你好,我也正在学习java,可否分享下:【北京圣思园Java培训教学视频】的百度云盘分享。感谢!!!_百度知道
你好,我也正在学习java,可否分享下:【北京圣思园Java培训教学视频】的百度云盘分享。感谢!!!
提问者采纳
/s/1o6t4Tjs" target="_blank">http://pan://pan.baidu<a href="http
提问者评价
其他类似问题
为您推荐:
圣思园的相关知识
等待您来回答
下载知道APP
随时随地咨询
出门在外也不愁我的ie打不开了。。。任务管理器也打部开了
该用户从未签到
如题!!卡巴斯基杀不掉。。。
该用户从未签到
我先试试,谢谢你了~~~~~
该用户从未签到
扫描的结果我给你粘贴过来了,你看看,10:20:58
System Repair Engineer 2.5.16.900
Smallfrogs ()
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
& & 所有的启动项目(包括注册表、启动文件夹、服务等)
& & 浏览器加载项
& & 正在运行的进程(包括进程模块信息)
& & 文件关联
& & Winsock 提供者
& & Autorun.inf
& & HOSTS 文件
& & 进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& & &QQDownload&&&C:\Program Files\Tencent\QQDownload\QQDownload.exe& autostart&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& & &RavTask&&&C:\Program Files\Rising\Rav\RavTask.exe& -system&&&[(Verified)Beijing Rising Science and Technology Corporation Limited]
& & &360Safetray&&D:\Program Files\360safe\safemon\360Tray.exe /start&&&[(Verified)Qizhi Software (beijing) Co. Ltd]
& & &stup.exe&&Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R&&&[(Verified)Tencent Technology(Shenzhen) Company Limited]
& & &HotKeysCmds&&; C:\WINDOWS\system32\hkcmd.exe&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &IgfxTray&&; C:\WINDOWS\system32\igfxtray.exe&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &IMJPMIG8.1&&; &C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE& /Spoil /RemAdvDef /Migration32&&&[(Verified)Microsoft Windows Publisher]
& & &IMSCMig&&; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload&&&[(Verified)Microsoft Corporation]
& & &Persistence&&; C:\WINDOWS\system32\igfxpers.exe&&&[(Verified)Microsoft Windows Publisher]
& & &PHIME2002A&&; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName&&&[(Verified)Microsoft Windows Publisher]
& & &PHIME2002ASync&&; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC&&&[(Verified)Microsoft Corporation]
& & &SoundMAX&&; &C:\Program Files\Analog Devices\SoundMAX\Smax4.exe& /tray&&&[Analog Devices, Inc.]
& & &SoundMAXPnP&&; C:\Program Files\Analog Devices\Core\smax4pnp.exe&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &SunJavaUpdateSched&&; C:\Java\jre1.5.0\bin\jusched.exe&&&[Sun Microsystems, Inc.]
& & &百度安全中心&&; C:\Program Files\baidu\SafeCenter\baccore.exe&&&[(Verified)KINGSOFT CORPORATION]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
& & &dellupdate&&C:\WINDOWS\system32\dellserver.exe&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &shell&&Explorer.exe&&&[(Verified)Microsoft Windows Publisher]
& & &Userinit&&C:\WINDOWS\system32\userinit.exe,&&&[(Verified)Microsoft Windows Publisher]
& & &UIHost&&logonui.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
& & &{32CD708B-60A7-4C00-9377-D73EAA495F0F}&&C:\WINDOWS\system32\RavExt.dll&&&[(Verified)Beijing Rising Science and Technology Corporation Limited]
& & &{398C9B84-4EF7-47B5-9862-DE}&&&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
& & &WinlogonNotify: igfxcui&&igfxdev.dll&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{d38-484f-9b9e-dec}]
& & &Internet Explorer&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
& & &Outlook Express&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]
& & &Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
& & &Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
& & &NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{e7d-11d1-bc44-00c04fd912be}]
& & &Windows Messenger 4.7&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& & &Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]
& & &通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}]
& & &N/A&&C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install&&&[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Convert.exe]
& & &IFEO[Convert.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FrogAgent.exe]
& & &IFEO[FrogAgent.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\katmain.exe]
& & &IFEO[katmain.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kav.exe]
& & &IFEO[kav.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Mcshield.exe]
& & &IFEO[Mcshield.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naPrdMgr.exe]
& & &IFEO[naPrdMgr.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RunOnce.exe]
& & &IFEO[RunOnce.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SnipeSword.exe]
& & &IFEO[SnipeSword.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Taskmgr.exe]
& & &IFEO[Taskmgr.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TBMon.exe]
& & &IFEO[TBMon.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.exe]
& & &IFEO[TrojDie.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UlibCfg.exe]
& & &IFEO[UlibCfg.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpdaterUI.exe]
& & &IFEO[UpdaterUI.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VsTskMgr.exe]
& & &IFEO[VsTskMgr.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
==================================
启动文件夹
[腾讯QQ]
&&&C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --& C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]&&N&
==================================
服务
[Apache2.2 / Apache2.2][Running/Auto Start]
&&&&C:\AppServ\Apache2.2\bin\httpd.exe& -k runservice&&Apache Software Foundation&
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
&&&D:\Program Files\StormII\stormliv.exe /asservice&&北京暴风网际科技有限公司&
[Human Interface Device Access / HidServ][Stopped/Disabled]
&&&C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&
[MSSQLSERVER / MSSQLSERVER][Stopped/Manual Start]
&&&d:\MICROS~3\MSSQL\binn\sqlservr.exe&&Microsoft Corporation&
[MySQL / MySQL][Stopped/Manual Start]
&&&&C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt& --defaults-file=&C:\Program Files\MySQL\MySQL Server 5.0\my.ini& MySQL&&N/A&
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
&&&&C:\Program Files\Rising\Rav\CCenter.exe&&&Beijing Rising Technology Co., Ltd.&
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
&&&&C:\PROGRAM FILES\RISING\RAV\Ravmond.exe&&&Beijing Rising Technology Co., Ltd.&
[Security Control / seictrl][Stopped/Auto Start]
&&&c:\windows\system32\rundll32.exe rp_engine.dll,scan&&Microsoft Corporation&
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
&&&d:\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -i MSSQLSERVER&&Microsoft Corporation&
[Apache Tomcat / Tomcat5][Stopped/Manual Start]
&&&d:\Tomcat5.0.27\bin\tomcat5.exe //RS//Tomcat5&&Apache Software Foundation&
==================================
驱动程序
[39b52l5 / 39b52l5z][Stopped/Boot Start]
&&&\SystemRoot\System32\DRIVERS\39b52l5z.sys&&N/A&
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
&&&system32\drivers\ADIHdAud.sys&&Analog Devices, Inc.&
[AE Audio Service / AEAudio][Running/Manual Start]
&&&system32\drivers\AEAudio.sys&&Andrea Electronics Corporation&
[fmsq / fmsq][Stopped/Auto Start]
&&&\??\c:\TEMP\tmp2C8.tmp&&N/A&
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
&&&system32\DRIVERS\HDAudBus.sys&&Windows (R) Server 2003 DDK provider&
[HookCont / HookCont][Running/System Start]
&&&\SystemRoot\system32\drivers\HookCont.sys&&Beijing Rising Technology Co., Ltd&
[HookNtos / HookNtos][Running/System Start]
&&&\SystemRoot\system32\drivers\HookNtos.sys&&Beijing Rising Technology Co., Ltd&
[HookReg / HookReg][Running/System Start]
&&&\SystemRoot\system32\drivers\HookReg.sys&&Beijing Rising Technology Co., Ltd&
[HookSys / HookSys][Running/System Start]
&&&\SystemRoot\system32\drivers\HookSys.sys&&Beijing Rising Technology Co., Ltd&
[ialm / ialm][Running/Manual Start]
&&&system32\DRIVERS\igxpmp32.sys&&Intel Corporation&
[KAVBootC / KAVBootC][Running/Boot Start]
&&&\SystemRoot\system32\Drivers\KAVBootC.sys&&Kingsoft Corporation&
[ptfs / ptfs][Stopped/Auto Start]
&&&\??\c:\TEMP\tmp36D.tmp&&N/A&
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
&&&system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&
[RsNTGDI / RsNTGDI][Running/Boot Start]
&&&\SystemRoot\system32\Drivers\RsNTGdi.sys&&Beijing Rising Technology Co., Ltd.&
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
&&&system32\DRIVERS\Rtnicxp.sys&&Realtek Semiconductor Corporation&
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
&&&system32\DRIVERS\RTL8139.SYS&&Realtek Semiconductor Corporation&
[Secdrv / Secdrv][Stopped/Manual Start]
&&&system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&
[SenFilt Service / SenFiltService][Running/Manual Start]
&&&system32\drivers\Senfilt.sys&&Sensaura&
[zftp / zftp][Stopped/Auto Start]
&&&\??\c:\TEMP\tmpB4.tmp&&N/A&
==================================
浏览器加载项
[QQCycloneHelper Class]
&&{C9--D2} &C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司&
[Adobe PDF Reader Link Helper]
&&{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} &C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated&
[Tencent Browser Helper]
&&{0C7C23EF-A848-485B-873C-0ED} &C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent&
[Kingsoft Trojan Webshield]
&&{4E8AFE3-BF78-8A7CCD6EF333} &C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddy.DLL, Kingsoft Corporation&
[SafeMon Class]
&&{B69F34DD-F0F9-42DC-9EDD-8D} &D:\Program Files\360safe\safemon\safemon.dll, &
[SafeCenterEyeOnIE Class]
&&{D2DA0BDA-D20F-4B0B-98D4-8BEAAE175E6D} &C:\Program Files\baidu\SafeCenter\safecenterstatus.dll, Kingsoft Corp. Ltd.&
[Java Plug-in 1.5.0]
&&{08B0E5C0-4FCB-11CF-AAA5-} &C:\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.&
[IEBuddyExtControl Class]
&&{3AECD3C1-DC-47B6CF7EF749} &C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddyExt.DLL, Kingsoft Corporation&
[信息检索(&R)]
&&{CC-41C8-B9BE-3C9C571A8263} &D:\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation&
[Messenger]
&&{FB5Fd2-BB9E-00C04F795683} &C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation&
[CKAVWebScan Object]
&&{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} &C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner Pro\kavwebscan.dll, Kaspersky Lab&
[PowerCreator VGAPlayer Control]
&&{339C1EE2--81F1-FC4} &C:\WINDOWS\DOWNLO~1\VGAPLA~1.OCX, PowerCreator Corporation&
[Java Plug-in 1.5.0]
&&{8AD9C840-044E-11D1-B3E9-} &C:\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.&
[KVFileUpdate Class]
&&{CA234A53-E68D-44D5-A07C-481C051D0C7B} &C:\WINDOWS\Downloaded Program Files\OLDown.dll, Jiangmin Co.,Ltd&
[Java Plug-in 1.5.0]
&&{CAFEEFAC-00-ABCDEFFEDCBA} &C:\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.&
[Shockwave Flash Object]
&&{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.&
[KUpdateObj2 Class]
&&{D4-4DCB-8AFC-8CF99435AACE} &C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation&
[BaiduMercurySvr Class]
&&{EC-41D7-67B276} &%ProgramFiles%\baidu\SafeCenter\bacctl.dll, N/A&
[QQCycloneHelper Class]
&&{C9--D2} &C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司&
[Adobe PDF Reader Link Helper]
&&{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} &C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated&
[Web Browser Applet Control]
&&{08B0E5C0-4FCB-11CF-AAA5-} &C:\WINDOWS\system32\msjava.dll, Microsoft Corporation&
[Tencent Browser Helper]
&&{0C7C23EF-A848-485B-873C-0ED} &C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent&
[CKAVWebScan Object]
&&{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} &C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner Pro\kavwebscan.dll, Kaspersky Lab&
[HTML Document]
&&{F9-11CF-8FD0-00AA00686F13} &%SystemRoot%\system32\mshtml.dll, N/A&
[DHTML Edit Control Safe for Scripting for IE5]
&&{2D360201-FFF5-11D1-8D03-00A0C959BC0A} &C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation&
[HtmlDlgSafeHelper Class]
&&{B5-11CF-BB82-00AA00BDCE0B} &C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation&
[PowerCreator VGAPlayer Control]
&&{339C1EE2--81F1-FC4} &C:\WINDOWS\DOWNLO~1\VGAPLA~1.OCX, PowerCreator Corporation&
[IEBuddyExtControl Class]
&&{3AECD3C1-DC-47B6CF7EF749} &C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddyExt.DLL, Kingsoft Corporation&
[XML Document]
&&{4D9-11D1-A6B3-00C04FD91555} &%SystemRoot%\system32\msxml3.dll, N/A&
[KLeakScan Class]
&&{4BB7444F-E4DA-4E02-AAAD-505A0E9855D4} &C:\Program Files\KOS\KosClean.dll, Kingsoft Corporation&
[Kingsoft Trojan Webshield]
&&{4E8AFE3-BF78-8A7CCD6EF333} &C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddy.DLL, Kingsoft Corporation&
[KvCoVirus Class]
&&{518D171D-CF41-4EA0-B0E0-ECBA5AA84126} &C:\WINDOWS\KVDownScan\WebScan\virusbox.dll, Jiangmin Co.Ltd&
[CKAVReportCtrl Object]
&&{C2D-41FA-A6D9-9E484B999CF0} &C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner Pro\kavwebscan.dll, Kaspersky Lab&
[Windows Media Player]
&&{6BF52A52-394A-11D3-B153-00C04F79FAA6} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&
[KvOLScan Control]
&&{6E0D0002-DC95-E-9FB1EA80AEDE} &C:\WINDOWS\KVDOWN~1\WebScan\kvKill.ocx, Jiangmin Co.&
[Active Desktop Mover]
&&{72267F6A-A6F9-11D0-BC94-00C04FB67863} &%SystemRoot%\system32\SHELL32.dll, N/A&
[360SafeLive]
&&{C--D416CB8059E3} &D:\Program Files\360safe\live.dll, &
[Microsoft Web 浏览器]
&&{A-11D0-A96B-00C04FD705A2} &C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation&
[Microsoft Scriptlet Component]
&&{AE24FDAE-03C6-11D1-8B76-} &C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation&
[SearchAssistantOC]
&&{B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, N/A&
[SafeMon Class]
&&{B69F34DD-F0F9-42DC-9EDD-8D} &D:\Program Files\360safe\safemon\safemon.dll, &
[RDS.DataSpace]
&&{BD96C556-65A3-11D0-983A-00C04FC29E36} &C:\Program Files\Common Files\system\msadc\msadco.dll, Microsoft Corporation&
[KScanSpyWare Class]
&&{C847FDE7-B612-47ED-B32C-B6} &C:\Program Files\KOS\KosClean.dll, Kingsoft Corporation&
[KVFileUpdate Class]
&&{CA234A53-E68D-44D5-A07C-481C051D0C7B} &C:\WINDOWS\Downloaded Program Files\OLDown.dll, Jiangmin Co.,Ltd&
[VIDEO__X_MS_ASF Moniker Class]
&&{CD3AFA8F-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&
[RealPlayer G2 Control]
&&{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &D:\Program Files\StormII\Codec\rmoc3260.dll, RealNetworks, Inc.&
[Shockwave Flash Object]
&&{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.&
[OfficeObj Class]
&&{D2BD7935-05FC-11D2-FD7A1BD} &, N/A&
[SafeCenterEyeOnIE Class]
&&{D2DA0BDA-D20F-4B0B-98D4-8BEAAE175E6D} &C:\Program Files\baidu\SafeCenter\safecenterstatus.dll, Kingsoft Corp. Ltd.&
[KUpdateObj2 Class]
&&{D4-4DCB-8AFC-8CF99435AACE} &C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation&
[KVirusScan Class]
&&{E176B817-4905-4CDF-8C9C-0AF3EA3B4AC7} &C:\Program Files\KOS\KosClean.dll, Kingsoft Corporation&
[KAccountManager Class]
&&{E176B817-4905-4CDF-8C9C-0AF3EA3B4AC9} &C:\Program Files\KOS\KosClean.dll, Kingsoft Corporation&
[BaiduMercurySvr Class]
&&{EC-41D7-67B276} &%ProgramFiles%\baidu\SafeCenter\bacctl.dll, N/A&
[&使用超级旋风下载]
&&&C:\Program Files\Tencent\QQDownload\geturl.htm, N/A&
[&使用超级旋风下载全部链接]
&&&C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A&
[导出到 Microsoft Office Excel(&X)]
&&&res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A&
[添加到QQ表情]
&&&C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A&
==================================
正在运行的进程
[PID: 476][\SystemRoot\System32\smss.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 532][\??\C:\WINDOWS\system32\csrss.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 556][\??\C:\WINDOWS\system32\winlogon.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 600][C:\WINDOWS\system32\services.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 612][C:\WINDOWS\system32\lsass.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 776][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 824][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 888][C:\Program Files\Rising\Rav\CCenter.exe]&&[Beijing Rising Technology Co., Ltd., 20.0.0.28]
[PID: 904][C:\WINDOWS\System32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 972][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1016][C:\PROGRAM FILES\RISING\RAV\ravmond.exe]&&[Beijing Rising Technology Co., Ltd., 20.0.0.76]
& & [C:\PROGRAM FILES\RISING\RAV\BWList.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.4]
& & [C:\WINDOWS\system32\MFC71.DLL]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\WINDOWS\system32\MSVCR71.dll]&&[Microsoft Corporation, 7.10.3052.4]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.0]
& & [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.16]
& & [C:\PROGRAM FILES\RISING\RAV\RsLog.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.34]
& & [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
& & [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
& & [C:\PROGRAM FILES\RISING\RAV\MonRule.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.29]
& & [C:\PROGRAM FILES\RISING\RAV\Hooksys.dll]&&[Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]
& & [C:\PROGRAM FILES\RISING\RAV\HookReg.dll]&&[Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
& & [C:\PROGRAM FILES\RISING\RAV\HookNtos.dll]&&[Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
& & [C:\PROGRAM FILES\RISING\RAV\rswalmon.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
& & [C:\PROGRAM FILES\RISING\RAV\recomp.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]
& & [C:\PROGRAM FILES\RISING\RAV\refs.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
& & [C:\PROGRAM FILES\RISING\RAV\ffr.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
& & [C:\Program Files\Rising\Rav\RsStore.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.8]
& & [C:\PROGRAM FILES\RISING\RAV\HookCont.dll]&&[Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\fakescan.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.13]
& & [C:\Program Files\Rising\Rav\Scanner.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.36]
& & [C:\PROGRAM FILES\RISING\RAV\viruslib.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
& & [C:\PROGRAM FILES\RISING\RAV\relibldr.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
& & [C:\PROGRAM FILES\RISING\RAV\HookWeb.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.2]
& & [C:\PROGRAM FILES\RISING\RAV\extfile.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
& & [C:\PROGRAM FILES\RISING\RAV\pearc.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
& & [C:\PROGRAM FILES\RISING\RAV\nvfile.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
& & [C:\PROGRAM FILES\RISING\RAV\scanexec.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
& & [C:\PROGRAM FILES\RISING\RAV\unexe.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
& & [C:\PROGRAM FILES\RISING\RAV\scanex.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 68]
& & [C:\PROGRAM FILES\RISING\RAV\scanpack.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
& & [C:\PROGRAM FILES\RISING\RAV\revm.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
& & [C:\PROGRAM FILES\RISING\RAV\urutils.dll]&&[, 20, 0, 0, 6]
& & [C:\PROGRAM FILES\RISING\RAV\ur000.dat]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
& & [C:\PROGRAM FILES\RISING\RAV\scriptci.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
& & [C:\PROGRAM FILES\RISING\RAV\ur023.dat]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]
& & [C:\PROGRAM FILES\RISING\RAV\uroutine.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
& & [C:\PROGRAM FILES\RISING\RAV\scansct.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
& & [C:\PROGRAM FILES\RISING\RAV\extmail.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[PID: 1092][C:\WINDOWS\system32\spoolsv.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_gdr.9)]
[PID: 1252][C:\PROGRAM FILES\RISING\RAV\RavStub.exe]&&[Beijing Rising Technology Co., Ltd., 20.0.0.9]
& & [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
& & [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
& & [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 1372][C:\AppServ\Apache2.2\bin\httpd.exe]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\bin\libapr-1.dll]&&[Apache Software Foundation, 1.2.8]
& & [C:\AppServ\Apache2.2\bin\libaprutil-1.dll]&&[Apache Software Foundation, 1.2.8]
& & [C:\AppServ\Apache2.2\bin\libapriconv-1.dll]&&[Apache Software Foundation, 1.1.1]
& & [C:\AppServ\Apache2.2\bin\libhttpd.dll]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_actions.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_alias.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_asis.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_auth_basic.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authn_default.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authn_file.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authz_default.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authz_groupfile.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authz_host.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authz_user.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_autoindex.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_cgi.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_dir.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_env.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_imagemap.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_include.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_isapi.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_log_config.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_mime.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_negotiation.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_setenvif.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_userdir.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\php5\php5apache2_2.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\php5ts.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_dbase.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_gd2.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_mbstring.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_mysql.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\WINDOWS\system32\LIBMYSQL.dll]&&[N/A, ]
& & [C:\AppServ\php5\ext\php_mysqli.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_sockets.dll]&&[The PHP Group, 5.2.3.3]
[PID: 1420][D:\Program Files\StormII\stormliv.exe]&&[北京暴风网际科技有限公司, 3, 8, 3, 15]
& & [D:\Program Files\StormII\MSVCP60.dll]&&[Microsoft Corporation, 6.02.3104.0]
[PID: 1440][C:\AppServ\Apache2.2\bin\httpd.exe]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\bin\libapr-1.dll]&&[Apache Software Foundation, 1.2.8]
& & [C:\AppServ\Apache2.2\bin\libaprutil-1.dll]&&[Apache Software Foundation, 1.2.8]
& & [C:\AppServ\Apache2.2\bin\libapriconv-1.dll]&&[Apache Software Foundation, 1.1.1]
& & [C:\AppServ\Apache2.2\bin\libhttpd.dll]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_actions.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_alias.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_asis.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_auth_basic.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authn_default.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authn_file.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authz_default.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authz_groupfile.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authz_host.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_authz_user.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_autoindex.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_cgi.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_dir.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_env.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_imagemap.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_include.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_isapi.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_log_config.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_mime.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_negotiation.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_setenvif.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\Apache2.2\modules\mod_userdir.so]&&[Apache Software Foundation, 2.2.4]
& & [C:\AppServ\php5\php5apache2_2.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\php5ts.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_dbase.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_gd2.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_mbstring.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_mysql.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\WINDOWS\system32\LIBMYSQL.dll]&&[N/A, ]
& & [C:\AppServ\php5\ext\php_mysqli.dll]&&[The PHP Group, 5.2.3.3]
& & [C:\AppServ\php5\ext\php_sockets.dll]&&[The PHP Group, 5.2.3.3]
[PID: 1852][C:\WINDOWS\Explorer.EXE]&&[Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
& & [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]&&[TENCENT, 5, 0, 3, 17]
& & [D:\Program Files\360safe\safemon\safemon.dll]&&[, 4, 1, 0, 1006]
& & [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]&&[Adobe Systems, Inc., 8.1.0.0]
& & [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]&&[Adobe Systems, Inc., 8.0.0.0]
& & [C:\WINDOWS\system32\igfxpph.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\hccutils.DLL]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\igfxres.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\igfxress.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\igfxsrvc.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\Program Files\TENCENT\SSPlus\SAddr1.dll]&&[Tencent, 5, 0, 6, 23]
& & [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]&&[Adobe Systems Incorporated, 8.0.0.]
& & [C:\Program Files\WinRAR\rarext.dll]&&[N/A, ]
& & [C:\WINDOWS\system32\RavExt.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.17]
& & [C:\Program Files\Rising\Rav\RSCOMMON.DLL]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 1896][c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe]&&[Microsoft Corporation, 2.0. (REDBITS.0)]
[PID: 2032][C:\WINDOWS\system32\inetsrv\inetinfo.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 152][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe]&&[Microsoft Corporation, 9.00]
[PID: 276][C:\Program Files\Rising\Rav\RavTask.exe]&&[Beijing Rising Technology Co., Ltd., 20.0.0.23]
& & [C:\Program Files\Rising\Rav\ProcCom.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
& & [C:\Program Files\Rising\Rav\RsCommX2.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
& & [C:\Program Files\Rising\Rav\RSCOMMON.DLL]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]&&[Beijing Rising Technology Co., Ltd., 20.0.0.0]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.16]
[PID: 336][C:\Program Files\Rising\Rav\Ravmon.exe]&&[Beijing Rising Technology Co., Ltd., 20.0.01.19]
& & [C:\WINDOWS\system32\MFC71.DLL]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\WINDOWS\system32\MSVCR71.dll]&&[Microsoft Corporation, 7.10.3052.4]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\ProcCom.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
& & [C:\Program Files\Rising\Rav\RsCommX2.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
& & [C:\Program Files\Rising\Rav\RSCOMMON.DLL]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
& & [C:\Program Files\Rising\Rav\recomp.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]
& & [C:\Program Files\Rising\Rav\refs.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
& & [C:\Program Files\Rising\Rav\viruslib.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
& & [C:\Program Files\Rising\Rav\relibldr.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.0]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.16]
& & [C:\Program Files\Rising\Rav\MonRule.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.29]
& & [C:\Program Files\Rising\Rav\PngDll.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\Rsguilib.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
& & [C:\Program Files\Rising\Rav\RsXML.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 368][D:\Program Files\360safe\safemon\360Tray.exe]&&[奇虎网, 4, 1, 0, 1004]
& & [D:\Program Files\360safe\safemon\safemon.dll]&&[, 4, 1, 0, 1006]
& & [D:\Program Files\360safe\safemon\SafeKrnl.dll]&&[奇虎网, 4, 1, 0, 1001]
& & [D:\Program Files\360safe\AntiAdwa.dll]&&[, 4, 1, 0, 1001]
& & [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]&&[TENCENT, 5, 0, 3, 17]
& & [D:\Program Files\360safe\live.dll]&&[, 1, 0, 1, 1027]
[PID: 432][C:\WINDOWS\system32\Rundll32.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]&&[TENCENT, 5, 0, 3, 17]
[PID: 2320][C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe]&&[Microsoft Corporation, 9.00]
[PID: 4072][C:\Documents and Settings\Administrator\桌面\sreng2\SREngPS.EXE]&&[Smallfrogs Studio, 2.5.16.900]
& & [D:\Program Files\360safe\safemon\safemon.dll]&&[, 4, 1, 0, 1006]
& & [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]&&[TENCENT, 5, 0, 3, 17]
& & [C:\Documents and Settings\Administrator\桌面\sreng2\Upload\3rdUpd.DLL]&&[Smallfrogs Studio, 2, 1, 0, 15]
& & [C:\Documents and Settings\Administrator\桌面\sreng2\Plugins\NTFSTREAM.SRE]&&[Smallfrogs Studio, 1, 0, 0, 5]
[PID: 1460][C:\Program Files\Internet Explorer\iexplore.exe]&&[Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
& & [D:\Program Files\360safe\safemon\safemon.dll]&&[, 4, 1, 0, 1006]
& & [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]&&[TENCENT, 5, 0, 3, 17]
& & [C:\Program Files\TENCENT\SSPlus\SAddr1.dll]&&[Tencent, 5, 0, 6, 23]
& & [C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll]&&[腾讯公司, 1, 1, 0, 5]
& & [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]&&[Adobe Systems Incorporated, 8.0.0.]
& & [C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddy.DLL]&&[Kingsoft Corporation, ,41]
& & [C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddyExt.DLL]&&[Kingsoft Corporation, ,334]
& & [C:\Program Files\baidu\SafeCenter\safecenterstatus.dll]&&[Kingsoft Corp. Ltd., 15.0.0.0]
& & [C:\Program Files\Rising\Rav\RavScrCh.dll]&&[Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
& & [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]&&[Adobe Systems, Inc., 9,0,124,0]
[PID: 2900][C:\WINDOWS\system32\mstsc.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [D:\Program Files\360safe\safemon\safemon.dll]&&[, 4, 1, 0, 1006]
& & [C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll]&&[TENCENT, 5, 0, 3, 17]
& & [C:\WINDOWS\system32\l3codeca.acm]&&[Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
& & [C:\WINDOWS\system32\tssoft32.acm]&&[DSP GROUP, INC., 1.01]
& & [C:\WINDOWS\system32\tsd32.dll]&&[, ]
==================================
文件关联
.TXT&&Error. [C:\WINDOWS\notepad.exe %1]
.EXE&&OK. [&%1& %*]
.COM&&OK. [&%1& %*]
.PIF&&OK. [&%1& %*]
.REG&&OK. [regedit.exe &%1&]
.BAT&&OK. [&%1& %*]
.SCR&&OK. [&%1& /S]
.CHM&&Error. [&hh.exe& %1]
.HLP&&OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI&&Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS&&OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.JS& &Error. [&d:\Macromedia\Dreamweaver MX\Dreamweaver.exe& &%1&]
.LNK&&OK. [{0-}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
进程特权扫描
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================复制代码
该用户从未签到
刚弄了下,ie可以打开,任务管理器不行。。
该用户从未签到
这个是在安全模式下扫描来的,10:37:28
System Repair Engineer 2.5.16.900
Smallfrogs ()
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
& & 所有的启动项目(包括注册表、启动文件夹、服务等)
& & 浏览器加载项
& & 正在运行的进程(包括进程模块信息)
& & 文件关联
& & Winsock 提供者
& & Autorun.inf
& & HOSTS 文件
& & 进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& & &QQDownload&&&C:\Program Files\Tencent\QQDownload\QQDownload.exe& autostart&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& & &RavTask&&&C:\Program Files\Rising\Rav\RavTask.exe& -system&&&[(Verified)Beijing Rising Science and Technology Corporation Limited]
& & &360Safetray&&D:\Program Files\360safe\safemon\360Tray.exe /start&&&[(Verified)Qizhi Software (beijing) Co. Ltd]
& & &stup.exe&&Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R&&&[(Verified)Tencent Technology(Shenzhen) Company Limited]
& & &百度安全中心&&; C:\Program Files\baidu\SafeCenter\baccore.exe&&&[(Verified)KINGSOFT CORPORATION]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
& & &dellupdate&&C:\WINDOWS\system32\dellserver.exe&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &shell&&Explorer.exe&&&[(Verified)Microsoft Windows Publisher]
& & &Userinit&&C:\WINDOWS\system32\userinit.exe,&&&[(Verified)Microsoft Windows Publisher]
& & &UIHost&&logonui.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
& & &{AEB-11d0-97EE-00C04FD91972}&&shell32.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &{32CD708B-60A7-4C00-9377-D73EAA495F0F}&&C:\WINDOWS\system32\RavExt.dll&&&[(Verified)Beijing Rising Science and Technology Corporation Limited]
& & &{398C9B84-4EF7-47B5-9862-DE}&&&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
& & &PostBootReminder&&%SystemRoot%\system32\SHELL32.dll&&&[(Verified)Microsoft Windows Publisher]
& & &CDBurn&&%SystemRoot%\system32\SHELL32.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &WebCheck&&%SystemRoot%\system32\webcheck.dll&&&[(Verified)Microsoft Windows Publisher]
& & &SysTray&&C:\WINDOWS\system32\stobject.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
& & &WinlogonNotify: crypt32chain&&crypt32.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
& & &WinlogonNotify: cryptnet&&cryptnet.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
& & &WinlogonNotify: cscdll&&cscdll.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
& & &WinlogonNotify: igfxcui&&igfxdev.dll&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
& & &WinlogonNotify: ScCertProp&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
& & &WinlogonNotify: Schedule&&wlnotify.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
& & &WinlogonNotify: sclgntfy&&sclgntfy.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
& & &WinlogonNotify: SensLogn&&WlNotify.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
& & &WinlogonNotify: termsrv&&wlnotify.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
& & &WinlogonNotify: wlballoon&&wlnotify.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
& & &{-A8BA-11D1-B96B-00A0C90312E1}&&%SystemRoot%\system32\browseui.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &{8C7461EF-2B13-11d2-BE35-0}&&%SystemRoot%\system32\browseui.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22d6f312-b0f6-11d0-94ab-e95}]
& & &Microsoft Windows Media Player&&C:\WINDOWS\inf\unregmp2.exe /ShowWMP&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{d38-484f-9b9e-dec}]
& & &Internet Explorer&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60B49E34-C7CC-11D0-C90347FF}MICROS]
& & &浏览器自定义组件&&RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
& & &Outlook Express&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]
& & &Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
& & &Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
& & &NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{e7d-11d1-bc44-00c04fd912be}]
& & &Windows Messenger 4.7&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& & &Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]
& & &通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&&&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4340}]
& & &Windows 桌面更新&®svr32.exe /s /n /i:U shell32.dll&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4383}]
& & &Internet Explorer 6&&%SystemRoot%\system32\ie4uinit.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}]
& & &N/A&&C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install&&&[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Convert.exe]
& & &IFEO[Convert.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FrogAgent.exe]
& & &IFEO[FrogAgent.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\katmain.exe]
& & &IFEO[katmain.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kav.exe]
& & &IFEO[kav.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Mcshield.exe]
& & &IFEO[Mcshield.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naPrdMgr.exe]
& & &IFEO[naPrdMgr.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RunOnce.exe]
& & &IFEO[RunOnce.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SnipeSword.exe]
& & &IFEO[SnipeSword.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Taskmgr.exe]
& & &IFEO[Taskmgr.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TBMon.exe]
& & &IFEO[TBMon.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.exe]
& & &IFEO[TrojDie.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UlibCfg.exe]
& & &IFEO[UlibCfg.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpdaterUI.exe]
& & &IFEO[UpdaterUI.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VsTskMgr.exe]
& & &IFEO[VsTskMgr.exe]&&C:\WINDOWS\system32\wscntfy.exe&&&[(Verified)Microsoft Windows Publisher]
==================================
启动文件夹
[腾讯QQ]
&&&C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --& C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]&&N&
==================================
服务
[Apache2.2 / Apache2.2][Stopped/Auto Start]
&&&&C:\AppServ\Apache2.2\bin\httpd.exe& -k runservice&&Apache Software Foundation&
[Contrl Center of Storm Media / ccosm][Stopped/Auto Start]
&&&D:\Program Files\StormII\stormliv.exe /asservice&&北京暴风网际科技有限公司&
[Human Interface Device Access / HidServ][Stopped/Disabled]
&&&C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&
[MSSQLSERVER / MSSQLSERVER][Stopped/Manual Start]
&&&d:\MICROS~3\MSSQL\binn\sqlservr.exe&&Microsoft Corporation&
[MySQL / MySQL][Stopped/Manual Start]
&&&&C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt& --defaults-file=&C:\Program Files\MySQL\MySQL Server 5.0\my.ini& MySQL&&N/A&
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
&&&&C:\Program Files\Rising\Rav\CCenter.exe&&&Beijing Rising Technology Co., Ltd.&
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
&&&&C:\PROGRAM FILES\RISING\RAV\Ravmond.exe&&&Beijing Rising Technology Co., Ltd.&
[Security Control / seictrl][Stopped/Auto Start]
&&&c:\windows\system32\rundll32.exe rp_engine.dll,scan&&Microsoft Corporation&
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
&&&d:\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -i MSSQLSERVER&&Microsoft Corporation&
[Apache Tomcat / Tomcat5][Stopped/Manual Start]
&&&d:\Tomcat5.0.27\bin\tomcat5.exe //RS//Tomcat5&&Apache Software Foundation&
==================================
驱动程序
[39b52l5 / 39b52l5z][Stopped/Boot Start]
&&&\SystemRoot\System32\DRIVERS\39b52l5z.sys&&N/A&
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Stopped/Manual Start]
&&&system32\drivers\ADIHdAud.sys&&Analog Devices, Inc.&
[AE Audio Service / AEAudio][Stopped/Manual Start]
&&&system32\drivers\AEAudio.sys&&Andrea Electronics Corporation&
[fmsq / fmsq][Stopped/Auto Start]
&&&\??\c:\TEMP\tmp2C8.tmp&&N/A&
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
&&&system32\DRIVERS\HDAudBus.sys&&Windows (R) Server 2003 DDK provider&
[HookCont / HookCont][Stopped/System Start]
&&&\SystemRoot\system32\drivers\HookCont.sys&&Beijing Rising Technology Co., Ltd&
[HookNtos / HookNtos][Stopped/System Start]
&&&\SystemRoot\system32\drivers\HookNtos.sys&&Beijing Rising Technology Co., Ltd&
[HookReg / HookReg][Stopped/System Start]
&&&\SystemRoot\system32\drivers\HookReg.sys&&Beijing Rising Technology Co., Ltd&
[HookSys / HookSys][Stopped/System Start]
&&&\SystemRoot\system32\drivers\HookSys.sys&&Beijing Rising Technology Co., Ltd&
[ialm / ialm][Stopped/Manual Start]
&&&system32\DRIVERS\igxpmp32.sys&&Intel Corporation&
[KAVBootC / KAVBootC][Stopped/Boot Start]
&&&\SystemRoot\system32\Drivers\KAVBootC.sys&&Kingsoft Corporation&
[ptfs / ptfs][Stopped/Auto Start]
&&&\??\c:\TEMP\tmp36D.tmp&&N/A&
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
&&&system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&
[RsNTGDI / RsNTGDI][Running/Boot Start]
&&&\SystemRoot\system32\Drivers\RsNTGdi.sys&&Beijing Rising Technology Co., Ltd.&
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
&&&system32\DRIVERS\Rtnicxp.sys&&Realtek Semiconductor Corporation&
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
&&&system32\DRIVERS\RTL8139.SYS&&Realtek Semiconductor Corporation&
[Secdrv / Secdrv][Stopped/Manual Start]
&&&system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&
[SenFilt Service / SenFiltService][Stopped/Manual Start]
&&&system32\drivers\Senfilt.sys&&Sensaura&
[zftp / zftp][Stopped/Auto Start]
&&&\??\c:\TEMP\tmpB4.tmp&&N/A&
==================================
浏览器加载项
[QQCycloneHelper Class]
&&{C9--D2} &C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司&
[Adobe PDF Reader Link Helper]
&&{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} &C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated&
[Tencent Browser Helper]
&&{0C7C23EF-A848-485B-873C-0ED} &C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent&
[Kingsoft Trojan Webshield]
&&{4E8AFE3-BF78-8A7CCD6EF333} &C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddy.DLL, Kingsoft Corporation&
[SafeMon Class]
&&{B69F34DD-F0F9-42DC-9EDD-8D} &D:\Program Files\360safe\safemon\safemon.dll, &
[SafeCenterEyeOnIE Class]
&&{D2DA0BDA-D20F-4B0B-98D4-8BEAAE175E6D} &C:\Program Files\baidu\SafeCenter\safecenterstatus.dll, Kingsoft Corp. Ltd.&
[Java Plug-in 1.5.0]
&&{08B0E5C0-4FCB-11CF-AAA5-} &C:\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.&
[IEBuddyExtControl Class]
&&{3AECD3C1-DC-47B6CF7EF749} &C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddyExt.DLL, Kingsoft Corporation&
[信息检索(&R)]
&&{CC-41C8-B9BE-3C9C571A8263} &D:\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation&
[Messenger]
&&{FB5Fd2-BB9E-00C04F795683} &C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation&
[CKAVWebScan Object]
&&{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} &C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner Pro\kavwebscan.dll, Kaspersky Lab&
[PowerCreator VGAPlayer Control]
&&{339C1EE2--81F1-FC4} &C:\WINDOWS\DOWNLO~1\VGAPLA~1.OCX, PowerCreator Corporation&
[Java Plug-in 1.5.0]
&&{8AD9C840-044E-11D1-B3E9-} &C:\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.&
[KVFileUpdate Class]
&&{CA234A53-E68D-44D5-A07C-481C051D0C7B} &C:\WINDOWS\Downloaded Program Files\OLDown.dll, Jiangmin Co.,Ltd&
[Java Plug-in 1.5.0]
&&{CAFEEFAC-00-ABCDEFFEDCBA} &C:\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.&
[Shockwave Flash Object]
&&{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.&
[KUpdateObj2 Class]
&&{D4-4DCB-8AFC-8CF99435AACE} &C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation&
[BaiduMercurySvr Class]
&&{EC-41D7-67B276} &%ProgramFiles%\baidu\SafeCenter\bacctl.dll, N/A&
[QQCycloneHelper Class]
&&{C9--D2} &C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司&
[Adobe PDF Reader Link Helper]
&&{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} &C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated&
[Web Browser Applet Control]
&&{08B0E5C0-4FCB-11CF-AAA5-} &C:\WINDOWS\system32\msjava.dll, Microsoft Corporation&
[Tencent Browser Helper]
&&{0C7C23EF-A848-485B-873C-0ED} &C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent&
[CKAVWebScan Object]
&&{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} &C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner Pro\kavwebscan.dll, Kaspersky Lab&
[HTML Document]
&&{F9-11CF-8FD0-00AA00686F13} &%SystemRoot%\system32\mshtml.dll, N/A&
[DHTML Edit Control Safe for Scripting for IE5]
&&{2D360201-FFF5-11D1-8D03-00A0C959BC0A} &C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation&
[HtmlDlgSafeHelper Class]
&&{B5-11CF-BB82-00AA00BDCE0B} &C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation&
[PowerCreator VGAPlayer Control]
&&{339C1EE2--81F1-FC4} &C:\WINDOWS\DOWNLO~1\VGAPLA~1.OCX, PowerCreator Corporation&
[IEBuddyExtControl Class]
&&{3AECD3C1-DC-47B6CF7EF749} &C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddyExt.DLL, Kingsoft Corporation&
[XML Document]
&&{4D9-11D1-A6B3-00C04FD91555} &%SystemRoot%\system32\msxml3.dll, N/A&
[KLeakScan Class]
&&{4BB7444F-E4DA-4E02-AAAD-505A0E9855D4} &C:\Program Files\KOS\KosClean.dll, Kingsoft Corporation&
[Kingsoft Trojan Webshield]
&&{4E8AFE3-BF78-8A7CCD6EF333} &C:\Program Files\baidu\SafeCenter\iebuddy\IEBuddy.DLL, Kingsoft Corporation&
[KvCoVirus Class]
&&{518D171D-CF41-4EA0-B0E0-ECBA5AA84126} &C:\WINDOWS\KVDownScan\WebScan\virusbox.dll, Jiangmin Co.Ltd&
[CKAVReportCtrl Object]
&&{C2D-41FA-A6D9-9E484B999CF0} &C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner Pro\kavwebscan.dll, Kaspersky Lab&
[Windows Media Player]
&&{6BF52A52-394A-11D3-B153-00C04F79FAA6} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&
[KvOLScan Control]
&&{6E0D0002-DC95-E-9FB1EA80AEDE} &C:\WINDOWS\KVDOWN~1\WebScan\kvKill.ocx, Jiangmin Co.&
[Active Desktop Mover]
&&{72267F6A-A6F9-11D0-BC94-00C04FB67863} &%SystemRoot%\system32\SHELL32.dll, N/A&
[360SafeLive]
&&{C--D416CB8059E3} &D:\Program Files\360safe\live.dll, &
[Microsoft Web 浏览器]
&&{A-11D0-A96B-00C04FD705A2} &C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation&
[Microsoft Scriptlet Component]
&&{AE24FDAE-03C6-11D1-8B76-} &C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation&
[SearchAssistantOC]
&&{B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, N/A&
[SafeMon Class]
&&{B69F34DD-F0F9-42DC-9EDD-8D} &D:\Program Files\360safe\safemon\safemon.dll, &
[RDS.DataSpace]
&&{BD96C556-65A3-11D0-983A-00C04FC29E36} &C:\Program Files\Common Files\system\msadc\msadco.dll, Microsoft Corporation&
[KScanSpyWare Class]
&&{C847FDE7-B612-47ED-B32C-B6} &C:\Program Files\KOS\KosClean.dll, Kingsoft Corporation&
[KVFileUpdate Class]
&&{CA234A53-E68D-44D5-A07C-481C051D0C7B} &C:\WINDOWS\Downloaded Program Files\OLDown.dll, Jiangmin Co.,Ltd&
[VIDEO__X_MS_ASF Moniker Class]
&&{CD3AFA8F-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&
[RealPlayer G2 Control]
&&{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &D:\Program Files\StormII\Codec\rmoc3260.dll, RealNetworks, Inc.&
[Shockwave Flash Object]
&&{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.&
[OfficeObj Class]
&&{D2BD7935-05FC-11D2-FD7A1BD} &, N/A&
[SafeCenterEyeOnIE Class]
&&{D2DA0BDA-D20F-4B0B-98D4-8BEAAE175E6D} &C:\Program Files\baidu\SafeCenter\safecenterstatus.dll, Kingsoft Corp. Ltd.&
[KUpdateObj2 Class]
&&{D4-4DCB-8AFC-8CF99435AACE} &C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation&
[KVirusScan Class]
&&{E176B817-4905-4CDF-8C9C-0AF3EA3B4AC7} &C:\Program Files\KOS\KosClean.dll, Kingsoft Corporation&
[KAccountManager Class]
&&{E176B817-4905-4CDF-8C9C-0AF3EA3B4AC9} &C:\Program Files\KOS\KosClean.dll, Kingsoft Corporation&
[BaiduMercurySvr Class]
&&{EC-41D7-67B276} &%ProgramFiles%\baidu\SafeCenter\bacctl.dll, N/A&
[&使用超级旋风下载]
&&&C:\Program Files\Tencent\QQDownload\geturl.htm, N/A&
[&使用超级旋风下载全部链接]
&&&C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A&
[导出到 Microsoft Office Excel(&X)]
&&&res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A&
[添加到QQ表情]
&&&C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A&
==================================
正在运行的进程
[PID: 404][\SystemRoot\System32\smss.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 460][\??\C:\WINDOWS\system32\csrss.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 484][\??\C:\WINDOWS\system32\winlogon.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 528][C:\WINDOWS\system32\services.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 540][C:\WINDOWS\system32\lsass.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 692][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 740][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 824][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 836][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1156][C:\WINDOWS\Explorer.EXE]&&[Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
& & [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]&&[Adobe Systems, Inc., 8.1.0.0]
& & [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]&&[Adobe Systems, Inc., 8.0.0.0]
& & [C:\WINDOWS\system32\igfxpph.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\hccutils.DLL]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\igfxres.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\igfxress.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\igfxsrvc.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\RavExt.dll]&&[Beijing Rising Technology Co., Ltd., 20.0.0.17]
[PID: 1296][C:\WINDOWS\system32\igfxsrvc.exe]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\igfxsrvc.dll]&&[Intel Corporation, 6.14.10.4864]
& & [C:\WINDOWS\system32\igfxdev.dll]&&[Intel Corporation, 6.14.10.4864]
[PID: 1368][C:\Documents and Settings\Administrator\桌面\sreng2\SREngPS.EXE]&&[Smallfrogs Studio, 2.5.16.900]
& & [C:\Documents and Settings\Administrator\桌面\sreng2\Upload\3rdUpd.DLL]&&[Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT&&Error. [C:\WINDOWS\notepad.exe %1]
.EXE&&OK. [&%1& %*]
.COM&&OK. [&%1& %*]
.PIF&&OK. [&%1& %*]
.REG&&OK. [regedit.exe &%1&]
.BAT&&OK. [&%1& %*]
.SCR&&OK. [&%1& /S]
.CHM&&Error. [&hh.exe& %1]
.HLP&&OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI&&Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS&&OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.JS& &Error. [&d:\Macromedia\Dreamweaver MX\Dreamweaver.exe& &%1&]
.LNK&&OK. [{0-}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
进程特权扫描
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================复制代码
该用户从未签到
我不用瑞星,认为太烂了,这是朋友的电脑,瑞星华而不实,呵呵
你说的这些文件怎么都找不到啊,
c:\windows\system32\dellserver.exe
c:\windows\system32\rundll32.exe rp_engine.dll,scan
c:\windows\system32\drivers\39b52l5z.sys
c:\temp\tmpb4.tmp
c:\temp\tmp36d.tmp
c:\temp\tmp2c8.tmp
该用户从未签到
360安全卫士还有系统进程状态,我看都挺正常的,但是就是打不开任务管理器。。
我还用百度在线杀毒等杀毒软件杀过毒,都不管用。。。
该用户从未签到
回复 10# 的帖子
那怎么修复注册表呢 ?
该用户从未签到
回复 11# 的帖子
使用了ifeo就能打开任务管理器了,ifeo是做什么的?介绍下!
你解决问题能力T强了,谢谢!!困扰我N久的问题,解决了!!!
该用户从未签到
提示: 作者被禁止或删除 内容自动屏蔽
该用户从未签到
版主好专业,以后有了困难的话,也请版主帮帮忙。
