12   1  /  2  页   跳转

老是有莫名其秒的网页跳出来。

收藏
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 12:14 | 显示全部 短消息 资料
字号: 1楼

老是有莫名其秒的网页跳出来。

在开网页的时候老是会有一些网页跳出来。关了~过一会儿又有,连接的网页都不相同。以下几个工具扫出来的日志,烦请帮我看看哦,前几天用瑞星杀毒还有病毒杀出来,现在杀不出毒了,可还不停的跳
ijackThis_zww汉化版扫描日志 V1.99.1
保存于      16:32:05, 日期 2006-09-01
操作系统:  Windows 98 SE (Win9x 4.10.2222A)
浏览器:    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程:         
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE
C:\WINPENJR\WIN32\PPHIDPAD.EXE
C:\PROGRAM FILES\YAHOO!\ASSISTANT\YLIVE.EXE
C:\WINDOWS\SYSTEM\E_S6I3A1.EXE
C:\PROGRAM FILES\FOXMAIL\FOXMAIL.EXE
C:\PROGRAM FILES\SONY CORPORATION\IMAGE TRANSFER\SONYTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
I:\下载\瑞星病毒专杀\HIJACKTHIS\HIJACKTHIS1991ZWW.EXE

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - 启动项HKLM\\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - 启动项HKLM\\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [LoadQM] loadqm.exe
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [PPHIDPAD] C:\WINPENJR\Win32\pphidpad.exe
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [EPSON Stylus C67 Series] C:\WINDOWS\SYSTEM\E_S6I3A1.EXE /P23 "EPSON Stylus C67 Series" /O5 "LPT1:" /M "Stylus C67"
O4 - 启动项HKLM\\RunServices: [RavMon] "C:\Program Files\rising\Rav\RavMon.exe" -system
O4 - 启动项HKLM\\RunServices: [StdService] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM32\STDSVER.DLL,Service
O4 - 启动项HKLM\\RunServices: [WinWrCup] C:\WINDOWS\WINCUP\WINCUP.EXE -R
O4 - 启动项HKLM\\RunServices: [RsCcenter] "C:\Program Files\rising\Rav\CCenter.exe"
O4 - 启动项HKLM\\RunServices: [RavMond] "C:\Program Files\rising\Rav\RavMond.exe"
O4 - HKCU\..\Run: [Foxmail] "C:\PROGRAM FILES\FOXMAIL\FOXMAIL.EXE" -min
O4 - Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: 添加到中国网爪(&Z) - C:\Program Files\ChinaClaw\AddUrl.htm
O8 - IE右键菜单中的新增项目: 添加所有或选择到中国网爪 - C:\Program Files\ChinaClaw\AddAll.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\PROGRAM FILES\TENCENT\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 在Foxmail中添加该RSS频道/频道组 - res://C:\WINDOWS\SYSTEM\fmrsslink.dll/201
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/203
O8 - IE右键菜单中的新增项目: 添加到雅虎订阅(&Y) - res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YRSS.DLL/YRSSMENUEXT
O9 - 浏览器额外的按钮: 词霸 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\PROGRA~1\KINGSOFT\FASTAIT\IEPLUGIN.DLL
O9 - 浏览器额外的按钮: 卓越 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\PROGRA~1\KINGSOFT\FASTAIT\IEPLUGIN.DLL
O9 - 浏览器额外的按钮: 网爪 - {0B47C180-9E84-11D3-9DE6-00A0CC2E4AA6} - C:\Program Files\ChinaClaw\ChinaClaw.exe
O9 - 浏览器额外的按钮: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: _{2761225D-F0F2-44E8-A2C9-476FB6A3316A} - http://dl_dir.qq.com/qqtools/trsetup.exe
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 202.101.103.55,202.101.103.54
O21 - SSODL: webwork - {4C611512-2C1D-44b2-A044-872AD2AD5A61} - C:\WINDOWS\WEBWORK\WEBWORK.DLL

最后编辑2006-09-02 15:20:38.890000000
分享到:
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 12:15 | 显示全部 短消息 资料
字号: 2楼

2006-09-02,11:49:00

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows 98 SE  -

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Foxmail><"C:\PROGRAM FILES\FOXMAIL\FOXMAIL.EXE" -min>  [Tencent Inc.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [Microsoft Corporation]
    <SystemTray><SysTray.Exe>  [Microsoft Corporation]
    <ScanRegistry><C:\WINDOWS\scanregw.exe /autorun>  [Microsoft Corporation]
    <TaskMonitor><C:\WINDOWS\taskmon.exe>  [Microsoft Corporation]
    <StillImageMonitor><C:\WINDOWS\SYSTEM\STIMON.EXE>  [Microsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <LoadQM><loadqm.exe>  [Microsoft Corporation]
    <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <PPHIDPAD><C:\WINPENJR\Win32\pphidpad.exe>  []
    <YLive.exe><C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe>  [Yahoo! China]
    <EPSON Stylus C67 Series><C:\WINDOWS\SYSTEM\E_S6I3A1.EXE /P23 "EPSON Stylus C67 Series" /O5 "LPT1:" /M "Stylus C67">  [SEIKO EPSON CORPORATION]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <yalertreg4_98><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <RavMon><"C:\Program Files\rising\Rav\RavMon.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <StdService><C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM32\STDSVER.DLL,Service>  [MStdup Co Ltd.]
    <WinWrCup><C:\WINDOWS\WINCUP\WINCUP.EXE -R>  []
    <RsCcenter><"C:\Program Files\rising\Rav\CCenter.exe">  [Beijing Rising Technology Co., Ltd.]
    <RavMond><"C:\Program Files\rising\Rav\RavMond.exe">  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []

==================================
启动文件夹
[Image Transfer]
  <C:\WINDOWS\Start Menu\Programs\启动\Image Transfer.lnk><N>

==================================
服务

==================================
浏览器加载项
[stdup]
  {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} <C:\WINDOWS\SYSTEM32\stdup.dll, MStdup Co Ltd.>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL, Yahoo! China>
[CibaCtrl Class]
  {8DE0FCD4-5EB5-11D3-AD25-00002100131B} <C:\PROGRA~1\KINGSOFT\FASTAIT\IEPLUGIN.DLL, $>
[JoyoCtrl Class]
  {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} <C:\PROGRA~1\KINGSOFT\FASTAIT\IEPLUGIN.DLL, $>
[网爪]
  {0B47C180-9E84-11D3-9DE6-00A0CC2E4AA6} <C:\Program Files\ChinaClaw\ChinaClaw.exe, http://www.51357.com>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[Yahoo 1G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8B.OCX, Macromedia, Inc.>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNMESSENGERSETUPDOWNLOADER.OCX, Microsoft Corporation>
[添加到中国网爪(&Z)]
  <C:\Program Files\ChinaClaw\AddUrl.htm, N/A>
[添加所有或选择到中国网爪]
  <C:\Program Files\ChinaClaw\AddAll.htm, N/A>
[添加到QQ自定义面板]
  <C:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm, N/A>
[上传到QQ网络硬盘]
  <C:\PROGRAM FILES\TENCENT\QQ\AddToNetDisk.htm, N/A>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[在Foxmail中添加该RSS频道/频道组]
  <res://C:\WINDOWS\SYSTEM\fmrsslink.dll/201, N/A>
[雅虎搜索]
  <res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/203, N/A>
[添加到雅虎订阅(&Y)]
  <res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YRSS.DLL/YRSSMENUEXT, N/A>

==================================
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 12:17 | 显示全部 短消息 资料
字号: 3楼

正在运行的进程
[PID: 4294954923][C:\WINDOWS\SYSTEM\MPREXE.EXE]  <Microsoft Corporation><4.10.1998>
    [C:\WINDOWS\SYSTEM32\STDSVER.DLL]  <MStdup Co Ltd.><3, 2, 2, 3>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
[PID: 4294858031][C:\WINDOWS\RUNDLL32.EXE]  <Microsoft Corporation><4.10.1998>
[PID: 4294881175][C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\PROGRAM FILES\WINZIP\WZSHLSTB.DLL]  <WinZip Computing, Inc.><3.0 (32-bit)>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL]  <Yahoo! China><3, 0, 2, 1004>
    [C:\WINDOWS\SYSTEM32\STDUP.DLL]  <MStdup Co Ltd.><3, 2, 2, 3>
    [C:\WINDOWS\SYSTEM\RAVEXT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL]  <yahoo! china><3, 0, 7, 1051>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALLIVEEX.DLL]  <Yahoo! China><3, 0, 1, 1010>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALIVE.DLL]  <yahoo! china><3, 2, 5, 1075>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPATCH.DLL]  <Yahoo! China><3, 0, 3, 1009>
    [C:\WINDOWS\SYSTEM\DHCPCSVC.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
    [C:\WINDOWS\WEBWORK\WEBWORK.DLL]  <MSWebwork Cop.><1, 0, 0, 1>
[PID: 4294773743][C:\WINDOWS\EXPLORER.EXE]  <Microsoft Corporation><4.72.3110.1>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
[PID: 4294820531][C:\WINDOWS\SYSTEM\RPCSS.EXE]  <Microsoft Corporation><4.71.2900>
[PID: 4294668287][C:\WINDOWS\SYSTEM\INTERNAT.EXE]  <Microsoft Corporation><4.10.2222>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPATCH.DLL]  <Yahoo! China><3, 0, 3, 1009>
[PID: 4294664987][C:\WINDOWS\SYSTEM\SYSTRAY.EXE]  <Microsoft Corporation><4.10.2222>
[PID: 4294663615][C:\WINDOWS\TASKMON.EXE]  <Microsoft Corporation><4.10.1998>
    [C:\WINDOWS\SYSTEM\N124UFW.DLL]  <CANON INC.><2.050>
    [C:\WINDOWS\SYSTEM\CNQU70.DLL]  <CANON INC.><1, 0, 0, 3>
[PID: 4294663511][C:\WINDOWS\SYSTEM\STIMON.EXE]  <Microsoft Corporation><4.10.2222>
[PID: 4294688255][C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]  <RealNetworks, Inc.><0.1.0.3292>
    [C:\WINDOWS\SYSTEM\DHCPCSVC.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
[PID: 4294676191][C:\WINDOWS\LOADQM.EXE]  <Microsoft Corporation><5.4.1103.3>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><18, 0, 0, 1>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 4294680467][C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
[PID: 4294676643][C:\WINPENJR\WIN32\PPHIDPAD.EXE]  <N/A><N/A>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YNOTIFIER.DLL]  <yahoo! china><3, 0, 0, 1000>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALLIVEEX.DLL]  <Yahoo! China><3, 0, 1, 1010>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALIVE.DLL]  <yahoo! china><3, 2, 5, 1075>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPATCH.DLL]  <Yahoo! China><3, 0, 3, 1009>
[PID: 4294697839][C:\PROGRAM FILES\YAHOO!\ASSISTANT\YLIVE.EXE]  <Yahoo! China><3, 0, 3, 1009>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
[PID: 4294691843][C:\WINDOWS\SYSTEM\E_S6I3A1.EXE]  <SEIKO EPSON CORPORATION><4.00>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPATCH.DLL]  <Yahoo! China><3, 0, 3, 1009>
    [C:\PROGRAM FILES\FOXMAIL\3RDPARTY\PUNYLIB.DLL]  <CNNIC><1, 0, 0, 3>
    [C:\PROGRAM FILES\FOXMAIL\3RDPARTY\ADDONS\AD\MSGAPI.DLL]  <Tencent inc.><1.0.0.0>
    [C:\PROGRAM FILES\FOXMAIL\FOXANTISPAM.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\FOXMAIL\PCRE.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
[PID: 4294587927][C:\PROGRAM FILES\FOXMAIL\FOXMAIL.EXE]  <Tencent Inc.><6.04.104.20>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRAM FILES\SONY CORPORATION\IMAGE TRANSFER\SONYTRAY.DLL]  <N/A><N/A>
[PID: 4294619299][C:\PROGRAM FILES\SONY CORPORATION\IMAGE TRANSFER\SONYTRAY.EXE]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\EPIPPJ70.DLL]  <SEIKO EPSON CORP.><3.0.2>
    [C:\WINDOWS\SYSTEM\EPIPPJ60.DLL]  <SEIKO EPSON CORP.><2.0.8>
    [C:\WINDOWS\SYSTEM\EBPMON.DLL]  <SEIKO EPSON CORPORATION><2, 45, 0, 0>
    [C:\WINDOWS\SYSTEM\NMPMON.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\EPUSBMN.DLL]  <SEIKO EPSON CORPORATION><3.01.046>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
[PID: 4294627431][C:\WINDOWS\SYSTEM\SPOOL32.EXE]  <Microsoft Corporation><4.10.1998>
[PID: 4294543139][C:\WINDOWS\SYSTEM\WMIEXE.EXE]  <Microsoft Corporation><5.00.1755.1>
    [C:\WINDOWS\SYSTEM\VTDD.DLL]  <VIA/S3 Graphics Co, Ltd.><4.14.10.0059-16.01.23.15>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
[PID: 4294282767][C:\WINDOWS\SYSTEM\DDHELP.EXE]  <Microsoft Corporation><4.08.00.0400>
    [C:\PROGRAM FILES\RISING\RAV\EXTOLE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\RISING\RAV\UNPACKER.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\RISING\RAV\SCANEXEC.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\SCANSCT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [C:\PROGRAM FILES\RISING\RAV\SCANMAC.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\PROGRAM FILES\RISING\RAV\NVFILE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\PROGRAM FILES\RISING\RAV\SCANEX.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\PROGRAM FILES\RISING\RAV\RSUNPACK.DLL]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 13>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRAM FILES\RISING\RAV\UNEXE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\POSTTRT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [C:\PROGRAM FILES\RISING\RAV\ENGINE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 34>
    [C:\PROGRAM FILES\RISING\RAV\SPAMENG.DLL]  <N/A><18, 0, 0, 6>
    [C:\PROGRAM FILES\RISING\RAV\MAILMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\MEMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\PROGRAM FILES\RISING\RAV\HOOKWEB.DLL]  <rising><18, 0, 0, 2>
    [C:\PROGRAM FILES\RISING\RAV\REGMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [C:\PROGRAM FILES\RISING\RAV\LIBLOAD.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [C:\PROGRAM FILES\RISING\RAV\HOOKSYS.DLL]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSLOG.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><18, 0, 0, 1>
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 12:17 | 显示全部 短消息 资料
字号: 4楼

[PID: 4294595915][C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 35>
    [C:\PROGRAM FILES\RISING\RAV\BWLIST.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPATCH.DLL]  <Yahoo! China><3, 0, 3, 1009>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><18, 0, 0, 1>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[PID: 4294154975][C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
    [C:\PROGRAM FILES\RISING\RAV\BWLIST.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>
    [C:\PROGRAM FILES\RISING\RAV\SCANELF.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\PROGRAM FILES\RISING\RAV\EXTFILE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\PROGRAM FILES\RISING\RAV\EXTOLE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\PROGRAM FILES\RISING\RAV\EXTMAIL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [C:\PROGRAM FILES\RISING\RAV\SCANSCT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [C:\PROGRAM FILES\RISING\RAV\SCANMAC.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\PROGRAM FILES\RISING\RAV\NVFILE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\PROGRAM FILES\RISING\RAV\POSTTRT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [C:\PROGRAM FILES\RISING\RAV\RSUNPACK.DLL]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 13>
    [C:\PROGRAM FILES\RISING\RAV\SCANEX.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\PROGRAM FILES\RISING\RAV\UNEXE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\UNPACKER.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\RISING\RAV\SCANEXEC.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\ENGINE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 34>
    [C:\PROGRAM FILES\RISING\RAV\MVENGINE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
    [C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [C:\PROGRAM FILES\RISING\RAV\LIBLOAD.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPATCH.DLL]  <Yahoo! China><3, 0, 3, 1009>
    [C:\PROGRAM FILES\RISING\RAV\RAVUIMSG.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
    [C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [C:\PROGRAM FILES\RISING\RAV\BWLIST.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\RAVUI.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 64>
    [C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><18, 0, 0, 1>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\PROGRAM FILES\RISING\RAV\PLUGIN\RSPGSCAN.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
[PID: 4294556747][C:\PROGRAM FILES\RISING\RAV\RAV.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 75>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPATCH.DLL]  <Yahoo! China><3, 0, 3, 1009>
    [C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8B.OCX]  <Macromedia, Inc.><8,0,24,0>
    [C:\WINDOWS\SYSTEM32\STDUP.DLL]  <MStdup Co Ltd.><3, 2, 2, 3>
    [C:\WINDOWS\SYSTEM\RAVEXT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YSETTINGS.DLL]  <yahoo! china><3, 0, 3, 1006>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASIESEC.DLL]  <Yahoo! China><3, 0, 0, 1000>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASWIPER.DLL]  <Yahoo! China><3, 0, 0, 1000>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YRSS.DLL]  <Yahoo! China><3, 0, 0, 1000>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL]  <Yahoo! China><3, 0, 2, 1004>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASNOAD.DLL]  <yahoo! china><3, 0, 1, 1003>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YZSNETPROTO.DLL]  <Yahoo! China><3, 0, 0, 1000>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YSEARCH.DLL]  <Yahoo! China><3, 0, 4, 1005>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL]  <yahoo! china><3, 0, 7, 1051>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WEB FOLDERS\MSONSEXT.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALLIVEEX.DLL]  <Yahoo! China><3, 0, 1, 1010>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YALIVE.DLL]  <yahoo! china><3, 2, 5, 1075>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YSCRBLOCK.DLL]  <Yahoo! China><3, 0, 0, 1000>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
[PID: 4294742947][C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPATCH.DLL]  <Yahoo! China><3, 0, 3, 1009>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\YAHOO!\ASSISTANT\YHELPER.DLL]  <Yahoo! China><3, 0, 2, 1020>
[PID: 4294216523][I:\下载\瑞星病毒专杀\111\SRENG2\SRENG.EXE]  <Smallfrogs Studio><2.0.21.505>
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 12:17 | 显示全部 短消息 资料
字号: 5楼

==================================
文件关联
.TXT  Error. [notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [hh.exe %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.JS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 14:37 | 显示全部 短消息 资料
字号: 6楼

以上了操作已经做好了,新的日志如下:
Smallfrogs (http://www.KZTechs.com)

Windows 98 SE  -

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Foxmail><"C:\PROGRAM FILES\FOXMAIL\FOXMAIL.EXE" -min>  [Tencent Inc.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [Microsoft Corporation]
    <SystemTray><SysTray.Exe>  [Microsoft Corporation]
    <ScanRegistry><C:\WINDOWS\scanregw.exe /autorun>  [Microsoft Corporation]
    <TaskMonitor><C:\WINDOWS\taskmon.exe>  [Microsoft Corporation]
    <StillImageMonitor><C:\WINDOWS\SYSTEM\STIMON.EXE>  [Microsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <LoadQM><loadqm.exe>  [Microsoft Corporation]
    <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <PPHIDPAD><C:\WINPENJR\Win32\pphidpad.exe>  []
    <EPSON Stylus C67 Series><C:\WINDOWS\SYSTEM\E_S6I3A1.EXE /P23 "EPSON Stylus C67 Series" /O5 "LPT1:" /M "Stylus C67">  [SEIKO EPSON CORPORATION]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <RavMon><"C:\Program Files\rising\Rav\RavMon.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <StdService><C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM32\STDSVER.DLL,Service>  [MStdup Co Ltd.]
    <WinWrCup><C:\WINDOWS\WINCUP\WINCUP.EXE -R>  []
    <RsCcenter><"C:\Program Files\rising\Rav\CCenter.exe">  [Beijing Rising Technology Co., Ltd.]
    <RavMond><"C:\Program Files\rising\Rav\RavMond.exe">  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []

==================================
启动文件夹
[Image Transfer]
  <C:\WINDOWS\Start Menu\Programs\启动\Image Transfer.lnk><N>

==================================
服务

==================================
浏览器加载项
[CibaCtrl Class]
  {8DE0FCD4-5EB5-11D3-AD25-00002100131B} <C:\PROGRA~1\KINGSOFT\FASTAIT\IEPLUGIN.DLL, $>
[JoyoCtrl Class]
  {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} <C:\PROGRA~1\KINGSOFT\FASTAIT\IEPLUGIN.DLL, $>
[网爪]
  {0B47C180-9E84-11D3-9DE6-00A0CC2E4AA6} <C:\Program Files\ChinaClaw\ChinaClaw.exe, http://www.51357.com>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[Yahoo 1G电邮]
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 14:38 | 显示全部 短消息 资料
字号: 7楼

{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8B.OCX, Macromedia, Inc.>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNMESSENGERSETUPDOWNLOADER.OCX, Microsoft Corporation>
[添加到中国网爪(&Z)]
  <C:\Program Files\ChinaClaw\AddUrl.htm, N/A>
[添加所有或选择到中国网爪]
  <C:\Program Files\ChinaClaw\AddAll.htm, N/A>
[添加到QQ自定义面板]
  <C:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm, N/A>
[上传到QQ网络硬盘]
  <C:\PROGRAM FILES\TENCENT\QQ\AddToNetDisk.htm, N/A>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[在Foxmail中添加该RSS频道/频道组]
  <res://C:\WINDOWS\SYSTEM\fmrsslink.dll/201, N/A>
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 14:38 | 显示全部 短消息 资料
字号: 8楼

正在运行的进程
    [C:\WINDOWS\SYSTEM\EPIPPJ70.DLL]  <SEIKO EPSON CORP.><3.0.2>
    [C:\WINDOWS\SYSTEM\EPIPPJ60.DLL]  <SEIKO EPSON CORP.><2.0.8>
    [C:\WINDOWS\SYSTEM\EBPMON.DLL]  <SEIKO EPSON CORPORATION><2, 45, 0, 0>
    [C:\WINDOWS\SYSTEM\NMPMON.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\EPUSBMN.DLL]  <SEIKO EPSON CORPORATION><3.01.046>
[PID: 4294964575][C:\WINDOWS\SYSTEM\SPOOL32.EXE]  <Microsoft Corporation><4.10.1998>
[PID: 4294958727][C:\WINDOWS\SYSTEM\MPREXE.EXE]  <Microsoft Corporation><4.10.1998>
    [C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><18, 0, 0, 1>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[PID: 4294878299][C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
    [C:\PROGRAM FILES\RISING\RAV\BWLIST.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>
    [C:\WINDOWS\SYSTEM32\STDSVER.DLL]  <MStdup Co Ltd.><3, 2, 2, 3>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
[PID: 4294869603][C:\WINDOWS\RUNDLL32.EXE]  <Microsoft Corporation><4.10.1998>
[PID: 4294880035][C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\PROGRAM FILES\RISING\RAV\UNPACKER.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\RISING\RAV\SCANEXEC.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\SCANSCT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [C:\PROGRAM FILES\RISING\RAV\SCANMAC.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\PROGRAM FILES\RISING\RAV\NVFILE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\PROGRAM FILES\RISING\RAV\SCANEX.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\PROGRAM FILES\RISING\RAV\RSUNPACK.DLL]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 13>
    [C:\PROGRAM FILES\RISING\RAV\UNEXE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\POSTTRT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [C:\PROGRAM FILES\RISING\RAV\ENGINE.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 34>
    [C:\PROGRAM FILES\RISING\RAV\SPAMENG.DLL]  <N/A><18, 0, 0, 6>
    [C:\PROGRAM FILES\RISING\RAV\MAILMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\MEMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\PROGRAM FILES\RISING\RAV\HOOKWEB.DLL]  <rising><18, 0, 0, 2>
    [C:\PROGRAM FILES\RISING\RAV\REGMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [C:\PROGRAM FILES\RISING\RAV\LIBLOAD.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [C:\PROGRAM FILES\RISING\RAV\HOOKSYS.DLL]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSLOG.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><18, 0, 0, 1>
[PID: 4294897627][C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 35>
    [C:\PROGRAM FILES\RISING\RAV\BWLIST.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[PID: 4294661943][C:\WINDOWS\SYSTEM\PSTORES.EXE]  <Microsoft Corporation><5.00.1877.3>
    [C:\WINDOWS\SYSTEM\DHCPCSVC.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\WINDOWS\WEBWORK\WEBWORK.DLL]  <MSWebwork Cop.><1, 0, 0, 1>
    [C:\WINDOWS\SYSTEM\RAVEXT.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[PID: 4294651899][C:\WINDOWS\EXPLORER.EXE]  <Microsoft Corporation><4.72.3110.1>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
[PID: 4294743359][C:\WINDOWS\SYSTEM\RPCSS.EXE]  <Microsoft Corporation><4.71.2900>
[PID: 4294732215][C:\WINDOWS\SYSTEM\INTERNAT.EXE]  <Microsoft Corporation><4.10.2222>
[PID: 4294586919][C:\WINDOWS\SYSTEM\SYSTRAY.EXE]  <Microsoft Corporation><4.10.2222>
[PID: 4294602191][C:\WINDOWS\TASKMON.EXE]  <Microsoft Corporation><4.10.1998>
    [C:\WINDOWS\SYSTEM\N124UFW.DLL]  <CANON INC.><2.050>
    [C:\WINDOWS\SYSTEM\CNQU70.DLL]  <CANON INC.><1, 0, 0, 3>
[PID: 4294600643][C:\WINDOWS\SYSTEM\STIMON.EXE]  <Microsoft Corporation><4.10.2222>
[PID: 4294593199][C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]  <RealNetworks, Inc.><0.1.0.3292>
    [C:\WINDOWS\SYSTEM\DHCPCSVC.DLL]  <N/A><N/A>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
[PID: 4294597675][C:\WINDOWS\LOADQM.EXE]  <Microsoft Corporation><5.4.1103.3>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><18, 0, 0, 1>
    [C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 4294594683][C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[PID: 4294614967][C:\WINPENJR\WIN32\PPHIDPAD.EXE]  <N/A><N/A>
[PID: 4294601335][C:\WINDOWS\SYSTEM\E_S6I3A1.EXE]  <SEIKO EPSON CORPORATION><4.00>
    [C:\PROGRAM FILES\FOXMAIL\3RDPARTY\PUNYLIB.DLL]  <CNNIC><1, 0, 0, 3>
    [C:\PROGRAM FILES\FOXMAIL\3RDPARTY\ADDONS\AD\MSGAPI.DLL]  <Tencent inc.><1.0.0.0>
    [C:\PROGRAM FILES\FOXMAIL\FOXANTISPAM.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\FOXMAIL\PCRE.DLL]  <N/A><N/A>
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 14:38 | 显示全部 短消息 资料
字号: 9楼

[C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
[PID: 4294637335][C:\PROGRAM FILES\FOXMAIL\FOXMAIL.EXE]  <Tencent Inc.><6.04.104.20>
    [C:\PROGRAM FILES\SONY CORPORATION\IMAGE TRANSFER\SONYTRAY.DLL]  <N/A><N/A>
[PID: 4294538547][C:\PROGRAM FILES\SONY CORPORATION\IMAGE TRANSFER\SONYTRAY.EXE]  <N/A><N/A>
[PID: 4294444059][C:\WINDOWS\SYSTEM\WMIEXE.EXE]  <Microsoft Corporation><5.00.1755.1>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
[PID: 4294406543][I:\下载\瑞星病毒专杀\111\SRENG2\SRENG.EXE]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  <N/A><N/A>
    [C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL]  <rising><18, 0, 0, 1>
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 4294493807][C:\PROGRAM FILES\RISING\RAV\SMARTUP.EXE]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 71>
    [C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>

==================================
文件关联
.TXT  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [C:\WINDOWS\winhlp32.exe %1]
.INI  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.JS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
紫月鱼儿
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2005-12-09
  • 来自:
发表于: 2006-09-02 14:40 | 显示全部 短消息 资料
字号: 10楼

hijackThis的日志需要扫上来吗?
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT