瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】这个病毒怎样才能彻底删除啊?Trojan.Clicker.Agent.acd

123   1  /  3  页   跳转

【求助】这个病毒怎样才能彻底删除啊?Trojan.Clicker.Agent.acd

收藏
luna903
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2006-06-24
  • 来自:
发表于: 2006-07-12 23:57 | 只看楼主 短消息 资料
字号: 1楼

【求助】这个病毒怎样才能彻底删除啊?Trojan.Clicker.Agent.acd

今天用瑞星杀毒,一下子杀出四个病毒来:Dropper.Mudrop.bv  Trojan.Spy.KeySpy.ad
Trojan.Spy.Keylogger.vf  Trojan.Clicker.Agent.acd 病毒来源是本机。前三个都删除成功,可最后一个要重启后删除。还以为不用管了,谁知道机子变得无比的慢。瑞星提示病毒文件:
Rundll32.dll 可我怎么也找不到,只有Rundll32.exe 也删除不了。
想请问大虾们,我该怎么办啊?
还有,这种本机的病毒是哪儿来的阿?
最后编辑2006-07-15 01:28:17.343000000
分享到:
gototop
 
yanmings
头像
锋芒艾服狮
  • 帖子:1698
  • 注册: 2005-01-10
  • 来自:
发表于: 2006-07-13 00:06 | 短消息 资料
字号: 2楼

http://forum.ikaka.com/topic.asp?board=28&artid=8105899
下载HijackThis...把日志帖上来
gototop
 
我无邪
头像
高贵耄耋狮
  • 帖子:20720
  • 注册: 2004-06-10
  • 来自:广西玉林
发表于: 2006-07-13 00:06 | 短消息 资料
字号: 3楼

请下载 System Repair Engineer,使用“智能扫描”,按下“扫描”按钮进行扫描,扫描完成后按下“保存报告”按钮保存报告日志文件(SREng.LOG),把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完,分次粘完,请不要修改。
gototop
 
luna903
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2006-06-24
  • 来自:
发表于: 2006-07-13 08:15 | 只看楼主 短消息 资料
字号: 4楼

以下是我用System Repair Engineer扫描后的日志,等待指点了!

2006-07-13,07:57:27

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <MINI_BFYY><C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe>  [深圳市三代科技开发有限公司]
    <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [ ]
    <CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  [北京三七二一科技有限公司]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [Yahoo!]
    <helper.dll><C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <Adobe Photo Downloader><"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe">  []
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
    <ThunderMini><C:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe>  []
    <bgoomain.exe><C:\PROGRA~1\baigoo\bgoomain.exe>  [BGoo]
    <ourech6><C:\WINDOWS\System\svchost.exe>  [MicroSoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <stdup><C:\WINDOWS\SYSTEM32\stdup.dll>  [MStdup Co Ltd.]
    <Vision><C:\PROGRA~1\MMSASS~1\Mmsass~1.dll>  []

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk><N>

==================================
服务
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SmartLinkService / SLService]
  <slserv.exe><>
[StdService / StdService]
  <C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\STDSVER.DLL,Service><N/A>
[winaua / winaua]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[]
  {00014B58-338A-45F2-81E2-6A86F27399B7} <C:\PROGRA~1\INTERN~1\PLUGINS\BOBOHE~1.DLL, Microsoft Corporation>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v4.dll, >
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\应用程序\Adobe Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[Deliverer Class]
  {3E290290-1728-4C1E-863A-AA12526333F6} <C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\ADDeliverer.dll, N/A>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[MMSAssist BHO]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\Mmsass~1.dll, >
[std software]
  {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} <C:\WINDOWS\SYSTEM32\stdup.dll, MStdup Co Ltd.>
[CpapView Class]
  {77962960-536E-47EC-9DDB-52651519705F} <C:\WINDOWS\system32\Rundll32.dll, N/A>
[Status Class]
  {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} <C:\Program Files\baigoo\BGooBHO.dll, >
[ThunderMini Browser Helper]
  {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} <C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll, Thunder Networking Technologies,LTD>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[internet explorer helper]
  {F7911E65-B01C-4A58-AEC7-53085ECA70A5} <C:\WINDOWS\system32\mshlink.dll, >
[Yahoo 1G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[寻宝乐趣多]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[联想]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\Mmsass~1.dll, >
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[易趣购物]
  {EE60714F-AC17-427e-861A-FD60CBDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=160, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[]
  {00014B58-338A-45F2-81E2-6A86F27399B7} <C:\PROGRA~1\INTERN~1\PLUGINS\BOBOHE~1.DLL, Microsoft Corporation>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v4.dll, >
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\应用程序\Adobe Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[EWA Control]
  {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\COMMON~1\Synacast\SynaLive\SYNACA~1.OCX, Synacast>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[Deliverer Class]
  {3E290290-1728-4C1E-863A-AA12526333F6} <C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\ADDeliverer.dll, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll, >
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
gototop
 
luna903
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2006-06-24
  • 来自:
发表于: 2006-07-13 08:17 | 只看楼主 短消息 资料
字号: 5楼

[MMSAssist BHO]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\Mmsass~1.dll, >
[std software]
  {6A512BF7-EC78-4E8D-9841-6C02E8FA9838} <C:\WINDOWS\SYSTEM32\stdup.dll, MStdup Co Ltd.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CpapView Class]
  {77962960-536E-47EC-9DDB-52651519705F} <C:\WINDOWS\system32\Rundll32.dll, N/A>
[Status Class]
  {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} <C:\Program Files\baigoo\BGooBHO.dll, >
[AutoLive]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[ThunderMini Browser Helper]
  {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} <C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll, Thunder Networking Technologies,LTD>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[photo_uploader Control]
  {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} <C:\应用程序\网易图~1\PHOTO_~1\PHOTO_~1.OCX, N/A>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[金山超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\应τ用贸程绦序騖\powerword\BaiduBar.dll, N/A>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Windows Live Sign-in Control]
  {D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[internet explorer helper]
  {F7911E65-B01C-4A58-AEC7-53085ECA70A5} <C:\WINDOWS\system32\mshlink.dll, >
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo!>
[&使用暴风下载器下载]
  <C:\Program Files\Ringz Studio\Storm Downloader\geturl.htm, N/A>
[&使用迷你迅雷下载]
  <C:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm, N/A>
[>>彩信发送<<]
  <res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[添加到雅虎订阅(&Y)]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\qq\SendMMS.htm, N/A>
[百度-搜索MP3]
  <res://C:\应τ用贸程绦序騖\powerword\BaiduBar.dll/BAIDUMP3.HTM, N/A>
[百度-搜索图片]
  <res://C:\应τ用贸程绦序騖\powerword\BaiduBar.dll/BAIDUIMG.HTM, N/A>
[百度-搜索新闻]
  <res://C:\应τ用贸程绦序騖\powerword\BaiduBar.dll/BAIDUNEWS.HTM, N/A>
[百度-搜索歌词]
  <res://C:\应τ用贸程绦序騖\powerword\BaiduBar.dll/BAIDULYRIC.HTM, N/A>
[百度-搜索网页]
  <res://C:\应τ用贸程绦序騖\powerword\BaiduBar.dll/BAIDUSEARCH.HTM, N/A>
[百度-搜索贴吧]
  <res://C:\应τ用贸程绦序騖\powerword\BaiduBar.dll/BAIDUPOST.HTM, N/A>
[百度-词典搜索]
  <res://C:\应τ用贸程绦序騖\powerword\BaiduBar.dll/BAIDU_DIC.HTM, N/A>
[精彩图铃]
  <C:\Program Files\AD4All\link2\phone.htm, N/A>
[雅虎搜索]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>

==================================
正在运行的进程
[PID: 632][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 696][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 720][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 764][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 776][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 932][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1008][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1096][C:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 1116][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1152][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1256][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1308][C:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 29>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  <Rising><18, 1, 0, 9>
    [C:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [C:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
    [C:\Program Files\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
    [C:\Program Files\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\RsStore.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1380][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1820][C:\WINDOWS\system32\Rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  <北京三七二一科技有限公司><1, 0, 3, 6>
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMinEx.dll]  <国风因特软件(北京)有限公司><1, 0, 3, 1>
[PID: 1912][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1996][C:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 344][c:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 51>
    [c:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [c:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [c:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
gototop
 
luna903
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2006-06-24
  • 来自:
发表于: 2006-07-13 08:20 | 只看楼主 短消息 资料
字号: 6楼

[PID: 456][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.4489>
[PID: 488][C:\WINDOWS\system32\slserv.exe]  < ><2.80.00(24Apr2000)>
[PID: 508][C:\WINDOWS\system32\rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\STDSVER.DLL]  <MStdup Co Ltd.><3, 2, 1, 6>
[PID: 624][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1716][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 272][C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe]  <深圳市三代科技开发有限公司><1, 1, 0, 4>
    [C:\Program Files\Ringz Studio\Storm Downloader\boost_thread-vc6-mt-1_31.dll]  <N/A><N/A>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
[PID: 1044][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]  < ><2, 0, 0, 1002>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 0, 5, 1031>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 1, 1007>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll]  <><1, 0, 0, 5>
[PID: 1092][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5.1.0.24>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
[PID: 1144][C:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
[PID: 1280][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]  <Yahoo!><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll]  <Yahoo><1, 0, 1, 1006>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll]  <Yahoo><1, 0, 2, 1002>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll]  <Yahoo><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll]  <Yahoo><1, 0, 0, 2>
[PID: 2068][C:\WINDOWS\system32\rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 1, 5, 1324>
    [C:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
[PID: 2092][C:\Program Files\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 30>
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
[PID: 2124][C:\PROGRA~1\baigoo\bgoomain.exe]  <BGoo><1, 0, 0, 1006>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\baigoo\bgooex.dll]  <><1, 0, 0, 1007>
[PID: 2152][C:\WINDOWS\System\svchost.exe]  <MicroSoft Corporation><5. 0. 3700. 6690>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
[PID: 2196][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
[PID: 2308][C:\Program Files\Thunder Network\ThunderMini\program\ThunderMini.exe]  <Thunder Networking Technologies,LTD><2, 0, 1, 30>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\Program Files\Thunder Network\ThunderMini\program\download_interface.dll]  <N/A><N/A>
    [C:\Program Files\Thunder Network\ThunderMini\program\UpdateDownload.dll]  <Thunder Networking Technologies,LTD><1, 0, 1, 6>
    [C:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbedShell.dll]  < ><1, 0, 0, 6>
    [C:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbed.dll]  < ><2, 1, 0, 30>
[PID: 3740][C:\Program Files\Rising\Rav\Rav.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 75>
    [C:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RavUI.Dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 60>
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [C:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RavUIMsg.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\Program Files\Rising\Rav\RavQu.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
[PID: 3808][C:\Program Files\Rising\Rav\RsAgent.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 3828][C:\WINDOWS\msagent\AgentSvr.exe]  <Microsoft Corporation><2.00.0.3422>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
gototop
 
luna903
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2006-06-24
  • 来自:
发表于: 2006-07-13 08:22 | 只看楼主 短消息 资料
字号: 7楼

[C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
[PID: 584][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\3721\scrblock.dll]  <3721><1, 0, 1, 1000>
    [C:\PROGRA~1\3721\alrex.dll]  <><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  <Yahoo><1, 0, 2, 1002>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\WINDOWS\DOWNLO~1\CnsHint.dll]  <3721><1, 0, 0, 7>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 1, 5, 1324>
    [C:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 0, 5, 1031>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 1, 1007>
    [C:\WINDOWS\DOWNLO~1\cnsplus.dll]  <3721><1, 0, 0, 2>
    [C:\WINDOWS\system32\xunleibho_v4.dll]  <><4, 3, 2, 29>
    [C:\应用程序\Adobe Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.7.2006011200>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  <Yahoo! China><1, 1, 3, 1035>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll]  <Yahoo.><1, 0, 2, 1002>
    [C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\ADDeliverer.dll]  <N/A><0, 9, 9, 3>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  <Yahoo!><2, 1, 8, 1048>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  <><1, 2, 7, 1006>
    [C:\PROGRA~1\MMSASS~1\Mmsass~1.dll]  <><1, 2, 0, 3>
    [C:\WINDOWS\SYSTEM32\stdup.dll]  <MStdup Co Ltd.><3, 2, 1, 6>
    [C:\Program Files\baigoo\BGooBHO.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll]  <Thunder Networking Technologies,LTD><2, 0, 0, 2>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\WINDOWS\system32\mshlink.dll]  <><1, 0, 0, 1>
    [C:\PROGRA~1\baigoo\bgook.dll]  <BAIGOO.COM><1, 0, 0, 1007>
    [C:\PROGRA~1\baigoo\plugin\bgoobar\bgoobar.dll]  <BAIGOO><1, 0, 0, 1007>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
gototop
 
luna903
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2006-06-24
  • 来自:
发表于: 2006-07-13 08:22 | 只看楼主 短消息 资料
字号: 8楼

[PID: 1460][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\3721\scrblock.dll]  <3721><1, 0, 1, 1000>
    [C:\PROGRA~1\3721\alrex.dll]  <><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  <Yahoo><1, 0, 2, 1002>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\WINDOWS\DOWNLO~1\CnsHint.dll]  <3721><1, 0, 0, 7>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 1, 5, 1324>
    [C:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 0, 5, 1031>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 1, 1007>
    [C:\WINDOWS\DOWNLO~1\cnsplus.dll]  <3721><1, 0, 0, 2>
    [C:\WINDOWS\system32\xunleibho_v4.dll]  <><4, 3, 2, 29>
    [C:\应用程序\Adobe Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.7.2006011200>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  <Yahoo! China><1, 1, 3, 1035>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll]  <Yahoo.><1, 0, 2, 1002>
    [C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\ADDeliverer.dll]  <N/A><0, 9, 9, 3>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  <Yahoo!><2, 1, 8, 1048>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  <><1, 2, 7, 1006>
    [C:\PROGRA~1\MMSASS~1\Mmsass~1.dll]  <><1, 2, 0, 3>
    [C:\WINDOWS\SYSTEM32\stdup.dll]  <MStdup Co Ltd.><3, 2, 1, 6>
    [C:\Program Files\baigoo\BGooBHO.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll]  <Thunder Networking Technologies,LTD><2, 0, 0, 2>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\WINDOWS\system32\mshlink.dll]  <><1, 0, 0, 1>
    [C:\PROGRA~1\baigoo\bgook.dll]  <BAIGOO.COM><1, 0, 0, 1007>
    [C:\PROGRA~1\baigoo\plugin\bgoobar\bgoobar.dll]  <BAIGOO><1, 0, 0, 1007>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  <北京三七二一科技有限公司><1, 0, 3, 6>
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 1204][C:\DOCUME~1\Owner\LOCALS~1\Temp\aub1\aub1.exe]  <N/A><N/A>
[PID: 1080][C:\WINDOWS\system32\notepad.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
[PID: 3652][C:\WINDOWS\explorer.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\3721\alrex.dll]  <><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\WINDOWS\SYSTEM32\stdup.dll]  <MStdup Co Ltd.><3, 2, 1, 6>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 0, 5, 1031>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 1, 5, 1324>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 1, 1007>
    [C:\WINDOWS\system32\xunleibho_v4.dll]  <><4, 3, 2, 29>
    [C:\应用程序\Adobe Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.7.2006011200>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  <Yahoo! China><1, 1, 3, 1035>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  <Yahoo!><2, 1, 8, 1048>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  <><1, 2, 7, 1006>
    [C:\PROGRA~1\MMSASS~1\Mmsass~1.dll]  <><1, 2, 0, 3>
    [C:\Program Files\baigoo\BGooBHO.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll]  <Thunder Networking Technologies,LTD><2, 0, 0, 2>
    [C:\WINDOWS\system32\mshlink.dll]  <><1, 0, 0, 1>
    [C:\应用程序\Adobe Reader\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll]  <N/A><1, 0, 1, 1014>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 2940][C:\Program Files\Rising\Rav\RsLogVw.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [C:\Program Files\Rising\Rav\RsCommx.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\rsguilib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [C:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[PID: 328][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\3721\scrblock.dll]  <3721><1, 0, 1, 1000>
    [C:\PROGRA~1\3721\alrex.dll]  <><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  <Yahoo><1, 0, 2, 1002>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>
    [C:\WINDOWS\DOWNLO~1\CnsHint.dll]  <3721><1, 0, 0, 7>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 1, 5, 1324>
    [C:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 0, 5, 1031>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 1, 1007>
    [C:\WINDOWS\DOWNLO~1\cnsplus.dll]  <3721><1, 0, 0, 2>
    [C:\WINDOWS\system32\xunleibho_v4.dll]  <><4, 3, 2, 29>
    [C:\应用程序\Adobe Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.7.2006011200>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  <Yahoo! China><1, 1, 3, 1035>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll]  <Yahoo.><1, 0, 2, 1002>
    [C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\ADDeliverer.dll]  <N/A><0, 9, 9, 3>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  <Yahoo!><2, 1, 8, 1048>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  <><1, 2, 7, 1006>
    [C:\PROGRA~1\MMSASS~1\Mmsass~1.dll]  <><1, 2, 0, 3>
    [C:\WINDOWS\SYSTEM32\stdup.dll]  <MStdup Co Ltd.><3, 2, 1, 6>
    [C:\Program Files\baigoo\BGooBHO.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll]  <Thunder Networking Technologies,LTD><2, 0, 0, 2>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\WINDOWS\system32\mshlink.dll]  <><1, 0, 0, 1>
    [C:\PROGRA~1\baigoo\bgook.dll]  <BAIGOO.COM><1, 0, 0, 1007>
    [C:\PROGRA~1\baigoo\plugin\bgoobar\bgoobar.dll]  <BAIGOO><1, 0, 0, 1007>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  <北京三七二一科技有限公司><1, 0, 3, 6>
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\Program Files\Thunder Network\ThunderMini\ComDlls\ThunderMiniAgent_002.dll]  <Thunder Networking Technologies,LTD><2, 0, 0, 2>
[PID: 168][C:\应用程序\hi\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\PROGRA~1\baigoo\bgoohk.dll]  < ><1, 0, 0, 1007>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 9, 1324>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 1, 1018>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 3>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
luna903
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2006-06-24
  • 来自:
发表于: 2006-07-13 08:28 | 只看楼主 短消息 资料
字号: 9楼

早上我的文件监控又给我杀了好几个病毒
Trojan.DL.Adload.io 其中又有要重启后删除的,怎么回事啊...

对了,我电脑现在的状态是,一打开IE,CPU使用率就变100%,然后运行瑞星杀毒还什么都查不出来,郁闷~
gototop
 
luna903
头像
初生襁褓狮
  • 帖子:61
  • 注册: 2006-06-24
  • 来自:
发表于: 2006-07-13 08:51 | 只看楼主 短消息 资料
字号: 10楼

似乎多了点儿~~真是麻烦你们了...
下面使用Hijackthis扫描的,这个似乎还少一些,呵呵~
HijackThis_815汉化版扫描日志 V1.99.1
保存于      8:34:04, 日期 2006-7-13
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\PROGRA~1\baigoo\bgoomain.exe
C:\WINDOWS\System\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Thunder Network\ThunderMini\program\ThunderMini.exe
C:\Program Files\Rising\Rav\Rav.exe
C:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Owner\LOCALS~1\Temp\aub1\aub1.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Rising\Rav\RsLogVw.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\应用程序\迅雷\Program\Thunder5.exe
C:\应用程序\Hijackthis1991\HijackThis1991zww.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: (no name) - {00014B58-338A-45F2-81E2-6A86F27399B7} - C:\PROGRA~1\INTERN~1\PLUGINS\BOBOHE~1.DLL
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v4.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\应用程序\Adobe Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll
O2 - BHO: Deliverer Class - {3E290290-1728-4C1E-863A-AA12526333F6} - C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\ADDeliverer.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: CpapView Class - {77962960-536E-47EC-9DDB-52651519705F} - C:\WINDOWS\system32\Rundll32.dll (file missing)
O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\Program Files\baigoo\BGooBHO.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\应用程序\迅雷\ComDlls\XunLeiBHO_002.dll
O2 - BHO: ThunderMiniBHO - {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} - C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\CnsHook.dll
O2 - BHO: internet explorer helper - {F7911E65-B01C-4A58-AEC7-53085ECA70A5} - C:\WINDOWS\system32\mshlink.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [MINI_BFYY] C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - 启动项HKLM\\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [ThunderMini] C:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe
O4 - 启动项HKLM\\Run: [bgoomain.exe] C:\PROGRA~1\baigoo\bgoomain.exe
O4 - 启动项HKLM\\Run: [ourech6] C:\WINDOWS\System\svchost.exe
O4 - 启动项HKLM\\Run: [Thunder] "C:\应用程序\迅雷\Thunder.exe" /s
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
gototop
 
<<上一主题|下一主题>>
123   1  /  3  页   跳转
页面顶部
Powered by Discuz!NT