瑞星卡卡安全论坛在线技术支持在线技术支持[已关闭] 这回问题严重了,帮帮我啊~~~~

1   1  /  1  页   跳转

这回问题严重了,帮帮我啊~~~~

收藏
风声007
头像
初生襁褓狮
  • 帖子:32
  • 注册: 2007-04-07
  • 来自:
发表于: 2007-06-29 01:32 | 显示全部 短消息 资料
字号: 1楼

这回问题严重了,帮帮我啊~~~~

我用瑞星杀不掉,安全模式下也杀不掉,请高手指点




!R@y?T4€öbbs.ikaka.comÚ_bÊk)èS¼v

附件附件:

您所在的用户组无法下载或查看附件

最后编辑2007-06-29 04:16:15.873000000
分享到:
gototop
 
风声007
头像
初生襁褓狮
  • 帖子:32
  • 注册: 2007-04-07
  • 来自:
发表于: 2007-06-29 01:33 | 显示全部 短消息 资料
字号: 2楼


2007-06-29,00:11:41

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <RemoteCenter><C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE>  [Creative Technology Ltd]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <jiajiasr><C:\Program Files\jj4\jiajiasr.exe>  [加加工作组]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <CTSysVol><C:\Program Files\Creative\SBLive\Surround Mixer\CTSysVol.exe /r>  [Creative Technology Ltd]
    <SBDrvDet><C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r>  [Creative Technology Ltd]
    <UpdReg><C:\WINDOWS\UpdReg.EXE>  [Creative Technology Ltd.]
    <AsioReg><REGSVR32.EXE /S CTASIO.DLL;ctaud2k.sys>  [(Verified)Microsoft Windows Publisher]
    <WINDVDPatch><CTHELPER.EXE>  [Creative Technology Ltd]
    <RfwMain><"D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <runeip><C:\Program Files\Rising\KakaToolBar\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <StormCodec_Helper><"D:\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[Video Capture 10]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Video Capture 10.lnk --> C:\PROGRA~1\COMMON~1\VIDEOC~1.EXE [Copyright? Microsoft Corporation 1994-2002.  All rights reserved.]><N>

==================================
服务
[180E5B52 / 180E5B52][Stopped/Auto Start]
  <C:\WINDOWS\system32\DB23C22B.EXE -g><Microsoft Corporation>
[7462892B / 7462892B][Stopped/Auto Start]
  <C:\WINDOWS\system32\EF9C6FEB.EXE -7462892B><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[B5618032 / B5618032][Stopped/Auto Start]
  <C:\WINDOWS\system32\D97C4E3A.EXE -k><Microsoft Corporation>
[CPUCooLServer Service / CPUCooLServer][Running/Auto Start]
  <"C:\Program Files\CPUCooL\CooLSrv.exe"><N/A>
[Creative Service for CDROM Access / Creative Service for CDROM Access][Running/Auto Start]
  <C:\WINDOWS\system32\CTsvcCDA.exe><Creative Technology Ltd>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Messsager / Messsager][Running/Auto Start]
  <c:\Recyclers\svchost.exe><N/A>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"D:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[WMDM PMSP Service / WMDM PMSP Service][Running/Auto Start]
  <C:\WINDOWS\system32\MsPMSPSv.exe><Microsoft Corporation>

==================================
驱动程序
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cfgbkenk / cfgbkenk][Running/Boot Start]
  <\SystemRoot\system32\drivers\cfgbkenk.sys><N/A>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[cnprov / cnprov][Running/Boot Start]
  <\SystemRoot\system32\drivers\cnprov.sys><中国互联网络信息中心(CNNIC)>
[Creative AC3 Software Decoder / ctac32k][Running/Manual Start]
  <System32\drivers\ctac32k.sys><Creative Technology Ltd>
[Creative Audio Driver (WDM) / ctaud2k][Running/Manual Start]
  <system32\drivers\ctaud2k.sys><Creative Technology Ltd>
[Creative SBLive! Gameport / ctljystk][Stopped/Manual Start]
  <system32\DRIVERS\ctljystk.sys><Creative Technology Ltd.>
[Creative Proxy Driver / ctprxy2k][Running/Manual Start]
  <System32\drivers\ctprxy2k.sys><Creative Technology Ltd>
[Creative SoundFont Management Device Driver / ctsfm2k][Running/Manual Start]
  <System32\drivers\ctsfm2k.sys><Creative Technology Ltd>
[E-mu Plug-in Architecture Driver / emupia][Running/Manual Start]
  <System32\drivers\emupia2k.sys><Creative Technology Ltd>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\D:\Program Files\Rising\Rav\ExpScan.sys><>
[D-Link DFE-530TX PCI Fast Ethernet Adapter Driver / FETNDIS][Running/Manual Start]
  <system32\DRIVERS\dlkfet5b.sys><VIA Technologies, Inc.>
[Creative Hardware Abstract Layer Driver / ha10kx2k][Running/Manual Start]
  <system32\drivers\ha10kx2k.sys><Creative Technology Ltd>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\HookApi.Sys><瑞星软件有限公司>
[HookCont / HookCont][Running/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\D:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[idnaux / idnaux][Running/Auto Start]
  <system32\drivers\idnaux.sys><中国互联网络信息中心(CNNIC)>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\d:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\软\qq\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Creative OS Services Driver / ossrv][Running/Manual Start]
  <system32\drivers\ctoss2k.sys><Creative Technology Ltd.>
[PfModNT / PfModNT][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\PfModNT.sys><Creative Technology Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\D:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[VideoCapPCI10 / VideoCapPCI10][Running/Disabled]
  <2 - 系统找不到指定的文件。
><N/A>
[VideoCapUSB10 / VideoCapUSB10][Stopped/]
  <2 - 系统找不到指定的文件。
><N/A>!R@y?T4€öbbs.ikaka.comÚ_bÊk)èS¼v
gototop
 
风声007
头像
初生襁褓狮
  • 帖子:32
  • 注册: 2007-04-07
  • 来自:
发表于: 2007-06-29 01:33 | 显示全部 短消息 资料
字号: 3楼


==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush.dll, >
[腾讯QQ]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\WINDOWS\QQIEHelper.dll, N/A>
[IEAux Class]
  {7605CC7C-00FD-4A5F-BAFD-828342DE6279} <C:\PROGRA~1\OCINS\ieaux.dll, 中国互联网络信息中心(CNNIC)>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\软\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\软\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[中文上网]
  {B012491E-8FA4-4851-AA9B-22E33784FBAD} <C:\Program Files\OCINS\config.exe, 中国互联网络信息中心(CNNIC)>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush.dll, >
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[腾讯QQ]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\WINDOWS\QQIEHelper.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\软\WangWang\WangWangX4.dll, 阿里软件(中国)有限公司>
[IEAux Class]
  {7605CC7C-00FD-4A5F-BAFD-828342DE6279} <C:\PROGRA~1\OCINS\ieaux.dll, 中国互联网络信息中心(CNNIC)>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\软\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[&使用迅雷下载]
  <D:\软\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\软\迅雷\Program\GetAllUrl.htm, N/A>
[&访问通用网址]
  <C:\Program Files\OCINS\cnrbtn.html, N/A>
[上传到QQ网络硬盘]
  <D:\qq\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <D:\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\qq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 540][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 616][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 656][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4162]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\45547133.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\1DB29410.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 700][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 712][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 876][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4168]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2511]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2520]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 904][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 988][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 1100][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 1736][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\KB9280O3.log]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINDOWS\system32\cfgbkenk.dll]  [Microsoft Corporation, 5.01.2900.2180]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\PROGRA~1\WINDOW~2\wmpband.dll]  [Microsoft Corporation, 10.00.00.3646]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [D:\软\迅雷\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\45547133.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\1DB29410.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 1736][C:\WINDOWS\netdde32.exe]  [N/A, ]
[PID: 1736][C:\WINDOWS\system32\netdde32.exe]  [N/A, ]
[PID: 1916][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 1932][d:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
    [d:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [d:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [d:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [d:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [d:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 320][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3018]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 328][C:\Program Files\Creative\SBLive\Surround Mixer\CTSysVol.exe]  [Creative Technology Ltd, 1.3.8.0]
    [C:\Program Files\Creative\SBLive\Surround Mixer\CTSysVol.crl]  [Creative Technology Ltd, 1.3.5.0]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\Program Files\Creative\Shared Files\CTTheme.dll]  [Creative Technology Ltd, 2.0.9.0]
    [C:\Program Files\Creative\Shared Files\CtrlSrc.dll]  [Creative Technology Ltd, 2.0.9.0]
    [C:\Program Files\Creative\Shared Files\CTIniF.dll]  [Creative Technology Ltd, 1.1.0.0]
    [C:\Program Files\Creative\Shared Files\GDICtrl.skc]  [Creative Technology Ltd, 2.0.9.0]
    [C:\Program Files\Creative\Shared Files\RtxCtrl.skc]  [Creative Technology Ltd, 2.0.9.0]
    [C:\Program Files\Creative\Shared Files\mxlib.dll]  [Creative Technology Ltd., 1.00.0.13]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 408][C:\WINDOWS\system32\CTHELPER.EXE]  [Creative Technology Ltd, 1, 0, 0, 2]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]!R@y?T4€öbbs.ikaka.comÚ_bÊk)èS¼v
gototop
 
风声007
头像
初生襁褓狮
  • 帖子:32
  • 注册: 2007-04-07
  • 来自:
发表于: 2007-06-29 01:34 | 显示全部 短消息 资料
字号: 4楼

[C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 3]
    [C:\WINDOWS\system32\ctspkhlp.dll]  [Creative Technology Ltd, 1, 0, 0, 2]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 432][C:\Program Files\Rising\KakaToolBar\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\KakaToolBar\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 484][C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE]  [Creative Technology Ltd, 2.0.0.3]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\PROGRA~1\Creative\ShareDLL\PFMOD.DLL]  [Creative Technology Ltd., 6.3.11]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\SYSTEM32\CTDEVCON.DLL]  [Creative Technology Ltd, 5.12.01.0244-1.31.0040]
    [C:\WINDOWS\SYSTEM32\ctosuser.dll]  [Creative Technology Ltd, 5.12.01.0244-1.31.0040]
    [C:\WINDOWS\SYSTEM32\PIAPROXY.DLL]  [Creative Technology Ltd, 5.12.01.0244-1.31.0040]
    [C:\WINDOWS\SYSTEM32\CTDPROXY.DLL]  [Creative Technology Ltd, 5.12.01.0244-1.31.0040]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.CRL]  [Creative Technology Ltd, 2.0.0.0]
    [C:\Program Files\Creative\MediaSource\RemoteControl\RCRx\rcks1k.dll]  [Creative Technology Ltd., 1.40.23]
    [C:\Program Files\Creative\MediaSource\RemoteControl\RCRx\iR2000.dll]  [Creative Technology Ltd., 1.30.25]
    [C:\Program Files\Creative\MediaSource\RemoteControl\RCRx\rm-1000.dll]  [Creative Technology Ltd., 1.40.11]
    [C:\Program Files\Creative\MediaSource\RemoteControl\OSDDisp.DLL]  [Creative Technology Ltd, 2.0.0.1]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 520][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 256][C:\Program Files\jj4\jiajiasr.exe]  [加加工作组, 4, 1, 0, 43]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 1616][C:\WINDOWS\system32\40776494.exe]  [N/A, ]
    [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\46FBE524.DLL]  [Microsoft Corporation, ]
[PID: 3180][D:\软\MYIE2\MyIE.exe]  [MY Soft Technology, 0, 9, 26, 30]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [D:\软\MYIE2\Plugin\ViewSource\ViewSrc.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [D:\软\MYIE2\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 2, 8, 1, 0]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 2, 8, 1, 0]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2532][D:\软\迅雷\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.3.0.220]
    [D:\软\迅雷\Program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
    [D:\软\迅雷\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 71]
    [D:\软\迅雷\Program\log4cplus.dll]  [, 1, 0, 2, 1]
    [D:\软\迅雷\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [D:\软\迅雷\Program\asyn_dns.dll]  [N/A, ]
    [D:\软\迅雷\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
    [D:\软\迅雷\Program\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [D:\软\迅雷\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 1, 0, 18]
    [D:\软\迅雷\Program\FloatBar.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [D:\软\迅雷\Components\InMedia\iEmbedShell.dll]  [ , 1, 0, 0, 11]
    [D:\软\迅雷\Components\InMedia\iEmbed04.dll]  [ , 2, 3, 0, 37]
    [D:\软\迅雷\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 8]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [D:\软\迅雷\Program\iTargetAd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 55]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\PROGRA~1\OCINS\srchsp.dll]  [中国互联网络信息中心(CNNIC), 2, 6, 0, 0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 3500][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3132][C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX02.594\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\system32\lihmdjad.dll]  [Microsoft Corporation, 5, 2, 2265, 3211]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[D:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[E:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
隐藏进程
    [600] C:\Program Files\Common Files\VideoCap10.exe
    [2980] C:\Program Files\Internet Explorer\IEXPLORE.EXE
!R@y?T4€öbbs.ikaka.comÚ_bÊk)èS¼v
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT