瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 【求助】我的电脑这完了 帮忙看看日记 跪求高手帮帮`
a8888888 - 2007-4-21 17:41:00
2007-04-21,17:28:18

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <Vagaa><"D:\Vagaa\Vagaa.exe" -tray>  [Vagaa Development Team]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [N/A]
    <360Safetray><F:\360safe\safemon\360Tray.exe /start>  [奇虎网]
    <RfwMain><"E:\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <RavTask><"E:\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <LiveUpatePower><D:\完美卸载V2007 完整版\MyUpdate.exe -PowerOn>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"E:\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[Alerter / Alerter][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\alrsvc.dll><Microsoft Corporation>
[Application Layer Gateway Service / ALG][Running/Manual Start]
  <C:\WINDOWS\System32\alg.exe><Microsoft Corporation>
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><Microsoft Corporation>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Windows Audio / AudioSrv][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\audiosrv.dll><Microsoft Corporation>
[Background Intelligent Transfer Service / BITS][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\qmgr.dll><Microsoft Corporation>
[Computer Browser / Browser][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\browser.dll><Microsoft Corporation>
[Indexing Service / CiSvc][Stopped/Disabled]
  <C:\WINDOWS\system32\cisvc.exe><Microsoft Corporation>
[ClipBook / ClipSrv][Stopped/Disabled]
  <C:\WINDOWS\system32\clipsrv.exe><Microsoft Corporation>
[COM+ System Application / COMSysApp][Stopped/Manual Start]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}><Microsoft Corporation>
[Cryptographic Services / CryptSvc][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\cryptsvc.dll><Microsoft Corporation>
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[DHCP Client / Dhcp][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dhcpcsvc.dll><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINDOWS\System32\dmadmin.exe /com><Microsoft Corp., Veritas Software>
[Logical Disk Manager / dmserver][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dmserver.dll><Microsoft Corp.>
[DNS Client / Dnscache][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k NetworkService-->%SystemRoot%\System32\dnsrslvr.dll><Microsoft Corporation>
[Event Log / Eventlog][Running/Auto Start]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[COM+ Event System / EventSystem][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\es.dll><Microsoft Corporation>
[Fast User Switching Compatibility / FastUserSwitchingCompatibility][Running/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Help and Support / helpsvc][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[HTTP SSL / HTTPFilter][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k HTTPFilter-->%SystemRoot%\System32\w3ssl.dll><Microsoft Corporation>
[IMAPI CD-Burning COM Service / ImapiService][Stopped/Disabled]
  <C:\WINDOWS\system32\imapi.exe><Microsoft Corporation>
[Server / lanmanserver][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\srvsvc.dll><Microsoft Corporation>
[Workstation / lanmanworkstation][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wkssvc.dll><Microsoft Corporation>
[TCP/IP NetBIOS Helper / LmHosts][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\lmhsvc.dll><Microsoft Corporation>
[Messenger / Messenger][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\msgsvc.dll><Microsoft Corporation>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\mnmsrvc.exe><Microsoft Corporation>
[Distributed Transaction Coordinator / MSDTC][Stopped/Manual Start]
  <C:\WINDOWS\system32\msdtc.exe><Microsoft Corporation>
[Windows Installer / MSIServer][Stopped/Manual Start]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
a8888888 - 2007-4-21 17:42:00
Network DDE / NetDDE][Stopped/Disabled]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Network DDE DSDM / NetDDEdsdm][Stopped/Disabled]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Net Logon / Netlogon][Stopped/Manual Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Network Connections / Netman][Running/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[Network Location Awareness (NLA) / Nla][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mswsock.dll><Microsoft Corporation>
[NT LM Security Support Provider / NtLmSsp][Stopped/Manual Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Removable Storage / NtmsSvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\ntmssvc.dll><Microsoft Corporation>
[Office Source Engine / ose][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"><N/A>
[Plug and Play / PlugPlay][Running/Auto Start]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[IPSEC Services / PolicyAgent][Running/Auto Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Protected Storage / ProtectedStorage][Running/Auto Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Remote Access Auto Connection Manager / RasAuto][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>
[Remote Desktop Help Session Manager / RDSessMgr][Stopped/Manual Start]
  <C:\WINDOWS\system32\sessmgr.exe><Microsoft Corporation>
[Routing and Remote Access / RemoteAccess][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation>
[Remote Registry / RemoteRegistry][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\regsvc.dll><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <e:\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <e:\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start]
  <C:\WINDOWS\system32\locator.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"E:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"E:\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[QoS RSVP / RSVP][Stopped/Manual Start]
  <C:\WINDOWS\system32\rsvp.exe><Microsoft Corporation>
[Security Accounts Manager / SamSs][Running/Auto Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Smart Card / SCardSvr][Stopped/Manual Start]
  <C:\WINDOWS\System32\SCardSvr.exe><Microsoft Corporation>
[Task Scheduler / Schedule][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\schedsvc.dll><Microsoft Corporation>
[Secondary Logon / seclogon][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\seclogon.dll><Microsoft Corporation>
[System Event Notification / SENS][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation>
[Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ipnathlp.dll><Microsoft Corporation>
[Shell Hardware Detection / ShellHWDetection][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Print Spooler / Spooler][Running/Auto Start]
  <C:\WINDOWS\system32\spoolsv.exe><Microsoft Corporation>
[System Restore Service / srservice][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><Microsoft Corporation>
[SSDP Discovery Service / SSDPSRV][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\ssdpsrv.dll><Microsoft Corporation>
[Windows Image Acquisition (WIA) / stisvc][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k imgsvc-->%SystemRoot%\system32\wiaservc.dll><Microsoft Corporation>
[MS Software Shadow Copy Provider / SwPrv][Stopped/Manual Start]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{736153B1-B3B4-4FAF-B875-C5AA11CCFBF6}><Microsoft Corporation>
[Performance Logs and Alerts / SysmonLog][Stopped/Manual Start]
  <C:\WINDOWS\system32\smlogsvc.exe><Microsoft Corporation>
[Telephony / TapiSrv][Running/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[Terminal Services / TermService][Running/Manual Start]
  <C:\WINDOWS\System32\svchost -k DComLaunch-->%SystemRoot%\System32\termsrv.dll><Microsoft Corporation>
[Themes / Themes][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Telnet / TlntSvr][Stopped/Disabled]
  <C:\WINDOWS\system32\tlntsvr.exe><Microsoft Corporation>
[Distributed Link Tracking Client / TrkWks][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\trkwks.dll><Microsoft Corporation>
[Universal Plug and Play Device Host / upnphost][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\upnphost.dll><Microsoft Corporation>
[Uninterruptible Power Supply / UPS][Stopped/Manual Start]
  <C:\WINDOWS\System32\ups.exe><Microsoft Corporation>
[User Privilege Service / usprserv][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs><Microsoft Corporation>
a8888888 - 2007-4-21 17:43:00
[Volume Shadow Copy / VSS][Stopped/Manual Start]
  <C:\WINDOWS\System32\vssvc.exe><Microsoft Corporation>
[Windows Time / W32Time][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\w32time.dll><Microsoft Corporation>
[WebClient / WebClient][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\webclnt.dll><Microsoft Corporation>
[Windows Management Instrumentation / winmgmt][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\wbem\WMIsvc.dll><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\MsPMSNSv.dll><Microsoft Corporation>
[Windows Management Instrumentation Driver Extensions / Wmi][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\advapi32.dll><Microsoft Corporation>
[WMI Performance Adapter / WmiApSrv][Stopped/Manual Start]
  <C:\WINDOWS\system32\wbem\wmiapsrv.exe><Microsoft Corporation>
[Windows Media Player Network Sharing Service / WMPNetworkSvc][Stopped/Manual Start]
  <"C:\Program Files\Windows Media Player\WMPNetwk.exe"><Microsoft Corporation>
[Security Center / wscsvc][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SYSTEMROOT%\system32\wscsvc.dll><Microsoft Corporation>
[Automatic Updates / wuauserv][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\wuauserv.dll><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>
[Wireless Zero Configuration / WZCSVC][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wzcsvc.dll><Microsoft Corporation>
[Network Provisioning Service / xmlprov][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\xmlprov.dll><Microsoft Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Microsoft ACPI Driver / ACPI][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ACPI.sys><Microsoft Corporation>
[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
  <system32\drivers\aec.sys><Microsoft Corporation>
[AFD / AFD][Running/System Start]
  <\SystemRoot\System32\drivers\afd.sys><Microsoft Corporation>
[Intel AGP Bus Filter / agp440][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\agp440.sys><Microsoft Corporation>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
  <system32\DRIVERS\asyncmac.sys><Microsoft Corporation>
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\atapi.sys><Microsoft Corporation>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start]
  <system32\DRIVERS\atmarpc.sys><Microsoft Corporation>
[音频存根驱动程序 / audstub][Running/Manual Start]
  <system32\DRIVERS\audstub.sys><Microsoft Corporation>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Closed Caption Decoder / CCDECODE][Stopped/Manual Start]
  <system32\DRIVERS\CCDECODE.sys><Microsoft Corporation>
[CD-ROM Driver / Cdrom][Running/System Start]
  <system32\DRIVERS\cdrom.sys><Microsoft Corporation>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[磁盘驱动器 / Disk][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\disk.sys><Microsoft Corporation>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><Microsoft Corp., Veritas Software>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><Microsoft Corp., Veritas Software>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><Microsoft Corp., Veritas Software.>
[Microsoft Kernel DLS Syntheiszer / DMusic][Stopped/Manual Start]
  <system32\drivers\DMusic.sys><Microsoft Corporation>
[Microsoft Kernel DRM Audio Descrambler / drmkaud][Stopped/Manual Start]
  <system32\drivers\drmkaud.sys><Microsoft Corporation>
[Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\E:\Rising\Rav\ExpScan.sys><>
[Floppy Disk Controller Driver / Fdc][Stopped/Manual Start]
  <system32\DRIVERS\fdc.sys><Microsoft Corporation>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[FltMgr / FltMgr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\fltMgr.sys><Microsoft Corporation>
[FsVga / FsVga][Running/System Start]
  <system32\DRIVERS\fsvga.sys><Microsoft Corporation>
[Volume Manager Driver / Ftdisk][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ftdisk.sys><Microsoft Corporation>
[Game Port Enumerator / gameenum][Stopped/Manual Start]
  <system32\DRIVERS\gameenum.sys><Microsoft Corporation>
[Generic Packet Classifier / Gpc][Running/Manual Start]
  <system32\DRIVERS\msgpc.sys><Microsoft Corporation>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Microsoft HID Class Driver / HidUsb][Stopped/Manual Start]
  <system32\DRIVERS\hidusb.sys><Microsoft Corporation>
[HookCont / HookCont][Running/Auto Start]
  <\??\E:\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\E:\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\E:\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\E:\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HTTP / HTTP][Running/Manual Start]
  <System32\Drivers\HTTP.sys><Microsoft Corporation>
[i8042 键盘和 PS/2 鼠标端口驱动程序 / i8042prt][Running/System Start]
a8888888 - 2007-4-21 17:43:00

  <System32\DRIVERS\i8042prt.sys><Microsoft Corporation>
[CD 烧制筛选驱动器 / Imapi][Stopped/System Start]
  <system32\DRIVERS\imapi.sys><Microsoft Corporation>
[IntelIde / IntelIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\intelide.sys><Microsoft Corporation>
[Intel Processor Driver / intelppm][Running/System Start]
  <system32\DRIVERS\intelppm.sys><Microsoft Corporation>
[IPv6 Windows Firewall Driver / Ip6Fw][Stopped/Manual Start]
  <system32\DRIVERS\Ip6Fw.sys><Microsoft Corporation>
[IP Traffic Filter Driver / IpFilterDriver][Running/Auto Start]
  <\??\C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys><Microsoft Corporation>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><Microsoft Corporation>
[IP Network Address Translator / IpNat][Running/Manual Start]
  <system32\DRIVERS\ipnat.sys><Microsoft Corporation>
[IPSEC driver / IPSec][Running/System Start]
  <system32\DRIVERS\ipsec.sys><Microsoft Corporation>
[IR Enumerator Service / IRENUM][Stopped/Manual Start]
  <system32\DRIVERS\irenum.sys><Microsoft Corporation>
[PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\isapnp.sys><Microsoft Corporation>
[Keyboard Class Driver / Kbdclass][Running/System Start]
  <system32\DRIVERS\kbdclass.sys><Microsoft Corporation>
[Keyboard HID Driver / kbdhid][Stopped/System Start]
  <system32\drivers\kbdhid.sys><Microsoft Corporation>
[Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start]
  <system32\drivers\kmixer.sys><Microsoft Corporation>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\E:\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[Mouse Class Driver / Mouclass][Running/System Start]
  <system32\DRIVERS\mouclass.sys><Microsoft Corporation>
[Mouse HID Driver / mouhid][Stopped/Manual Start]
  <system32\DRIVERS\mouhid.sys><Microsoft Corporation>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\e:\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[WebDav Client Redirector / MRxDAV][Running/Manual Start]
  <system32\DRIVERS\mrxdav.sys><Microsoft Corporation>
[MRxSmb / MRxSmb][Running/System Start]
  <system32\DRIVERS\mrxsmb.sys><Microsoft Corporation>
[Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start]
  <system32\drivers\MSKSSRV.sys><Microsoft Corporation>
[Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start]
  <system32\drivers\MSPCLOCK.sys><Microsoft Corporation>
[Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start]
  <system32\drivers\MSPQM.sys><Microsoft Corporation>
[Microsoft System Management BIOS Driver / mssmbios][Running/Manual Start]
  <system32\DRIVERS\mssmbios.sys><Microsoft Corporation>
[Microsoft Streaming Tee/Sink-to-Sink Converter / MSTEE][Stopped/Manual Start]
  <system32\drivers\MSTEE.sys><Microsoft Corporation>
[Microsoft MPU-401 MIDI UART Driver / ms_mpu401][Stopped/Manual Start]
  <system32\drivers\msmpu401.sys><Microsoft Corporation>
[NABTS/FEC VBI Codec / NABTSFEC][Stopped/Manual Start]
  <system32\DRIVERS\NABTSFEC.sys><Microsoft Corporation>
[Microsoft TV/Video Connection / NdisIP][Stopped/Manual Start]
  <system32\DRIVERS\NdisIP.sys><Microsoft Corporation>
[Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start]
  <system32\DRIVERS\ndistapi.sys><Microsoft Corporation>
[NDIS 用户模式 I/O 协议 / Ndisuio][Running/Manual Start]
  <system32\DRIVERS\ndisuio.sys><Microsoft Corporation>
[Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start]
  <system32\DRIVERS\ndiswan.sys><Microsoft Corporation>
[NetBIOS Interface / NetBIOS][Running/System Start]
  <system32\DRIVERS\netbios.sys><Microsoft Corporation>
[NetBios over Tcpip / NetBT][Running/System Start]
  <system32\DRIVERS\netbt.sys><Microsoft Corporation>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkflt.sys><Microsoft Corporation>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkfwd.sys><Microsoft Corporation>
[Intel PentiumIII Processor Driver / P3][Stopped/System Start]
  <system32\DRIVERS\p3.sys><Microsoft Corporation>
[Parallel port driver / Parport][Running/Manual Start]
  <system32\DRIVERS\parport.sys><Microsoft Corporation>
[PCI Bus Driver / PCI][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\pci.sys><Microsoft Corporation>
[PCIIde / PCIIde][Running/Boot Start]
  <\SystemRoot\System32\Drivers\pciide.sys><Microsoft Corporation>
[WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start]
  <system32\DRIVERS\raspptp.sys><Microsoft Corporation>
[QoS Packet Scheduler / PSched][Running/Manual Start]
  <system32\DRIVERS\psched.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Remote Access Auto Connection Driver / RasAcd][Running/System Start]
  <system32\DRIVERS\rasacd.sys><Microsoft Corporation>
[WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start]
  <system32\DRIVERS\rasl2tp.sys><Microsoft Corporation>
[远程访问 PPPOE 驱动程序 / RasPppoe][Running/Manual Start]
  <system32\DRIVERS\raspppoe.sys><Microsoft Corporation>
[Direct Parallel / Raspti][Running/Manual Start]
  <system32\DRIVERS\raspti.sys><Microsoft Corporation>
[Rdbss / Rdbss][Running/System Start]
  <system32\DRIVERS\rdbss.sys><Microsoft Corporation>
[RDPCDD / RDPCDD][Running/System Start]
  <System32\DRIVERS\RDPCDD.sys><Microsoft Corporation>
[Terminal Server Device Redirector Driver / rdpdr][Running/Manual Start]
  <system32\DRIVERS\rdpdr.sys><Microsoft Corporation>
[Digital CD Audio Playback Filter Driver / redbook][Running/System Start]
  <system32\DRIVERS\redbook.sys><Microsoft Corporation>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\E:\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\E:\Rising\Rav\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[Serenum Filter Driver / serenum][Running/Manual Start]
  <system32\DRIVERS\serenum.sys><Microsoft Corporation>
[Serial port driver / Serial][Running/System Start]
  <system32\DRIVERS\serial.sys><Microsoft Corporation>
[Serial Mouse Driver / sermouse][Stopped/Manual Start]
  <system32\drivers\sermouse.sys><Microsoft Corporation>
[Sonic Focus Plugin for Sigmatel HDA / sfng32][Running/Manual Start]
  <system32\drivers\sfng32.sys><Sonic Focus, Inc>
[BDA Slip De-Framer / SLIP][Stopped/Manual Start]
  <system32\DRIVERS\SLIP.sys><Microsoft Corporation>
[Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start]
  <system32\drivers\splitter.sys><Microsoft Corporation>
[System Restore Filter Driver / sr][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sr.sys><Microsoft Corporation>
[Srv / Srv][Running/Manual Start]
  <system32\DRIVERS\srv.sys><Microsoft Corporation>
a8888888 - 2007-4-21 17:46:00
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <F:\360safe\safemon\safemon.dll, >
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <F:\360safe\safemon\safemon.dll, >
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&V使用Vagaa哇嘎下载]
  <D:\Vagaa\Data\vg.htm, N/A>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 564][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 632][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 716][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4146]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2504]
[PID: 904][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 988][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1120][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1180][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1316][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1644][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [E:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
[PID: 1728][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1840][E:\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [E:\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [E:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1956][e:\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [e:\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [e:\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [e:\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [e:\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [e:\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
[PID: 116][C:\WINDOWS\VM303_STI.EXE]  [Vimicro, 3, 6, 227, 13]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\VM303Prp.Ax]  [Vimicro, 3, 6, 411, 13]
[PID: 156][F:\360safe\safemon\360Tray.exe]  [奇虎网, 3, 3, 0, 1004]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [F:\360safe\safemon\SafeKrnl.dll]  [奇虎网, 3, 2, 0, 1001]
    [F:\360safe\AntiAdwa.dll]  [360Safe.com, 3, 3, 0, 1004]
[PID: 180][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3249]
[PID: 264][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
[PID: 1284][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2092][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1976][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
[PID: 1772][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\WINDOWS\system32\rmoc3260.dll]  [RealNetworks, Inc., 6.0.9.2058]
    [C:\WINDOWS\system32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [D:\新建文件夹 (2)\rpplugins\embd3260.dll]  [RealNetworks, Inc., 6.0.12.1059]
    [C:\Program Files\Common Files\Real\Common\pngu3267.dll]  [RealNetworks, Inc., 6.7.0.2453]
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  [RealNetworks, Inc., 6.0.9.3809]
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  [RealNetworks, Inc., 0.1.0.6066]
    [D:\新建文件夹 (2)\rpplugins\rpcl3260.dll]  [RealNetworks, Inc., 6.0.9.2846]
    [D:\新建文件夹 (2)\rpplugins\rput3260.dll]  [RealNetworks, Inc., 6.0.9.2826]
    [C:\Program Files\Common Files\Real\Common\pnen3260.dll]  [RealNetworks, Inc., 10.0.0.663]
    [C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll]  [RealNetworks, Inc., 10.1.0.571]
    [C:\Program Files\Common Files\Real\Plugins\zipf3260.dll]  [RealNetworks, Inc., 6.0.8.2293]
    [C:\Program Files\Common Files\Real\Plugins\vidsite.dll]  [RealNetworks, Inc., 10.0.0.644]
    [C:\Program Files\Common Files\Real\Plugins\clntxres.dll]  [RealNetworks, Inc., 10.0.0.2576]
    [D:\新建文件夹 (2)\lang\cdplay_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\dbcomp_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\embed_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\gemctl_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\pngui_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\pdgenxfer_cn.dll]  [N/A, N/A]
    [D:\新建文件夹 (2)\lang\rjctl_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rjeq_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rjres_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rjskin_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rjviz_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rjfade_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rjdlg_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rjmisc_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rjprog_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpapp_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpclsvc_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpclutil_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpdemand_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpdsplyr_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpgutil_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpmnpane_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpplylst_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\rpwebctl_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\tcdinfo_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\tclsvc_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\tdwnmgr_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
a8888888 - 2007-4-21 17:46:00
[D:\新建文件夹 (2)\lang\tmp3_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\twave_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\teasdk_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\tearm_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\tmdedit_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [D:\新建文件夹 (2)\lang\mydevices_cn.dll]  [RealNetworks, Inc., 6.0.12.299]
    [C:\Program Files\Common Files\Real\Plugins\memfsys.dll]  [RealNetworks, Inc., 10.0.0.631]
    [C:\Program Files\Common Files\Real\Plugins\httpfsys.dll]  [RealNetworks, Inc., 10.0.0.2115]
    [D:\新建文件夹 (2)\rpplugins\rpap3260.dll]  [RealNetworks, Inc., 6.0.9.2768]
    [C:\Program Files\Common Files\Real\Plugins\ramfformat.dll]  [RealNetworks, Inc., 10.0.0.1558]
    [C:\Program Files\Common Files\Real\Plugins\rmfformat.dll]  [RealNetworks, Inc., 10.0.0.865]
    [C:\Program Files\Common Files\Real\Plugins\rarender.dll]  [RealNetworks, Inc., 10.0.0.648]
    [C:\Program Files\Common Files\Real\Codecs\sipr.dll]  [RealNetworks, Inc., 10.0.0.1474]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2544][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 7, 0, 101, 80]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[PID: 3636][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 4044][C:\Documents and Settings\Administrator\桌面\扫描日记\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [F:\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
API HOOK
警告!System Repair Engineer 提醒
你下面的函数内容与预期值不符,他
们可能被一些恶意的软件所修改:
入口点错误:CreateProcessA
入口点错误:CreateProcessW

==================================


[/CODE]
a8888888 - 2007-4-21 17:48:00
这还有个日记                完美卸载 - 系统检查检测报告!
建议:修复时请按照高手的反馈编号在修复工具中打勾进行修复.

--------------------------系统环境-------------------------
检测日期: 2007-4-21 17:23
Windows: Microsoft Windows XP
ServicePack: Service Pack 2
Update: 2600.xpsp_sp2_gdr.070227-2254
Internet Explorer: 6.0.2900.2180


-----------------------网络基础安全测试--------------------
密码安全检测:已经设置了管理员密码,建议:将密码复杂度和长度提高!
网络漏洞检测:空连接检查安全!

服务名称        是否运行              描述
RemoteRegistry [已停止] [说明:这个服务可能被利用远程操作注册表]
Windows Time  [运行中] [说明:这个服务可能被黑客利用来启动木马]
Telnet        [已停止] [说明:这个服务可能被黑客登录到您计算机]
Messenger      [已停止] [说明:这个服务常被广告商用来发垃圾广告]
Server        [运行中] [说明:如果你的电脑不用局域网中,可以关闭]
建议在[控制面板]-[管理工具]-[服务]中,找到这些服务关闭并设置为[禁用].

--------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\csrss.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:3]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:4]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:5 - 可疑级别:*]
[名称:C:\WINDOWS\system32\Ati2evxx.exe]
[类型:运行进程]
[内容:ATI External Event Utility for Windows Copyright ? 1999-2006 ATI Technologies Inc.]

[编号:6]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:7]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:8 - 可疑级别:*]
[名称:E:\Rising\Rav\CCenter.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright Rising  2002]

[编号:9]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:10]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:11]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:12 - 可疑级别:*]
[名称:E:\Rising\Rav\Ravmond.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright (c) 1998-2006 Rising Corp.]

[编号:13 - 可疑级别:*]
[名称:e:\rising\rfw\rfwsrv.exe]
[类型:运行进程]
[内容:Rising Personal FireWall 2007 Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:14]
[名称:C:\WINDOWS\Explorer.EXE]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:15]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:16 - 可疑级别:*]
[名称:E:\Rising\Rav\RavStub.exe]
[类型:运行进程]
[内容:RavStub Application Copyright (c) 1998-2005 Rising Corp.]

[编号:17 - 可疑级别:*]
[名称:e:\rising\rfw\RfwMain.exe]
[类型:运行进程]
[内容:Rising Personal FireWall 2007 Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:18 - 可疑级别:*]
[名称:C:\WINDOWS\VM303_STI.EXE]
[类型:运行进程]
[内容:BIGDOG Copyright (C) 2004 Vimicro Corporation]

[编号:19 - 可疑级别:*]
[名称:F:\360safe\safemon\360Tray.exe]
[类型:运行进程]
[内容:360Tray 应用程序 版权所有 (C) 2006-2007 奇虎网]

[编号:20 - 可疑级别:*]
[名称:C:\Program Files\Common Files\Real\Update_OB\realsched.exe]
[类型:运行进程]
[内容:RealPlayer (32-bit)  Copyright ? RealNetworks, Inc. 1995-2004]

[编号:21 - 可疑级别:*]
[名称:E:\Rising\Rav\RavTask.exe]
[类型:运行进程]
[内容:Rising Antivirus Software Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:22 - 可疑级别:*]
[名称:E:\Rising\Rav\Ravmon.exe]
[类型:运行进程]
[内容:Rising Anti-Virus Monitor Copyright(c) 1998-2007 Beijing  Rising  Technology
a8888888 - 2007-4-21 17:48:00

[编号:23]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:24 - 可疑级别:*]
[名称:C:\Program Files\Tencent\QQ\QQ.exe]
[类型:运行进程]
[内容:TENCENT QQ Copyright  2007]

[编号:25]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:26]
[名称:C:\WINDOWS\System32\alg.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:27]
[名称:C:\WINDOWS\system32\conime.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:28]
[名称:D:\完美卸载V2007 完整版\MainCon.exe]
[类型:运行进程]
[内容:完美卸载V2006 主控制台 版权所有 (C) 2005]

[编号:29]
[名称:D:\完美卸载V2007 完整版\SysRepairer.exe]
[类型:运行进程]
[内容:完美卸载系统修复工具 版权所有 (C) 2005]

[编号:30]
[名称:D:\完美卸载V2007 完整版\SysSec.exe]
[类型:运行进程]
[内容:完美卸载V2006-ChinaHijackThis 版权所有 (C) 2006]

------------------------------------------------------------------------------------------

[编号:32 - 可疑级别:*]
[名称:C:\WINDOWS\system32\Ati2edxx.dll]
[类型:已加载DLL]
[内容:ATI External Device Utility Copyright (c) ATI Technologies Inc. 2003]

[编号:33 - 可疑级别:*]
[名称:E:\Rising\Rav\BWList.dll]
[类型:已加载DLL]
[内容:BWList Dynamic Link Library Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:34 - 可疑级别:*]
[名称:E:\Rising\Rav\RsCommX.dll]
[类型:已加载DLL]
[内容:rising RsCommX Copyright ? 2002]

[编号:35 - 可疑级别:*]
[名称:E:\Rising\Rav\rfwctrl.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2007 Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:36 - 可疑级别:*]
[名称:E:\Rising\Rav\RsPPsys.dll]
[类型:已加载DLL]
[内容:RSPPSYS Dynamic Link Library Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:37 - 可疑级别:*]
[名称:E:\Rising\Rav\RSAPPMGR.DLL]
[类型:已加载DLL]
[内容:Rising AntiVirus 2006 Copyright ? 2004 - 2005]

[编号:38 - 可疑级别:*]
[名称:E:\Rising\Rav\CfgDll.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2006 Copyright ? 2004 - 2006]

[编号:39 - 可疑级别:*]
[名称:E:\Rising\Rav\RSCOMMON.DLL]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:40 - 可疑级别:*]
[名称:E:\Rising\Rav\RsLog.dll]
[类型:已加载DLL]
[内容:RsLog Dynamic Link Library Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:41 - 可疑级别:*]
[名称:E:\Rising\Rav\HOOKSYS.dll]
[类型:已加载DLL]
[内容:HOOKSYS Dynamic Link Library Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:42 - 可疑级别:*]
[名称:E:\Rising\Rav\Scanner.dll]
[类型:已加载DLL]
[内容:Rising RsScanner Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:43 - 可疑级别:*]
[名称:E:\Rising\Rav\libload.dll]
[类型:已加载DLL]
[内容:rising libload Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:44 - 可疑级别:*]
[名称:E:\Rising\Rav\VirusLib.dll]
[类型:已加载DLL]
[内容:Rising VirusLib Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:45 - 可疑级别:*]
[名称:E:\Rising\Rav\regmon.dll]
[类型:已加载DLL]
[内容:  regmon Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:46 - 可疑级别:*]
[名称:E:\Rising\Rav\HookWeb.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:47 - 可疑级别:*]
[名称:E:\Rising\Rav\MemMon.dll]
[类型:已加载DLL]
[内容:北京瑞星 MemMon Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:48 - 可疑级别:*]
[名称:E:\Rising\Rav\expscan.dll]
[类型:已加载DLL]
[内容:ExpScan Dynamic Link Library Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:49 - 可疑级别:*]
[名称:E:\Rising\Rav\mPorts.dll]
[类型:已加载DLL]
[内容:Personal Firewall Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:50 - 可疑级别:*]
[名称:E:\Rising\Rav\HookCont.dll]
[类型:已加载DLL]
[内容:HOOKCONT Dynamic Link Library Copyright (C) 2007]

[编号:51 - 可疑级别:*]
[名称:E:\Rising\Rav\SpamEng.dll]
[类型:已加载DLL]
[内容: SpamEng Dynamic Link Library Copyright (C) 2004]

[编号:52 - 可疑级别:*]
[名称:E:\Rising\Rav\engine.dll]
[类型:已加载DLL]
[内容:rising engine Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:53 - 可疑级别:*]
[名称:E:\Rising\Rav\PostTrt.dll]
[类型:已加载DLL]
[内容:Rising PostTrt Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:54 - 可疑级别:*]
[名称:E:\Rising\Rav\UnExe.dll]
[类型:已加载DLL]
[内容:rising UnExe Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:55 - 可疑级别:*]
[名称:E:\Rising\Rav\ScanExec.dll]
[类型:已加载DLL]
[内容:rising ScanExec Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:56 - 可疑级别:*]
[名称:E:\Rising\Rav\ScanEx.dll]
[类型:已加载DLL]
[内容:Rising ScanEX Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:57 - 可疑级别:*]
[名称:E:\Rising\Rav\ExtFile.dll]
[类型:已加载DLL]
[内容:rising extFile Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:58 - 可疑级别:*]
[名称:E:\Rising\Rav\NvFile.dll]
[类型:已加载DLL]
[内容:rising NVFile Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:59 - 可疑级别:*]
[名称:E:\Rising\Rav\ScanMac.dll]
a8888888 - 2007-4-21 17:48:00
[类型:已加载DLL]
[内容:rising ScanMac Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:60 - 可疑级别:*]
[名称:E:\Rising\Rav\ScanSct.dll]
[类型:已加载DLL]
[内容:rising ScanSct Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:61 - 可疑级别:*]
[名称:E:\Rising\Rav\Unpacker.dll]
[类型:已加载DLL]
[内容:rising UnPacker Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:62 - 可疑级别:*]
[名称:E:\Rising\Rav\ScanPack.dll]
[类型:已加载DLL]
[内容:Rising ScanPack Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:63 - 可疑级别:*]
[名称:E:\Rising\Rav\RsVM.dll]
[类型:已加载DLL]
[内容: RSVM Dynamic Link Library Copyright (C) 2006]

[编号:64 - 可疑级别:*]
[名称:E:\Rising\Rav\Uroutine.dll]
[类型:已加载DLL]
[内容:Rising URoutine Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:65 - 可疑级别:*]
[名称:E:\Rising\Rav\ExtOLE.dll]
[类型:已加载DLL]
[内容:rising ExtOLE Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:66 - 可疑级别:*]
[名称:E:\Rising\Rav\ScanNet.dll]
[类型:已加载DLL]
[内容:rising ScanNet Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:67 - 可疑级别:*]
[名称:E:\Rising\Rav\Uscript.dll]
[类型:已加载DLL]
[内容:Rising UScript Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:68 - 可疑级别:*]
[名称:e:\rising\rfw\RfwRule.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2007 Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:69 - 可疑级别:*]
[名称:e:\rising\rfw\rfwlog.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2006 Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:70 - 可疑级别:*]
[名称:e:\rising\rfw\Rfwdrv.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2007 Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:71 - 可疑级别:*]
[名称:e:\rising\rfw\MonDrv.dll]
[类型:已加载DLL]
[内容:进程保护 Copyright ? 2005]

[编号:72 - 可疑级别:*]
[名称:e:\rising\rfw\ProcLib.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall  Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:73 - 可疑级别:*]
[名称:e:\rising\rfw\mPorts.dll]
[类型:已加载DLL]
[内容:Personal Firewall Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:74 - 可疑级别:*]
[名称:C:\WINDOWS\system32\RavExt.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:75 - 可疑级别:*]
[名称:F:\360safe\safemon\safemon.dll]
[类型:已加载DLL]
[内容: 版权所有(C) 2006-2007 奇虎网]

[编号:76 - 可疑级别:*****]
[名称:C:\Program Files\WinRAR\rarext.dll]
[类型:已加载DLL]
[内容:未知]

[编号:77 - 可疑级别:*]
[名称:e:\rising\rfw\RsGuiLib.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:78 - 可疑级别:*]
[名称:e:\rising\rfw\RSCOMMON.DLL]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:79 - 可疑级别:*]
[名称:e:\rising\rfw\RfwCtrl.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2007 Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:80 - 可疑级别:*]
[名称:e:\rising\rfw\RsXML.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:81 - 可疑级别:*]
[名称:e:\rising\rfw\PngDll.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2005 Rising Corp.]

[编号:82 - 可疑级别:*]
[名称:C:\WINDOWS\system32\msdmo.dll]
[类型:已加载DLL]
[内容:(null) (null)]

[编号:83 - 可疑级别:*]
[名称:C:\WINDOWS\system32\VM303Prp.Ax]
[类型:已加载DLL]
[内容: Copyright (c) Vimicro.,2006.]

[编号:84 - 可疑级别:*]
[名称:F:\360safe\safemon\SafeKrnl.dll]
[类型:已加载DLL]
[内容: Copyright (C) 2006-2007 奇虎网]

[编号:85 - 可疑级别:*]
[名称:F:\360safe\AntiAdwa.dll]
[类型:已加载DLL]
[内容:360安全卫士检测模块 Copyright(C) 2006-2007 360Safe.com]

[编号:86 - 可疑级别:*]
[名称:E:\Rising\Rav\RsGuiLib.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:87 - 可疑级别:*]
[名称:E:\Rising\Rav\RsXML.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 R
a8888888 - 2007-4-21 17:49:00
编号:88 - 可疑级别:*]
[名称:E:\Rising\Rav\PngDll.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2005 Rising Corp.]

[编号:89 - 可疑级别:*]
[名称:D:\完美卸载V2007 完整版\SkinMagic.dll]
[类型:已加载DLL]
[内容:Appspeed SkinMagic Toolkit Copyright ? 2002-2006]

[编号:90 - 可疑级别:*]
[名称:C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]
[类型:已加载DLL]
[内容:Shockwave Flash ? 1996-2006 Adobe Macromedia Software LLC. All rights reserved.]

------------------------------------------------------------------------------------------

[编号:92]
[名称:BigDog303]
[类型:开机启动]
[内容:C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)]

[编号:93]
[名称:360Safetray]
[类型:开机启动]
[内容:F:\360safe\safemon\360Tray.exe /start]

[编号:94]
[名称:RfwMain]
[类型:开机启动]
[内容:"E:\Rising\Rfw\rfwmain.exe" -Startup]

[编号:95]
[名称:TkBellExe]
[类型:开机启动]
[内容:"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot]

[编号:96]
[名称:RavTask]
[类型:开机启动]
[内容:"E:\Rising\Rav\RavTask.exe" -system]

[编号:97]
[名称:LiveUpatePower]
[类型:开机启动]
[内容:D:\完美卸载V2007 完整版\MyUpdate.exe -PowerOn]

[编号:98]
[名称:ctfmon.exe]
[类型:开机启动]
[内容:C:\WINDOWS\system32\ctfmon.exe]

[编号:99]
[名称:Vagaa]
[类型:开机启动]
[内容:"D:\Vagaa\Vagaa.exe" -tray]

------------------------------------------------------------------------------------------

[编号:101 - 可疑级别:*]
[名称:Intel(r) 82801 Audio Driver Install Service (WDM)]
[类型:服务:Intel(r) Integrated Controller Hub Audio Driver Copyright (C) Intel Corporation 1998-2001]
[内容:C:\WINDOWS\system32\drivers\ac97intc.sys]

[编号:102 - 可疑级别:*****]
[名称:AFD]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\afd.sys]

[编号:103 - 可疑级别:*]
[名称:AMD K8 Processor Driver]
[类型:服务:AMD Processor Driver Copyright (C) AMD, Inc.2002-2003]
[内容:C:\WINDOWS\system32\drivers\amdk8.sys]

[编号:104 - 可疑级别:*****]
[名称:ASP.NET State Service]
[类型:服务:未知]
[内容:C:\WINDOWS\microsoft.net\framework\v1.1.4322\aspnet_state.exe]

[编号:105 - 可疑级别:*]
[名称:Rising TDI Base Driver]
[类型:服务:Rising PFW Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]
[内容:C:\WINDOWS\system32\drivers\basetdi.sys]

[编号:106 - 可疑级别:*****]
[名称:DCOM Server Process Launcher]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]
a8888888 - 2007-4-21 17:49:00
编号:107 - 可疑级别:*]
[名称:Intel(R) PRO Network Connection Driver]
[类型:服务:Intel(R) PRO/100 Adapter 1995-2005, Intel Corp. All Rights Reserved.]
[内容:C:\WINDOWS\system32\drivers\e100b325.sys]

[编号:108 - 可疑级别:*****]
[名称:EagleNT]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\eaglent.sys]

[编号:109 - 可疑级别:*]
[名称:ExpScaner]
[类型:服务:ExpScan.sys Copyright (C) 2004 Rising]
[内容:e:\rising\rav\expscan.sys]

[编号:110 - 可疑级别:*]
[名称:VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver]
[类型:服务:VIA PCI 10/100Mb Fast Ethernet Adapter                      VIA Technologies, Inc.              ]
[内容:C:\WINDOWS\system32\drivers\fetnd5.sys]

[编号:111 - 可疑级别:*]
[名称:HookCont]
[类型:服务:HookCont Copyright (C) 2007]
[内容:e:\rising\rav\hookcont.sys]

[编号:112 - 可疑级别:*]
[名称:HookReg]
[类型:服务: 版权所有 (@) 2003]
[内容:e:\rising\rav\hookreg.sys]

[编号:113 - 可疑级别:*]
[名称:HookSys]
[类型:服务:Hooksys Copyright (C) 2007]
[内容:e:\rising\rav\hooksys.sys]

[编号:114 - 可疑级别:*]
[名称:HookUrl]
[类型:服务:Personal FireWall Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]
[内容:e:\rising\rfw\hookurl.sys]

[编号:115 - 可疑级别:*****]
[名称:kmsinput]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\kmsinput.sys]

[编号:116 - 可疑级别:*]
[名称:MEMSCAN]
[类型:服务:MemScan Drivers for Windows NT Copyright (C) RFW Corp. 2000-2002]
[内容:e:\rising\rav\memscan.sys]

[编号:117 - 可疑级别:*]
[名称:mProcRs]
[类型:服务:Rising Personal FireWall  Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]
[内容:e:\rising\rfw\mprocrs.sys]

[编号:118 - 可疑级别:*]
[名称:npkcrypt]
[类型:服务:nProtect KeyCrypt Driver Copyright (C) INCA Internet. 2000-2005]
[内容:c:\program files\tencent\qq\npkcrypt.sys]

[编号:119 - 可疑级别:*****]
[名称:Office Source Engine]
[类型:服务:未知]
[内容:"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"]

[编号:120 - 可疑级别:*]
[名称:Rising Proxy  Service]
[类型:服务:Rising Personal FireWall 2007 Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]
[内容:e:\rising\rfw\rfwproxy.exe]

[编号:121 - 可疑级别:*]
[名称:Rising Personal Firewall Service]
[类型:服务:Rising Personal FireWall 2007 Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]
[内容:e:\rising\rfw\rfwsrv.exe]

[编号:122 - 可疑级别:*****]
[名称:Remote Procedure Call (RPC)]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:123 - 可疑级别:*]
[名称:Rising Process Communication Center]
[类型:服务:Rising Antivirus Software Copyright Rising  2002]
[内容:"E:\Rising\Rav\CCenter.exe"]

[编号:124 - 可疑级别:*]
[名称:RsFwDrv]
[类型:服务:Rising nt_fwdrv Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]
[内容:e:\rising\rfw\rsfwdrv.sys]

[编号:125 - 可疑级别:*]
[名称:RsNTGDI]
[类型:服务:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]
[内容:C:\WINDOWS\system32\drivers\rsntgdi.sys]

[编号:126 - 可疑级别:*]
[名称:RSPPSYS]
[类型:服务:RSPPSYS.SYS Copyright (C) 2007]
[内容:e:\rising\rav\rsppsys.sys]

[编号:127 - 可疑级别:*]
[名称:Rising RealTime Monitor]
[类型:服务:Rising Antivirus Software Copyright (c) 1998-2006 Rising Corp.]
[内容:"E:\Rising\Rav\Ravmond.exe"]

[编号:128 - 可疑级别:*****]
[名称:Secdrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\secdrv.sys]

[编号:129 - 可疑级别:*]
[名称:Sonic Focus Plugin for Sigmatel HDA]
[类型:服务:Sonic Focus, Inc SFNG32.SYS Copyright ? 2005 Sonic Focus, Inc]
[内容:C:\WINDOWS\system32\drivers\sfng32.sys]

[编号:130 - 可疑级别:*****]
[名称:System Restore Filter Driver]
[类型:服务:未知]
[内容:\SystemRoot\system32\DRIVERS\sr.sys]

[编号:131 - 可疑级别:*]
[名称:SigmaTel High Definition Audio CODEC]
[类型:服务:C-Major Audio Copyright (c) 2004-2005, SigmaTel, Inc.]
[内容:C:\WINDOWS\system32\drivers\sthda.sys]

[编号:132 - 可疑级别:*****]
[名称:Terminal Services]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:133 - 可疑级别:*****]
[名称:WmNdisDrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\wmndisdrv.sys]

[编号:134 - 可疑级别:*]
[名称:海天地QQ电脑眼(VIMICRO301 NEPTUNE)]
[类型:服务: VM. 2006.]
[内容:C:\WINDOWS\system32\drivers\usbvm303.sys]

------------------------------------------------------------------------------------------

[编号:136]
[名称:Start Page]
[类型:IE主页-当前用户]
[内容:http://www.hao123.com/]

[编号:137]
[名称:Search Page]
[类型:IE搜索-当前用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:138]
[名称:Start Page]
[类型:IE主页-所有用户]
[内容:about:blank]
a8888888 - 2007-4-21 17:49:00
[编号:139]
[名称:Search Page]
[类型:IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:140]
[名称:Default_Page_URL]
[类型:默认IE主页-所有用户]
[内容:http://www.microsoft.com/windows/ie_intl/cn/start/]

[编号:141]
[名称:Default_Search_URL]
[类型:默认IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

------------------------------------------------------------------------------------------

[编号:143 - 可疑级别:*]
[名称:Thunder Browser Helper]
[类型:IE 嵌入对象]
[内容:C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]

[编号:144 - 可疑级别:*]
[名称:NavigatMon Class]
[类型:IE 嵌入对象]
[内容:F:\360safe\safemon\safemon.dll]

------------------------------------------------------------------------------------------

[编号:146]
[名称:{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
[类型:IE 扩展按钮]
[内容:启动迅雷5 路径:C:\Program Files\Thunder Network\Thunder\Thunder.exe]

------------------------------------------------------------------------------------------

[编号:148]
[名称:&V使用Vagaa哇嘎下载]
[类型:IE 右键按钮]
[内容: 路径: Net]

[编号:149]
[名称:&使用迅雷下载]
[类型:IE 右键按钮]
[内容: 路径: Net]

[编号:150]
[名称:&使用迅雷下载全部链接]
[类型:IE 右键按钮]
[内容: 路径: Net]

[编号:151]
[名称:上传到QQ网络硬盘]
[类型:IE 右键按钮]
[内容: 路径: Net]

[编号:152]
[名称:导出到 Microsoft Office Excel(&X)]
[类型:IE 右键按钮]
[内容: 路径: Net]

[编号:153]
[名称:添加到QQ自定义面板]
[类型:IE 右键按钮]
[内容: 路径: Net]

[编号:154]
[名称:添加到QQ表情]
[类型:IE 右键按钮]
[内容: 路径: Net]

[编号:155]
[名称:用QQ彩信发送该图片]
[类型:IE 右键按钮]
[内容: 路径: Net]

------------------------------------------------------------------------------------------

[编号:157]
[名称:{233A9694-667E-11D1-9DFB-006097D50408}]
[类型:Outlook Express Address Book <IE控件>]
[内容:%ProgramFiles%\Outlook Express\msoe.dll]

[编号:158]
[名称:{cae80521-f685-11d1-af32-00c04fa31b90}]
[类型:CLSID_OENote <IE控件>]
[内容:%ProgramFiles%\Outlook Express\msoe.dll]

------------------------------------------------------------------------------------------

[编号:160]
[名称:PostBootReminder]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:161]
[名称:CDBurn]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:162]
[名称:WebCheck]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\webcheck.dll]

[编号:163]
[名称:SysTray]
[类型:正常嵌入对象]
[内容:C:\WINDOWS\system32\stobject.dll]

------------------------------------------------------------------------------------------

[编号:165]
[名称:]
[类型:EXE关联]
[内容:"%1" %*]

[编号:166]
[名称:]
[类型:TXT关联]
[内容:%SystemRoot%\system32\NOTEPAD.EXE %1]

[编号:167]
[名称:]
[类型:vbs关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:168]
[名称:]
[类型:Js关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:169]
[名称:]
[类型:htmlfile关联]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:170]
[名称:]
[类型:HTTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:171]
[名称:]
[类型:FTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" %1]

------------------------------------------------------------------------------------------

[编号:173]
[名称:c:\windows\system32\deskpan.dll]
[类型:第三方 COM/ActiveX组件]
[内容:显示摇曳 CPL 扩展---发布公司:未知]

[编号:174]
[名称:c:\windows\system32\msir3jp.dll]
[类型:第三方 COM/ActiveX组件]
[内容:Japanese_Default Word Breaker Resources---发布公司:未知]

[编号:175]
[名称:c:\windows\system32\msir3jp.dll]
[类型:第三方 COM/ActiveX组件]
[内容:Japanese_Default Stemmer Resources---发布公司:未知]

-----------------------计算机网络端口----------------------
协议      端口号              端口类型
TCP        135        微软DCE RPC end-point mapper服务
TCP        445        Microsoft-DS
TCP      6059        未知类型
TCP      1033        未知类型
TCP        139        微软Netbios Name服务(用于文件及打印机共享)
TCP      1096        未知类型
TCP      1107        未知类型
TCP        445        公共Internet文件系统(CIFS)
TCP        500        Internet密钥交换
TCP      1042        未知类型
TCP      1074        未知类型
TCP      4500        sae-urn
TCP        123        未知类型
TCP      1106        未知类型
TCP      1900        未知类型
TCP        123        未知类型
TCP        137        未知类型
TCP        138        未知类型
TCP      1900        未知类型
TCP        123        未知类型
TCP      1900        未知类型



--------------------感谢您关注我们的软件---------------------
网站: http://www.killsoft.cn  产品:完美卸载V2006
1
查看完整版本: 【求助】我的电脑这完了 帮忙看看日记 跪求高手帮帮`