瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 请问一下!Trojan.DL.JS.Agent.lir这个东东怎么删不了??

12   1  /  2  页   跳转

请问一下!Trojan.DL.JS.Agent.lir这个东东怎么删不了??

收藏
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-15 04:15 | 只看楼主 短消息 资料
字号: 1楼

请问一下!Trojan.DL.JS.Agent.lir这个东东怎么删不了??

一打开网页就防火墙就行出现发现Trojan.DL.JS.Agent.lir这个病毒!拿瑞星杀也杀不出来!请高手指点一下!!
最后编辑2007-07-16 09:06:30
分享到:
gototop
 
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-15 04:20 | 只看楼主 短消息 资料
字号: 2楼

2006-07-15,04:06:28

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"C:\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <runeip><"C:\Rising\KakaToolBar\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  []
    <RfwMain><"C:\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <Microsoft Pinyin IME Migration><C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL>  [Microsoft Corporation]
    <GrooveMonitor><"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe">  [Microsoft Corporation]
    <SKYNET Personal FireWall><D:\工具程序\天网防~1\pfw.exe>  [广州众达天网技术有限公司]
    <!AVG Anti-Spyware><"D:\工具程序\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [GRISOFT s.r.o.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Rising\KakaToolBar\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><D:\工具程序\AVG Anti-Spyware 7.5\shellexecutehook.dll>  [GRISOFT s.r.o.]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  []

==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk><N>
gototop
 
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-15 04:21 | 只看楼主 短消息 资料
字号: 3楼

服务
[1DA4C306 / 1DA4C306]
  <><N/A>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard]
  <D:\工具程序\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <c:\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"C:\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\工具程序\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\工具程序\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\工具程序\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\工具程序\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\工具程序\QQ\QQ.EXE, TENCENT>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\DOWNLO~1\TSOBase.ocx, Tencent Corporation>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\工具程序\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\工具程序\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[上传到QQ网络硬盘]
  <D:\工具程序\QQ\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <D:\工具程序\迅雷\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\工具程序\迅雷\Program\getallurl.htm, N/A>
[添加到QQ自定义面板]
  <D:\工具程序\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\工具程序\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\工具程序\QQ\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
  <D:\工具程序\BitSpirit\bsurl.htm, N/A>
gototop
 
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-15 04:21 | 只看楼主 短消息 资料
字号: 4楼

正在运行的进程
[PID: 644][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 700][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 724][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 768][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 780][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 952][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1000][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1136][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1260][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1292][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1588][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1672][D:\工具程序\AVG Anti-Spyware 7.5\guard.exe]  <GRISOFT s.r.o.><7, 5, 1, 22>
    [D:\工具程序\AVG Anti-Spyware 7.5\engine.dll]  <GRISOFT s.r.o.><4, 2, 0, 19>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1708][C:\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><19, 0, 0, 4>
    [C:\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><19, 0, 0, 5>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1820][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.8421>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1856][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1992][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 668][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 320][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><19, 0, 0, 9>
    [D:\工具程序\AVG Anti-Spyware 7.5\shellexecutehook.dll]  <GRISOFT s.r.o.><7, 5, 1, 36>
    [C:\WINDOWS\system32\shlhook.dll]  <Beijing Rising Technology Co., Ltd.><4.0.0.7>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
    [C:\WINDOWS\system32\nvcpl.dll]  <NVIDIA Corporation><6.14.10.8421>
    [C:\WINDOWS\system32\NVRSZHC.DLL]  <NVIDIA Corporation><6.14.10.8421>
    [C:\WINDOWS\system32\nvshell.dll]  <N/A><N/A>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
    [C:\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><19, 0, 0, 5>
    [D:\工具程序\迅雷\ComDlls\TDAtOnce_Now.dll]  <Thunder Networking Technologies,LTD><1.0.2.9>
    [D:\工具程序\迅雷\ComDlls\xunleiBHO_Now.dll]  <Thunder Networking Technologies,LTD><5, 0, 3, 11>
    [D:\工具程序\迅雷\Components\ResWorker\DsBho_01.dll]  <><1, 0, 0, 4>
    [D:\工具程序\迅雷\Components\ResWorker\DataProcessor_01.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 6>
    [D:\工具程序\WINRAR\rarext.dll]  <N/A><N/A>
    [D:\工具程序\AVG Anti-Spyware 7.5\context.dll]  <GRISOFT s.r.o.><7, 5, 1, 36>
[PID: 384][c:\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><5, 0, 0, 72>
    [c:\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><19, 0, 0, 33>
    [c:\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><19, 0, 0, 5>
    [c:\rising\rfw\RfwCtrl.dll]  <Beijing Rising Technology Co., Ltd.><5, 0, 0, 11>
    [c:\rising\rfw\RsXML.dll]  <Beijing Rising Technology Co., Ltd.><19, 0, 0, 2>
    [c:\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 408][C:\WINDOWS\system32\wscntfy.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 832][C:\Rising\KakaToolBar\runiep.exe]  <Beijing Rising Technology Co., Ltd.><4.0.0.15>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1212][C:\WINDOWS\VM303_STI.EXE]  <Vimicro><4, 3, 625, 61>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 1928][C:\WINDOWS\system32\CTFMON.EXE]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
    [D:\游戏程序\劲舞团~1\HShield\EGRNAPX2.DLL]  <AhnLab, Inc.><0, 0, 0, 44>
[PID: 3044][C:\WINDOWS\system32\NOTEPAD.EXE]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
[PID: 1580][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\工具程序\迅雷\ComDlls\TDAtOnce_Now.dll]  <Thunder Networking Technologies,LTD><1.0.2.9>
    [D:\工具程序\迅雷\ComDlls\xunleiBHO_Now.dll]  <Thunder Networking Technologies,LTD><5, 0, 3, 11>
    [D:\工具程序\迅雷\Components\ResWorker\DsBho_01.dll]  <><1, 0, 0, 4>
    [D:\工具程序\迅雷\Components\ResWorker\DataProcessor_01.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 6>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
    [C:\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  <Adobe Systems, Inc.><9,0,28,0>
    [C:\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><19, 0, 0, 5>
[PID: 3184][D:\工具程序\AVG Anti-Spyware 7.5\avgas.exe]  <GRISOFT s.r.o.><7, 5, 1, 43>
    [D:\工具程序\AVG Anti-Spyware 7.5\engine.dll]  <GRISOFT s.r.o.><4, 2, 0, 19>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>
[PID: 2008][D:\工具程序\日志\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\Rising\KakaToolBar\ieprot.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 10>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
gototop
 
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-15 19:00 | 只看楼主 短消息 资料
字号: 5楼

有高手指点一下吗??自从发现这个病毒我的瑞星就不正常了!平常文件有20万左右!现在杀完毒显示只杀了9万左右!!
gototop
 
火影忍者
头像
横据古稀狮
  • 帖子:7855
  • 注册: 2006-06-29
  • 来自:火星
发表于: 2007-07-15 19:18 | 短消息 资料
字号: 6楼

昏倒...还在用2.0的SRE...


下载 System Repair Engineer,
http://www.kztechs.com/sreng/download.html
gototop
 
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-16 01:32 | 只看楼主 短消息 资料
字号: 7楼

2006-07-16,01:18:26

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"C:\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <runeip><"C:\Rising\KakaToolBar\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [N/A]
    <RfwMain><"C:\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <Microsoft Pinyin IME Migration><C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL>  [(Verified)Microsoft Corporation]
    <GrooveMonitor><"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe">  [(Verified)Microsoft Corporation]
    <SKYNET Personal FireWall><D:\工具程序\天网防~1\pfw.exe>  [广州众达天网技术有限公司]
    <!AVG Anti-Spyware><"D:\工具程序\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [(Verified)GRISOFT LTD]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Rising\KakaToolBar\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><D:\工具程序\AVG Anti-Spyware 7.5\shellexecutehook.dll>  [(Verified)GRISOFT LTD]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
gototop
 
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-16 01:33 | 只看楼主 短消息 资料
字号: 8楼

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\工具程序\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[1DA4C306 / 1DA4C306][Stopped/Disabled]
  <><N/A>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <D:\工具程序\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD Special Tools Driver / AmdTools][Stopped/Manual Start]
  <system32\DRIVERS\AmdTools.sys><N/A>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\D:\工具程序\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\工具程序\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Rising\Rav\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[Prolific2 Serial port driver / Ser2pl][Stopped/Manual Start]
  <system32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[SKNFW / SKNFW][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs][Running/Manual Start]
  <\??\D:\工具程序\天网防~1\SkyProcs.sys><N/A>
[Samsung Mobile USB Device 1.0 driver (WDM) / ss_bus][Stopped/Manual Start]
  <system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl][Stopped/Manual Start]
  <system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm][Stopped/Manual Start]
  <system32\DRIVERS\ss_mdm.sys><MCCI>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\F:\按键精灵\script\script\winio.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[海天地摄像头301PLH / ZSMC303][Running/Manual Start]
  <System32\Drivers\usbVM303.sys><Vimicro Corporation>

==================================
gototop
 
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-16 01:34 | 只看楼主 短消息 资料
字号: 9楼

浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\工具程序\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\工具程序\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\工具程序\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\工具程序\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\工具程序\QQ\QQ.EXE, TENCENT>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\DOWNLO~1\TSOBase.ocx, Tencent Corporation>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\工具程序\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\工具程序\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[上传到QQ网络硬盘]
  <D:\工具程序\QQ\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <D:\工具程序\迅雷\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\工具程序\迅雷\Program\getallurl.htm, N/A>
[添加到QQ自定义面板]
  <D:\工具程序\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\工具程序\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\工具程序\QQ\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
  <D:\工具程序\BitSpirit\bsurl.htm, N/A>
gototop
 
dy520
头像
初生襁褓狮
  • 帖子:83
  • 注册: 2006-05-29
  • 来自:
发表于: 2007-07-16 01:35 | 只看楼主 短消息 资料
字号: 10楼

==================================
正在运行的进程
[PID: 644 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 708 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 776 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 948 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1124 / SYSTEM][C:\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1140 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1260 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1296 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1308 / SYSTEM][C:\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
    [C:\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [C:\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [C:\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [C:\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Rising\Rav\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
    [C:\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [C:\Rising\Rav\SpamEng.dll]  [, 18, 0, 0, 6]
    [C:\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [C:\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 67]
    [C:\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [C:\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [C:\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Rising\Rav\ExtMail.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Rising\Rav\ScanElf.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[PID: 1428 / SYSTEM][c:\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 35]
    [c:\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [c:\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [c:\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
    [c:\rising\rfw\psapi.dll]  [Microsoft Corporation, 4.00]
    [c:\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [c:\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [c:\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1584 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\msonpmon.dll]  [Microsoft Corporation, 12.3.4518.1014]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\msonpppr.dll]  [Microsoft Corporation, 12.3.4518.1014]
[PID: 1720 / SYSTEM][C:\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1820 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8421]
[PID: 1880 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 336 / ft3540258][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT