求助大虾指点，Temp文件夹下面bao.exe,bbo.exe....瑞星没反应阿 bbs.ikaka.com

sense2002 - 2007-4-30 22:57:00

如题，系统的用户临时文件夹下面一直在出bao.exe,bbo.exe,bco.exe....，而且系统一直提示这些exe执行时出错，瑞星根本没有反应，用了木马查杀工具也说没有，怎么回事啊，哪位高人指点下，不胜感激。。。

sense2002 - 2007-4-30 23:29:00

没有人理我，自己先顶下。。。

newcenturymoon - 2007-4-30 23:30:00

你都知道不是好东西把他们删掉不就完了？

sense2002 - 2007-5-1 22:40:00

谢谢楼上的，不过我是想删掉他们，可是删了还是继续出阿,而且一直弹系统窗口说这些程序执行失败。。。
郁闷死了，哪位高人指点下吧，拜托了，真的不想重做系统阿。。。
本人白天上班，晚上回来的时候帖子就沉底了，只能现在在线等了，高人们，指点下吧。。

newcenturymoon - 2007-5-1 22:42:00

下载 System Repair Engineer，
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来，不要修改

sense2002 - 2007-5-1 22:43:00

谢谢，我马上弄。。

sense2002 - 2007-5-1 22:47:00

[CODE]

2007-05-01,23:32:56

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Windows XP Publisher]
<tcg2cg0z2><C:\DOCUME~1\pipi\LOCALS~1\Temp\1explore.exe> []
<msnmsgr><"C:\Program Files\MSN Messenger\msnmsgr.exe" /background> [(Verified)Microsoft Corporation]
<i><C:\DOCUME~1\pipi\LOCALS~1\Temp\Servera.exe> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows XP Publisher]
<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows XP Publisher]
<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows XP Publisher]
<SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray> [Analog Devices, Inc.]
<ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]
<BMMLREF><C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE> []
<EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe> [IBM Corp.]
<TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe> []
<TpShocks><TpShocks.exe> [IBM Corp.]
<TPKMAPHELPER><C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper> [IBM Corp.]
<SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Microsoft Windows XP Publisher]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<QCTray><C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE> [IBM Corp.]
<QCWLIcon><C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE> [IBM Corp.]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<IMSCMIG40W><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log> [Microsoft Corporation]
<imjpmig><C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload> [Microsoft Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<BigDogPath><C:\WINDOWS\VM_STI.EXE USB PC Camera 301P> [N/A]
<TrackPointSrv><tp4serv.exe> [IBM Corporation]
<TP4EX><tp4ex.exe> [IBM Corporation]
<runeip><C:\Program Files\Rising\KakaToolBar\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<Antiy Auto Update><C:\Program Files\Antiy Labs\Alive\AliveCenter.exe> [N/A]
<AGB5Monitor><C:\Program Files\Antiy Labs\AGuard\AGuard.exe /AutoRun> [N/A]
<iparmor><C:\Program Files\Iparmor\Iparmor.exe mini> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><EXPLORER.EXE> [(Verified)Microsoft Windows XP Publisher]
<Userinit><userinit.exe,> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
<{A6011F8F-A7F8-49AA-9ADA-49127D43138F}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.bmp> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina]
<WinlogonNotify: QConGina><QConGina.dll> [IBM Corp.]

==================================
启动文件夹
[Acrobat Assistant]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Acrobat Assistant.lnk --> E:\ACROBA~1.0\Distillr\acrotray.exe [Adobe Systems Inc.]><N>
[Digital Line Detect]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Digital Line Detect.lnk --> C:\Program Files\Digital Line Detect\DLG.exe [N/A]><N>
[Microsoft Office]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[IPMSG for Win32]
<C:\Documents and Settings\pipi\「开始」菜单\程序\启动\IPMSG for Win32.lnk --> C:\PROGRA~1\IPMsg\ipmsg.exe [H.Shirouzu]><N>
[新浪UC]
<C:\Documents and Settings\pipi\「开始」菜单\程序\启动\新浪UC.lnk --> C:\Program Files\sina\UC\uc.exe [N/A]><N>
[腾讯QQ]
<C:\Documents and Settings\pipi\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>

sense2002 - 2007-5-1 22:51:00

浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <, N/A>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <, N/A>
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484f-8273-0445EE161910} <, N/A>
[浩方对战平台]
{0A155D3C-68E2-4215-A47A-E800A446447A} <E:\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[新浪UC]
{2253922F-1B26-4C74-8B57-E3AEE748DBB8} <C:\Program Files\sina\UC\uc.exe, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <E:\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\System32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[MMCPlayer Class]
{05C1004E-2596-48E5-8E26-39362985EEB9} <C:\Program Files\Sogou PXP\MMCShell.dll, Sohu.com Inc.>
[H323epC Control]
{1856F76A-8018-4251-81C1-8A145ED31B5F} <C:\WINDOWS\DOWNLO~1\h323epC.ocx, gx>
[&使用BitComet下载]
<res://E:\BitComet_0.84\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
<res://E:\BitComet_0.84\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
<res://E:\BitComet_0.84\BitComet.exe/AddVideo.htm, N/A>
[Microsoft Excel にエクスポート(&X)]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================

sense2002 - 2007-5-1 22:57:00

正在运行的进程
[PID: 680][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 760][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 784][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\system32\Ati2evxx.dll] [, ]
[C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\WINDOWS\system32\QConGina.dll] [IBM Corp., 3, 5, 3, 0]
[PID: 828][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 840][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 996][C:\WINDOWS\System32\ibmpmsvc.exe] [N/A, ]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 1032][C:\WINDOWS\System32\Ati2evxx.exe] [, ]
[C:\WINDOWS\System32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2494]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 1092][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 2784][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.bmp] [N/A, ]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[E:\Acrobat 6.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 1.0.0.2003051500]
[C:\DOCUME~1\pipi\LOCALS~1\Temp\fyzo0.dll] [N/A, ]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[PID: 3120][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe] [IBM Corp., 1, 0, 0, 0]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 832][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll] [N/A, ]
[C:\WINDOWS\System32\Oemdspif.dll] [ATI Technologies, Inc., 6.14.0010]
[C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 2360][C:\WINDOWS\System32\TpShocks.exe] [IBM Corp., 1, 0, 0, 1]
[C:\WINDOWS\System32\Sensor.dll] [IBM Corporation, 1.30.1.0]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 3564][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 3192][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\WINDOWS\System32\SynCOM.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\WINDOWS\System32\SynTPAPI.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 2800][C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE] [IBM Corp., 3, 5, 3, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\QCON.dll] [IBM Corp., 3, 5, 3, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\MerlinC201.dll] [Novatel Wireless Inc., 1, 0, 0, 1]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\TrayRes.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ANCA.dll] [IBM Corp., 8.3]
[C:\Program Files\ThinkPad\ConnectUtilities\ANC.dll] [IBM Corp., 8.3]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]

sense2002 - 2007-5-1 22:57:00

[PID: 2220][C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE] [IBM Corp., 3, 5, 3, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\QCON.dll] [IBM Corp., 3, 5, 3, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\MerlinC201.dll] [Novatel Wireless Inc., 1, 0, 0, 1]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\IconRes.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 3664][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3018]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3668][C:\WINDOWS\VM_STI.EXE] [VM., 4.2.610.4]
[C:\WINDOWS\System32\msdmo.dll] [, ]
[C:\WINDOWS\System32\VM31bPrp.Ax] [VM, 4.2.711.31]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 1524][C:\Program Files\Rising\KakaToolBar\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[C:\Program Files\Rising\KakaToolBar\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 3856][C:\Program Files\Iparmor\Iparmor.exe] [luosoft.com, 5.5.0.0]
[C:\Program Files\Iparmor\getportlistxp.dll] [, 1, 0, 0, 1]
[C:\Program Files\Iparmor\hookhookdll.dll] [N/A, ]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketInit.dll] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\DOCUME~1\pipi\LOCALS~1\Temp\fyzo0.dll] [N/A, ]
[PID: 2912][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 2724][C:\Program Files\MSN Messenger\msnmsgr.exe] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\MSNCore.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[C:\Program Files\MSN Messenger\ContactsUX.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\msgsres.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\WINDOWS\System32\msdmo.dll] [, ]
[C:\Program Files\MSN Messenger\lcres.dll] [Microsoft Corporation, 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\MSN Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\MSN Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\System32\sirenacm.dll] [Microsoft Corp., 8.1.0178.00]
[C:\WINDOWS\System32\VM31bPrp.Ax] [VM, 4.2.711.31]
[PID: 1364][E:\Acrobat 6.0\Distillr\acrotray.exe] [Adobe Systems Inc., 6.0.0.2003051500]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 236][C:\Program Files\IPMsg\ipmsg.exe] [H.Shirouzu, 2.06]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[PID: 2036][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe] [N/A, ]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1936][C:\WINDOWS\System32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\WINDOWS\System32\wuaucpl.cpl] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\WINDOWS\System32\wups.dll] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\WINDOWS\System32\wups2.dll] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\WINDOWS\System32\wucltui.dll] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1876][C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe] [IBM Corporation, 1.06]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

sense2002 - 2007-5-1 23:02:00

[PID: 1640][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.3: 2007030919]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.5]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.3: 2007030919]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.5]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.5]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.3: 2007030919]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.3: 2007030919]
[C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.3: 2007030919]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.62]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.3: 2007030919]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\DOCUME~1\pipi\LOCALS~1\Temp\fyzo0.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] [, ]
[C:\WINDOWS\System32\IMSC40W.IME] [Microsoft Corporation, 6.0.0.2524]
[PID: 2708][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Common Files\Microsoft Shared\Ink\SKCHUI.DLL] [Microsoft Corporation, 1.0.1038.0]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[C:\DOCUME~1\pipi\LOCALS~1\Temp\fyzo0.dll] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\System32\IMSC40W.IME] [Microsoft Corporation, 6.0.0.2524]
[C:\Program Files\Common Files\Microsoft Shared\IME\IMSC40W\MSCAND20.DLL] [Microsoft Corporation, 9.0.5510.0]
[PID: 1748][C:\Program Files\Globallink\Game\share\glWorld.exe] [北京联众电脑技术有限责任公司, 2, 6, 1, 26]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\Program Files\Globallink\Game\share\GLWorld_Res.dll] [北京联众电脑技术有限责任公司, 2, 6, 1, 26]
[C:\WINDOWS\System32\codecvt.dll] [N/A, ]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Globallink\Game\share\GLAvatar.ocx] [, 2, 2, 0, 33]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\DOCUME~1\pipi\LOCALS~1\Temp\fyzo0.dll] [N/A, ]
[c:\program files\globallink\game\share\GLHGStart.dll] [NHN Corp., 1, 0, 1, 0]
[C:\PROGRA~1\GLOBAL~1\Game\share\GLAdCtrl.ocx] [Globallink, 2, 2, 0, 1]
[C:\Program Files\Common Files\Microsoft Shared\Ink\SKCHUI.DLL] [Microsoft Corporation, 1.0.1038.0]
[C:\WINDOWS\System32\GLZip.dll] [GlobalLink, 1, 0, 0, 1]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2996][C:\WINDOWS\System32\GLSetup.exe] [北京联众电脑有限责任公司, 1, 0, 0, 6]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 572][C:\Program Files\Globallink\Game\share\OurFriend\ourfriend.exe] [北京联众电脑技术有限责任公司, 1, 0, 0, 1]
[C:\Program Files\Globallink\Game\share\OurFriend\Voice.dll] [N/A, ]
[C:\Program Files\Globallink\Game\share\OurFriend\GLP2PComm.dll] [N/A, ]
[C:\Program Files\Globallink\Game\share\OurFriend\OFCatchScreen.dll] [, 1, 0, 0, 1]
[C:\Program Files\Globallink\Game\share\OurFriend\GLCompress.dll] [N/A, ]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Globallink\Game\share\OurFriend\ODCtrlRes.dll] [, 1, 0, 0, 1]
[C:\Program Files\Globallink\Game\share\OurFriend\ourfriend_res.dll] [北京联众电脑技术有限责任公司, 1, 0, 0, 1]
[C:\WINDOWS\System32\GLPNG.dll] [globallink(ourgame) , 1, 0, 0, 2]
[C:\WINDOWS\System32\GLCOMPRESS.dll] [globallink, 1, 0, 0, 2]
[C:\Program Files\Globallink\Game\share\roomicon.dll] [Beijing GlobalLink Computer Corp., 2, 5, 0, 6]
[C:\Program Files\Globallink\Game\share\RIconEx.dll] [Beijing GlobalLink Computer Corp., 2, 2, 1, 45]
[C:\Program Files\Globallink\Game\share\people.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 3]
[C:\Program Files\Globallink\Game\share\Image\Room\Table0.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Table1.dll] [Beijing GlobalLink Computer Corp., 2, 1, 2, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Table2.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]

sense2002 - 2007-5-1 23:03:00

[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx0.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx1.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx2.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx3.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx4.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx5.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx6.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx7.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx8.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx9.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx10.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx11.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx12.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx13.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 2]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx14.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx15.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_0.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_1.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_2.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_3.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_4.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_5.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_6.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_7.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_8.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_9.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_10.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_11.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_12.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_13.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_14.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_15.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_0.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_1.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_2.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_3.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_4.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_5.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_6.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_7.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_8.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_9.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_10.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_11.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_12.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_13.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_14.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_15.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_0.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_1.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_2.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_3.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_4.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_5.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_6.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_7.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_8.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_9.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_10.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_11.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_12.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_13.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_14.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_15.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\PROGRA~1\GLOBAL~1\Game\share\GLAvatar.ocx] [, 2, 2, 0, 33]
[C:\PROGRA~1\GLOBAL~1\Game\share\GLChatEx.ocx] [GlobalLink, 2, 5, 1, 30]
[C:\PROGRA~1\GLOBAL~1\Game\share\glchatex.dll] [GlobalLink, 2, 5, 1, 30]
[C:\PROGRA~1\GLOBAL~1\Game\share\odctrls\ourfriend_skn.dll] [, 1, 0, 5, 4]
[C:\WINDOWS\System32\codecvt.dll] [N/A, ]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\System32\GLGIFTGA.dll] [globallink(ourgame) , 1, 0, 0, 2]
[PID: 4084][C:\WINDOWS\System32\glsetupold.exe] [Globallink Game World, 2, 0, 45, 12]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3968][C:\Documents and Settings\pipi\桌面\sreng2\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\Program Files\Iparmor\SocketArmor.dll] [N/A, ]
[C:\WINDOWS\System32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.12 16Jun04]
[C:\Program Files\Rising\KakaToolBar\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\DOCUME~1\pipi\LOCALS~1\Temp\fyzo0.dll] [N/A, ]

==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. [hh.exe %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [notepad.exe %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
API HOOK
入口点错误：CreateProcessW (危险等级: 一般, 被下面模块所HOOK: C:\Program Files\Iparmor\SocketArmor.dll)

==================================
隐藏进程
N/A

==================================

[/CODE]

sense2002 - 2007-5-1 23:05:00

不好意思，终于贴完了，我在国外，网速慢，高人体谅下。。。

火影忍者 - 2007-5-1 23:09:00

日志贴完...

sense2002 - 2007-5-1 23:17:00

我这边都12点多了，明天上班又得困死了。。。
坚持，继续等指点

有问题找我 - 2007-5-1 23:22:00

等一下...

有问题找我 - 2007-5-1 23:24:00

你有没有QQ或邮箱啊

有问题找我 - 2007-5-1 23:24:00

有无邮箱或QQ

sense2002 - 2007-5-1 23:24:00

谢谢谢谢，在等呢

sense2002 - 2007-5-1 23:26:00

邮箱
dynasty3@eyou.com
谢谢

sense2002 - 2007-5-1 23:27:00

QQ;39755891

newcenturymoon - 2007-5-1 23:31:00

安全模式下(开机后不断按F8键然后出来一个高级菜单选择第一项安全模式进入系统)

打开sreng （就是你扫日志的软件）
启动项目注册表删除如下项目 (如果有哪项你认识或者确认不是病毒请不要删除)
<tcg2cg0z2><C:\DOCUME~1\pipi\LOCALS~1\Temp\1explore.exe> []
<i><C:\DOCUME~1\pipi\LOCALS~1\Temp\Servera.exe> [N/A]
<{A6011F8F-A7F8-49AA-9ADA-49127D43138F}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.bmp> []

双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹" 并清除"隐藏受保护的操作系统文件（推荐）"前面的钩。在提示确定更改时，单击“是” 然后确定
然后删除

清空C:\DOCUME~1\pipi\LOCALS~1\Temp
C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.bmp
日志不全

sense2002 - 2007-5-1 23:38:00

知道了，谢谢，我马上弄

sense2002 - 2007-5-2 0:10:00

搞定了，目前开机到现在好像还没有再弹出错误，真是太感谢楼上的了，世界终于安静了。。。
另外问一下，这是个什么病毒？那两个注册表我也觉得不是什么好东西，这个文件C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.bmp是干什么的阿。
先睡觉了，再次感谢。。。

newcenturymoon - 2007-5-2 0:15:00

病毒

火影忍者 - 2007-5-2 0:41:00

把驱动项和服务项都贴上来...

天月来了 - 2007-5-2 8:40:00

他的服务和驱动那里肯定还有木马类病毒。

甚至下载器还有。

他实在不发就算了。

连个日志都发的那差，可见用起电脑来也一塌糊涂了。

sense2002 - 2007-5-2 11:59:00

不好意思，昨天睡觉了，驱动项和服务项？我是把所有的日志都贴上来了啊，等我今天下班回家再看看。。。

另外楼上的，本人就是因为电脑用的差，所以才在这里求助，但是电脑用的差，我想应该用不着你来评论吧

火影忍者 - 2007-5-2 12:02:00

重新再扫个．．．不要昨天的了．．．

sense2002 - 2007-5-2 12:11:00

恩，谢谢楼上的，不过现在还在上班，等晚上回家才能再传。。。

瑞星卡卡安全论坛