［求助］瑞星无法运行（附日志） - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛［求助］瑞星无法运行（附日志）

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

［求助］瑞星无法运行（附日志）

rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	发表于： 2008-05-05 12:12 \| 显示全部短消息资料字号：小中大 1楼［求助］瑞星无法运行（附日志）朋友的电脑，我只知道问题挺严重，但是我没办法解决，请各位大虾帮忙看下，谢谢！ [CODE] 2008-05-05,11:55:23 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] <run><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Publisher] <igfxpers><; C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [N/A] <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [N/A] <SoundMan><; SOUNDMAN.EXE> [Realtek Semiconductor Corp.] <wallxxx><; c:\windows\system32\壁纸自动换.exe> [] <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED] <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and Technology Corporation Limited] <QuickTime Task><"D:\cwb\qttask.exe" -atboottime> [Apple Inc.] <powerword 2007><"E:\Program Files\Powerword 2007\xdict.exe" -s -nosplash> [Kingsoft Co, Ltd.] <SunJavaUpdateSched><C:\Program Files\Java\j2re1.4.2_08\bin\jusched.exe> [] <TBMonEx><C:\WINDOWS\Fonts\syn00-E0-4D-A6-C5-98\system\smss.exe> [] <anistio><C:\WINDOWS\anistio.exE> [] <fiosectc><C:\WINDOWS\fiosectc.exe> [] <igzwzslm><C:\WINDOWS\gwsmhxuq.exe> [] <dbhlp32><C:\WINDOWS\dbhlp32.exe> [] <fmsjhif><C:\WINDOWS\fmsjhif.exe> [] <ticisms><C:\WINDOWS\ticisms.exe> [] <bincdwsa><C:\WINDOWS\bincdwsa.exe> [] <WINSvr64><C:\WINDOWS\WINSvr64.exe> [] <yuiabct><C:\WINDOWS\yuiabct.exe> [] <huifitc><C:\WINDOWS\huifitc.exe> [] <fmbiost><C:\WINDOWS\fmbiost.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <Super Rabbit SRCK><"E:\Program Files\Super Rabbit\MagicSet\srck.exe" /autokill:335,310> [Super Rabbit Soft] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] <DXDLG32><DXDLG.exe> [] <MSDCG32 ><LYLeador.exe> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><ghynjr.dll,dgxsrr.dll,dfhtrhy.dll,ghjkdr.dll,sefawe.dll,frntrn.dll,qrhhb.dll,drghszd.dll,fngn.dll,gjjte.dll,xgnfn.dll,xfgnhcgfm.dll,serger.dll,bnxnb.dll,fxgnfx.dll,jzijj.dll,xfgnfx.dll,serghjm.dll,thsddh.dll,xbcvxb.dll,zfdzb.dll,xdndn.dll,xdfntt.dll,hgfhk.dll,dnteh.dll,xfng.dll,njritc.dll,chmfcmh.dll,jwlah.dll,gmnait.dll,hfjg.dll,thurh.dll,mgmgmm.dll,oqrthc.dll,dgxsrr.dll,jyjlt.dll,ijatnaw.dll,sehhter.dll,fhjfg.dll,zdbdb.dll,ydgn.dll,dbfb.dll,fjnbv.dll,ghjdtry.dll,setrhes.dll,cdxbfxdb.dll,xfgnxfn.dll,gjkhj.dll,xdhdg.dll,rhs.dll,mrjhtjd.dll,zdbfbd.dll,fjyjy.dll,fxnfnh.dll,bjrvm.dll,ektvm.dll,rdthr.dll,rgfjj.dll,dscef.dll,crugd.dll,lariytrz.dll,hjaiq.dll,kduy.dll,hkfgh.dll,awef.dll,dfhsh.dll,ethsh.dll,stehs.dll,sthth.dll,wfhyt.dll,rgghjj.dll,fdght.dll,,msosmnsf00.dll,msoscqit00.dll> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{a580305f-b902-4723-ac26-06e4cb4279a5}><C:\WINDOWS\system32\ttHADHAD1071.dll> [] <{1950369a-7bb1-4235-83a3-054b26f1943b}><C:\WINDOWS\system32\dqABCABC1031.dll> [] <{3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3}><C:\WINDOWS\system32\oohxbbyt.dll> [] <{9947e423-193f-4fc4-b38d-e76fdd799150}><C:\WINDOWS\system32\ttMYSMYS1053.dll> [] <{77f7e039-7181-4a6d-b1bb-8c81f81e833a}><C:\WINDOWS\system32\ttKAFKAF1072.dll> [] <{3cc67dc4-e953-4b2f-ae22-fcb4dcc3903a}><C:\WINDOWS\system32\ttNNBNNB1056.dll> [] <{44a07d49-1e80-46e3-b6b7-aaa9ca462377}><C:\WINDOWS\system32\dqEZZEZZ1056.dll> [] <{86ba2ef4-3501-47cf-a71d-8759997a44d0}><C:\WINDOWS\system32\dqDABDAB1071.dll> [] <{e1b85bd5-d0bd-4a39-953e-574d200a53b2}><C:\WINDOWS\system32\dqSADSAD1041.dll> [] <{67ba0720-e5a5-4b59-92cc-63faf4816f27}><C:\WINDOWS\system32\dqWLVWLV1014.dll> [] <{b855ec1a-a8f8-4f59-ab45-08de1dae1ae2}><C:\WINDOWS\system32\dqDLQDLQ1007.dll> [] <{3c0a13c5-4df0-4430-9718-bf99ff81334a}><C:\WINDOWS\system32\dqBAIBAI1067.dll> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] <WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe] <IFEO[360rpt.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe] <IFEO[360Safe.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe] <IFEO[360tray.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACKWIN32.EXE] <IFEO[ACKWIN32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe] <IFEO[adam.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe] <IFEO[AgentSvr.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ANTI-TROJAN.EXE] <IFEO[ANTI-TROJAN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe] <IFEO[AppSvc32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\APVXDWIN.EXE] <IFEO[APVXDWIN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ati2evxx.exe] <IFEO[ati2evxx.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AUTODOWN.EXE] <IFEO[AUTODOWN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe] <IFEO[autoruns.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe] <IFEO[avconsol.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVE32.EXE] <IFEO[AVE32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGCTRL.EXE] <IFEO[AVGCTRL.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe] <IFEO[avgrssvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVKSERV.EXE] <IFEO[AVKSERV.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe] <IFEO[AvMonitor.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVNT.EXE] <IFEO[AVNT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com] <IFEO[avp.com]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe] <IFEO[avp.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVP32.EXE] <IFEO[AVP32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPCC.EXE] <IFEO[AVPCC.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPDOS32.EXE] <IFEO[AVPDOS32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPM.EXE] <IFEO[AVPM.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPTC32.EXE] <IFEO[AVPTC32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPUPD.EXE] <IFEO[AVPUPD.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSCHED32.EXE] <IFEO[AVSCHED32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWIN95.EXE] <IFEO[AVWIN95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWUPD32.EXE] <IFEO[AVWUPD32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BLACKD.EXE] <IFEO[BLACKD.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BLACKICE.EXE] <IFEO[BLACKICE.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe] <IFEO[CCenter.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe] <IFEO[ccSvcHst.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFIADMIN.EXE] <IFEO[CFIADMIN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFIAUDIT.EXE] <IFEO[CFIAUDIT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFINET.EXE] <IFEO[CFINET.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFINET32.EXE] <IFEO[CFINET32.EXE]><net> [N/A] 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	分享到：

rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	发表于： 2008-05-05 12:13 \| 显示全部短消息资料字号：小中大 2楼２ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLAW95.EXE] <IFEO[CLAW95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLAW95CF.EXE] <IFEO[CLAW95CF.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLEANER.EXE] <IFEO[CLEANER.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLEANER3.EXE] <IFEO[CLEANER3.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DVP95.EXE] <IFEO[DVP95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DVP95_0.EXE] <IFEO[DVP95_0.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ECENGINE.EXE] <IFEO[ECENGINE.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EGHOST.EXE] <IFEO[EGHOST.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe] <IFEO[egui.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\esafe.exe] <IFEO[esafe.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EXPWATCH.EXE] <IFEO[EXPWATCH.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-AGNT95.EXE] <IFEO[F-AGNT95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-PROT.EXE] <IFEO[F-PROT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-PROT95.EXE] <IFEO[F-PROT95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-STOPW.EXE] <IFEO[F-STOPW.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FESCUE.EXE] <IFEO[FESCUE.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe] <IFEO[FileDsty.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FINDVIRU.EXE] <IFEO[FINDVIRU.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FP-WIN.EXE] <IFEO[FP-WIN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPROT.EXE] <IFEO[FPROT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FRW.EXE] <IFEO[FRW.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe] <IFEO[FTCleanerShell.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe] <IFEO[HijackThis.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMAPP.EXE] <IFEO[IAMAPP.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMSERV.EXE] <IFEO[IAMSERV.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMASN.EXE] <IFEO[IBMASN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMAVSP.EXE] <IFEO[IBMAVSP.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe] <IFEO[IceSword.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOAD95.EXE] <IFEO[ICLOAD95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOADNT.EXE] <IFEO[ICLOADNT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICMON.EXE] <IFEO[ICMON.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPP95.EXE] <IFEO[ICSUPP95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPPNT.EXE] <IFEO[ICSUPPNT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\idag.exe] <IFEO[idag.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IFACE.EXE] <IFEO[IFACE.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IOMON98.EXE] <IFEO[IOMON98.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe] <IFEO[Iparmor.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe] <IFEO[isPwdSvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\JEDI.EXE] <IFEO[JEDI.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe] <IFEO[kabaload.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kaccore.exe] <IFEO[kaccore.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR] <IFEO[KaScrScn.SCR]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe] <IFEO[KASMain.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe] <IFEO[KASTask.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe] <IFEO[KAV32.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe] <IFEO[KAVDX.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe] <IFEO[KAVPF.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe] <IFEO[KAVPFW.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe] <IFEO[KAVSetup.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe] <IFEO[KAVStart.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavsvc.exe] <IFEO[kavsvc.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVsvcUI.exe] <IFEO[KAVsvcUI.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe] <IFEO[KISLnchr.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kissvc.exe] <IFEO[kissvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe] <IFEO[KMailMon.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe] <IFEO[KMFilter.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe] <IFEO[KPFW32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kpfwsvc.exe] <IFEO[kpfwsvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows XP Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPPMain.exe] <IFEO[KPPMain.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe] <IFEO[KRegEx.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.com] <IFEO[KRepair.com]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe] <IFEO[KsLoader.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp] <IFEO[KVCenter.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe] <IFEO[KvDetect.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVFW.EXE] <IFEO[KVFW.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe] <IFEO[KvfwMcl.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.exe] <IFEO[KVMonXP.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp] <IFEO[KVMonXP.kxp]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp] <IFEO[KVMonXP_1.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe] <IFEO[kvol.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe] <IFEO[kvolself.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp] <IFEO[KvReport.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp] <IFEO[KVScan.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVsrvXP.exe] <IFEO[KVsrvXP.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp] <IFEO[KVStub.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe] <IFEO[kvupload.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVwsc.exe] <IFEO[KVwsc.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp] <IFEO[KvXP.kxp]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kwatch.exe] <IFEO[kwatch.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe] <IFEO[KWatch9x.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchUI.EXE] <IFEO[KWatchUI.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe] <IFEO[KWatchX.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOCKDOWN2000.EXE] <IFEO[LOCKDOWN2000.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Logo1_.exe] <IFEO[Logo1_.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Logo_1.exe] <IFEO[Logo_1.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOOKOUT.EXE] <IFEO[LOOKOUT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LUALL.EXE] <IFEO[LUALL.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe] <IFEO[MagicSet.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MAILMON.EXE] <IFEO[MAILMON.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe] <IFEO[mcconsol.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe] <IFEO[mmqczj.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher]
rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:

rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	发表于： 2008-05-05 12:14 \| 显示全部短消息资料字号：小中大 3楼３ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe] <IFEO[mmsk.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MOOLIVE.EXE] <IFEO[MOOLIVE.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPFTRAY.EXE] <IFEO[MPFTRAY.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\N32SCANW.EXE] <IFEO[N32SCANW.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe] <IFEO[navapsvc.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe] <IFEO[Navapw32.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVLU32.EXE] <IFEO[NAVLU32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVNT.EXE] <IFEO[NAVNT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.EXE] <IFEO[navw32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVWNT.EXE] <IFEO[NAVWNT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NISUM.EXE] <IFEO[NISUM.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NMain.exe] <IFEO[NMain.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe] <IFEO[nod32krn.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NORMIST.EXE] <IFEO[NORMIST.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPFMntor.exe] <IFEO[NPFMntor.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NUPGRADE.EXE] <IFEO[NUPGRADE.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NVC95.EXE] <IFEO[NVC95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OllyDBG.EXE] <IFEO[OllyDBG.EXE]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OllyICE.EXE] <IFEO[OllyICE.EXE]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVCL.EXE] <IFEO[PAVCL.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVSCHED.EXE] <IFEO[PAVSCHED.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVW.EXE] <IFEO[PAVW.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCCWIN98.EXE] <IFEO[PCCWIN98.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCFWALLICON.EXE] <IFEO[PCFWALLICON.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PERSFW.EXE] <IFEO[PERSFW.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe] <IFEO[PFW.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe] <IFEO[PFWLiveUpdate.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe] <IFEO[procexp.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe] <IFEO[QHSET.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctor.exe] <IFEO[qqdoctor.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqkav.exe] <IFEO[qqkav.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqsc.exe] <IFEO[qqsc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe] <IFEO[Ras.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav.exe] <IFEO[rav.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAV7.EXE] <IFEO[RAV7.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAV7WIN.EXE] <IFEO[RAV7WIN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAVmon.exe] <IFEO[RAVmon.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAVmonD.exe] <IFEO[RAVmonD.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravstub.exe] <IFEO[ravstub.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtask.exe] <IFEO[ravtask.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtimer.exe] <IFEO[ravtimer.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtool.exe] <IFEO[ravtool.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe] <IFEO[RegClean.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regtool.exe] <IFEO[regtool.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe] <IFEO[rfwmain.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwproxy.exeFYFireWall.exe] <IFEO[rfwproxy.exeFYFireWall.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe] <IFEO[rfwsrv.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.exe] <IFEO[rfwstub.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rising.exe] <IFEO[rising.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe] <IFEO[Rsaupd.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe] <IFEO[runiep.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe] <IFEO[safelive.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SAFEWEB.EXE] <IFEO[SAFEWEB.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe] <IFEO[scan32.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCAN95.EXE] <IFEO[SCAN95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCANPM.EXE] <IFEO[SCANPM.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCRSCAN.EXE] <IFEO[SCRSCAN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SERV95.EXE] <IFEO[SERV95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe] <IFEO[shcfg32.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe] <IFEO[SmartUp.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMC.EXE] <IFEO[SMC.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPHINX.EXE] <IFEO[SPHINX.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE] <IFEO[SREng.EXE]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SWEEP95.EXE] <IFEO[SWEEP95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe] <IFEO[symlcsvc.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe] <IFEO[SysSafe.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TBSCAN.EXE] <IFEO[TBSCAN.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TCA.EXE] <IFEO[TCA.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TDS2-98.EXE] <IFEO[TDS2-98.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TDS2-NT.EXE] <IFEO[TDS2-NT.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\THGUARD.EXE] <IFEO[THGUARD.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe] <IFEO[TrojanDetector.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanHunter.exe] <IFEO[TrojanHunter.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe] <IFEO[Trojanwall.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp] <IFEO[TrojDie.kxp]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe] <IFEO[UIHost.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe] <IFEO[UmxAgent.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe] <IFEO[UmxAttachment.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe]
rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:

rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	发表于： 2008-05-05 12:15 \| 显示全部短消息资料字号：小中大 4楼４ <IFEO[UmxCfg.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe] <IFEO[UmxFwHlp.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe] <IFEO[UmxPol.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe] <IFEO[UpLive.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VET95.EXE] <IFEO[VET95.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VETTRAY.EXE] <IFEO[VETTRAY.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSCAN40.EXE] <IFEO[VSCAN40.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSECOMR.EXE] <IFEO[VSECOMR.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSHWIN32.EXE] <IFEO[VSHWIN32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe] <IFEO[vsstat.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe] <IFEO[webscanx.exe]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WFINDV32.EXE] <IFEO[WFINDV32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WinDbg.exe] <IFEO[WinDbg.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe] <IFEO[WoptiClean.exe]><C:\WINDOWS\system32\svchost.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ZONEALARM.EXE] <IFEO[ZONEALARM.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVP32.EXE] <IFEO[_AVP32.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVPCC.EXE] <IFEO[_AVPCC.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVPM.EXE] <IFEO[_AVPM.EXE]><net> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\修复工具.exe] <IFEO[修复工具.exe]><net> [N/A] ================================== 启动文件夹 [兴业证券核新SSL通讯安全代理] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\兴业证券核新SSL通讯安全代理.lnk --> C:\PROGRA~1\hexin\sslproxy\SSLCnt.exe [杭州核新软件技术有限公司]><N> [金蝶KIS加密网络服务器] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\金蝶KIS加密网络服务器.lnk --> C:\PROGRA~1\Kingdee\KIS\KISSER~1\KISSER~1.EXE [kingdee]><N> [QQ游戏启动加速程序] <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\Tencent\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N> ================================== 服务 [Rising Proxy Service / RfwProxySrv][Running/Auto Start] <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.> [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.> [Rising Process Communication Center / RsCCenter][Stopped/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.> [ServiceLayer / ServiceLayer][Stopped/Manual Start] <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.> ================================== 驱动程序 [3g5p036 / 3g5p036][Stopped/Boot Start] <\SystemRoot\system32\drivers\3g5p036.sys><N/A> [3xh52s / 3xh52s0][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\3xh52s0.sys><N/A> [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] <system32\drivers\ac97intc.sys><Intel Corporation> [Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start] <system32\drivers\ALCXSENS.SYS><Sensaura> [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.> [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] <System32\DRIVERS\amdk8.sys><Advanced Micro Devices> [Atixeve29062 / Atixeve29062][Stopped/Manual Start] <\??\C:\WINDOWS\TEMP\~wxp2ins.921.tmp><N/A> [cqit / cqit][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpE1.tmp><N/A> [dohs / dohs][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpCF.tmp><N/A> [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.> [fmsq / fmsq][Stopped/Auto Start] <\??\C:\WINDOWS\TEMP\tmp2B.tmp><N/A> [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd> [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd> [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd> [HookSys / HookSys][Running/System Start]
rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:

rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	发表于： 2008-05-05 12:16 \| 显示全部短消息资料字号：小中大 5楼５ <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd> [HookUrl / HookUrl][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.> [ialm / ialm][Running/Manual Start] <system32\DRIVERS\ialmnt5.sys><Intel Corporation> [mhfp / mhfp][Stopped/Auto Start] <\??\C:\WINDOWS\TEMP\tmp1.tmp><N/A> [mnsf / mnsf][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpDB.tmp><N/A> [msfpfis64 / msfpfis64][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\msosmsfpfis64.sys><N/A> [Nokia USB Generic / Nokia USB Generic][Stopped/Manual Start] <system32\drivers\nmwcdc.sys><Nokia> [Nokia USB Modem / Nokia USB Modem][Stopped/Manual Start] <system32\drivers\nmwcdcm.sys><Nokia> [Nokia USB Phone Parent / Nokia USB Phone Parent][Stopped/Manual Start] <system32\drivers\nmwcd.sys><Nokia> [npkcrypt / npkcrypt][Running/Auto Start] <\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.> [nv / nv][Stopped/Manual Start] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [obj2 / obj2][Stopped/Manual Start] <\??\C:\WINDOWS\system32\DRIVERS\obj2.sys><N/A> [pfnerem / pfnerem][Running/Boot Start] <\SystemRoot\\SystemRoot\System32\drivers\pfnerem.sys><N/A> [ping / ping][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpD1.tmp><N/A> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [Rising Rfwbase Driver / RfwBase][Running/Auto Start] <System32\DRIVERS\rfwbase.SYS><Beijing Rising Technology Co., Ltd.> [RsFwDrv / RsFwDrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.> [Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start] <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.> [Senselock SenseIV v2.x Service / sense4v2][Running/Manual Start] <System32\Drivers\sense4v2.sys><Beijing Senselock Corp.> [Sentinel / Sentinel][Running/Auto Start] <\SystemRoot\System32\Drivers\SENTINEL.SYS><Rainbow Technologies, Inc.> ================================== 浏览器加载项 [] {3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3} <C:\WINDOWS\system32\oohxbbyt.dll, N/A> [知识库] {06926B30-424E-4f1c-8EE3-543CD96573DC} <http://blank.la/?h, N/A> [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD> [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation> [@shdoclc.dll,-866] {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A> [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation> [Java Plug-in 1.4.2_08] {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2_08\bin\npjpi142_08.dll, JavaSoft / Sun Microsystems, Inc.> [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, > [DopLivePlayer Class] {A567B0E6-7392-4F5F-B556-AD89529185BD} <C:\WINDOWS\DopLiveCom.dll, 闪动科技> [Java Plug-in 1.4.2_08] {CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA} <C:\Program Files\Java\j2re1.4.2_08\bin\npjpi142_08.dll, JavaSoft / Sun Microsystems, Inc.> [AtlHttp Class] {E78B329B-B2E9-48BF-A15F-8775666EB563} <C:\WINDOWS\DOWNLO~1\sandown.dll, > [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD> [eREADVer Control] {0FA136BD-E4E5-41E9-8305-C62F3B64ABF7} <E:\PROGRA~1\eREAD6.0\eREAD6.dll, TODO: <Company name>> [PeerDraw Class] {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation> [MeadCo ScriptX] {1663ED61-23EB-11D2-B92F-008048FDD814} <C:\WINDOWS\system32\MCScripX.dll, Mead & Co Limited> [MeadCo Extended HTML Printing] {1663ED6A-23EB-11D2-B92F-008048FDD814} <C:\WINDOWS\system32\MCPrintX.dll, Mead & Co Limited> [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation> [AddTask Class] {24F06550-65E3-4D1C-8CFE-839C296B5530} <E:\Program Files\eREAD6.0\IEeREAD.dll, > [RealPlayer RAM Download Handler] {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.> [IETag Factory] {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation> [Info cache] {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A> [] {398C9B84-4EF7-47B5-9862-DE29543B3C42} <C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys, N/A> [] {3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3} <C:\WINDOWS\system32\oohxbbyt.dll, N/A> [QuickTime Object] {4063BE15-3B08-470D-A0D5-B37161CFFD69} <D:\cwb\QTPlugin.ocx, Apple Inc.> [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD> [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, > [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, > [UpOCX Control] {693974C9-1CC4-45CC-8B47-A4F889E375A1} <C:\WINDOWS\system32\upOCX.ocx, > [AddTask Class] {6A19C29D-ED45-4483-8999-9F939C8161F2} <E:\Program Files\eREAD6.0\WebHook.dll, > [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, N/A> [iReportPlugin Control] {99C9F0B9-4397-49ED-AF4A-F98924ADECE6} <C:\WINDOWS\sanlink\plugin\iReportPluginX.ocx, > [RMGetLicense Class] {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation> [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation> [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx, Adobe Systems, Inc.> [AtlHttp Class] {E78B329B-B2E9-48BF-A15F-8775666EB563} <C:\WINDOWS\DOWNLO~1\sandown.dll, > [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder> [] {FCEAF8AB-7DC0-4E09-8E8D-163C1024E04B} <C:\Program Files\Internet Explorer\PLUGINS\WinSys16.Sys, N/A> [使用迅雷下载] <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A> [使用迅雷下载全部链接] <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A> [导出到 Microsoft Office Excel(&X)] <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> [添加到QQ表情] <C:\Program Files\QQ2006\AddEmotion.htm, N/A> ================================== 正在运行的进程 [PID: 476 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 544 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 568 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 616 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\D3D9_32.DLL] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 628 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mfc40u.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 796 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 852 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 964 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys16.Sys] [N/A, ] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [PID: 1032 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 1100 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 1264 / SYSTEM][c:\program files\rising\rfw\rfwproxy.exe] [Beijing Rising Technology Co., Ltd., 7.0.0.32] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [c:\program files\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00] [C:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [c:\program files\rising\rfw\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.13] [c:\program files\rising\rfw\MonMid.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ]
rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:

rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	发表于： 2008-05-05 12:16 \| 显示全部短消息资料字号：小中大 6楼６ [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys16.Sys] [N/A, ] [PID: 1496 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\78xx0icp.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\anistio.dll] [N/A, ] [C:\WINDOWS\system32\fiosectc.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [E:\Program Files\Powerword 2007\Grabgdip.dll] [Kingsoft Co, Ltd., 1, 0, 0, 1] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\rzysdhbx.dll] [N/A, ] [C:\WINDOWS\system32\dbhlp32.dlL] [N/A, ] [C:\WINDOWS\system32\fmsjhif.dll] [N/A, ] [C:\WINDOWS\system32\ticisms.dll] [N/A, ] [C:\WINDOWS\system32\bincdwsa.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\WINSvr64.dll] [N/A, ] [C:\WINDOWS\system32\dqDABDAB1071.dll] [N/A, ] [C:\WINDOWS\system32\dqABCABC1031.dll] [N/A, ] [C:\WINDOWS\system32\ttHADHAD1071.dll] [N/A, ] [C:\WINDOWS\system32\dqBAIBAI1067.dll] [N/A, ] [C:\WINDOWS\system32\ttMYSMYS1053.dll] [N/A, ] [C:\WINDOWS\system32\ttNNBNNB1056.dll] [N/A, ] [C:\WINDOWS\system32\dqSADSAD1041.dll] [N/A, ] [C:\WINDOWS\system32\dqEZZEZZ1056.dll] [N/A, ] [C:\WINDOWS\system32\ttKAFKAF1072.dll] [N/A, ] [C:\WINDOWS\system32\yuiabct.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\huifitc.dll] [N/A, ] [C:\WINDOWS\system32\fmbiost.dll] [N/A, ] [C:\WINDOWS\system32\dqDLQDLQ1007.dll] [N/A, ] [C:\WINDOWS\system32\dqWLVWLV1014.dll] [N/A, ] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll] [Nokia, 6, 81, 46, 1] [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] [Nokia, 6, 81, 68, 0] [C:\WINDOWS\system32\ConnAPI.DLL] [Nokia., 6, 81, 62, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr] [Nokia, 6, 81, 29, 0] [C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 6, 81, 11, 0] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4396] [C:\PROGRA~1\Nokia\NOKIAP~1\Lang\ConnectionManager_chi-sc.nlr] [Nokia, 6, 81, 46, 1] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17] [PID: 1752 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 1784 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\E_SL2604.DLL] [SEIKO EPSON CORPORATION, 1, 6, 0, 0] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 500 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 700 / Administrator][D:\cwb\qttask.exe] [Apple Inc., 7.2] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 804 / Administrator][E:\Program Files\Powerword 2007\xdict.exe] [Kingsoft Co, Ltd., 10, 0, 0, 4] [E:\Program Files\Powerword 2007\AccountActivate.dll] [N/A, ] [E:\Program Files\Powerword 2007\ITextOut.dll] [Kingsoft Co, Ltd. , 1, 1, 0, 1] [E:\Program Files\Powerword 2007\KPic10.dll] [N/A, ] [E:\Program Files\Powerword 2007\ijl11.dll] [Intel Corporation, 1.1.2] [E:\Program Files\Powerword 2007\NormGrab.DLL] [Kingsoft Co, Ltd., 9, 0, 0, 1] [E:\Program Files\Powerword 2007\statistics.dll] [N/A, ] [E:\Program Files\Powerword 2007\toTTSEngine50.dll] [Kingsoft Co, Ltd. , 1, 0, 0, 1] [E:\Program Files\Powerword 2007\xfile.dll] [Kingsoft Co, Ltd. , 1, 0, 0, 1] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [E:\Program Files\Powerword 2007\DBCore10.dll] [Kingsoft Co, Ltd., 1, 5, 0, 1] [E:\Program Files\Powerword 2007\XdictGrb.dll] [Kingsoft Co, Ltd., 9, 0, 0, 2] [E:\Program Files\Powerword 2007\DictionaryManager.dll] [Kingsoft Co, Ltd., 1, 0, 0, 1] [E:\Program Files\Powerword 2007\Xml2Xdata.dll] [Kingsoft Co, Ltd., 1, 0, 0, 1] [C:\PROGRA~1\COMMON~1\MICROS~1\Speech\sapi.dll] [Microsoft Corporation, 5.1.4111.00 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\PROGRA~1\COMMON~1\SPEECH~1\MICROS~1\TTS\1033\spttseng.dll] [Microsoft Corporation, 5.1.4111.00 (XPClient.010817-1148)] [C:\PROGRA~1\COMMON~1\SPEECH~1\MICROS~1\spcommon.dll] [Microsoft Corporation, 5.1.4111.00 (XPClient.010817-1148)] [E:\Program Files\Powerword 2007\XDictPassport.DLL] [Kingsoft Corporation, 2005, 9, 27, 0] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx] [Adobe Systems, Inc., 9,0,0,296] [C:\WINDOWS\system32\anistio.dll] [N/A, ] [C:\WINDOWS\system32\fiosectc.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [E:\Program Files\Powerword 2007\Grabgdip.dll] [Kingsoft Co, Ltd., 1, 0, 0, 1] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\WINSvr64.dll] [N/A, ] [C:\WINDOWS\system32\bincdwsa.dll] [N/A, ] [C:\WINDOWS\system32\ticisms.dll] [N/A, ] [C:\WINDOWS\system32\fmsjhif.dll] [N/A, ] [C:\WINDOWS\system32\dbhlp32.dlL] [N/A, ] [C:\WINDOWS\system32\rzysdhbx.dll] [N/A, ] [C:\WINDOWS\system32\yuiabct.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\huifitc.dll] [N/A, ] [C:\WINDOWS\system32\fmbiost.dll] [N/A, ] [PID: 892 / Administrator][C:\Program Files\Java\j2re1.4.2_08\bin\jusched.exe] [N/A, ] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 1084 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [PID: 1584 / Administrator][C:\Program Files\hexin\sslproxy\SSLCnt.exe] [杭州核新软件技术有限公司, 1.106.2004.1014] [C:\Program Files\hexin\sslproxy\crypteng.dll] [杭州核新软件技术有限公司, 1.44.2003.0426] [C:\Program Files\hexin\sslproxy\sslproxy.dll] [杭州核新软件技术有限公司, 1.52.2002.326] [C:\Program Files\hexin\sslproxy\CAsAPI.dll] [杭州核新软件技术有限公司, 1.49.2002.422] [C:\Program Files\hexin\sslproxy\Scard.dll] [杭州核新软件技术有限公司, 1.02.2001.0529] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\Program Files\hexin\sslproxy\CAs\Sheca.dll] [杭州核新软件技术有限公司, 1.08.2003.1014] [C:\Program Files\hexin\sslproxy\CAs\CTCA.dll] [杭州核新软件技术有限公司, 1.05.2001.1116] [C:\Program Files\hexin\sslproxy\CAs\RH.dll] [杭州核新软件技术有限公司, 1.07.2001.1207] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 1592 / Administrator][C:\Program Files\Kingdee\KIS\KISServer\KISServer.exe] [kingdee, 1.00] [C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9690] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\VB6CHS.DLL] [Microsoft Corporation, 6.00.7322] [C:\WINDOWS\system32\MSCOMCTL.OCX] [Microsoft Corporation, 6.01.9545] [C:\WINDOWS\system32\mswinsck.ocx] [Microsoft Corporation, 6.01.9782] [C:\WINDOWS\system32\KFO10.DLL] [Kingdee Corporation, 10, 2, 0, 0] [C:\WINDOWS\system32\SENSE4.dll] [北京深思洛克数据保护中心, 2, 30, 3, 7] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 2996 / Administrator][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [PID: 1884 / SYSTEM][C:\WINDOWS\TEMP\_qosec29.msi] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys16.Sys] [N/A, ] [PID: 6104 / Administrator][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [PID: 2856 / Administrator][C:\Program Files\ACD Systems\ACDSee\5.0\ACDSee5.exe] [ACD Systems, Ltd., 5, 0, 1, 6] [C:\Program Files\Common Files\ACD Systems\EN\ACDAppInfo.dll] [ACD Systems Inc., 3, 0, 0, 9] [C:\Program Files\Common Files\ACD Systems\EN\ACDInTouch.dll] [ACD Systems Inc., 3, 0, 0, 9] [C:\Program Files\Common Files\ACD Systems\EN\ipwssl5.dll] [/n software inc. - www.nsoftware.com, 5.0.0.852] [C:\Program Files\Common Files\ACD Systems\ShellIntMgr.dll] [ACD Systems Ltd., 1, 0, 2, 24] [C:\Program Files\Common Files\ACD Systems\EN\ACDCLClient.dll] [ACD SYSTEMS, 1, 0, 0, 6] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\Program Files\Common Files\ACD Systems\PlugIns\IDE_ACDStd.apl] [ACD Systems, Ltd., 1, 3, 6, 6] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\Program Files\Common Files\ACD Systems\IDBSvrps.dll] [ACD Systems Ltd., 1, 0, 0, 23] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\fmbiost.dll] [N/A, ] [C:\WINDOWS\system32\huifitc.dll] [N/A, ] [C:\WINDOWS\system32\yuiabct.dll] [N/A, ] [C:\WINDOWS\system32\WINSvr64.dll] [N/A, ] [C:\WINDOWS\system32\bincdwsa.dll] [N/A, ] [C:\WINDOWS\system32\ticisms.dll] [N/A, ] [C:\WINDOWS\system32\fmsjhif.dll] [N/A, ] [C:\WINDOWS\system32\dbhlp32.dlL] [N/A, ] [C:\WINDOWS\system32\rzysdhbx.dll] [N/A, ] [C:\WINDOWS\system32\fiosectc.dll] [N/A, ] [C:\WINDOWS\system32\anistio.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [E:\Program Files\Powerword 2007\Grabgdip.dll] [Kingsoft Co, Ltd., 1, 0, 0, 1] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [PID: 2512 / Administrator][C:\Program Files\Common Files\ACD Systems\IDBSvr.exe] [ACD Systems Ltd., 1, 0, 3, 3] [C:\Program Files\Common Files\ACD Systems\ExtDB.dll] [ACD Systems Ltd., 1, 0, 3, 1] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\Program Files\Common Files\ACD Systems\IDBSvrps.dll] [ACD Systems Ltd., 1, 0, 0, 23] [PID: 4828 / Administrator][C:\WINDOWS\Fonts\syn00-E0-4D-A6-C5-98\system\smss.exe] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [PID: 4408 / Administrator][E:\SRE日志扫描\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [C:\WINDOWS\system32\fmbiost.dll] [N/A, ] [C:\WINDOWS\system32\huifitc.dll] [N/A, ] [C:\WINDOWS\system32\yuiabct.dll] [N/A, ] [C:\WINDOWS\system32\WINSvr64.dll] [N/A, ] [C:\WINDOWS\system32\bincdwsa.dll] [N/A, ] [C:\WINDOWS\system32\ticisms.dll] [N/A, ] [C:\WINDOWS\system32\fmsjhif.dll] [N/A, ] [C:\WINDOWS\system32\dbhlp32.dlL] [N/A, ] [C:\WINDOWS\system32\rzysdhbx.dll] [N/A, ] [C:\WINDOWS\system32\fiosectc.dll] [N/A, ] [C:\WINDOWS\system32\anistio.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [PID: 2480 / Administrator][E:\SRE日志扫描\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\fdght.dll] [N/A, ] [C:\WINDOWS\system32\xdndn.dll] [N/A, ] [C:\WINDOWS\system32\dnteh.dll] [N/A, ] [C:\WINDOWS\system32\sperls.dll] [N/A, ] [C:\WINDOWS\system32\msosdohs00.dll] [N/A, ] [C:\WINDOWS\system32\oohxbbyt.dll] [N/A, ] [C:\WINDOWS\system32\fmbiost.dll] [N/A, ] [C:\WINDOWS\system32\huifitc.dll] [N/A, ] [C:\WINDOWS\system32\yuiabct.dll] [N/A, ] [C:\WINDOWS\system32\WINSvr64.dll] [N/A, ] [C:\WINDOWS\system32\bincdwsa.dll] [N/A, ] [C:\WINDOWS\system32\ticisms.dll] [N/A, ] [C:\WINDOWS\system32\fmsjhif.dll] [N/A, ] [C:\WINDOWS\system32\dbhlp32.dlL] [N/A, ] [C:\WINDOWS\system32\rzysdhbx.dll] [N/A, ] [C:\WINDOWS\system32\fiosectc.dll] [N/A, ] [C:\WINDOWS\system32\anistio.dll] [N/A, ] [C:\WINDOWS\system32\msosmnsf00.dll] [N/A, ] [E:\SRE日志扫描\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\msosping00.dll] [N/A, ]
rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:

rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	发表于： 2008-05-05 12:18 \| 显示全部短消息资料字号：小中大 7楼７ ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf [C:\] [AutoRun] OPEN=ntldr.exe shellexecute=ntldr.exe shell\打开(&O)\command=ntldr.exe [D:\] [AutoRun] OPEN=ntldr.exe shellexecute=ntldr.exe shell\打开(&O)\command=ntldr.exe [E:\] [AutoRun] OPEN=ntldr.exe shellexecute=ntldr.exe shell\打开(&O)\command=ntldr.exe [F:\] [AutoRun] OPEN=ntldr.exe shellexecute=ntldr.exe shell\打开(&O)\command=ntldr.exe ================================== HOSTS 文件 N/A ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 628, C:\WINDOWS\SYSTEM32\LSASS.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 804, E:\PROGRAM FILES\POWERWORD 2007\XDICT.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1584, C:\PROGRAM FILES\HEXIN\SSLPROXY\SSLCNT.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1592, C:\PROGRAM FILES\KINGDEE\KIS\KISSERVER\KISSERVER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1884, C:\WINDOWS\TEMP\_QOSEC29.MSI] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2856, C:\PROGRAM FILES\ACD SYSTEMS\ACDSEE\5.0\ACDSEE5.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2512, C:\PROGRAM FILES\COMMON FILES\ACD SYSTEMS\IDBSVR.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 4828, C:\WINDOWS\FONTS\SYN00-E0-4D-A6-C5-98\SYSTEM\SMSS.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 4828, C:\WINDOWS\FONTS\SYN00-E0-4D-A6-C5-98\SYSTEM\SMSS.EXE] ================================== API HOOK N/A ================================== 隐藏进程 N/A ==================================
rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:

rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:	发表于： 2008-05-05 14:59 \| 显示全部短消息资料字号：小中大 8楼回复: ［求助］瑞星无法运行（附日志）不好意思，刚开始的时候不知道用附件上传附件: 文件名:SREngLOG.log 下载次数:78 文件类型:application/octet-stream 文件大小: 上传时间:2008-5-5 14:59:23 描述:log
rushiqi 健康舞勺狮帖子:266 注册: 2006-06-21 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT