瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 瑞星小伞不见了,大家能帮我看看电脑是否中毒了吗?谢谢了~有日志

1   1  /  1  页   跳转

瑞星小伞不见了,大家能帮我看看电脑是否中毒了吗?谢谢了~有日志

收藏
乖ミ程ル
头像
初生襁褓狮
  • 帖子:43
  • 注册: 2006-12-19
  • 来自:
发表于: 2007-05-12 22:47 | 只看楼主 短消息 资料
字号: 1楼

瑞星小伞不见了,大家能帮我看看电脑是否中毒了吗?谢谢了~有日志

2007-05-12,22:31:04

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <Skype><; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized>  [(Verified)Skype Technologies SA]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RfwMain><"d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [Tencent]
    <runeip><D:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <UserTools><C:\Program Files\FJCA\FJCAUserTools\UserTools.exe>  [FJCA]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <QQDownload><; "d:\Program Files\Tencent\QQ\QQDownload.exe" autostart>  [N/A]
    <SiS KHooker><; C:\WINDOWS\system32\khooker.exe>  [Silicon Integrated Systems Corporation]
    <SiS Tray><; C:\WINDOWS\system32\sistray.EXE>  [Silicon Integrated Systems Corporation]
    <SiSUSBRG><; C:\WINDOWS\sisUSBrg.exe>  [Silicon Integrated Systems Corp.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><"\Program Files\Logonui\Logonui.exe">  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
[福建CA数字证书客户端软件]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\福建CA数字证书客户端软件.lnk --> C:\PROGRA~1\FJCA\FJCAUS~1\USERTO~1.EXE [FJCA]><N>

==================================
服务
[Canon Camera Access Library 8 / CCALib8][Running/Auto Start]
  <C:\Program Files\Canon\CAL\CALMAIN.exe><Canon Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"d:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[User Profile Hive Cleanup / UPHClean][Running/Auto Start]
  <C:\Program Files\UPHClean\uphclean.exe><Microsoft Corporation>
[Windows Media Player 网络共享服务 / WMPNetworkSvc][Stopped/Disabled]
  <"C:\Program Files\Windows Media Player\WMPNetwk.exe"><Microsoft Corporation>
最后编辑2007-05-13 00:12:03
分享到:
gototop
 
乖ミ程ル
头像
初生襁褓狮
  • 帖子:43
  • 注册: 2006-12-19
  • 来自:
发表于: 2007-05-12 22:56 | 只看楼主 短消息 资料
字号: 2楼

驱动程序
[Service for Avance AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\d:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\d:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiS315 / SiS315][Running/Manual Start]
  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiS AGP Filter / sisagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[SiSkp / SiSkp][Running/System Start]
  <system32\drivers\srvkp.sys><N/A>
[SiS PCI Fast Ethernet Adapter Driver / SISNIC][Running/Manual Start]
  <system32\DRIVERS\sisnic.sys><SiS Corporation>
[WatchKey / WatchKey][Stopped/Manual Start]
  <System32\Drivers\wdkey.sys><Beijing WatchData System Co., Ltd.>
[Winbond Infrared Device Driver / WBFIRDMA][Running/Manual Start]
  <system32\DRIVERS\wbfirdma.sys><Winbond Electronics Corp.>
[WatchData WatchKey / WDCRW-V][Stopped/Auto Start]
  <System32\Drivers\wdkey.sys><Beijing WatchData System Co., Ltd.>

==================================
gototop
 
乖ミ程ル
头像
初生襁褓狮
  • 帖子:43
  • 注册: 2006-12-19
  • 来自:
发表于: 2007-05-12 22:57 | 只看楼主 短消息 资料
字号: 3楼

浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Skype add-on (mastermind)]
  {22BF413B-C6D2-4d91-82A9-A0F997BA588C} <C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL, Skype Technologies S.A.>
[Skype add-on (button)]
  {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL, Skype Technologies S.A.>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[VqqSpeedDlProxy Class]
  {9ADACAA6-533E-4383-AFA7-F0A66650B6D8} <C:\WINDOWS\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Skype add-on (mastermind)]
  {22BF413B-C6D2-4D91-82A9-A0F997BA588C} <C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL, Skype Technologies S.A.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Skype add-on (button)]
  {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL, Skype Technologies S.A.>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[VqqSpeedDlProxy Class]
  {9ADACAA6-533E-4383-AFA7-F0A66650B6D8} <C:\WINDOWS\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\system32\TSOBase\TSOBase.ocx, Tencent Corporation>
[d:\Program Files\Tencent\QQ\QQPlayerProxy.dll]
  {CD108273-D434-43E6-AA90-1469F97EB398} <d:\PROGRA~1\Tencent\QQ\QQPLAY~1.DLL, Tencent>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[Upccerttool Control]
  {DEFB8CA5-7BF2-421A-9017-0E8209D152B5} <C:\WINDOWS\system32\FJCAUP~1.OCX, jit>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[CertAux Control]
  {E9DDB52A-55F4-11D5-93C5-0050BAD59E1E} <C:\PROGRA~1\FJCA\FJCAUS~1\CertAux.ocx, FJCA>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
gototop
 
乖ミ程ル
头像
初生襁褓狮
  • 帖子:43
  • 注册: 2006-12-19
  • 来自:
发表于: 2007-05-12 23:00 | 只看楼主 短消息 资料
字号: 4楼

正在运行的进程
[PID: 392][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 468][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 492][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.7.0018.5]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 536][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 548][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 696][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 796][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 816][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
[PID: 900][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 984][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
[PID: 1308][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1368][C:\WINDOWS\System32\SCardSvr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1596][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1636][C:\Program Files\UPHClean\uphclean.exe]  [Microsoft Corporation, 1.5.5.21]
[PID: 1824][C:\Program Files\Canon\CAL\CALMAIN.exe]  [Canon Inc., 8, 1, 0, 14]
[PID: 1904][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 244][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1696][C:\WINDOWS\system32\WgaTray.exe]  [Microsoft Corporation, 1.7.0018.5]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 348][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\TENCENT\Adplus\SSAddr1.dll]  [Tencent, 4, 4, 3, 30]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 952][d:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [d:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [d:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [d:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [d:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [d:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
gototop
 
乖ミ程ル
头像
初生襁褓狮
  • 帖子:43
  • 注册: 2006-12-19
  • 来自:
发表于: 2007-05-12 23:01 | 只看楼主 短消息 资料
字号: 5楼

[PID: 1144][C:\WINDOWS\SOUNDMAN.EXE]  [Avance Logic, Inc., 5.0.02]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 472][D:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [D:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
[PID: 2004][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2096][C:\Program Files\FJCA\FJCAUserTools\UserTools.exe]  [FJCA, 1, 0, 0, 1]
    [C:\Program Files\FJCA\FJCAUserTools\FJCAServer.dll]  [FJCA, 2, 0, 0, 1]
    [C:\Program Files\FJCA\FJCAUserTools\jitenc.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\FJCASCardCert.dll]  [FJCA, 1, 0, 0, 1]
    [C:\Program Files\FJCA\FJCAUserTools\SCardCert.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\USBCrw.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\CRWICC.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\MCardCert.dll]  [Binz Corporation, 2, 3, 7, 37]
    [C:\Program Files\FJCA\FJCAUserTools\MwUsbD.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\ZCardCert.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\NewKeyP11.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\NewKeyApi.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBAndZC.DLL]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\HCardCert.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\FJCA\FJCAUserTools\FJCADoubleCert.dll]  [FJCA, 2, 0, 0, 1]
    [C:\Program Files\FJCA\FJCAUserTools\BjMwKey.dll]  [FJCA, 1, 0, 0, 1]
    [C:\WINDOWS\system32\UKEYBOT.dll]  [恒宝软件股份, 1, 2, 3, 6]
    [C:\Program Files\FJCA\FJCAUserTools\MwBjMwKey.dll]  [, 1, 1, 0, 2]
    [C:\Program Files\FJCA\FJCAUserTools\WqBjMwKey.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\ZcBjMwKey.dll]  [N/A, ]
    [C:\Program Files\FJCA\FJCAUserTools\HbBjMwKey.dll]  [N/A, ]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [C:\WINDOWS\system32\HBKeyCSP.Dll]  [, 2, 0, 0, 13]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2632][C:\WINDOWS\system32\NOTEPAD.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3556][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
    [C:\WINDOWS\system32\IEFRAME.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [C:\Program Files\TENCENT\Adplus\SSAddr1.dll]  [Tencent, 4, 4, 3, 30]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [C:\WINDOWS\system32\IEUI.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [C:\WINDOWS\system32\xmllite.dll]  [Microsoft Corporation, 1.00.1018.0]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Internet Explorer\ieproxy.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL]  [Skype Technologies S.A., 2, 2, 0, 74]
    [C:\Program Files\Skype\toolbars\Shared\SPhoneParser.dll]  [Skype Technologies, 1, 0, 1, 143]
    [C:\WINDOWS\system32\ieapfltr.dll]  [Microsoft Corporation, 7.0.6000.16461]
    [C:\WINDOWS\system32\PWBX3245.IME]  [Beijing WangMa Computer General Company., 5.00.000]
    [C:\WINDOWS\system\WBX3245.dll]  [N/A, ]
    [C:\WINDOWS\system\WMW3245.dll]  [N/A, ]
    [C:\WINDOWS\system\WMSYS32.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 4008][C:\Documents and Settings\NEW\桌面\SRENG2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
    [C:\Program Files\TENCENT\Adplus\Adplus1.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.0.0.6077]
    [D:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A
gototop
 
乖ミ程ル
头像
初生襁褓狮
  • 帖子:43
  • 注册: 2006-12-19
  • 来自:
发表于: 2007-05-12 23:23 | 只看楼主 短消息 资料
字号: 6楼

拜托了~~~有没有人回答下呢?在线等~~~
gototop
 
silencek
头像
初生襁褓狮
  • 帖子:114
  • 注册: 2007-05-07
  • 来自:
发表于: 2007-05-12 23:51 | 短消息 资料
字号: 7楼

..重安瑞星试试。。我前几天也无故消失。。后来重安了一下。然后还赶上升级。。就没事了。。给瑞星那帮发邮件。。也事让重装。。或者是修复。。
gototop
 
乖ミ程ル
头像
初生襁褓狮
  • 帖子:43
  • 注册: 2006-12-19
  • 来自:
发表于: 2007-05-13 00:22 | 只看楼主 短消息 资料
字号: 8楼

终于有人回复了~谢谢啊.
我刚刚也用添加删除组件修复了一下,瑞星是可以用了.
最近瑞星免费是不是取消了?从5月4号更新以后就再不能更新了,说是ID不对.
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT