[CODE] 2008-05-20,11:48:37 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] <"C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"> [(Verified)Nero AG] <; "C:\Program Files\Tencent\QQDownload\QQDownload.exe" autostart> [N/A] <; C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [N/A] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [N/A] [N/A] [N/A] <"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and Technology Corporation Limited] [] <"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"> [(Verified)Nero AG] [(Verified)Microsoft Windows Publisher] <; C:\Program Files\RMClient\JobHisInit.exe> [] <; C:\Program Files\RMClient\MplSetUp.exe> [RICOH CO.,LTD.] <; C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe> [(Verified)Nero AG] <; "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Science and Technology Corporation Limited] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] ================================== 启动文件夹 [1KG_unis] C:\DOCUME~1\yren1976\APPLIC~1\1KG\1KG_unis.bat [N/A]> [腾讯QQ] D:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]> ================================== 服务 [Help and Support / helpsvc][Stopped/Auto Start] %WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll> [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start] [Nero BackItUp Scheduler 3 / Nero BackItUp Scheduler 3][Running/Auto Start] [NMIndexingService / NMIndexingService][Running/Manual Start] <"C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"> [Rising Proxy Service / RfwProxySrv][Running/Auto Start] [Rising Personal Firewall Service / RfwService][Running/Auto Start] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"> [System Restore Service / srservice][Stopped/Disabled] C:\WINDOWS\system32\srsvc.dll> ================================== 驱动程序 [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [AmdK8 Compatible Device / AmdK8][Stopped/Manual Start] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [HookUrl / HookUrl][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\HookUrl.sys> [ialm / ialm][Running/Manual Start] [npkcrypt / npkcrypt][Running/Auto Start] <\??\D:\Program Files\Tencent\QQ\npkcrypt.sys> [Padus ASPI Shell / pfc][Running/Manual Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [Rising Rfwbase Driver / RfwBase][Running/Auto Start] [RsFwDrv / RsFwDrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start] [System Restore Filter Driver / sr][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\sr.sys> [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] ================================== 浏览器加载项 [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [Ask Search Assistant BHO] {9CB65201-89C4-402c-BA80-02D8C59F9B1D} [Ask Toolbar BHO] {FE063DB1-4EC0-403e-8DD8-394C54984B2C} [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [龍帝國技術論壇] {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} [Ask Toolbar] {FE063DB9-4EC0-403e-8DD8-394C54984B2C} [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [KooPlayer Control] {C728DAB8-FDF5-4CD7-89DD-879D25794C77} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A> [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [SecClient Control] {85599589-00AA-11D7-A7D0-00E04C3F6D70} [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [Ask Search Assistant BHO] {9CB65201-89C4-402C-BA80-02D8C59F9B1D} [RMGetLicense Class] {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [Thunder DapCtrl] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} [VIDEO__X_MS_ASF Moniker Class] {CD3AFA8F-B84F-48F0-9393-7EDC34128127} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [Ask Toolbar BHO] {FE063DB1-4EC0-403E-8DD8-394C54984B2C} [Ask Toolbar] {FE063DB9-4EC0-403E-8DD8-394C54984B2C} [使用迅雷下载] [使用迅雷下载全部链接] [导出到 Microsoft Excel(&X)] [添加到QQ表情] ================================== 正在运行的进程 [PID: 480 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 536 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 560 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 608 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 620 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 768 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 812 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 876 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.28] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 892 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 1016 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 1112 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\ravmond.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.76] [C:\PROGRAM FILES\RISING\RAV\BWList.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.4] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0] [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [C:\PROGRAM FILES\RISING\RAV\RsLog.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.34] [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [C:\PROGRAM FILES\RISING\RAV\MonRule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.29] [C:\PROGRAM FILES\RISING\RAV\Hooksys.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9] [C:\PROGRAM FILES\RISING\RAV\HookReg.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\PROGRAM FILES\RISING\RAV\HookNtos.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2] [C:\PROGRAM FILES\RISING\RAV\rswalmon.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22] [C:\PROGRAM FILES\RISING\RAV\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36] [C:\PROGRAM FILES\RISING\RAV\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17] [C:\PROGRAM FILES\RISING\RAV\ffr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13] [C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.8] [C:\PROGRAM FILES\RISING\RAV\HookCont.dll] [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1] [C:\Program Files\Rising\Rav\fakescan.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.13] [C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.36] [C:\PROGRAM FILES\RISING\RAV\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26] [C:\PROGRAM FILES\RISING\RAV\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [C:\PROGRAM FILES\RISING\RAV\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.2] [C:\PROGRAM FILES\RISING\RAV\nvfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6] [C:\PROGRAM FILES\RISING\RAV\scanexec.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17] [C:\PROGRAM FILES\RISING\RAV\unexe.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4] [C:\PROGRAM FILES\RISING\RAV\scanex.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 68] [C:\PROGRAM FILES\RISING\RAV\pearc.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5] [C:\PROGRAM FILES\RISING\RAV\extfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29] [C:\PROGRAM FILES\RISING\RAV\scanpack.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9] [C:\PROGRAM FILES\RISING\RAV\revm.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8] [C:\PROGRAM FILES\RISING\RAV\urutils.dll] [, 20, 0, 0, 6] [C:\PROGRAM FILES\RISING\RAV\ur000.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18] [C:\PROGRAM FILES\RISING\RAV\scansct.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9] [C:\PROGRAM FILES\RISING\RAV\scriptci.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3] [C:\PROGRAM FILES\RISING\RAV\ur001.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3] [C:\PROGRAM FILES\RISING\RAV\uroutine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26] [C:\PROGRAM FILES\RISING\RAV\ur023.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1] [C:\PROGRAM FILES\RISING\RAV\extmail.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9] [PID: 1124 / SYSTEM][c:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 7.0.0.68] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [c:\program files\rising\rfw\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [c:\program files\rising\rfw\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0] [c:\program files\rising\rfw\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.13] [c:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.12] [c:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.41] [c:\program files\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00] [c:\program files\rising\rfw\ijt_ctrl.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.0] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [c:\program files\rising\rfw\unvdet.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.5] [c:\program files\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.3] [PID: 1292 / SYSTEM][c:\program files\rising\rfw\rfwproxy.exe] [Beijing Rising Technology Co., Ltd., 7.0.0.33] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [c:\program files\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00] [C:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [c:\program files\rising\rfw\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.13] [c:\program files\rising\rfw\urlrule.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 9] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [c:\program files\rising\rfw\MonMid.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4] [PID: 1464 / yren1976][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll] [Nero AG, 3, 1, 0, 8] [C:\WINDOWS\system32\hookdll.dll] [, 1, 0, 1, 4] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17] [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 12] [D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 13] [C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll] [Nero AG, 3, 1, 0, 0] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll] [Nero AG, 3, 1, 1, 1] [C:\Program Files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll] [Nero AG, 1,3,1, 207] [C:\Program Files\Common Files\Nero\Lib\MediaLibraryNSE.dll] [Nero AG, 3.1.3.0] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)] [PID: 1528 / SYSTEM][c:\program files\rising\rfw\rfwstub.exe] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [c:\program files\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 1752 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\RavStub.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.9] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [PID: 1868 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\rc4mon.dll] [RICOH CO.,Ltd., 3, 1, 0, 0] [C:\WINDOWS\system32\RPNV2MON.DLL] [RICOH, 1, 3, 5, 4] [C:\WINDOWS\system32\rpnv2job.dll] [RICOH, 1, 3, 5, 4] [C:\WINDOWS\system32\rpnv2CN.dll] [RICOH COMPANY, LTD., 1,1,3,2] [C:\WINDOWS\system32\PMObservINP.dll] [RICOH CO.,LTD., 0, 0, 0, 5] [C:\WINDOWS\PMCommon.dll] [RICOH CO., LTD., 1, 0, 0, 2] [PID: 468 / SYSTEM][C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe] [Nero AG, 3, 1, 0, 0] [C:\Program Files\Nero\Nero8\Nero BackItUp\NB.dll] [Nero AG, 3, 1, 0, 0] [C:\Program Files\Nero\Nero8\Nero BackItUp\NeroAPIGlueLayerUnicode.dll] [Nero AG, 8.1.3.1] [C:\Program Files\Nero\Nero8\Nero BackItUp\LBFC.dll] [Nero AG, 3, 1, 0, 0] [C:\Program Files\Nero\Nero8\Nero BackItUp\NBHDMgr.dll] [Nero AG, 3, 1, 0, 0] [PID: 1076 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1088 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 1404 / yren1976][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.23] [C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 20.0.0.0] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [PID: 1436 / yren1976][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\hookdll.dll] [, 1, 0, 1, 4] [PID: 2336 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2420 / yren1976][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\hookdll.dll] [, 1, 0, 1, 4] [PID: 2440 / yren1976][C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe] [Nero AG, 3.1.3.0] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\hookdll.dll] [, 1, 0, 1, 4] [C:\Program Files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll] [Nero AG, 1,3,1, 207] [C:\Program Files\Common Files\Nero\Lib\NMIndexingServicePS.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvrPS.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMDataServices.dll] [Nero AG, 3.1.3.0] [PID: 2840 / SYSTEM][C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMIndexingServicePS.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMLogCxx.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\log4cxx.dll] [Nero AG, 1, 0, 1, 0] [C:\Program Files\Common Files\Nero\Lib\NMDataServices.dll] [Nero AG, 3.1.3.0] [PID: 2896 / yren1976][C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMSQLDB.dll] [Nero AG, 3.1.3.0] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\hookdll.dll] [, 1, 0, 1, 4] [C:\Program Files\Common Files\Nero\Lib\NMLogCxx.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\log4cxx.dll] [Nero AG, 1, 0, 1, 0] [C:\Program Files\Common Files\Nero\Lib\NMIndexingServicePS.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMCoFoundation.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMPluginBase.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMFullTextExtraction.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMSearchPluginSimilarImages.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMDataServices.dll] [Nero AG, 3.1.3.0] [C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvrPS.dll] [Nero AG, 3.1.3.0] [PID: 716 / yren1976][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hookdll.dll] [, 1, 0, 1, 4] [PID: 3364 / yren1976][C:\TDDownload\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\hookdll.dll] [, 1, 0, 1, 4] [C:\TDDownload\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\TDDownload\Plugins\NTFSTREAM.SRE] [Smallfrogs Studio, 1, 0, 0, 5] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 61.129.15.73 www.chinadforce.com 61.129.15.73 www.d4s.cn 0.0.0.0 links.is686.com 0.0.0.0 www.yeseliao.net 0.0.0.0 pop.9v.cn # 今题网垃圾广告网站 0.0.0.0 www.zhongsou.com #中搜垃圾广告网站 0.0.0.0 www2.zhongsou.com #中搜垃圾广告网站 0.0.0.0 b.zhongsou.com #中搜垃圾广告网站 0.0.0.0 9.tx000.com 0.0.0.0 gd2.uuwang.com.cn 0.0.0.0 211.100.33.142 0.0.0.0 www.zhiji.com 0.0.0.0 www.qunar.com 0.0.0.0 dm71.fx120.net 0.0.0.0 x.99jk.com 0.0.0.0 www.mysee.com 0.0.0.0 www.uucall.com 0.0.0.0 126gzs.yeah.net 0.0.0.0 16888.6to23.com 0.0.0.0 16898.myrice.com 0.0.0.0 182838.com 0.0.0.0 204.177.92.68 0.0.0.0 204.177.92.68/rotate/r3.jhtml #去TRY看看绝对让你的IE去回收站 0.0.0.0 211.20.72.218 0.0.0.0 265.com 0.0.0.0 3721.net #3721网络实名 0.0.0.0 63581.yeah.net 0.0.0.0 69.22.169.85 0.0.0.0 8qi.net 0.0.0.0 91mm.net 0.0.0.0 94.YES9999.com 0.0.0.0 989898.******** 0.0.0.0 989898.126.com 0.0.0.0 9see.com 0.0.0.0 abc.265.com 0.0.0.0 ad.91x.net 0.0.0.0 ad.cn.doubleclick.net #新浪网广告 0.0.0.0 ad.ri999.com 0.0.0.0 ad.t2t2.com 0.0.0.0 ad.tom.com 0.0.0.0 ad2.15hr.com/adinfo.htm 0.0.0.0 ad4.sina.com.cn #新浪网广告 0.0.0.0 adclient.163.com 0.0.0.0 ads.china.com 0.0.0.0 ads.online.sh.cn 0.0.0.0 adtaobao.allyes.com 0.0.0.0 adv.pconline.com.cn 0.0.0.0 aliao.com 0.0.0.0 ally.263.net 0.0.0.0 anhlyiling.free1.51web.cn 0.0.0.0 asiafriendfinder.com 0.0.0.0 asqin123.51.net 0.0.0.0 auto.search.msn.com 0.0.0.0 babe520.5188.org 0.0.0.0 bar.baidu,com 0.0.0.0 bbs.ccjz.com 0.0.0.0 bj.58.com 0.0.0.0 bliao.com 0.0.0.0 book99.3322.net 0.0.0.0 casting9.allyes.com 0.0.0.0 cdn2.cnnic.cn 0.0.0.0 cga01.2008.cc #骗子 0.0.0.0 chat.163.com 0.0.0.0 chat.263.net 0.0.0.0 chat.51liao.net 0.0.0.0 chat.9see.com 0.0.0.0 chat.qq.com 0.0.0.0 chat.tom.com 0.0.0.0 chat.xilu.com 0.0.0.0 chat.yeeyoo.com 0.0.0.0 chat.yinsha.com 0.0.0.0 chinabdkx.363.net 0.0.0.0 chinaour.com 0.0.0.0 chow.yesky.net 0.0.0.0 club.homeway.com.cn 0.0.0.0 cn.cy256.com 0.0.0.0 cn.yimg.com 0.0.0.0 cn333.net 0.0.0.0 cn4sex.com 0.0.0.0 cnlove.bl.am 0.0.0.0 cnsmin.3721.com #3721网络实名 0.0.0.0 cnsmin.3721.net #3721网络实名 0.0.0.0 cool.vv66.com 0.0.0.0 coolsite21.com 0.0.0.0 count.zhao123.com 0.0.0.0 count1.99count.com 0.0.0.0 count1.zhao123.com 0.0.0.0 count10.zhaocount.com 0.0.0.0 count11.zhaocount.com 0.0.0.0 count2.zhao123.com 0.0.0.0 count3.zhao123.com 0.0.0.0 count4.zhaocount.com 0.0.0.0 count5.zhaocount.com 0.0.0.0 count6.zhaocount.com 0.0.0.0 count7.zhaocount.com 0.0.0.0 count8.zhaocount.com 0.0.0.0 count9.zhaocount.com 0.0.0.0 cpc.sohu.com 0.0.0.0 dahau2.7u7.net 0.0.0.0 download.3721.com #3721网络实名 0.0.0.0 download.3721.net #3721网络实名 0.0.0.0 dvd.qq92.com 0.0.0.0 dxy.9126.com 0.0.0.0 e23.3322.net 0.0.0.0 eachnetmember.allyes.com 0.0.0.0 epzj.1m.cn 0.0.0.0 est2000.126.com 0.0.0.0 fadama.com 0.0.0.0 feiying.coolwww.net 0.0.0.0 feiying.coolwww.net 0.0.0.0 film.yun8.com 0.0.0.0 free.tsee.net 0.0.0.0 game.9ii.com 0.0.0.0 girlchinese.com #IE的主页也被改了 0.0.0.0 golsz126.com 0.0.0.0 goto.sohu.com 0.0.0.0 gz.blogland.cn 0.0.0.0 gz.onlinedown.net/soft/36825.htm 0.0.0.0 h444.net 0.0.0.0 haoliao.com 0.0.0.0 hjcz.www30.cnidc.cn 0.0.0.0 home.itdrp.com 0.0.0.0 home.itdrp.com/wg888/me.jpg 0.0.0.0 home.kimo.com.tw 0.0.0.0 home.kimo.com.tw/avnvyou520 #一般性恶意代码 0.0.0.0 hothack.home.chinaren.com 0.0.0.0 hualiao.net 0.0.0.0 images.sohu.com 0.0.0.0 images2.sohu.com 0.0.0.0 inzheng.126.com 0.0.0.0 iplus.allyes.com 0.0.0.0 jjkafei.longcity.net 0.0.0.0 www.jujumao.com #垃圾广告网站 0.0.0.0 www.jujumao.net #垃圾广告网站 0.0.0.0 www.jujumao.cn #垃圾广告网站 0.0.0.0 jujumao.com #垃圾广告网站 0.0.0.0 down.jujumao.com #垃圾广告网站 0.0.0.0 bt.jujumao.com #垃圾广告网站 0.0.0.0 ka88.vicp.net:8080 0.0.0.0 kaomm.8m.cn 0.0.0.0 kth.diy.myrice.com 0.0.0.0 lc222.myrice.com 0.0.0.0 liaoliao.com 0.0.0.0 lingaonbvm.myrice.com 0.0.0.0 lovejava.boy.net.cn 0.0.0.0 loveliao.com 0.0.0.0 loveliao.net 0.0.0.0 lovemm.8m.cn 0.0.0.0 manage.link8.com 0.0.0.0 manyiyu.8u8.com 0.0.0.0 maomao363.126.com 0.0.0.0 meim.y365.com 0.0.0.0 mm.7h5.com 0.0.0.0 mmliao.com 0.0.0.0 mmpic.uni.cc 0.0.0.0 mov.hy256.com 0.0.0.0 movie.n3389.com 0.0.0.0 movie.sx.zj.cn 0.0.0.0 movie-down.com 0.0.0.0 music.94xp.com 0.0.0.0 music.feifa.com 0.0.0.0 music.v111.com 0.0.0.0 new.unionsky.cn 0.0.0.0 newyouth.3322.net 0.0.0.0 nicex.126.com 0.0.0.0 oec315.126.com 0.0.0.0 oicq.hk.st 0.0.0.0 online.265.com 0.0.0.0 picture.exe 0.0.0.0 planetside.coolman.com.cn 0.0.0.0 pollen.my001.net 0.0.0.0 popad.qq.com 0.0.0.0 qm.8ok.com 0.0.0.0 qq.34hkk.com 0.0.0.0 qq_com.91i.net 0.0.0.0 qq_game.y25.cn 0.0.0.0 QQ6ss.126.com 0.0.0.0 qqpic.com 0.0.0.0 qqtwz.******** 0.0.0.0 qqtwz.126.com 0.0.0.0 rd.yahoo.com 0.0.0.0 realads.realmedia.com 0.0.0.0 redherring.ngadcenter.net 0.0.0.0 redirect.click2net.com 0.0.0.0 regio.adlink.de 0.0.0.0 retaildirect.realmedia.com 0.0.0.0 s2.focalink.com 0.0.0.0 sba.3322.net 0.0.0.0 sdik.8ok.net 0.0.0.0 serv.sexushost.com 0.0.0.0 serviceQQ.34hkk.com 0.0.0.0 sg51.com #qq病毒 0.0.0.0 sh4sure-images.adbureau.net 0.0.0.0 shop.7cv.com 0.0.0.0 sina.allyes.com 0.0.0.0 sinatest.allyes.com 0.0.0.0 smarttrade.allyes.com 0.0.0.0 sms.61m.com 0.0.0.0 sms1.ctn.com.cn 0.0.0.0 sms2.ctn.com.cn 0.0.0.0 sms3.ctn.com.cn 0.0.0.0 spin.spinbox.net 0.0.0.0 stat.textclick.com 0.0.0.0 static.admaximize.com 0.0.0.0 stats.superstats.com 0.0.0.0 stockstar.allyes.com 0.0.0.0 sview.avenuea.com 0.0.0.0 sx.6to23.com 0.0.0.0 szwindow.allyes.com 0.0.0.0 tadsweb.tencent.com 0.0.0.0 thinknyc.eu-adcenter.net 0.0.0.0 tiankong.net 0.0.0.0 tj1.mytongji.com 0.0.0.0 tj4.7789.com 0.0.0.0 tj5.7789.com 0.0.0.0 tj6.7789.com 0.0.0.0 tj7.7789.com 0.0.0.0 tom.allyes.com 0.0.0.0 topxxx.sexushost.com 0.0.0.0 tracker.clicktrade.com 0.0.0.0 trojan.qqwebaut.a 0.0.0.0 trojan.qqwebaut.b 0.0.0.0 tsms-ad.tsms.com 0.0.0.0 tty.yyun.net #与上述的危害差不多 0.0.0.0 tv.megajoy.com 0.0.0.0 tv.megajoy.com/video/movies 0.0.0.0 twz.126.com 0.0.0.0 tz.ne1.net 0.0.0.0 ulinkdir.tom.com 0.0.0.0 update.myxq.com 0.0.0.0 user.netomia.com 0.0.0.0 v.jsdownload.com 0.0.0.0 vchat.xaonline.com 0.0.0.0 vod.52en.com 0.0.0.0 vod.aogo.net 0.0.0.0 vod.hengshui.com 0.0.0.0 vod.jjpic.com 0.0.0.0 vod.pppic.com 0.0.0.0 wacky.nease.net 0.0.0.0 web.114.com.cn 0.0.0.0 web.aogo.net 0.0.0.0 web.cy07.com 0.0.0.0 webspacecn.com 0.0.0.0 wh8065.go2.icpcn.com/rj.htm 0.0.0.0 winzheng.******** 0.0.0.0 winzheng.126.com 0.0.0.0 www.00169.net 0.0.0.0 www.001x.com 0.0.0.0 www.0970.net 0.0.0.0 www.0xing.com 0.0.0.0 www.100bao.com 0.0.0.0 www.10662.com 0.0.0.0 www.114.com.cn 0.0.0.0 www.126p.com 0.0.0.0 www.12san.com 0.0.0.0 www.139cn.com 0.0.0.0 www.15hr.com 0.0.0.0 www.163[1].com #也是一个什么音乐网。症状和楼上的差不多。我上次中招后化了一个多小时才改回来还有夹带病毒 0.0.0.0 www.163mm.com 0.0.0.0 www.163z.com 0.0.0.0 www.17777.com 0.0.0.0 www.17go8.net 0.0.0.0 www.17lele.com 0.0.0.0 www.17sun.net #自动安装搜狗 0.0.0.0 www.18-girl.net 0.0.0.0 www.18hi.com #(QQ病毒,网站内也有病毒) 0.0.0.0 www.18it.com 0.0.0.0 www.19ku.com 0.0.0.0 www.1enovo.com 0.0.0.0 www.1ya.cn 0.0.0.0 www.1yun.net 0.0.0.0 www.20girl.com 0.0.0.0 www.20mtv.com 0.0.0.0 www.215000.net 0.0.0.0 www.21rose.com 0.0.0.0 www.225.com.cn 0.0.0.0 www.265.com 0.0.0.0 www.265z.com 0.0.0.0 www.2qq.cn 0.0.0.0 www.331122.com 0.0.0.0 www.3399.net 0.0.0.0 www.34hkk.com 0.0.0.0 www.35935.com 0.0.0.0 www.365wma.com 0.0.0.0 www.365ww.com 0.0.0.0 www.36link.com 0.0.0.0 www.37021.com #可恶讨厌,在你的机器里到处做手脚:注册表\启动\计算机配置文件\还有一个dll文件而且资源管理器无法浏览隐藏文件这个最讨厌 0.0.0.0 www.3721.com #3721网络实名 0.0.0.0 www.3721.net #3721网络实名 0.0.0.0 www.3726.com.cn 0.0.0.0 www.3tom.com 0.0.0.0 www.3xcn.com 0.0.0.0 www.432.cn 0.0.0.0 www.435000.com 0.0.0.0 www.45520.com #(QQ病毒,超强) 0.0.0.0 www.4tb.net 0.0.0.0 www.51115.com 0.0.0.0 www.51944.com 0.0.0.0 www.51bug.com 0.0.0.0 www.51icon.net 0.0.0.0 www.51liao.net 0.0.0.0 www.520.net 0.0.0.0 www.522shop.com #骗子网站 0.0.0.0 www.52av.com 0.0.0.0 www.52rmb.com 0.0.0.0 www.52xyxy.com 0.0.0.0 www.555666.net 0.0.0.0 www.5566.net 0.0.0.0 www.58.com 0.0.0.0 www.58589.com 0.0.0.0 www.58q.com 0.0.0.0 www.5dsoft.com 0.0.0.0 WWW.5dsoft.com 0.0.0.0 www.5xt.net 0.0.0.0 www.66036.com 0.0.0.0 www.666ccc.com 0.0.0.0 www.666e.com 0.0.0.0 www.668yp.com 0.0.0.0 www.66vv.com 0.0.0.0 www.6781.com 0.0.0.0 www.6mb.net 0.0.0.0 www.6see.com 0.0.0.0 www.760li.com 0.0.0.0 www.7720.com 0.0.0.0 www.7758520.com 0.0.0.0 www.777888.com 0.0.0.0 www.777888.net 0.0.0.0 www.7789.com 0.0.0.0 www.78cq.com 0.0.0.0 www.7jianwg.net 0.0.0.0 www.7liao.com 0.0.0.0 www.7liao.net 0.0.0.0 www.7sou.com 0.0.0.0 www.7t7t.com 0.0.0.0 www.7zhao.com 0.0.0.0 www.800so.cn 0.0.0.0 www.800xz.com 0.0.0.0 WWW.8095.COM 0.0.0.0 www.81915.com #改IE首页 0.0.0.0 www.86.net 0.0.0.0 www.888mtv.com 0.0.0.0 www.888txt.com 0.0.0.0 www.88music.com 0.0.0.0 www.89005.com 0.0.0.0 www.8qi.com 0.0.0.0 www.8zhi.com 0.0.0.0 www.918soft.com 0.0.0.0 www.91f.cn 0.0.0.0 www.91f.org 0.0.0.0 www.91look.com 0.0.0.0 www.94135.com 0.0.0.0 www.9991.com 0.0.0.0 www.99adultx.com 0.0.0.0 www.99count.com 0.0.0.0 www.99music.net 0.0.0.0 www.99sw.com 0.0.0.0 www.9jh.com 0.0.0.0 www.9see.com 0.0.0.0 www.a521.com 0.0.0.0 www.adlofashion.com 0.0.0.0 www.ads8.com 0.0.0.0 www.aisa-girl.net 0.0.0.0 www.aisex.com 0.0.0.0 www.aliao.com 0.0.0.0 www.allyes.com #掏宝网广告代理 0.0.0.0 www.amoisonic.com 0.0.0.0 www.aogo.com 0.0.0.0 www.aogo.net 0.0.0.0 www.av126.com 0.0.0.0 www.av178.com 0.0.0.0 www.avvcd.com 0.0.0.0 www.ayzz.com 0.0.0.0 www.bliao.com 0.0.0.0 www.boliwo.com 0.0.0.0 www.boliwu.com 0.0.0.0 www.book.cn.gg 0.0.0.0 www.book8.com 0.0.0.0 www.bt990.com 0.0.0.0 www.bypp.com 0.0.0.0 www.cctv1.net 0.0.0.0 www.cctv8.com 0.0.0.0 www.cctv8.net 0.0.0.0 www.chaxun.com 61.129.15.73 www.chinadforce.com 0.0.0.0 www.chinamp3.com 0.0.0.0 www.chinasee.net 0.0.0.0 www.chnn.net #盗qq网站 0.0.0.0 www.chuangxinkj.com 0.0.0.0 www.cn4sex.com 0.0.0.0 www.cn808.net 0.0.0.0 www.cndown8.cn 0.0.0.0 www.cnimg.com 0.0.0.0 WWW.CNOOO.COM 0.0.0.0 www.cnqb.net #禁止你的注册表，改首页，主页地址栏变灰，改右键 0.0.0.0 www.cnxxx.com 0.0.0.0 www.cool168.com 0.0.0.0 www.coolcdrom.com #要特别小心这个网站，它会在你启动组里做手脚,使得重启以后标题依旧 0.0.0.0 www.crackbest.com 0.0.0.0 www.cz88.net 61.129.15.73 www.d4s.cn 0.0.0.0 www.da123.com 0.0.0.0 www.dd22.com.cn 0.0.0.0 www.dd88.com 0.0.0.0 www.dd888.com 0.0.0.0 www.dddzzz.com 0.0.0.0 www.ddzhz.com 0.0.0.0 www.deepdo.com 0.0.0.0 www.dhchao.com 0.0.0.0 www.didai.com 0.0.0.0 www.dj33344.com 0.0.0.0 www.dj3344.com #打开后，重启时你的主页就变成它的，并通过QQ向他人传播，现在正飙行，奇坏无比 0.0.0.0 www.dj99.com 0.0.0.0 www.dj99.net 0.0.0.0 www.dlmovie.com 0.0.0.0 www.dy16.com 0.0.0.0 www.eastedu.com 0.0.0.0 www.eastedu.com.cn 0.0.0.0 www.easyhere.com 0.0.0.0 www.easypic2.com 0.0.0.0 www.edodo.net #骗子网站 0.0.0.0 www.ehomeday.com 0.0.0.0 www.ehomeday.com #（搜索的时候它会给你一把哦！！） 0.0.0.0 www.eliao.com 0.0.0.0 www.eliao.net 0.0.0.0 www.ent8.com 0.0.0.0 www.es158.com 0.0.0.0 www.excitecity.com 0.0.0.0 www.ezhgc.com 0.0.0.0 www.fassia.net 0.0.0.0 www.fassia.net/wmed/index1.html 0.0.0.0 www.fbstu.com 0.0.0.0 www.film.8716.com 0.0.0.0 www.film3344.com 0.0.0.0 www.film888.com 0.0.0.0 www.fish3000.com 0.0.0.0 www.flyingwalk.com 0.0.0.0 www.fm1058.cc 0.0.0.0 www.fm18.com 0.0.0.0 www.free-movie.org 0.0.0.0 www.freepicturepage.com 0.0.0.0 www.fs286.com 0.0.0.0 www.ftlink.net #一般性恶意代码 0.0.0.0 www.getfreedomain.biz 0.0.0.0 www.girl008.com 0.0.0.0 www.girlchinese.com 0.0.0.0 www.guang.org 0.0.0.0 www.guosir.ccoo.com 0.0.0.0 www.gz38.com/web 0.0.0.0 www.h2004.com 0.0.0.0 www.hahabus.com 0.0.0.0 www.hao114.com 0.0.0.0 www.hao168.com 0.0.0.0 www.hao222.com 0.0.0.0 www.hao222.net 0.0.0.0 www.hao3344.com 0.0.0.0 www.haodx.com 0.0.0.0 www.haody.net 0.0.0.0 www.haohz.com 0.0.0.0 www.haoliao.cn 0.0.0.0 www.haoliao.com 0.0.0.0 www.haoliao.net 0.0.0.0 www.haowz.net 0.0.0.0 www.happy666.net 0.0.0.0 www.happy8.cn 0.0.0.0 www.heike8.com 0.0.0.0 www.henbang.com 0.0.0.0 www.hj168.net 0.0.0.0 www.hksexweb.com 0.0.0.0 www.hualiao.net 0.0.0.0 www.huole.com 0.0.0.0 www.idm.com.cn 0.0.0.0 www.IE136.com 0.0.0.0 www.i-lookup.com 0.0.0.0 www.it.com.cn #安装流氓插件 0.0.0.0 www.japansky.net 0.0.0.0 www.jcwz.com 0.0.0.0 www.jiade68.com 0.0.0.0 www.jinpin.net 0.0.0.0 www.jjpic.com #(开机自动运行他的主页,会加载不明插件,有大量的病毒) 0.0.0.0 www.joyiex.com #(超可恶最新版QQ专杀都没用,注册表也进不去 0.0.0.0 www.jsing.net 0.0.0.0 www.k163.com #狩猎者变种和DJ344、QQ3344、QQ168 0.0.0.0 www.kaidait.com 0.0.0.0 www.kan123.com 0.0.0.0 www.kan51.com 0.0.0.0 www.kan69.com 0.0.0.0 www.kanxs.com 0.0.0.0 www.ki888.net 0.0.0.0 www.kissmm.com 0.0.0.0 www.kk88.com 0.0.0.0 www.ktv530.com 0.0.0.0 www.ku666.com 0.0.0.0 www.kule5.com 0.0.0.0 www.kuliao.com 0.0.0.0 www.kuro.com.cn 0.0.0.0 www.laws-online.net 0.0.0.0 www.leo520.com 0.0.0.0 www.liaoliao.com 0.0.0.0 www.linktoad.com 0.0.0.0 www.love34.com 0.0.0.0 www.love520.net 0.0.0.0 www.loveliao.com 0.0.0.0 www.loveliao.net 0.0.0.0 www.lovese.com 0.0.0.0 www.lsolar3721.com 0.0.0.0 www.markguide.com 0.0.0.0 www.mewo.com 0.0.0.0 www.mir999.com 0.0.0.0 www.mm5i.com 0.0.0.0 www.mm91.com 0.0.0.0 www.mmgirls.com 0.0.0.0 www.mmliao.com 0.0.0.0 www.mmm168.com 0.0.0.0 www.mmm168.com/star 0.0.0.0 www.mmqm.com 0.0.0.0 www.movie321.com 0.0.0.0 www.movie4.com 0.0.0.0 www.movie78.com 0.0.0.0 www.movie-down.com 0.0.0.0 www.mp3tt.com 0.0.0.0 www.mtv365.com 0.0.0.0 www.mtv51.com #什么雪落无声音乐网，恶性：禁止注册表修改，禁止开始菜单“运行”项。开机自动运行他的主页 0.0.0.0 www.mtv68.com 0.0.0.0 www.mtv911.com 0.0.0.0 www.mtvxp.com 0.0.0.0 www.mucopy.com 0.0.0.0 www.my168.net 0.0.0.0 www.my180.com #IE劫持 0.0.0.0 www.my288.com 0.0.0.0 www.mydj2005.com #(QQ病毒,注意等级五个星) 0.0.0.0 www.myxq.com 0.0.0.0 www.ncunet.com 0.0.0.0 www.ncunet.com 0.0.0.0 www.net5w.com 0.0.0.0 www.nic2000.com 0.0.0.0 www.ning.com 0.0.0.0 www.njnu.info 0.0.0.0 www.nnptt.com 0.0.0.0 www.nnptt.com/tv 0.0.0.0 www.ok123.com 0.0.0.0 www.ok520.com 0.0.0.0 www.ok530.com 0.0.0.0 www.ok56.com #恶意修改IE首页 0.0.0.0 www.ok816.com 0.0.0.0 www.okww.net 0.0.0.0 www.onlyy.net 0.0.0.0 www.oovod.com 0.0.0.0 www.op99.com 0.0.0.0 www.orsoon.com 0.0.0.0 www.ourbt.com 0.0.0.0 www.pcbsky.com #病毒 0.0.0.0 www.pcuo.com 0.0.0.0 www.pixpox.com #恶性**网站。会加载不明插件，并且自动开启计算机后门，而且在计算机每个角落都有该网站留下的恶意程序 0.0.0.0 www.pk.com 0.0.0.0 www.play.cn.gs 0.0.0.0 www.pm520.com 0.0.0.0 www.pointsmoney.com 0.0.0.0 www.pp365.com 0.0.0.0 www.qliao.com 0.0.0.0 www.qlwl.com 0.0.0.0 www.qq120.com 0.0.0.0 www.qq163.com 0.0.0.0 www.qq163.net 0.0.0.0 www.qq165.com 0.0.0.0 www.qq168.net #打开后，重启时你的主页就变成它的，并通过QQ向他人传播，而且传波病毒，还狠些！现在正在飙行 0.0.0.0 www.qq18.net 0.0.0.0 www.qq230.com 0.0.0.0 www.qq250.com 0.0.0.0 www.qq300.com 0.0.0.0 www.qq3344.com 0.0.0.0 www.qq3344.net 0.0.0.0 www.qq500.com 0.0.0.0 www.qq520.com 0.0.0.0 www.qq520.net 0.0.0.0 www.qq530.com 0.0.0.0 www.qq550.com 0.0.0.0 WWW.QQ58.com 0.0.0.0 www.QQ588.com 0.0.0.0 www.qq720.com 0.0.0.0 www.qq886.com 0.0.0.0 www.qq888.com 0.0.0.0 www.qq988.com 0.0.0.0 www.qqchat.cn 0.0.0.0 www.qqee.com 0.0.0.0 www.qqliao.com 0.0.0.0 www.qqpic.com 0.0.0.0 www.rd18.com 0.0.0.0 www.rm78.com 0.0.0.0 www.rm88.com 0.0.0.0 www.s6.cn 0.0.0.0 www.sa25.y365.com 0.0.0.0 www.sdfassdfasdfs.com 0.0.0.0 www.searon.com 0.0.0.0 www.seasky.biz 0.0.0.0 www.sex.com 0.0.0.0 www.sexfox.com 0.0.0.0 www.sexhu.com 0.0.0.0 www.sexy-books.com 0.0.0.0 www.shagadelic.com 0.0.0.0 www.shop12345.com 0.0.0.0 www.sinokey.com 0.0.0.0 www.sky8.org #病毒 0.0.0.0 www.skyhits.com 0.0.0.0 www.sleazydream.com 0.0.0.0 www.snasty.com 0.0.0.0 www.sohu123.com 0.0.0.0 www.sooe.cn 0.0.0.0 www.sotop.com 0.0.0.0 www.sq88.com 0.0.0.0 www.sunvod.com 0.0.0.0 www.superdown.com 0.0.0.0 www.t168.com 0.0.0.0 www.t2t2.com 0.0.0.0 www.t3j4.com 0.0.0.0 www.taiwan.co.nz 0.0.0.0 www.textlink.cn 0.0.0.0 www.tian8.com 0.0.0.0 www.tiankong.net 0.0.0.0 www.today6.com 0.0.0.0 www.top123.com 0.0.0.0 www.top666.net 0.0.0.0 www.topsex2k.com 0.0.0.0 www.tt67.com 0.0.0.0 www.tt78.com 0.0.0.0 www.tt90.com 0.0.0.0 www.ttjj.com 0.0.0.0 www.ttjj.com/index.php 0.0.0.0 www.ttlook.com 0.0.0.0 www.tvliao.com 0.0.0.0 www.twsexnet.com 0.0.0.0 www.u4123.com 0.0.0.0 www.u88.cn 0.0.0.0 www.unionsky.cn #掏宝网广告代理 0.0.0.0 www.v111.com 0.0.0.0 www.v23.com 0.0.0.0 www.v256.com 0.0.0.0 www.v357.com 0.0.0.0 www.vlike.com 0.0.0.0 www.vv66.com 0.0.0.0 www.w510.com 0.0.0.0 www.w555.net 0.0.0.0 www.wa***.net 0.0.0.0 www.wakao.net 0.0.0.0 www.wangwang.biz 0.0.0.0 www.wangzhiku.com 0.0.0.0 www.wasex.net 0.0.0.0 www.web888.org 0.0.0.0 www.websamba.com 0.0.0.0 www.windowws.cc 0.0.0.0 www.windowws.cc/hp.htm?id=9 0.0.0.0 www.winfixer.com 0.0.0.0 www.wo111.com 0.0.0.0 www.wo123.com 0.0.0.0 www.wokoo.net 0.0.0.0 www.woliao.com 0.0.0.0 www.woliao.net 0.0.0.0 www.woogood.com #大流氓网站，修改注册表也无法除去它 0.0.0.0 www.wplune.com 0.0.0.0 www.wsy-huayi.com.cn 0.0.0.0 www.x365x.com 0.0.0.0 www.xchina.com 0.0.0.0 www.xfreehosting.com 0.0.0.0 www.xgdown.com #病毒网站，捆绑流氓软件 0.0.0.0 www.xgmm.com 0.0.0.0 www.xh800.com.cn #骗子网站 0.0.0.0 www.xicu.com 0.0.0.0 www.xxbooks.com 0.0.0.0 www.xxx.com 0.0.0.0 www.xxx.xom 0.0.0.0 www.xxx168.com 0.0.0.0 www.xyx1.com 0.0.0.0 www.xyxc.ccoo.com 0.0.0.0 www.xzwang.com 0.0.0.0 www.y56.com #自动安装插件 0.0.0.0 www.y996.net 0.0.0.0 www.ye99.com 0.0.0.0 www.yeapple.com 0.0.0.0 www.yes521.com 0.0.0.0 www.yes9999.com 0.0.0.0 www.yexr.com 0.0.0.0 www.yezine.net 0.0.0.0 www.yibinren.com #更可怕，把IE的默认页都改成他的了 0.0.0.0 www.yinshang.com 0.0.0.0 www.youmiss.com 0.0.0.0 www.yourcage.com 0.0.0.0 www.youxika.net 0.0.0.0 www.yqdj.com 0.0.0.0 www.yule21.com 0.0.0.0 www.yun8.com 0.0.0.0 www.yx.fodao.com 0.0.0.0 www.yx07.com 0.0.0.0 www.yxgou.com 0.0.0.0 www.yymp3.com 0.0.0.0 www.yyqy.com 0.0.0.0 www.yysky.net 0.0.0.0 www.yysky.net 0.0.0.0 www.yyue.com 0.0.0.0 www.yzskdj.com 0.0.0.0 www.zgsj.com 0.0.0.0 www.zgxl.net 0.0.0.0 www.zhao114.com 0.0.0.0 www.zhaowo8.com 0.0.0.0 www.zhengdian.com 0.0.0.0 www.zhengdian.comOE #标题栏也没放过 0.0.0.0 www.zhicheng.com 0.0.0.0 www.zj85.com 0.0.0.0 www.zknew.com 0.0.0.0 www1.66036.com 0.0.0.0 www1.cool168.com 0.0.0.0 www1.xfreehosting.com 0.0.0.0 www10.66036.com 0.0.0.0 www2.66036.com 0.0.0.0 www2.7789.com 0.0.0.0 www2.burstnet.com 0.0.0.0 www2.cool168.com 0.0.0.0 www2.movie-down.com 0.0.0.0 www2.xfreehosting.com 0.0.0.0 www3.66036.com 0.0.0.0 www3.7789.com 0.0.0.0 www3.cool168.com 0.0.0.0 www4.66036.com 0.0.0.0 www4.trix.net 0.0.0.0 www5.66036.com 0.0.0.0 www6.66036.com 0.0.0.0 www7.66036.com 0.0.0.0 www8.66036.com 0.0.0.0 www80.valueclick.com 0.0.0.0 www9.66036.com 0.0.0.0 wwww.tthao.com 0.0.0.0 x1.51link.com 0.0.0.0 x2.51link.com 0.0.0.0 xajh.15888.net 0.0.0.0 xmclub.hc3w.net 0.0.0.0 xyqq.185.cc 0.0.0.0 xywaigua.126.com 0.0.0.0 xyxy68.8u8.net 0.0.0.0 xyz8848@jining.info 0.0.0.0 yanexp.html.533.net 0.0.0.0 ye99.com 0.0.0.0 yeapple.com #黄色网站，打开后，你的程序中将加一些你意想不到的东西 0.0.0.0 YES9999.com 0.0.0.0 yinsha.allyes.com 0.0.0.0 you.3322.net 0.0.0.0 youlove.3322.net #有恶意代码的特性外，还夹带病毒：Trojan.Pwdbox.d 0.0.0.0 z.extreme-dm.com 0.0.0.0 z0.extreme-dm.com 0.0.0.0 z1.extreme-dm.com 0.0.0.0 zbszx.vicp.net 0.0.0.0 zhongxuesheng.myrice.com 0.0.0.0 www.369.com #IE劫持 ================================== 进程特权扫描 N/A ================================== API HOOK 入口点错误：CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x00E81FFD) 入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x00E820E5) ================================== 隐藏进程 N/A ================================== [/CODE]