-CDEF-567801237652} <C:\WINDOWS\system32\yxcsbhlp.dll, N/A> [] {2A698102-5904-AFD0-20DF-CD1A65829CA2} <C:\WINDOWS\system32\zycbbime.dll, N/A> [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation> [WebThunder DapPlayer] {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <d:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.41.65.184.dll, ShenZhen Thunder Networking Technologies Ltd.> [RealPlayer RAM Download Handler] {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.> [] {3319A1F1-9410-9654-3201-345FFA349133} <C:\WINDOWS\system32\zywmcime.dll, N/A> [Tabular Data Control] {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation> [IETag Factory] {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation> [] {40AF1289-F140-A140-D012-C1458759FC04} <C:\WINDOWS\system32\ypcqchlp.dll, N/A> [Microsoft Office Control] {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <D:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, Microsoft Corporation> [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A> [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD> [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation> [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A> [PowerPlayer Control] {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <d:\PROGRA~1\PPStream\POWERP~1.DLL, PPStream Inc.> [] {6167F471-EF2B-41DD-A5E5-C26ACDB5C096} <C:\Program Files\Internet Explorer\PLUGINS\WinSys8k.Sys, N/A> [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation> [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, > [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, > [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, > [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <d:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin16.dll, Thunder Networking Technologies,LTD> [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD> [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, > [RMGetLicense Class] {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation> [Thunder DapCtrl] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\DapCtrl1.5.578.28.551.dll, ShenZhen Thunder Networking Technologies Ltd.> [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [Messenger Object] {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation> [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\system\msadc\msadco.dll, Microsoft Corporation> [Adobe Acrobat Control for ActiveX] {CA8A9780-280D-11CF-A24D-444553540000} <d:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\pdf.ocx, Adobe Systems Incorporated> [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.> [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.> [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司> [BoBoControl Class] {EC0978ED-24E3-403C-AB7A-060E388553E6} <C:\WINDOWS\system32\BoBo_ActiveX_V3.ocx, 广州易播信息科技有限公司> [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <d:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.578.69.551.dll, ShenZhen Thunder Networking Technologies Ltd.> [Thunder DapCtrl] {EF1EA76E-5428-4e40-85A1-D4DD2893183A} <d:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapCtrl1.3.17.20.184.dll, ShenZhen Thunder Networking Technologies Ltd.> [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder> [Messenger Application] {FB7199AB-79BF-11D2-8D94-0000F875C541} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation> [使用Web迅雷下载] <d:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A> [使用WEB迅雷下载全部链接] <d:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A> [使用迅雷下载] <D:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A> [使用迅雷下载全部链接] <D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A> [导出到 Microsoft Office Excel(&X)] <res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> [添加到QQ表情] <D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A> ================================== 正在运行的进程 [PID: 584 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 652 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 676 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [C:\WINDOWS\TEMP\dat9.tmp] [, 1, 0, 0, 1] [PID: 736 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\cdfview.dll] [N/A, ] [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 748 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 912 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 992 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 1136 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 1200 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 1320 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 1568 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0] [PID: 1888 / SYSTEM][C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe] [广州易播信息科技有限公司, 1, 4, 1011, 2] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [PID: 256 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.13.10.4072] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [PID: 1656 / zuozuo][C:\WINDOWS\svchost.exe] [Microsoft Corporation, 6, 0, 2900, 2180] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\ttDXYDXY1014.dll] [N/A, ] [C:\WINDOWS\TEMP\dat9.tmp] [, 1, 0, 0, 1] [C:\WINDOWS\system32\ttNNBNNB1056.dll] [N/A, ] [C:\WINDOWS\system32\ttHADHAD1071.dll] [N/A, ] [C:\WINDOWS\system32\sqavpw0.dll] [N/A, ] [C:\WINDOWS\system32\mxavpw0.dll] [N/A, ] [C:\WINDOWS\system32\zgxfdx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\seprhg.dll] [N/A, ] [C:\WINDOWS\system32\tdffdl.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\zjydcx.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\tfsdmz.dll] [N/A, ] [C:\WINDOWS\system32\jgnomr.dll] [N/A, ] [C:\WINDOWS\system32\pedadt.dll] [N/A, ] [C:\WINDOWS\system32\hikadx.dll] [N/A, ] [C:\WINDOWS\system32\jhfrxz.dll] [N/A, ] [PID: 1736 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\System32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\System32\msosping00.dll] [N/A, ] [PID: 576 / zuozuo][C:\WINDOWS\system32\Explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\913CE8B0.DLL] [, ] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17] [C:\WINDOWS\system32\zjydcx.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\tdffdl.dll] [N/A, ] [C:\WINDOWS\system32\seprhg.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\ttDXYDXY1014.dll] [N/A, ] [C:\WINDOWS\system32\zgxfdx.dll] [N/A, ] [C:\WINDOWS\TEMP\dat9.tmp] [, 1, 0, 0, 1] [C:\WINDOWS\system32\ttNNBNNB1056.dll] [N/A, ] [C:\WINDOWS\system32\ttHADHAD1071.dll] [N/A, ] [C:\WINDOWS\system32\jhfrxz.dll] [N/A, ] [C:\WINDOWS\system32\hikadx.dll] [N/A, ] [C:\WINDOWS\system32\pedadt.dll] [N/A, ] [C:\WINDOWS\system32\jgnomr.dll] [N/A, ] [C:\WINDOWS\system32\sqavpw0.dll] [N/A, ] [C:\WINDOWS\system32\tfsdmz.dll] [N/A, ] [C:\WINDOWS\system32\mxavpw0.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\fmsjhif.dll] [N/A, ] [C:\WINDOWS\system32\bincdwsa.dll] [N/A, ] [C:\WINDOWS\system32\fmsbbqi.dll] [N/A, ] [C:\WINDOWS\system32\dndsioc.dll] [N/A, ] [C:\WINDOWS\system32\mfchlp64.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\yuiabct.dll] [N/A, ] [d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 62] [d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx] [, 1, 0, 0, 1] [D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 74] [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 18] [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [D:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [d:\Program Files\WinRAR\rarext.dll] [N/A, ] [d:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [d:\PROGRA~1\Kingsoft\KnightV\Tools\KVD\kscdrush.dll] [金山软件股份有限公司, 5, 0, 0, 0]
zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:

zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:	发表于： 2008-05-05 09:27 \| 只看楼主短消息资料字号：小中大 3楼５３４６ [PID: 1372 / zuozuo][D:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.23] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [D:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [D:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 20.0.0.0] [D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\tfsdmz.dll] [N/A, ] [C:\WINDOWS\system32\jgnomr.dll] [N/A, ] [C:\WINDOWS\system32\pedadt.dll] [N/A, ] [C:\WINDOWS\system32\hikadx.dll] [N/A, ] [C:\WINDOWS\system32\jhfrxz.dll] [N/A, ] [C:\WINDOWS\system32\zgxfdx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\seprhg.dll] [N/A, ] [C:\WINDOWS\system32\tdffdl.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\zjydcx.dll] [N/A, ] [PID: 1432 / zuozuo][D:\Program Files\Rising\KakaToolBar\runiep.exe] [Beijing Rising Technology Co., Ltd., 5.0.0.16] [D:\Program Files\Rising\KakaToolBar\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [D:\Program Files\Rising\KakaToolBar\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\tfsdmz.dll] [N/A, ] [C:\WINDOWS\system32\jgnomr.dll] [N/A, ] [C:\WINDOWS\system32\pedadt.dll] [N/A, ] [C:\WINDOWS\system32\hikadx.dll] [N/A, ] [C:\WINDOWS\system32\jhfrxz.dll] [N/A, ] [C:\WINDOWS\system32\zgxfdx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\seprhg.dll] [N/A, ] [C:\WINDOWS\system32\tdffdl.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\zjydcx.dll] [N/A, ] [C:\WINDOWS\system32\ttDXYDXY1014.dll] [N/A, ] [C:\WINDOWS\TEMP\dat9.tmp] [, 1, 0, 0, 1] [C:\WINDOWS\system32\ttNNBNNB1056.dll] [N/A, ] [C:\WINDOWS\system32\ttHADHAD1071.dll] [N/A, ] [C:\WINDOWS\system32\sqavpw0.dll] [N/A, ] [C:\WINDOWS\system32\mxavpw0.dll] [N/A, ] [PID: 1040 / zuozuo][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3510] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\tfsdmz.dll] [N/A, ] [C:\WINDOWS\system32\jgnomr.dll] [N/A, ] [C:\WINDOWS\system32\pedadt.dll] [N/A, ] [C:\WINDOWS\system32\hikadx.dll] [N/A, ] [C:\WINDOWS\system32\jhfrxz.dll] [N/A, ] [C:\WINDOWS\system32\zgxfdx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\seprhg.dll] [N/A, ] [C:\WINDOWS\system32\tdffdl.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\zjydcx.dll] [N/A, ] [PID: 2188 / zuozuo][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\tfsdmz.dll] [N/A, ] [C:\WINDOWS\system32\jgnomr.dll] [N/A, ] [C:\WINDOWS\system32\pedadt.dll] [N/A, ] [C:\WINDOWS\system32\hikadx.dll] [N/A, ] [C:\WINDOWS\system32\jhfrxz.dll] [N/A, ] [C:\WINDOWS\system32\zgxfdx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\seprhg.dll] [N/A, ] [C:\WINDOWS\system32\tdffdl.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\zjydcx.dll] [N/A, ] [PID: 3216 / zuozuo][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\tfsdmz.dll] [N/A, ] [C:\WINDOWS\system32\jgnomr.dll] [N/A, ] [C:\WINDOWS\system32\pedadt.dll] [N/A, ] [C:\WINDOWS\system32\hikadx.dll] [N/A, ] [C:\WINDOWS\system32\jhfrxz.dll] [N/A, ] [C:\WINDOWS\system32\zgxfdx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\seprhg.dll] [N/A, ] [C:\WINDOWS\system32\tdffdl.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\zjydcx.dll] [N/A, ] [PID: 3480 / zuozuo][D:\下载软件\sreng2.0\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17] [C:\WINDOWS\system32\msosdohs01.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\fsrgeb.dll] [N/A, ] [C:\WINDOWS\system32\tfsdmz.dll] [N/A, ] [C:\WINDOWS\system32\jgnomr.dll] [N/A, ] [C:\WINDOWS\system32\pedadt.dll] [N/A, ] [C:\WINDOWS\system32\hikadx.dll] [N/A, ] [C:\WINDOWS\system32\jhfrxz.dll] [N/A, ] [C:\WINDOWS\system32\zgxfdx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\seprhg.dll] [N/A, ] [C:\WINDOWS\system32\tdffdl.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\jdsaex.dll] [N/A, ] [C:\WINDOWS\system32\hhrdxd.dll] [N/A, ] [C:\WINDOWS\system32\zjydcx.dll] [N/A, ] [C:\WINDOWS\system32\yuiabct.dll] [N/A, ] [C:\WINDOWS\system32\dndsioc.dll] [N/A, ] [C:\WINDOWS\system32\mfchlp64.dll] [N/A, ] [C:\WINDOWS\system32\fmsbbqi.dll] [N/A, ] [C:\WINDOWS\system32\fmsjhif.dll] [N/A, ] [C:\WINDOWS\system32\bincdwsa.dll] [N/A, ] [D:\下载软件\sreng2.0\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ================================== 进程特权扫描特殊特权被允许： SeDebugPrivilege [PID = 1656, C:\WINDOWS\SVCHOST.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1656, C:\WINDOWS\SVCHOST.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 1432, D:\PROGRAM FILES\RISING\KAKATOOLBAR\RUNIEP.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1432, D:\PROGRAM FILES\RISING\KAKATOOLBAR\RUNIEP.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 1040, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1040, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE] ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]
zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:

zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:	发表于： 2008-05-05 09:34 \| 只看楼主短消息资料字号：小中大 4楼回复：哪位大虾帮我看看我的电脑怎么了？？还有就是瑞星的伞打不开！为什么啊？
zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:

sako 社区嘉宾帖子:7496 注册: 2007-10-16 来自:遥远的地方	发表于： 2008-05-05 09:53 \| 短消息资料字号：小中大 5楼回复：哪位大虾帮我看看我的电脑怎么了？？病毒太多请重新发帖不要直接贴以附件传上来扫SRENG日志发到论坛来 http://www.kztechs.com/sreng/download.html 下载System Repair Engineer 1 解压缩sreng2.zip（建议解压到系统Windows文件夹里） 2 运行SREng.exe ((将SREng.exe改名为123.com运行)) 3 智能扫描=》扫描=》保存报告 4 把报告保存后，直接将日志内容彻底复制到一个空记事本里，然后再保存，就可以以附件的形式xxx坛来了。一定以附件形式发这论坛来。点击我这贴右下角的“引用”然后就应该知道怎么发了。你可以打开日志后，在左上角的“编辑”里选择“全选”再选择“复制” 就可以彻底复制日志内容到另一个空记事本保存了
sako 社区嘉宾帖子:7496 注册: 2007-10-16 来自:遥远的地方

日不懂啊叱咤花甲狮帖子:14337 注册: 2007-03-08 来自:江苏南京	发表于： 2008-05-05 10:03 \| 短消息资料字号：小中大 6楼回复: 哪位大虾帮我看看我的电脑怎么了？？用附件的工具XDELBOX删除文件 C:\WINDOWS\system32\913CE8B0.DLL C:\WINDOWS\system32\msosdohs01.dll C:\WINDOWS\system32\msosping00.dll C:\WINDOWS\system32\msosmhfp00.dll C:\WINDOWS\system32\ttDXYDXY1014.dll C:\WINDOWS\system32\ttNNBNNB1056.dll C:\WINDOWS\system32\ttHADHAD1071.dll C:\WINDOWS\system32\sqavpw0.dll C:\WINDOWS\system32\mxavpw0.dll C:\WINDOWS\system32\zgxfdx.dll C:\WINDOWS\system32\wfrdvq.dll C:\WINDOWS\system32\seprhg.dll C:\WINDOWS\system32\tdffdl.dll C:\WINDOWS\system32\wyrsdj.dll C:\WINDOWS\system32\jdsaex.dll C:\WINDOWS\system32\hhrdxd.dll C:\WINDOWS\system32\zjydcx.dll C:\WINDOWS\system32\fsrgeb.dll C:\WINDOWS\system32\tfsdmz.dll C:\WINDOWS\system32\jgnomr.dll C:\WINDOWS\system32\pedadt.dll C:\WINDOWS\system32\hikadx.dll C:\WINDOWS\system32\jhfrxz.dll C:\WINDOWS\fmsiocps.exe C:\WINDOWS\dionpis.exe C:\WINDOWS\dbhlp32.exe C:\WINDOWS\WINSvr64.exe C:\WINDOWS\anistio.exE C:\WINDOWS\ynwwqtjc.exe C:\WINDOWS\75976M.exe C:\WINDOWS\bincdwsa.exe C:\WINDOWS\fmsjhif.exe C:\WINDOWS\fmsbbqi.exe C:\WINDOWS\dndsioc.exe C:\WINDOWS\mfchlp64.exe C:\WINDOWS\yuiabct.exe C:\WINDOWS\system32\69CC5417.EXE C:\WINDOWS\system32\drivers\msosmsfpfis64.sys C:\WINDOWS\system32\drivers\msosmsp2p32.sys C:\WINDOWS\system32\drivers\Phyhd.sys C:\WINDOWS\system32\yxcsbhlp.dll C:\WINDOWS\system32\zycbbime.dll C:\WINDOWS\system32\zywmcime.dll C:\WINDOWS\system32\ypcqchlp.dll C:\Program Files\Internet Explorer\PLUGINS\WinSys8k.Sys 由于要删除的文件很多，用剪贴板导入选择重起删除，然后用SRENG删除注册表中 <fmsiocps><C:\WINDOWS\fmsiocps.exe> [N/A] <dionpis><C:\WINDOWS\dionpis.exe> [N/A] <dbhlp32><C:\WINDOWS\dbhlp32.exe> [N/A] <WINSvr64><C:\WINDOWS\WINSvr64.exe> [N/A] <anistio><C:\WINDOWS\anistio.exE> [N/A] <hyknpwzw><C:\WINDOWS\ynwwqtjc.exe> [N/A] <Knight V><> [N/A] <WinSysM><C:\WINDOWS\75976M.exe> [N/A] <bincdwsa><C:\WINDOWS\bincdwsa.exe> [] <fmsjhif><C:\WINDOWS\fmsjhif.exe> [] <fmsbbqi><C:\WINDOWS\fmsbbqi.exe> [] <dndsioc><C:\WINDOWS\dndsioc.exe> [] <mfchlp64><C:\WINDOWS\mfchlp64.exe> [] <yuiabct><C:\WINDOWS\yuiabct.exe> [] <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\system32\sgrefg.dll> [N/A] <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\system32\zjydcx.dll> [] <{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\system32\hhrdxd.dll> [] <{841529CB-7F77-4B99-A895-B5441E0D302F}><C:\WINDOWS\system32\jfrwdh.dll> [N/A] <{F99DEFDD-200B-4410-B572-E90883D527D2}><C:\WINDOWS\system32\wrqszl.dll> [N/A] <{40AF1289-F140-A140-D012-C1458759FC04}><C:\WINDOWS\system32\ypcqchlp.dll> [N/A] <{84143967-B645-4BFF-B873-DA1DC886E9A7}><C:\WINDOWS\system32\cedafb.dll> [N/A] <{B29583D8-033A-4B9F-8553-7C5458F3FB8E}><C:\WINDOWS\system32\jdsaex.dll> [] <{1DB3C525-5271-46F7-887A-D4E1ADAA7632}><C:\WINDOWS\system32\hfrdzx.dll> [N/A] <{EB71E0B3-E97D-4D30-8733-E28266467617}><C:\WINDOWS\system32\wyhesm.dll> [N/A] <{28EB3777-3E23-4E72-8449-A992D09D24C3}><C:\WINDOWS\system32\zgfdet.dll> [N/A] <{25671234-7890-ABCD-CDEF-567801237652}><C:\WINDOWS\system32\yxcsbhlp.dll> [N/A] <{2A698102-5904-AFD0-20DF-CD1A65829CA2}><C:\WINDOWS\system32\zycbbime.dll> [N/A] <{3319A1F1-9410-9654-3201-345FFA349133}><C:\WINDOWS\system32\zywmcime.dll> [N/A] <{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}><C:\WINDOWS\system32\wyrsdj.dll> [] <{48074740-A5D7-4EFC-8949-971003C5BE3C}><C:\WINDOWS\system32\hmuyhx.dll> [N/A] <{AA1A5CFB-22EA-4D08-87C1-E474E70FB37C}><C:\WINDOWS\system32\foogls.dll> [N/A] <{DC3D30AE-0380-4151-8934-EE98A34B0370}><C:\WINDOWS\system32\mfdesy.dll> [N/A] <{C0595A7E-2E2F-4B34-A83A-019270A0A464}><C:\WINDOWS\system32\tdffdl.dll> [] <{0D20FFFF-9EEE-4994-9A2B-861290887E28}><C:\WINDOWS\system32\seprhg.dll> [] <{6BBAA1E6-CF54-4139-AB9C-8491A9F909D7}><C:\WINDOWS\system32\wfrdvq.dll> [] <{5fd0c12b-da0b-4446-82fd-b8041a46492b}><C:\WINDOWS\system32\ttDXYDXY1014.dll> [] <{6E6CA8A1-81BC-4707-A54C-F4903DD70BAD}><C:\WINDOWS\system32\zgxfdx.dll> [] <{7FA4A83B-F99A-4bfc-A8E2-6A62B05D2C82}><C:\WINDOWS\TEMP\dat9.tmp> [] <{3cc67dc4-e953-4b2f-ae22-fcb4dcc3903a}><C:\WINDOWS\system32\ttNNBNNB1056.dll> [] <{a580305f-b902-4723-ac26-06e4cb4279a5}><C:\WINDOWS\system32\ttHADHAD1071.dll> [] <{7914E0AA-ECCB-4311-B584-C49538227824}><C:\WINDOWS\system32\jhfrxz.dll> [] <{0E26E4B5-2634-4FEF-B9CA-8F57969134E0}><C:\WINDOWS\system32\hikadx.dll> [] <{5E907A48-400E-4EA8-9792-FFAE052D59E9}><C:\WINDOWS\system32\pedadt.dll> [] <{E4360774-E6E2-45FC-B4A6-7341A6BF8D89}><C:\WINDOWS\system32\jgnomr.dll> [] <{C36ECF8F-EAD9-44BD-8DD0-C4240A06F51C}><C:\WINDOWS\system32\sqavpw0.dll> [] <{875E07B1-0614-43D9-A76E-D76A28AB3D7B}><C:\WINDOWS\system32\tfsdmz.dll> [] <{3E387664-C799-4D62-B196-25776EF35C51}><C:\WINDOWS\system32\mxavpw0.dll> [] <{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}><C:\WINDOWS\system32\fsrgeb.dll> [] <WPDShServiceObj><?{AAA288BA-9A4C-45B0-95D7-94D524869DB5}> [N/A] 编辑[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><ieprot.dll,msosmhfp00.dll,msosdohs01.dll,msosping00.dll> [Beijing Rising Technology Co., Ltd.]为 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><ieprot.dll> [Beijing Rising Technology Co., Ltd.] 删除服务 [A542E9B5 / A542E9B5][Stopped/Auto Start] <C:\WINDOWS\system32\69CC5417.EXE -d><N/A> 删除驱动 [dohs / dohs][Stopped/Auto Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\tmpC.tmp><N/A> [mhfp / mhfp][Stopped/Auto Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\tmpA.tmp><N/A> [mnsf / mnsf][Stopped/Auto Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\tmp14.tmp><N/A> [msfpfis64 / msfpfis64][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\msosmsfpfis64.sys><N/A> [msp2p32 / msp2p32][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\msosmsp2p32.sys><N/A> [Phyhd / Phyhd][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\Phyhd.sys><N/A> [ping / ping][Stopped/Auto Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\tmp16.tmp><N/A> [sys_flt / sys_flt][Stopped/Manual Start] <\??\C:\DOCUME~1\zuozuo\LOCALS~1\Temp\~15.tmp><N/A> 删除浏览器加载 [] {25671234-7890-ABCD-CDEF-567801237652} <C:\WINDOWS\system32\yxcsbhlp.dll, N/A> [] {2A698102-5904-AFD0-20DF-CD1A65829CA2} <C:\WINDOWS\system32\zycbbime.dll, N/A> [] {3319A1F1-9410-9654-3201-345FFA349133} <C:\WINDOWS\system32\zywmcime.dll, N/A> [] {40AF1289-F140-A140-D012-C1458759FC04} <C:\WINDOWS\system32\ypcqchlp.dll, N/A> [] {6167F471-EF2B-41DD-A5E5-C26ACDB5C096} <C:\Program Files\Internet Explorer\PLUGINS\WinSys8k.Sys, N/A> 在最后处理完以后清理临时文件夹: 打开我的电脑-工具-文件夹选项-查看-显示隐藏文件-隐藏受保护的系统文件(勾去掉)-确定重起进入安全模式(开机不停的按F8,选择安全模式启动) 清空下列临时文件夹中所有内容： C:\Documents and Settings\用户名\Local Settings\Temporary Internet Files C:\Documents and Settings\用户名\Local Settings\Temp C:\WINDOWS\TEMP 另外，找到文件：c:\windows\win.ini 把这个文件打开，把内容发上来，我告诉你要删除哪些内容附件: 文件名:xdelboxnN.rar 下载次数:161 文件类型:application/octet-stream 文件大小: 上传时间:2008-5-5 10:03:29 描述:rar 本帖被评分 1 次本帖被评分 1 次友情连接：www.jiake168.com(获得国家专利的私家车车身广告官网）邮箱：571wind@163.com（只收样本）
日不懂啊叱咤花甲狮帖子:14337 注册: 2007-03-08 来自:江苏南京

yxdyt 初生襁褓狮帖子:9 注册: 2008-05-05 来自:	发表于： 2008-05-05 10:08 \| 短消息资料字号：小中大 7楼回复：哪位大虾帮我看看我的电脑怎么了？？这种情况最好的解决办法就是重装系统。用PE备份C盘资料。最后一定要全盘查杀。不要指望杀毒可以救命！
yxdyt 初生襁褓狮帖子:9 注册: 2008-05-05 来自:

日不懂啊叱咤花甲狮帖子:14337 注册: 2007-03-08 来自:江苏南京	发表于： 2008-05-05 10:20 \| 短消息资料字号：小中大 8楼回复 7F yxdyt 的帖子自己不明白就不要误导人家友情连接：www.jiake168.com(获得国家专利的私家车车身广告官网）邮箱：571wind@163.com（只收样本）
日不懂啊叱咤花甲狮帖子:14337 注册: 2007-03-08 来自:江苏南京

zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:	发表于： 2008-05-05 12:50 \| 只看楼主短消息资料字号：小中大 9楼回复：哪位大虾帮我看看我的电脑怎么了？？万分感谢！
zuozuo0425 初生襁褓狮帖子:42 注册: 2006-02-22 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT