瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 我的电脑也是瑞星杀毒软件内存监控被禁用了,看看我的log

123   1  /  3  页   跳转

我的电脑也是瑞星杀毒软件内存监控被禁用了,看看我的log

收藏
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 15:04 | 只看楼主 短消息 资料
字号: 1楼

我的电脑也是瑞星杀毒软件内存监控被禁用了,看看我的log

HijackThis_815汉化版扫描日志 V1.99.1
保存于      14:48:33, 日期 2006-7-1
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
G:\安装软件\HijackThis1991zww.exe

R3 - URLSearchHook: (no name) - {1A1DF444-452F-43AC-9758-279CC8F099A8} - C:\WINDOWS\system32\Mtbao.dll
R3 - URLSearchHook: (no name) - {FD5755A9-8F36-4341-9EA4-E868BA6E2922} - C:\WINDOWS\system32\Smdqn.dll
R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
R3 - URLSearchHook: (no name) - {6D6F2FC1-68A5-44C8-8EBE-44C9755A326F} - C:\WINDOWS\system32\Lqmei.dll
R3 - URLSearchHook: (no name) - {87FA2C39-F267-47BF-A59E-682911AE6A65} - C:\WINDOWS\system32\Lmfiz.dll
R3 - URLSearchHook: (no name) - {7CC0BFB0-6670-48A6-A491-F04C05181C65} - C:\WINDOWS\system32\Bypdz.dll
R3 - URLSearchHook: (no name) - {BDCA2628-99F9-4601-BF4A-A64444D18745} - C:\WINDOWS\system32\Hnrv.dll
R3 - URLSearchHook: (no name) - {6E5969C4-FC00-4D8D-BDCD-214647387BB1} - C:\WINDOWS\system32\Xryt.dll
R3 - URLSearchHook: (no name) - {6EFFB556-65A9-4B6A-B01F-9335A45DD5A0} - C:\WINDOWS\system32\Mkct.dll
R3 - URLSearchHook: (no name) - {CA8AE918-0921-419B-9D9A-BA797802086E} - C:\WINDOWS\system32\Widb.dll
R3 - URLSearchHook: (no name) - {487C8E35-A5F0-490D-8927-613182D84828} - C:\WINDOWS\system32\Yoanoo.dll
R3 - URLSearchHook: (no name) - {28052F3B-1C66-4AAD-AEE4-F32350176D13} - C:\WINDOWS\system32\Cyiz.dll
R3 - URLSearchHook: (no name) - {327DD4E9-63EB-4C1C-BB46-E1B74B3D4282} - C:\WINDOWS\system32\Tdmct.dll
R3 - URLSearchHook: (no name) - {CF523F1B-5F97-40E9-9F7F-BBEE015E0AED} - C:\WINDOWS\system32\Iixjt.dll
R3 - URLSearchHook: (no name) - {C7371440-08F0-4E67-A9F7-233705956630} - C:\WINDOWS\system32\Wuzkt.dll
R3 - URLSearchHook: (no name) - {14729138-1AA7-4C81-BD1C-D89FA076A026} - C:\WINDOWS\system32\Qhhxsj.dll
R3 - URLSearchHook: (no name) - {1AE3B6F5-51C7-49B7-99B1-A792D9AFDC0B} - C:\WINDOWS\system32\Wclkx.dll
R3 - URLSearchHook: (no name) - {F54D4BB2-DF39-45BD-8F4E-2D614AEE12CD} - C:\WINDOWS\system32\Nsfv.dll
R3 - URLSearchHook: (no name) - {4FF4FC40-6FA1-4998-A8AF-23A26E22DBBA} - C:\WINDOWS\system32\Iqruaa.dll
R3 - URLSearchHook: (no name) - {FDAAA3F6-F9C9-453F-A9FA-B8B3E846AE0C} - C:\WINDOWS\system32\Vtyij.dll
R3 - URLSearchHook: (no name) - {864D535F-54CB-409A-954B-5D7FDB38857A} - C:\WINDOWS\system32\Phkzaq.dll
R3 - URLSearchHook: (no name) - {8D85CFF9-8E65-4CA4-ADDD-42B6903BAFA8} - C:\WINDOWS\system32\Tiumv.dll
R3 - URLSearchHook: (no name) - {2ED93676-003A-43AA-B53A-E27D5AF5418A} - C:\WINDOWS\system32\Vmfqd.dll
R3 - URLSearchHook: (no name) - {2150E8DA-C95C-4535-B68C-74769FD51342} - C:\WINDOWS\system32\Ywrtl.dll
R3 - URLSearchHook: (no name) - {0F82D1D7-0FA8-4D59-98B6-F7EE79901EBD} - C:\WINDOWS\system32\Ehmn.dll
R3 - URLSearchHook: (no name) - {D20CF654-6780-4634-9849-4EB6666426E2} - C:\WINDOWS\system32\Snhf.dll
R3 - URLSearchHook: (no name) - {A9C8FC0C-98F6-4274-A8DC-528FE887B1F4} - C:\WINDOWS\system32\Noimb.dll
R3 - URLSearchHook: (no name) - {6FBC0934-25D3-4871-9C2B-677B7A196CC3} - C:\WINDOWS\system32\Dziyw.dll
R3 - URLSearchHook: (no name) - {5BCAED2D-7FED-4E9F-945B-9AB623DA2F3B} - C:\WINDOWS\system32\Hfrkyy.dll
R3 - URLSearchHook: (no name) - {AA260C4B-FE49-4684-8C0D-8D19A40B4BBF} - C:\WINDOWS\system32\Tcmcj.dll
R3 - URLSearchHook: (no name) - {81C3042E-745E-44B2-AAF6-50A88DA80922} - C:\WINDOWS\system32\Lfwk.dll
R3 - URLSearchHook: (no name) - {91F43E7E-F9DF-4784-97DE-4648A8553B16} - C:\WINDOWS\system32\Uiipji.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {0F82D1D7-0FA8-4D59-98B6-F7EE79901EBD} - C:\WINDOWS\system32\Ehmn.dll
O2 - BHO: (no name) - {14729138-1AA7-4C81-BD1C-D89FA076A026} - C:\WINDOWS\system32\Qhhxsj.dll
O2 - BHO: (no name) - {1A1DF444-452F-43AC-9758-279CC8F099A8} - C:\WINDOWS\system32\Mtbao.dll
O2 - BHO: (no name) - {1AE3B6F5-51C7-49B7-99B1-A792D9AFDC0B} - C:\WINDOWS\system32\Wclkx.dll
O2 - BHO: (no name) - {2150E8DA-C95C-4535-B68C-74769FD51342} - C:\WINDOWS\system32\Ywrtl.dll
O2 - BHO: (no name) - {28052F3B-1C66-4AAD-AEE4-F32350176D13} - C:\WINDOWS\system32\Cyiz.dll
O2 - BHO: (no name) - {2ED93676-003A-43AA-B53A-E27D5AF5418A} - C:\WINDOWS\system32\Vmfqd.dll
O2 - BHO: (no name) - {327DD4E9-63EB-4C1C-BB46-E1B74B3D4282} - C:\WINDOWS\system32\Tdmct.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: (no name) - {487C8E35-A5F0-490D-8927-613182D84828} - C:\WINDOWS\system32\Yoanoo.dll
O2 - BHO: (no name) - {4FF4FC40-6FA1-4998-A8AF-23A26E22DBBA} - C:\WINDOWS\system32\Iqruaa.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {5BCAED2D-7FED-4E9F-945B-9AB623DA2F3B} - C:\WINDOWS\system32\Hfrkyy.dll
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\DOCUME~1\pan\LOCALS~1\Temp\SSLive.dll
O2 - BHO: (no name) - {6D6F2FC1-68A5-44C8-8EBE-44C9755A326F} - C:\WINDOWS\system32\Lqmei.dll
O2 - BHO: (no name) - {6E5969C4-FC00-4D8D-BDCD-214647387BB1} - C:\WINDOWS\system32\Xryt.dll
O2 - BHO: (no name) - {6EFFB556-65A9-4B6A-B01F-9335A45DD5A0} - C:\WINDOWS\system32\Mkct.dll
O2 - BHO: (no name) - {6FBC0934-25D3-4871-9C2B-677B7A196CC3} - C:\WINDOWS\system32\Dziyw.dll
O2 - BHO: (no name) - {7CC0BFB0-6670-48A6-A491-F04C05181C65} - C:\WINDOWS\system32\Bypdz.dll
O2 - BHO: (no name) - {81C3042E-745E-44B2-AAF6-50A88DA80922} - C:\WINDOWS\system32\Lfwk.dll
O2 - BHO: (no name) - {864D535F-54CB-409A-954B-5D7FDB38857A} - C:\WINDOWS\system32\Phkzaq.dll
O2 - BHO: (no name) - {87FA2C39-F267-47BF-A59E-682911AE6A65} - C:\WINDOWS\system32\Lmfiz.dll
O2 - BHO: (no name) - {8D85CFF9-8E65-4CA4-ADDD-42B6903BAFA8} - C:\WINDOWS\system32\Tiumv.dll
O2 - BHO: (no name) - {91F43E7E-F9DF-4784-97DE-4648A8553B16} - C:\WINDOWS\system32\Uiipji.dll
O2 - BHO: (no name) - {A9C8FC0C-98F6-4274-A8DC-528FE887B1F4} - C:\WINDOWS\system32\Noimb.dll
O2 - BHO: (no name) - {AA260C4B-FE49-4684-8C0D-8D19A40B4BBF} - C:\WINDOWS\system32\Tcmcj.dll
O2 - BHO: (no name) - {BDCA2628-99F9-4601-BF4A-A64444D18745} - C:\WINDOWS\system32\Hnrv.dll
O2 - BHO: (no name) - {C7371440-08F0-4E67-A9F7-233705956630} - C:\WINDOWS\system32\Wuzkt.dll
O2 - BHO: (no name) - {CA8AE918-0921-419B-9D9A-BA797802086E} - C:\WINDOWS\system32\Widb.dll
O2 - BHO: (no name) - {CF523F1B-5F97-40E9-9F7F-BBEE015E0AED} - C:\WINDOWS\system32\Iixjt.dll
O2 - BHO: (no name) - {D20CF654-6780-4634-9849-4EB6666426E2} - C:\WINDOWS\system32\Snhf.dll
O2 - BHO: (no name) - {F54D4BB2-DF39-45BD-8F4E-2D614AEE12CD} - C:\WINDOWS\system32\Nsfv.dll
O2 - BHO: (no name) - {FD5755A9-8F36-4341-9EA4-E868BA6E2922} - C:\WINDOWS\system32\Smdqn.dll
O2 - BHO: (no name) - {FDAAA3F6-F9C9-453F-A9FA-B8B3E846AE0C} - C:\WINDOWS\system32\Vtyij.dll
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - IE工具栏增项: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - E:\BitComet\BitCometBar\BitCometBar0.3.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = E:\Tencent\QQ\QQ.exe
O8 - IE右键菜单中的新增项目:  >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Tencent\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
最后编辑2006-07-04 23:04:09
分享到:
gototop
 
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 15:05 | 只看楼主 短消息 资料
字号: 2楼

O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的按钮: 中国建投证券交易客户端 - {902E3F13-F3C2-11D3-B8AD-00062950CE21} - E:\jcb_ztzq\NfTradeClient.exe
O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: 易趣购物 - {DE607144-AC19-424e-865A-5D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE607144-AC19-424e-865A-5D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [TBH] 搜搜地址栏搜索
O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - NT 服务: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
gototop
 
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 15:13 | 只看楼主 短消息 资料
字号: 3楼

2006-07-01,15:00:57

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [Tencent]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{1A1DF444-452F-43AC-9758-279CC8F099A8}><C:\WINDOWS\system32\Mtbao.dll>  []
    <{FD5755A9-8F36-4341-9EA4-E868BA6E2922}><C:\WINDOWS\system32\Smdqn.dll>  []
    <{6D6F2FC1-68A5-44C8-8EBE-44C9755A326F}><C:\WINDOWS\system32\Lqmei.dll>  []
    <{87FA2C39-F267-47BF-A59E-682911AE6A65}><C:\WINDOWS\system32\Lmfiz.dll>  []
    <{7CC0BFB0-6670-48A6-A491-F04C05181C65}><C:\WINDOWS\system32\Bypdz.dll>  []
    <{BDCA2628-99F9-4601-BF4A-A64444D18745}><C:\WINDOWS\system32\Hnrv.dll>  []
    <{6E5969C4-FC00-4D8D-BDCD-214647387BB1}><C:\WINDOWS\system32\Xryt.dll>  []
    <{6EFFB556-65A9-4B6A-B01F-9335A45DD5A0}><C:\WINDOWS\system32\Mkct.dll>  []
    <{CA8AE918-0921-419B-9D9A-BA797802086E}><C:\WINDOWS\system32\Widb.dll>  []
    <{487C8E35-A5F0-490D-8927-613182D84828}><C:\WINDOWS\system32\Yoanoo.dll>  []
    <{28052F3B-1C66-4AAD-AEE4-F32350176D13}><C:\WINDOWS\system32\Cyiz.dll>  []
    <{327DD4E9-63EB-4C1C-BB46-E1B74B3D4282}><C:\WINDOWS\system32\Tdmct.dll>  []
    <{CF523F1B-5F97-40E9-9F7F-BBEE015E0AED}><C:\WINDOWS\system32\Iixjt.dll>  []
    <{C7371440-08F0-4E67-A9F7-233705956630}><C:\WINDOWS\system32\Wuzkt.dll>  []
    <{14729138-1AA7-4C81-BD1C-D89FA076A026}><C:\WINDOWS\system32\Qhhxsj.dll>  []
    <{1AE3B6F5-51C7-49B7-99B1-A792D9AFDC0B}><C:\WINDOWS\system32\Wclkx.dll>  []
    <{F54D4BB2-DF39-45BD-8F4E-2D614AEE12CD}><C:\WINDOWS\system32\Nsfv.dll>  []
    <{4FF4FC40-6FA1-4998-A8AF-23A26E22DBBA}><C:\WINDOWS\system32\Iqruaa.dll>  []
    <{FDAAA3F6-F9C9-453F-A9FA-B8B3E846AE0C}><C:\WINDOWS\system32\Vtyij.dll>  []
    <{864D535F-54CB-409A-954B-5D7FDB38857A}><C:\WINDOWS\system32\Phkzaq.dll>  []
    <{8D85CFF9-8E65-4CA4-ADDD-42B6903BAFA8}><C:\WINDOWS\system32\Tiumv.dll>  []
    <{2ED93676-003A-43AA-B53A-E27D5AF5418A}><C:\WINDOWS\system32\Vmfqd.dll>  []
    <{2150E8DA-C95C-4535-B68C-74769FD51342}><C:\WINDOWS\system32\Ywrtl.dll>  []
    <{0F82D1D7-0FA8-4D59-98B6-F7EE79901EBD}><C:\WINDOWS\system32\Ehmn.dll>  []
    <{D20CF654-6780-4634-9849-4EB6666426E2}><C:\WINDOWS\system32\Snhf.dll>  []
    <{A9C8FC0C-98F6-4274-A8DC-528FE887B1F4}><C:\WINDOWS\system32\Noimb.dll>  []
    <{6FBC0934-25D3-4871-9C2B-677B7A196CC3}><C:\WINDOWS\system32\Dziyw.dll>  []
    <{5BCAED2D-7FED-4E9F-945B-9AB623DA2F3B}><C:\WINDOWS\system32\Hfrkyy.dll>  []
    <{AA260C4B-FE49-4684-8C0D-8D19A40B4BBF}><C:\WINDOWS\system32\Tcmcj.dll>  []
    <{81C3042E-745E-44B2-AAF6-50A88DA80922}><C:\WINDOWS\system32\Lfwk.dll>  []
    <{91F43E7E-F9DF-4784-97DE-4648A8553B16}><C:\WINDOWS\system32\Uiipji.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [ATI Technologies Inc.]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\pan\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
gototop
 
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 15:13 | 只看楼主 短消息 资料
字号: 4楼

==================================
浏览器加载项
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[]
  {0F82D1D7-0FA8-4D59-98B6-F7EE79901EBD} <C:\WINDOWS\system32\Ehmn.dll, N/A>
[]
  {14729138-1AA7-4C81-BD1C-D89FA076A026} <C:\WINDOWS\system32\Qhhxsj.dll, N/A>
[]
  {1A1DF444-452F-43AC-9758-279CC8F099A8} <C:\WINDOWS\system32\Mtbao.dll, N/A>
[]
  {1AE3B6F5-51C7-49B7-99B1-A792D9AFDC0B} <C:\WINDOWS\system32\Wclkx.dll, N/A>
[]
  {2150E8DA-C95C-4535-B68C-74769FD51342} <C:\WINDOWS\system32\Ywrtl.dll, N/A>
[]
  {28052F3B-1C66-4AAD-AEE4-F32350176D13} <C:\WINDOWS\system32\Cyiz.dll, N/A>
[]
  {2ED93676-003A-43AA-B53A-E27D5AF5418A} <C:\WINDOWS\system32\Vmfqd.dll, N/A>
[]
  {327DD4E9-63EB-4C1C-BB46-E1B74B3D4282} <C:\WINDOWS\system32\Tdmct.dll, N/A>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[]
  {487C8E35-A5F0-490D-8927-613182D84828} <C:\WINDOWS\system32\Yoanoo.dll, N/A>
[]
  {4FF4FC40-6FA1-4998-A8AF-23A26E22DBBA} <C:\WINDOWS\system32\Iqruaa.dll, N/A>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <E:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[]
  {5BCAED2D-7FED-4E9F-945B-9AB623DA2F3B} <C:\WINDOWS\system32\Hfrkyy.dll, N/A>
[MMSAssist BHO]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\Mmsass~1.dll, >
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\DOCUME~1\pan\LOCALS~1\Temp\SSLive.dll, TENCENT>
[]
  {6D6F2FC1-68A5-44C8-8EBE-44C9755A326F} <C:\WINDOWS\system32\Lqmei.dll, N/A>
[]
  {6E5969C4-FC00-4D8D-BDCD-214647387BB1} <C:\WINDOWS\system32\Xryt.dll, N/A>
[]
  {6EFFB556-65A9-4B6A-B01F-9335A45DD5A0} <C:\WINDOWS\system32\Mkct.dll, N/A>
[]
  {6FBC0934-25D3-4871-9C2B-677B7A196CC3} <C:\WINDOWS\system32\Dziyw.dll, N/A>
[]
  {7CC0BFB0-6670-48A6-A491-F04C05181C65} <C:\WINDOWS\system32\Bypdz.dll, N/A>
[]
  {81C3042E-745E-44B2-AAF6-50A88DA80922} <C:\WINDOWS\system32\Lfwk.dll, N/A>
[]
  {864D535F-54CB-409A-954B-5D7FDB38857A} <C:\WINDOWS\system32\Phkzaq.dll, N/A>
[]
  {87FA2C39-F267-47BF-A59E-682911AE6A65} <C:\WINDOWS\system32\Lmfiz.dll, N/A>
[]
  {8D85CFF9-8E65-4CA4-ADDD-42B6903BAFA8} <C:\WINDOWS\system32\Tiumv.dll, N/A>
[]
  {91F43E7E-F9DF-4784-97DE-4648A8553B16} <C:\WINDOWS\system32\Uiipji.dll, N/A>
[]
  {A9C8FC0C-98F6-4274-A8DC-528FE887B1F4} <C:\WINDOWS\system32\Noimb.dll, N/A>
[]
  {AA260C4B-FE49-4684-8C0D-8D19A40B4BBF} <C:\WINDOWS\system32\Tcmcj.dll, N/A>
[]
  {BDCA2628-99F9-4601-BF4A-A64444D18745} <C:\WINDOWS\system32\Hnrv.dll, N/A>
[]
  {C7371440-08F0-4E67-A9F7-233705956630} <C:\WINDOWS\system32\Wuzkt.dll, N/A>
[]
  {CA8AE918-0921-419B-9D9A-BA797802086E} <C:\WINDOWS\system32\Widb.dll, N/A>
[]
  {CF523F1B-5F97-40E9-9F7F-BBEE015E0AED} <C:\WINDOWS\system32\Iixjt.dll, N/A>
[]
  {D20CF654-6780-4634-9849-4EB6666426E2} <C:\WINDOWS\system32\Snhf.dll, N/A>
[]
  {F54D4BB2-DF39-45BD-8F4E-2D614AEE12CD} <C:\WINDOWS\system32\Nsfv.dll, N/A>
[]
  {FD5755A9-8F36-4341-9EA4-E868BA6E2922} <C:\WINDOWS\system32\Smdqn.dll, N/A>
[]
  {FDAAA3F6-F9C9-453F-A9FA-B8B3E846AE0C} <C:\WINDOWS\system32\Vtyij.dll, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\Mmsass~1.dll, >
[中国建投证券交易客户端]
  {902E3F13-F3C2-11D3-B8AD-00062950CE21} <E:\jcb_ztzq\NfTradeClient.exe, 中投证券>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Tencent\QQ\QQ.EXE, TENCENT>
[易趣购物]
  {DE607144-AC19-424e-865A-5D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll, >
[BitCometBar]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <E:\BitComet\BitCometBar\BitCometBar0.3.dll, N/A>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[]
  {0F82D1D7-0FA8-4D59-98B6-F7EE79901EBD} <C:\WINDOWS\system32\Ehmn.dll, N/A>
[]
  {14729138-1AA7-4C81-BD1C-D89FA076A026} <C:\WINDOWS\system32\Qhhxsj.dll, N/A>
[]
  {1A1DF444-452F-43AC-9758-279CC8F099A8} <C:\WINDOWS\system32\Mtbao.dll, N/A>
[]
  {1AE3B6F5-51C7-49B7-99B1-A792D9AFDC0B} <C:\WINDOWS\system32\Wclkx.dll, N/A>
[]
  {2150E8DA-C95C-4535-B68C-74769FD51342} <C:\WINDOWS\system32\Ywrtl.dll, N/A>
[]
  {28052F3B-1C66-4AAD-AEE4-F32350176D13} <C:\WINDOWS\system32\Cyiz.dll, N/A>
[]
  {2ED93676-003A-43AA-B53A-E27D5AF5418A} <C:\WINDOWS\system32\Vmfqd.dll, N/A>
[]
  {327DD4E9-63EB-4C1C-BB46-E1B74B3D4282} <C:\WINDOWS\system32\Tdmct.dll, N/A>
[BitCometBar]
  {3F1ABCDB-A875-46C1-8345-B72A4567E486} <E:\BitComet\BitCometBar\BitCometBar0.3.dll, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[]
  {487C8E35-A5F0-490D-8927-613182D84828} <C:\WINDOWS\system32\Yoanoo.dll, N/A>
[]
  {4FF4FC40-6FA1-4998-A8AF-23A26E22DBBA} <C:\WINDOWS\system32\Iqruaa.dll, N/A>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <E:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[]
  {5BCAED2D-7FED-4E9F-945B-9AB623DA2F3B} <C:\WINDOWS\system32\Hfrkyy.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[MMSAssist BHO]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\Mmsass~1.dll, >
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\DOCUME~1\pan\LOCALS~1\Temp\SSLive.dll, TENCENT>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll, >
[]
  {6D6F2FC1-68A5-44C8-8EBE-44C9755A326F} <C:\WINDOWS\system32\Lqmei.dll, N/A>
[]
  {6E5969C4-FC00-4D8D-BDCD-214647387BB1} <C:\WINDOWS\system32\Xryt.dll, N/A>
[]
  {6EFFB556-65A9-4B6A-B01F-9335A45DD5A0} <C:\WINDOWS\system32\Mkct.dll, N/A>
[]
  {6FBC0934-25D3-4871-9C2B-677B7A196CC3} <C:\WINDOWS\system32\Dziyw.dll, N/A>
[]
  {7CC0BFB0-6670-48A6-A491-F04C05181C65} <C:\WINDOWS\system32\Bypdz.dll, N/A>
[]
  {81C3042E-745E-44B2-AAF6-50A88DA80922} <C:\WINDOWS\system32\Lfwk.dll, N/A>
[]
  {864D535F-54CB-409A-954B-5D7FDB38857A} <C:\WINDOWS\system32\Phkzaq.dll, N/A>
[]
  {87FA2C39-F267-47BF-A59E-682911AE6A65} <C:\WINDOWS\system32\Lmfiz.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[]
  {8D85CFF9-8E65-4CA4-ADDD-42B6903BAFA8} <C:\WINDOWS\system32\Tiumv.dll, N/A>
[]
  {91F43E7E-F9DF-4784-97DE-4648A8553B16} <C:\WINDOWS\system32\Uiipji.dll, N/A>
[]
  {A9C8FC0C-98F6-4274-A8DC-528FE887B1F4} <C:\WINDOWS\system32\Noimb.dll, N/A>
[]
  {AA260C4B-FE49-4684-8C0D-8D19A40B4BBF} <C:\WINDOWS\system32\Tcmcj.dll, N/A>
[]
  {BDCA2628-99F9-4601-BF4A-A64444D18745} <C:\WINDOWS\system32\Hnrv.dll, N/A>
[]
  {C7371440-08F0-4E67-A9F7-233705956630} <C:\WINDOWS\system32\Wuzkt.dll, N/A>
[]
  {CA8AE918-0921-419B-9D9A-BA797802086E} <C:\WINDOWS\system32\Widb.dll, N/A>
[]
  {CF523F1B-5F97-40E9-9F7F-BBEE015E0AED} <C:\WINDOWS\system32\Iixjt.dll, N/A>
[]
  {D20CF654-6780-4634-9849-4EB6666426E2} <C:\WINDOWS\system32\Snhf.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[]
  {F54D4BB2-DF39-45BD-8F4E-2D614AEE12CD} <C:\WINDOWS\system32\Nsfv.dll, N/A>
[]
  {FD5755A9-8F36-4341-9EA4-E868BA6E2922} <C:\WINDOWS\system32\Smdqn.dll, N/A>
[]
  {FDAAA3F6-F9C9-453F-A9FA-B8B3E846AE0C} <C:\WINDOWS\system32\Vtyij.dll, N/A>
[  >> 彩信发送 <<]
  <res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm, N/A>
[上传到QQ网络硬盘]
  <E:\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Tencent\QQ\SendMMS.htm, N/A>
[雅虎搜索]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>
gototop
 
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 15:15 | 只看楼主 短消息 资料
字号: 5楼

==================================
正在运行的进程
[PID: 420][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 476][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 500][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\Ati2evxx.dll]  <ATI Technologies Inc.><6.14.10.4113>
[PID: 544][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 556][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 708][C:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4113>
    [C:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2496>
[PID: 720][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 776][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 844][C:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 876][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 916][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1024][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1084][C:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 26>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  <Rising><18, 1, 0, 9>
    [C:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [C:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
    [C:\Program Files\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
    [C:\Program Files\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[PID: 1224][C:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4113>
    [C:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2496>
    [C:\WINDOWS\Downloaded Program Files\Rhoof.dll]  <Tencent><4, 1, 1, 17>
[PID: 1304][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\WINDOWS\Downloaded Program Files\Rhoof.dll]  <Tencent><4, 1, 1, 17>
    [C:\WINDOWS\Downloaded Program Files\Zkdizo.dll]  <Tencent><4, 1, 1, 17>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Ehmn.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Qhhxsj.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Mtbao.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Wclkx.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Ywrtl.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Cyiz.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Vmfqd.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Tdmct.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Yoanoo.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Iqruaa.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Hfrkyy.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Lqmei.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Xryt.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Mkct.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Dziyw.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Bypdz.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Lfwk.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Phkzaq.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Lmfiz.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Tiumv.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Uiipji.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Noimb.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Tcmcj.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Hnrv.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Wuzkt.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Widb.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Iixjt.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Snhf.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Nsfv.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Smdqn.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Vtyij.dll]  <N/A><N/A>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  <Yahoo!><2, 0, 3, 1023>
    [C:\PROGRA~1\MMSASS~1\Mmsass~1.dll]  <><1, 2, 0, 2>
    [C:\DOCUME~1\pan\LOCALS~1\Temp\SSLive.dll]  <TENCENT><4, 1, 1, 17>
    [C:\WINDOWS\cm_dwgthumb.dll]  <N/A><N/A>
gototop
 
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 15:16 | 只看楼主 短消息 资料
字号: 6楼

PID: 1340][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
    [c:\program files\rising\rfw\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[PID: 1464][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1544][C:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1700][c:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 51>
    [c:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [c:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [c:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\WINDOWS\Downloaded Program Files\Rhoof.dll]  <Tencent><4, 1, 1, 17>
[PID: 472][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 816][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2740][C:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\WINDOWS\Downloaded Program Files\Rhoof.dll]  <Tencent><4, 1, 1, 17>
[PID: 2752][C:\Program Files\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 28>
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\WINDOWS\Downloaded Program Files\Rhoof.dll]  <Tencent><4, 1, 1, 17>
[PID: 2796][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\Downloaded Program Files\Rhoof.dll]  <Tencent><4, 1, 1, 17>
[PID: 5988][E:\Tencent\TTraveler.exe]  <腾讯公司><3.0.0.250>
    [C:\WINDOWS\Downloaded Program Files\Rhoof.dll]  <Tencent><4, 1, 1, 17>
    [E:\Tencent\Plugins\TWeather\TWeather.dll]  <><1, 0, 0, 3>
    [E:\Tencent\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2288][G:\杀毒软件和工具\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\Downloaded Program Files\Rhoof.dll]  <Tencent><4, 1, 1, 17>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
魔法学徒
头像
卡卡技术团队
  • 帖子:11465
  • 注册: 2004-10-03
  • 来自:
发表于: 2006-07-01 20:30 | 短消息 资料
字号: 7楼

修复所有R3、02项,删除对应文件
gototop
 
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 21:31 | 只看楼主 短消息 资料
字号: 8楼

修复了R3和02项,也删除了它们,但黄伞还在呀?

02搜搜那项怎么删也还在
gototop
 
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 21:32 | 只看楼主 短消息 资料
字号: 9楼

这是修复后的log

HijackThis_815汉化版扫描日志 V1.99.1
保存于      21:16:01, 日期 2006-7-1
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
G:\杀毒软件和工具\HijackThis1991zww.exe

O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - IE工具栏增项: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - E:\BitComet\BitCometBar\BitCometBar0.3.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = E:\Tencent\QQ\QQ.exe
O8 - IE右键菜单中的新增项目:  >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Tencent\QQ\SendMMS.htm
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll (file missing)
O9 - 浏览器额外的按钮: 中国建投证券交易客户端 - {902E3F13-F3C2-11D3-B8AD-00062950CE21} - E:\jcb_ztzq\NfTradeClient.exe
O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: 易趣购物 - {DE607144-AC19-424e-865A-5D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE607144-AC19-424e-865A-5D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - NT 服务: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
gototop
 
我不知
头像
初生襁褓狮
  • 帖子:162
  • 注册: 2004-06-09
  • 来自:
发表于: 2006-07-01 21:34 | 只看楼主 短消息 资料
字号: 10楼

2006-07-01,21:17:12

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [Tencent]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{1A1DF444-452F-43AC-9758-279CC8F099A8}><>  []
    <{FD5755A9-8F36-4341-9EA4-E868BA6E2922}><>  []
    <{6D6F2FC1-68A5-44C8-8EBE-44C9755A326F}><>  []
    <{87FA2C39-F267-47BF-A59E-682911AE6A65}><>  []
    <{7CC0BFB0-6670-48A6-A491-F04C05181C65}><>  []
    <{BDCA2628-99F9-4601-BF4A-A64444D18745}><>  []
    <{6E5969C4-FC00-4D8D-BDCD-214647387BB1}><>  []
    <{6EFFB556-65A9-4B6A-B01F-9335A45DD5A0}><>  []
    <{CA8AE918-0921-419B-9D9A-BA797802086E}><>  []
    <{487C8E35-A5F0-490D-8927-613182D84828}><>  []
    <{28052F3B-1C66-4AAD-AEE4-F32350176D13}><>  []
    <{327DD4E9-63EB-4C1C-BB46-E1B74B3D4282}><>  []
    <{CF523F1B-5F97-40E9-9F7F-BBEE015E0AED}><>  []
    <{C7371440-08F0-4E67-A9F7-233705956630}><>  []
    <{14729138-1AA7-4C81-BD1C-D89FA076A026}><>  []
    <{1AE3B6F5-51C7-49B7-99B1-A792D9AFDC0B}><>  []
    <{F54D4BB2-DF39-45BD-8F4E-2D614AEE12CD}><>  []
    <{4FF4FC40-6FA1-4998-A8AF-23A26E22DBBA}><>  []
    <{FDAAA3F6-F9C9-453F-A9FA-B8B3E846AE0C}><>  []
    <{864D535F-54CB-409A-954B-5D7FDB38857A}><>  []
    <{8D85CFF9-8E65-4CA4-ADDD-42B6903BAFA8}><>  []
    <{2ED93676-003A-43AA-B53A-E27D5AF5418A}><>  []
    <{2150E8DA-C95C-4535-B68C-74769FD51342}><>  []
    <{0F82D1D7-0FA8-4D59-98B6-F7EE79901EBD}><>  []
    <{D20CF654-6780-4634-9849-4EB6666426E2}><>  []
    <{A9C8FC0C-98F6-4274-A8DC-528FE887B1F4}><>  []
    <{6FBC0934-25D3-4871-9C2B-677B7A196CC3}><>  []
    <{5BCAED2D-7FED-4E9F-945B-9AB623DA2F3B}><>  []
    <{AA260C4B-FE49-4684-8C0D-8D19A40B4BBF}><>  []
    <{81C3042E-745E-44B2-AAF6-50A88DA80922}><>  []
    <{91F43E7E-F9DF-4784-97DE-4648A8553B16}><>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [ATI Technologies Inc.]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\pan\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\Mmsass~1.dll, N/A>
[中国建投证券交易客户端]
  {902E3F13-F3C2-11D3-B8AD-00062950CE21} <E:\jcb_ztzq\NfTradeClient.exe, 中投证券>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Tencent\QQ\QQ.EXE, TENCENT>
[易趣购物]
  {DE607144-AC19-424e-865A-5D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\Tencent\QQ\QQIEHelper.dll, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll, >
[BitCometBar]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <E:\BitComet\BitCometBar\BitCometBar0.3.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[BitCometBar]
  {3F1ABCDB-A875-46C1-8345-B72A4567E486} <E:\BitComet\BitCometBar\BitCometBar0.3.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[  >> 彩信发送 <<]
  <res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm, N/A>
[上传到QQ网络硬盘]
  <E:\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Tencent\QQ\SendMMS.htm, N/A>
gototop
 
<<上一主题|下一主题>>
123   1  /  3  页   跳转
页面顶部
Powered by Discuz!NT