求助!!!中了个毒,,玩不了游戏?瑞星的GM们帮帮我... bbs.ikaka.com

lyxcn - 2007-7-11 13:02:00

Trojan.PSW.win32.onlineGames.dcj
升级了最新的也杀不掉...
每次重新启动就会有这个毒!!游戏安装了去玩不了....被弹出去没有任何提示..

lyxcn - 2007-7-11 13:13:00

[CODE]

2007-07-11,12:52:13

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<zxsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\zxso.exe> [N/A]
<wosa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\woso.exe> [N/A]
<yok.exe><C:\Program Files\yok\yok.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<MSDEG32><LYLoader.exe> [N/A]
<MSDCG32 ><LYLeador.exe> [N/A]
<MSDOG32><LYLoador.exe> [N/A]
<MSDSG32><LYLoadar.exe> [N/A]
<MSDMG32><LYLoadmr.exe> [N/A]
<MSDHG32><LYLoadhr.exe> [N/A]
<MSDQG32><LYLoadqr.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\System64.Sys> [N/A]
<{0FC9D5BB-1D4C-493B-83CF-81DD3490F59E}><C:\WINDOWS\system32\SysPro.dll> [N/A]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
<{36CD708B-6077-4C02-9377-D73EAA495A0F}><C:\WINDOWS\WinHttp.dll> [N/A]
<{0FAD2E16-C8EF-5AC1-1E6A-AE3FD8EF56B3}><C:\Program Files\Internet Explorer\msvcrt.dll> [N/A]
<{A6011F8F-A7F8-49AA-9ADA-49127D43138F}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.bmt> [N/A]
<{3495D328-661A-4FB0-BA67-8ACDD1704D1E}><C:\WINDOWS\system32\CSRSS.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{63202121-F04D-11cf-64CD-33FF5FE1CF20}]
<N/A><C:\WINDOWS\system32\nwizAsktao.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{81716107-A10D-11cf-64CD-11115FE1CF41}]
<N/A><C:\WINDOWS\system32\nwizzhuxians.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{926A036A-158B-047A-E269-D148B0369C14}]
<N/A><C:\WINDOWS\system32\install.exe> []

lyxcn - 2007-7-11 13:16:00

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Win32 Display Driver / Win32DDS][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe windds32.dll,input><Microsoft Corporation>
[Wireless Service / WZCSRVC][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe netsrvcs.dll,input><Microsoft Corporation>

lyxcn - 2007-7-11 13:18:00

驱动程序
[a320raid / a320raid][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[AAC / AAC][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\AAC.SYS><Adaptec, Inc.>
[aar1210 / aar1210][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[abp480n5 / abp480n5][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation>
[adpu160m / adpu160m][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[adpu320 / adpu320][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC6290 / AEC6290][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\AEC6290.SYS><ACARD Technology Corp.>
[AEC67160 / AEC67160][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\AEC67160.SYS><ACARD Technology Corp.>
[AEC671X / AEC671X][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\AEC671X.SYS><ACARD Technology Corp.>
[AEC6880 / AEC6880][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\AEC6880.SYS><ACARD Technology Corp.>
[AEC6890 / AEC6890][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[Aha154x / Aha154x][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
<System32\DRIVERS\amdk8.sys><Microsoft Corporation>
[arc / arc][Stopped/Boot Start]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[asc / asc][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[elxstor / elxstor][Stopped/Boot Start]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>

lyxcn - 2007-7-11 13:19:00

[FASTSX / FASTSX][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\FASTSX.SYS><Promise Technology, Inc.>
[fasttrak / fasttrak][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[fasttx2k2 / fasttx2k2][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.>
[HookCont / HookCont][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HpCISSs / HpCISSs][Stopped/Boot Start]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Hpt366 / Hpt366][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[HPT371 / HPT371][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[hpt374 / hpt374][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel Integrated RAID / iaStor][Stopped/Boot Start]
<\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Boot Start]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[ini910u / ini910u][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[ITERAID_Service_Install / iteraid][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_SAS / LSI_SAS][Stopped/Boot Start]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Boot Start]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[m5228 / m5228][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Stopped/Boot Start]
<\SystemRoot\system32\drivers\m5281.sys><ALi Corporation>
[MegaIDE / MegaIDE][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[megasas / megasas][Stopped/Boot Start]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mraid2k / mraid2k][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.>
[mraid35x / mraid35x][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[nfrd960 / nfrd960][Stopped/Boot Start]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\drivers\npf.sys><CACE Technologies>
[Intel SCSI Controller / NvAtaBus][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[PNP649R / PNP649R][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\PNP649R.SYS><CMD Technology, Inc.>
[SiI 680 ATA Controller / Pnp680][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[QLogic Fibre Channel SCSI Miniport Driver / ql2300][Stopped/Boot Start]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[RAIDSRC / RAIDSRC][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\RAIDSRC.SYS><Intel/ICP>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[S150SX8 / S150SX8][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\S150SX8.SYS><Promise Technology, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start]
<\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc>
[SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SISIDE / SISIDE][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SISIDE.SYS><Silicon Integrated Systems Corp.>
[SiSRaid / SiSRaid][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid1 / SiSRaid1][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems>
[SISRAIDS / SISRAIDS][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SISRAIDS.SYS><Silicon Integrated Systems Corp>
[Sparrow / Sparrow][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[symc810 / symc810][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SYMMPI / SYMMPI][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SYMMPI.SYS><LSI Logic>
[sym_hi / sym_hi][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TosIde / TosIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[UlSata / UlSata][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ULSATAS / ULSATAS][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ULSATAS.SYS><Promise Technology, Inc.>
[ultra / ultra][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation>
[viamraid / viamraid][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viaraid / viaraid][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
[viasraid / viasraid][Stopped/Boot Start]
<\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Stopped/Boot Start]
<\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.>

lyxcn - 2007-7-11 13:20:00

浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[]
{D3626E66-B13B-C628-ACDF-BDABCFA265E1} <C:\Program Files\Common Files\Relive.dll, N/A>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>

lyxcn - 2007-7-11 13:21:00

浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[]
{D3626E66-B13B-C628-ACDF-BDABCFA265E1} <C:\Program Files\Common Files\Relive.dll, N/A>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>

我哭99我 - 2007-7-11 13:21:00

哥们你发的这些是干吗的？找到办法没！？找到了告诉我哈！

lyxcn - 2007-7-11 13:23:00

这个是系统分析..报出来给他们看的

lyxcn - 2007-7-11 13:25:00

....................忘记发到哪句了.....

被你打断了...

Leoooo - 2007-7-11 13:26:00

http://download.rising.com.cn/for_down/kakatool/kakasetupv4.exe下载卡卡上网安全助手4.0
1 运行瑞星卡卡上网安全助手
2 诊断求助=》电脑诊断日志
3 选择"文件详细信息"、"文件名相似分析"3个选项
4 开始扫描＝》导出信息，导成txt格式（也可以是htm格式方便自己看，不过论坛不能上传htm格式）
5 把日志中的报告完整拷贝贴上来，不要修改（一次发不完请分次发上来）
6 扫日志的时候尽量把不必要的软件关闭如QQ TM等
7 把扫描出来的可疑文件上传给瑞星http://up.rising.com.cn/webmail/uploadnew.htm

Leoooo - 2007-7-11 13:27:00

http://download.rising.com.cn/for_down/kakatool/kakasetupv4.exe下载卡卡上网安全助手4.0
1 运行瑞星卡卡上网安全助手
2 诊断求助=》电脑诊断日志
3 选择"文件详细信息"、"文件名相似分析"3个选项
4 开始扫描＝》导出信息，导成txt格式（也可以是htm格式方便自己看，不过论坛不能上传htm格式）
5 把日志中的报告完整拷贝贴上来，不要修改（一次发不完请分次发上来）
6 扫日志的时候尽量把不必要的软件关闭如QQ TM等
7 把扫描出来的可疑文件上传给瑞星http://up.rising.com.cn/webmail/uploadnew.htm

我哭99我 - 2007-7-11 13:29:00

我让它不再提示屏B了！唉~！莫非又要我重做系统！命苦啊！

lyxcn - 2007-7-11 13:31:00

瑞星卡卡电脑诊断日志 v1.20 (2007-7-11 13:13:10) 北京瑞星科技股份有限公司

注释:[A]表示该文件存在自启动关联;
[M]表示该文件在内存中;

+ 注册表自运行项目
+ Win32 Services
+ HKLM\System\CurrentControlSet\Services
ose
[A ] 1. c:\program files\common files\microsoft shared\source engine\ose.exe
RsCCenter
[A ] 2. c:\program files\rising\rav\ccenter.exe
RsRavMon
[A ] 3. c:\program files\rising\rav\ravmond.exe
UMWdf
[AM] 4. c:\windows\system32\wdfmgr.exe
+ Kernel Drivers
+ HKLM\System\CurrentControlSet\Services
a320raid
[A ] 5. c:\windows\system32\drivers\a320raid.sys
AAC
[A ] 6. c:\windows\system32\drivers\aac.sys
aar1210
[A ] 7. c:\windows\system32\drivers\aar1210.sys
adpu320
[A ] 8. c:\windows\system32\drivers\adpu320.sys
aec6210
[A ] 9. c:\windows\system32\drivers\aec6210.sys
aec6260
[A ] 10. c:\windows\system32\drivers\aec6260.sys
aec6280
[A ] 11. c:\windows\system32\drivers\aec6280.sys
AEC6290
[A ] 12. c:\windows\system32\drivers\aec6290.sys
AEC67160
[A ] 13. c:\windows\system32\drivers\aec67160.sys
AEC671X
[A ] 14. c:\windows\system32\drivers\aec671x.sys
AEC6880
[A ] 15. c:\windows\system32\drivers\aec6880.sys
AEC6890
[A ] 16. c:\windows\system32\drivers\aec6890.sys
aec68x5
[A ] 17. c:\windows\system32\drivers\aec68x5.sys
ALCXWDM
[A ] 18. c:\windows\system32\drivers\alcxwdm.sys
AmdK8
[A ] 19. c:\windows\system32\drivers\amdk8.sys
arc
[A ] 20. c:\windows\system32\drivers\arc.sys
BaseTDI
[A ] 21. c:\windows\system32\drivers\basetdi.sys
elxstor
[A ] 22. c:\windows\system32\drivers\elxstor.sys
ExpScaner
[A ] 23. c:\program files\rising\rav\expscan.sys
FASTSX
[A ] 24. c:\windows\system32\drivers\fastsx.sys
fasttrak
[A ] 25. c:\windows\system32\drivers\fasttrak.sys
fasttx2k
[A ] 26. c:\windows\system32\drivers\fasttx2k.sys
fasttx2k2
[A ] 27. c:\windows\system32\drivers\fasttx2k2.sys
HookCont
[A ] 28. c:\program files\rising\rav\hookcont.sys
HookReg
[A ] 29. c:\program files\rising\rav\hookreg.sys
HookSys
[A ] 30. c:\program files\rising\rav\hooksys.sys
HpCISSs
[A ] 31. c:\windows\system32\drivers\hpcisss.sys
Hpt366
[A ] 32. c:\windows\system32\drivers\hpt366.sys
HPT371
[A ] 33. c:\windows\system32\drivers\hpt371.sys
hpt374
[A ] 34. c:\windows\system32\drivers\hpt374.sys
hpt3xx
[A ] 35. c:\windows\system32\drivers\hpt3xx.sys
hptmv
[A ] 36. c:\windows\system32\drivers\hptmv.sys
hptpro
[A ] 37. c:\windows\system32\drivers\hptpro.sys
ialm
[A ] 38. c:\windows\system32\drivers\ialmnt5.sys
iaStor
[A ] 39. c:\windows\system32\drivers\iastor.sys
iirsp
[A ] 40. c:\windows\system32\drivers\iirsp.sys
iteraid
[A ] 41. c:\windows\system32\drivers\iteraid.sys
LSI_SAS
[A ] 42. c:\windows\system32\drivers\lsi_sas.sys
LSI_SCSI
[A ] 43. c:\windows\system32\drivers\lsi_scsi.sys
m5228
[A ] 44. c:\windows\system32\drivers\m5228.sys
m5281
[A ] 45. c:\windows\system32\drivers\m5281.sys
MegaIDE
[A ] 46. c:\windows\system32\drivers\megaide.sys
megasas
[A ] 47. c:\windows\system32\drivers\megasas.sys
MEMSCAN
[A ] 48. c:\program files\rising\rav\memscan.sys
mraid2k
[A ] 49. c:\windows\system32\drivers\mraid2k.sys
nfrd960
[A ] 50. c:\windows\system32\drivers\nfrd960.sys
NPF
[A ] 51. c:\windows\system32\drivers\npf.sys
NvAtaBus
[A ] 52. c:\windows\system32\drivers\nvatabus.sys
nvraid
[A ] 53. c:\windows\system32\drivers\nvraid.sys
PNP649R
[A ] 54. c:\windows\system32\drivers\pnp649r.sys
Pnp680
[A ] 55. c:\windows\system32\drivers\pnp680.sys
Pnp680r
[A ] 56. c:\windows\system32\drivers\pnp680r.sys
ql2300
[A ] 57. c:\windows\system32\drivers\ql2300.sys
RAIDSRC
[A ] 58. c:\windows\system32\drivers\raidsrc.sys
RsAntiSpyware
[A ] 59. c:\windows\system32\drivers\rsboot.sys
RsNTGDI
[A ] 60. c:\windows\system32\drivers\rsntgdi.sys
RSPPSYS
[A ] 61. c:\program files\rising\rav\rsppsys.sys
RTL8023xp
[A ] 62. c:\windows\system32\drivers\rtnicxp.sys
S150SX8
[A ] 63. c:\windows\system32\drivers\s150sx8.sys
Secdrv
[A ] 64. c:\windows\system32\drivers\secdrv.sys
SI3112
[A ] 65. c:\windows\system32\drivers\si3112.sys
SI3112r
[A ] 66. c:\windows\system32\drivers\si3112r.sys
SI3114
[A ] 67. c:\windows\system32\drivers\si3114.sys
SI3114r
[A ] 68. c:\windows\system32\drivers\si3114r.sys
SI3124
[A ] 69. c:\windows\system32\drivers\si3124.sys
SI3124r
[A ] 70. c:\windows\system32\drivers\si3124r.sys
SiFilter
[A ] 71. c:\windows\system32\drivers\siwinacc.sys
SISIDE
[A ] 72. c:\windows\system32\drivers\siside.sys
SiSRaid
[A ] 73. c:\windows\system32\drivers\sisraid.sys
SiSRaid1
[A ] 74. c:\windows\system32\drivers\sisraid1.sys
SISRAIDS
[A ] 75. c:\windows\system32\drivers\sisraids.sys
sptrak
[A ] 76. c:\windows\system32\drivers\sptrak.sys
SYMMPI
[A ] 77. c:\windows\system32\drivers\symmpi.sys
UlSata
[A ] 78. c:\windows\system32\drivers\ulsata.sys
ULSATAS
[A ] 79. c:\windows\system32\drivers\ulsatas.sys
viamraid
[A ] 80. c:\windows\system32\drivers\viamraid.sys
viapdsk
[A ] 81. c:\windows\system32\drivers\viapdsk.sys
viaraid
[A ] 82. c:\windows\system32\drivers\viaraid.sys
viasraid
[A ] 83. c:\windows\system32\drivers\viasraid.sys
vmscsi
[A ] 84. c:\windows\system32\drivers\vmscsi.sys
+ Winlogon
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
igfxcui
[AM] 85. c:\windows\system32\igfxsrvc.dll
+ Internet Explorer
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[AM] 86. c:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
{889D2FEB-5411-4565-8998-1DD2C5261283}
[AM] 87. c:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 88. c:\program files\thunder network\thunder\thunder.exe
Exec
[A ] 89. c:\program files\messenger\msmsgs.exe
+ Explorer
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[AM] 90. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
+ HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
{926A036A-158B-047A-E269-D148B0369C14}
[A ] 91. c:\windows\system32\install.exe
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 92. c:\windows\system32\hticons.dll
Microsoft Office HTML Icon Handler
[AM] 93. c:\program files\microsoft office\office11\msohev.dll
Web Folders
[A ] 94. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Portable Media Devices
[A ] 95. c:\windows\system32\audiodev.dll
Portable Media Devices Menu
[A ] 95. c:\windows\system32\audiodev.dll
WinRAR shell extension
[A ] 96. c:\program files\winrar\rarext.dll
RISING
[AM] 97. c:\windows\system32\ravext.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 97. c:\windows\system32\ravext.dll
{3495D328-661A-4FB0-BA67-8ACDD1704D1E}
[AM] 98. c:\windows\system32\csrss.dll
{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
[AM] 99. c:\windows\system32\shlhook.dll
+ Logon
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
IgfxTray
[A ] 100. c:\windows\system32\igfxtray.exe
HotKeysCmds
[AM] 101. c:\windows\system32\hkcmd.exe
SoundMan
[AM] 102. c:\windows\soundman.exe
RavTask
[A ] 103. c:\program files\rising\rav\ravtask.exe
runeip
[AM] 104. c:\program files\rising\antispyware\runiep.exe
+ Boot Execute
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 105. c:\windows\system32\bsmain.exe
+ Image Hijacks
+ HKCR\.html
htmlfile\Edit\Command
[A ] 106. c:\program files\microsoft office\office11\msohtmed.exe
htmlfile\Print\Command
[A ] 106. c:\program files\microsoft office\office11\msohtmed.exe
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 106. c:\program files\microsoft office\office11\msohtmed.exe
htmlfile\Print\Command
[A ] 106. c:\program files\microsoft office\office11\msohtmed.exe

lyxcn - 2007-7-11 13:31:00

+ 系统活动模块
+ 00000074(116) wdfmgr.exe
01000000[0000C000]
[AM] 4. c:\windows\system32\wdfmgr.exe
+ 000001dc(476) hkcmd.exe
00400000[00022000]
[AM] 101. c:\windows\system32\hkcmd.exe
10000000[0001E000]
[ M] 107. c:\windows\system32\hccutils.dll
00A10000[00024000]
[ M] 108. c:\windows\system32\igfxdev.dll
00AE0000[00058000]
[AM] 85. c:\windows\system32\igfxsrvc.dll
00B60000[0000E000]
[AM] 98. c:\windows\system32\csrss.dll
00B90000[00022000]
[ M] 109. c:\windows\system32\igfxhk.dll
00BD0000[00024000]
[ M] 110. c:\windows\system32\igfxres.dll
+ 000001f0(496) SOUNDMAN.EXE
00400000[00015000]
[AM] 102. c:\windows\soundman.exe
00C90000[0000E000]
[AM] 98. c:\windows\system32\csrss.dll
+ 00000248(584) smss.exe
+ 0000026c(620) ctfmon.exe
00A00000[0000E000]
[AM] 98. c:\windows\system32\csrss.dll
10000000[0001B000]
[ M] 111. c:\program files\rising\antispyware\ieprot.dll
+ 00000288(648) csrss.exe
+ 000002a0(672) winlogon.exe
72C80000[00008000]
[ M] 112. c:\windows\system32\msacm32.drv
+ 000002cc(716) services.exe
+ 000002d8(728) lsass.exe
+ 00000370(880) svchost.exe
+ 000003b0(944) svchost.exe
+ 00000448(1096) svchost.exe
50E60000[0000C000]
[ M] 113. c:\windows\system32\wups2.dll
+ 00000498(1176) svchost.exe
+ 00000500(1280) svchost.exe
+ 00000580(1408) alg.exe
+ 000005c4(1476) Ras.exe
00400000[0013E000]
[ M] 114. c:\program files\rising\antispyware\ras.exe
10000000[000A3000]
[ M] 115. c:\program files\rising\antispyware\rasgui.dll
01360000[0001B000]
[AM] 97. c:\windows\system32\ravext.dll
01380000[0000E000]
[AM] 98. c:\windows\system32\csrss.dll
016B0000[00011000]
[AM] 99. c:\windows\system32\shlhook.dll
014F0000[0001B000]
[ M] 111. c:\program files\rising\antispyware\ieprot.dll
+ 000005cc(1484) Explorer.EXE
014C0000[0001F000]
[ M] 116. c:\windows\system32\sysprofiles.dll
72C80000[00008000]
[ M] 112. c:\windows\system32\msacm32.drv
01720000[0000E000]
[AM] 98. c:\windows\system32\csrss.dll
01E60000[0003C000]
[ M] 117. c:\windows\system32\igfxpph.dll
01EA0000[0001E000]
[ M] 107. c:\windows\system32\hccutils.dll
01EC0000[00024000]
[ M] 110. c:\windows\system32\igfxres.dll
01EF0000[00058000]
[AM] 85. c:\windows\system32\igfxsrvc.dll
01F60000[00024000]
[ M] 108. c:\windows\system32\igfxdev.dll
23700000[0001A000]
[ M] 118. c:\program files\rising\rav\rscommon.dll
10000000[0001B000]
[AM] 97. c:\windows\system32\ravext.dll
01E30000[0001B000]
[ M] 111. c:\program files\rising\antispyware\ieprot.dll
+ 00000658(1624) spoolsv.exe
+ 00000834(2100) RsLogVw.exe
00400000[0002C000]
[ M] 119. c:\program files\rising\rav\rslogvw.exe
10000000[0001B000]
[ M] 120. c:\program files\rising\rav\rscommx.dll
26600000[0007D000]
[ M] 121. c:\program files\rising\rav\rsguilib.dll
23800000[0001A000]
[ M] 122. c:\program files\rising\rav\rsxml.dll
23900000[00031000]
[ M] 123. c:\program files\rising\rav\pngdll.dll
23700000[0001A000]
[ M] 118. c:\program files\rising\rav\rscommon.dll
0A970000[0000E000]
[AM] 98. c:\windows\system32\csrss.dll
13100000[0002E000]
[ M] 124. c:\program files\rising\rav\libload.dll
0BAC0000[0002C000]
[ M] 125. c:\program files\rising\rav\viruslib.dll
+ 0000086c(2156) iexplore.exe
10000000[00022000]
[AM] 86. c:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
00FE0000[00019000]
[AM] 87. c:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
223F0000[00009000]
[ M] 126. c:\program files\thunder network\thunder\components\resworker\dsbho_00.dll
223C0000[0000C000]
[ M] 127. c:\program files\thunder network\thunder\components\resworker\dataprocessor_00.dll
010F0000[0000E000]
[AM] 98. c:\windows\system32\csrss.dll
325C0000[00012000]
[AM] 93. c:\program files\microsoft office\office11\msohev.dll
011B0000[00019000]
[ M] 128. c:\program files\rising\rav\ravscrch.dll
72C80000[00008000]
[ M] 112. c:\windows\system32\msacm32.drv
30000000[002EF000]
[ M] 129. c:\windows\system32\macromed\flash\flash9c.ocx
04930000[00035000]
[ M] 130. c:\windows\system32\xpsp3res.dll
73900000[0002D000]
[ M] 131. c:\windows\system32\vcdxp.ime
05420000[0000B000]
[AM] 90. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
00CE0000[0001B000]
[ M] 111. c:\program files\rising\antispyware\ieprot.dll
+ 00000e48(3656) runiep.exe
00400000[00012000]
[AM] 104. c:\program files\rising\antispyware\runiep.exe
00BF0000[0001B000]
[ M] 111. c:\program files\rising\antispyware\ieprot.dll
00BE0000[0000E000]
[AM] 98. c:\windows\system32\csrss.dll

lyxcn - 2007-7-11 13:32:00

12..13楼为卡卡的扫描报告..大侠们帮帮我.1

九明狂客 - 2007-7-11 18:38:00

哈哈,我来顶一下

瑞星卡卡安全论坛