瑞星卡卡安全论坛
superyang - 2007-5-6 17:25:00
[CODE]
2007-05-06,16:01:59
System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)]
<Yahoo! Pager><"E:\杨超的~1\娱乐\MESSEN~1\YAHOOM~1.EXE" -quiet> [Yahoo! Inc.]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<ASUS Probe><C:\Program Files\ASUS\ASUS Probe\AsusProb.exe> [ASUSTeK Computer Inc]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<IntelZeroConfig><C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe> [Intel Corporation]
<IntelWireless><C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless> [Intel Corporation]
<EOUApp><C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe> [Intel Corporation]
<Skype><E:\杨超的资料夹\娱乐\skype\Phone\Skype.exe> [N/A]
<OrderReminder><C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe> [Hewlett-Packard]
<Desktop><"C:\WINDOWS\system32\internet.exe"> []
<domino><C:\WINDOWS\domino.exe> []
<VMSnap1><C:\WINDOWS\VMSnap1.exe> [Vimicro]
<StormCodec_Helper><"d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> []
<svpecld><C:\WINDOWS\system32\svpecld.exe> []
<yok.exe><C:\Program Files\yok\yok.exe> [N/A]
<Thunder><"D:\yang\Thunder.exe" /s> [N/A]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<RavTask><"D:\瑞星杀毒软件\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"D:\瑞星杀毒软件\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe asp.exe> [N/A]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><C:\WINDOWS\system32\NTDLL32.dll> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<SysChunk><C:\WINDOWS\system32\syschunk.dll> [N/A]
<ovaj><C:\PROGRA~1\nusi\ovaj.dll> [N/A]
<wbwk><C:\PROGRA~1\nusi\ovaj.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptimg]
<WinlogonNotify: cryptimg><cryptig.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
<WinlogonNotify: IntelWireless><C:\Program Files\Intel\Wireless\Bin\LgNotify.dll> [Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
<WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll> [(Verified)Symantec Corporation]
==================================
superyang - 2007-5-6 17:28:00
启动文件夹
[Windows Update SP4]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Windows Update SP4.lnk --> C:\Program Files\Common Files\xp4update.exe [N/A]><N>
[QQ游戏启动加速程序]
<C:\Documents and Settings\yang\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\杨超的资料夹\QQGame\Accel.exe [N/A]><N>
[腾讯QQ]
<C:\Documents and Settings\yang\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\Tencent\QQ.exe [TENCENT]><N>
==================================
服务
[TP-LINK配置服务程序 / ACS][Stopped/Auto Start]
<C:\WINDOWS\system32\acs.exe><N/A>
[ATK Keyboard Service / ATKKeyboardService][Running/Auto Start]
<C:\WINDOWS\ATKKBService.exe><ASUSTeK COMPUTER INC.>
[System Administrator / AtWork][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\ppjuw.dll><Microsoft Corporation>
[CoolWare / CoolWare][Running/Manual Start]
<2 - 系统找不到指定的文件。
><N/A>
[Cryptographic Services / CryptSvc][Running/]
<2 - 系统找不到指定的文件。
><N/A>
[DCOM Server Process Launcher / DcomLaunch][Running/]
<2 - 系统找不到指定的文件。
><N/A>
[Logical Disk Manager / dmserver][Running/Manual Start]
<2 - 系统找不到指定的文件。
><N/A>
[EvtEng / EvtEng][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Gentad / Gentad][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\struts.dll><N/A>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Imsvc / Imsvc][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Webmail.dll><N/A>
[Internet Connection Manager / Internet Connection Manager][Stopped/Auto Start]
<"C:\WINDOWS\system32\internet.exe"><N/A>
[Navoct / Navoct][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< >
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[OwnershipProtocol / OwnershipProtocol][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe><Intel Corporation>
[RegSrvc / RegSrvc][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[RestoreService / RestoreService][Stopped/Auto Start]
<C:\WINDOWS\system32\Svchost.exe -k RestoreService-->C:\WINDOWS\system32\drivers\restore.dll><N/A>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<d:\瑞星杀毒软件\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<d:\瑞星杀毒软件\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"D:\瑞星杀毒软件\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"D:\瑞星杀毒软件\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Logical Disk Manager Amdindistrative Service9 / S8696669][Stopped/Auto Start]
<c:\windows\system\m9\iexplorer.exe><N/A>
[NT Data Provider / SoSCAR][Stopped/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL2KXP.EXE C:\WINDOWS\SYSTEM32\WBEM\YWWCE.DLL,Export 1087><Microsoft Corporation>
[Windows User Mode Driver Framework / UMWdf][Running/Auto Start]
<C:\WINDOWS\system32\wdfmgr.exe><Microsoft Corporation>
[Vsn wdbu Service / wdbu][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\cjhx\jqoe.dll,Service><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>
==================================
superyang - 2007-5-6 17:28:00
驱动程序
[adpu64 / adpu64][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\adpu64.sys><N/A>
[AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[TP-LINK TL-WN310G/350G 11G Wireless Adapter Service / AR5211][Stopped/Manual Start]
<system32\DRIVERS\11gAdapter.sys><TP-LINK Technologies Co., Ltd.>
[aslm75 / aslm75][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\aslm75.sys><N/A>
[Enhanced Display Driver Helper Service / asuskbnt][Running/System Start]
<system32\drivers\atkkbnt.sys><ASUSTeK COMPUTER INC.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[BisonCam, NB Pro / Cam5603D][Running/Manual Start]
<System32\Drivers\BisonCam.sys><Bison Electronics. Inc.>
[cdjibcag / cdjibcag][Stopped/Boot Start]
<\SystemRoot\system32\drivers\cdjibcag.sys><N/A>
[cmhtmo6 / cmhtmo60][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\cmhtmo60.sys><N/A>
[decdehbg / decdehbg][Stopped/Boot Start]
<\SystemRoot\system32\drivers\decdehbg.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\ExpScan.sys><>
[FBS / FBS][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\FBS.sys><N/A>
[ffpbek / ffpbek][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ffpbek.sys><N/A>
[Microsoft 用于 High Definition Audio 服务的 UAA 功能驱动程序 / HdAudAddService][Stopped/Manual Start]
<system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
<system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Running/Manual Start]
<system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[Intel Wireless Connection Agent Miniport for Win XP / IWCA][Running/Manual Start]
<system32\DRIVERS\iwca.sys><Intel Corporation>
[kmsinput / kmsinput][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
<\??\d:\瑞星杀毒软件\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mspcidrv / mspcidrv][Running/System Start]
<system32\DRIVERS\mspcidrv.sys><N/A>
[ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
<system32\DRIVERS\ATKACPI.sys><>
[ndcia / ndcia][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ndcia.sys><N/A>
[ndrili / ndrili][Running/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\ndrili.sys><N/A>
[SCIC minipor / nlhtms][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nlhtms.sys><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\E:\Tencent\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkcusb / npkcusb][Stopped/Auto Start]
<\??\D:\Program Files\Tencent\QQ\npkcusb.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[qoex / qoexp][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qoexp.sys><N/A>
[R592 / R592][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\R592.sys><REDC>
[risdpntk / risdpntk][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\risdpntk.sys><REDC>
[romman / romman][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\romman.sys><N/A>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\RSPPSYS.sys><Rising>
[WLAN 传输 / s24trans][Running/Auto Start]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Europe Ltd>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
<system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[stdio / stdio][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\stdio.sys><N/A>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TYKeeper / TYKeeper][Stopped/Boot Start]
<\SystemRoot\system32\drivers\TYKeeper.sys><N/A>
[ASUS Video3D Service / Video3D][Running/Manual Start]
<System32\Drivers\Video3D.sys><ASUSTeK COMPUTER INC.>
[voodoo / voodoo][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\voodoo.sys><N/A>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Running/Manual Start]
<system32\DRIVERS\w29n51.sys><Intel? Corporation>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[WINIO / WINIO][Stopped/Manual Start]
<\??\C:\WINDOWS\Downloaded Program Files\winio.sys><N/A>
[ws2ifsd / ws2ifsd][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ws2ifsd.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
<system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
<system32\DRIVERS\wudfrd.sys><Microsoft Corporation>
[NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter / yukonwxp][Running/Manual Start]
<system32\DRIVERS\yukonwxp.sys><Marvell Semiconductor Inc.>
[Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Stopped/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>
==================================
superyang - 2007-5-6 17:30:00
浏览器加载项
[Thunder Browser Helper]
{0005A87B-D626-4B3A-84F9-1D9571695F55} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[wayr]
{0B9172E7-5642-4F52-8BDA-FA6439B4F854} <C:\PROGRA~1\cjhx\gnlb.dll, N/A>
[]
{1eee16ea-6442-4540-8b0d-4e03f37a8dbf} <C:\WINDOWS\system32\4540cfsb.dll, N/A>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[YOK]
{75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} <C:\Program Files\yok\toolbar.dll, N/A>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[]
{bdbe32ba-8d80-4a36-ae2b-1b294ae19f4f} <C:\WINDOWS\system32\4a36ntos.dll, N/A>
[IE Browser Helper]
{D0903A3B-F0EA-434a-9742-98C5335C7946} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[]
{de94e2a4-ed68-478d-8b0d-4e03f37a8dbf} <C:\WINDOWS\system32\478dcfsb.dll, N/A>
[扑克]
{12341234-1234-5678-9012-123456789012} <C:\www.ufocn.com\开心斗地主\开心斗地主.exe, N/A>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Tencent\QQ.EXE, TENCENT>
[访问瑞星网站]
{FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} <http://www.rising.com.cn/?u=RSTB, N/A>
[访问卡卡社区]
{FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} <http://www.ikaka.com/?u=RSTB, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[实用搜索工具条2.0]
{03465FF5-00AE-411a-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, N/A>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[Alexa]
{3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} <C:\WINDOWS\system32\SHDOCVW.DLL, Microsoft Corporation>
[8d80]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4ca4ntos.dll, N/A>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[CCtInf Class]
{6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Thunder Browser Helper]
{0005A87B-D626-4B3A-84F9-1D9571695F55} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[实用搜索工具条2.0]
{03465FF5-00AE-411A-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, N/A>
[ActiveMovieControl Object]
{05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[]
{0603B65D-6D39-4B44-BEF9-8FC3986F6D5A} <C:\WINDOWS\system32\Sktdb.dll, N/A>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[]
{068C1101-5828-4A45-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4a45cfsb.dll, N/A>
[wayr]
{0B9172E7-5642-4F52-8BDA-FA6439B4F854} <C:\PROGRA~1\cjhx\gnlb.dll, N/A>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[]
{119AD493-F427-4192-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4192cfsb.dll, N/A>
[CEnroll Class]
{127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[]
{128B99E2-0B8B-4DA2-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4da2ntos.dll, N/A>
[]
{1458BF0D-E55B-4CA4-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4ca4ntos.dll, N/A>
[]
{1A30E6BB-91FD-4A52-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4a52ntos.dll, N/A>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[]
{1EEE16EA-6442-4540-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4540cfsb.dll, N/A>
[]
{1FAB568D-D9F7-4A3B-95CD-797918471636} <C:\WINDOWS\system32\Sicgcy.dll, N/A>
[]
{222917AF-B582-40F7-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\40f7cfsb.dll, N/A>
[]
{22697B96-A338-4C7B-9C16-5C073D3CE5EE} <C:\WINDOWS\system32\Bfrhev.dll, N/A>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[]
{25DC97F2-58AE-4EB4-955E-C91D24CCB90F} <C:\WINDOWS\system32\Hlfk.dll, N/A>
[Menu Class]
{27D784D7-9217-4227-B43B-E06E4781E0CB} <C:\WINDOWS\system32\AlxTB1.dll, Alexa Internet>
[]
{286BA72B-46C0-4EB1-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4eb1cfsb.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[]
{30BAD658-6F09-4EED-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4eedntos.dll, N/A>
[]
{310BE68D-E57A-44F8-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\44f8ntos.dll, N/A>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[MsHelp Class]
{33C3992F-1963-49BE-88D7-974C8EE564B5} <C:\WINDOWS\system32\MsHelper.dll, Microsofts>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[Alexa]
{3CEFF6CD-6F08-4E4D-BCCD-FF7415288C3B} <C:\WINDOWS\system32\SHDOCVW.DLL, Microsoft Corporation>
[BitComet工具栏]
{3F1ABCDB-A875-46C1-8345-B72A4567E486} <E:\杨超的资料夹\娱乐\BitComet\BitCometBar\BitCometBar0.6.dll, >
[]
{4184FF83-C3E8-4622-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4622ntos.dll, N/A>
[]
{4753309C-F0F7-4AC8-95A8-5E0FEC9D48FF} <C:\WINDOWS\system32\Bhurfu.dll, N/A>
[]
{48573B77-B0E6-4CAA-AB2A-407CCB8CED47} <C:\WINDOWS\system32\Itcvre.dll, N/A>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[]
{48ACFC76-6432-4155-8B23-76F4168952D6} <C:\WINDOWS\system32\Nidgs.dll, N/A>
[]
{4CCAF72A-132B-4848-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4848cfsb.dll, N/A>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[]
{5B449989-F4B0-47D5-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\47d5cfsb.dll, N/A>
[]
{610646D6-F5C3-43CB-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\43cbntos.dll, N/A>
[]
{636DF580-E9B1-4A42-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4a42cfsb.dll, N/A>
[]
{654CA7D6-783E-4F7A-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4f7antos.dll, N/A>
[YOKHttpFilter Class]
{686D3343-D00D-49A1-96DF-66F3AF62F348} <C:\Program Files\yok\adblock.dll, N/A>
[BrowserProxy4 Class]
{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3} <C:\WINDOWS\system32\AlxTB1.dll, Alexa Internet>
[NewsWatch Class]
{6BD97C5B-7A34-4AE9-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4fd6cfsb.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CCtInf Class]
{6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[WangWangObj Class]
{6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <E:\杨超的资料夹\娱乐\淘宝旺旺\淘宝旺旺\WangWangX4.dll, 阿里软件(中国)有限公司>
superyang - 2007-5-6 17:30:00
[YOKAdBlock Class]
{718F4AD3-70D4-425E-9159-5598DFC732ED} <C:\Program Files\yok\adblock.dll, N/A>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[]
{74407D2F-FF35-41A8-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\41a8ntos.dll, N/A>
[YOK]
{75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} <C:\Program Files\yok\toolbar.dll, N/A>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[]
{7C332FAE-A8EF-4094-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4094ntos.dll, N/A>
[YOKAutoLive]
{7D0E8987-BA21-483a-B1AC-149DA2F39A5A} <C:\Program Files\yok\autolive.dll, N/A>
[ContextSearch Class]
{88351CEF-BAC0-4A9B-8380-31A173E2926F} <C:\Program Files\yok\toolbar.dll, N/A>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_09]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <, N/A>
[]
{8D3774E6-B246-44C7-9773-9FCF7FF5F12D} <C:\WINDOWS\system32\Mpfqo.dll, N/A>
[]
{918A890A-49C5-4341-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4341ntos.dll, N/A>
[]
{969D0316-7AC4-4114-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4114ntos.dll, N/A>
[]
{99919464-3CA7-4119-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4119ntos.dll, N/A>
[相关搜索]
{A29F7F71-DCDB-412D-B19A-2002DC966E33} <C:\Program Files\yok\relband.dll, N/A>
[]
{A921EE79-DC70-4CBF-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4cbfcfsb.dll, N/A>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <E:\杨超的资料夹\娱乐\KuGoo3\KuGoo\KuGoo3\KuGoo3DownXControl.ocx, N/A>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[]
{B43D76B3-71C2-4FD6-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4fd6cfsb.dll, N/A>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[]
{B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[]
{BB7CA3F3-AF44-40D0-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\40d0cfsb.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[]
{BDBE32BA-8D80-4A36-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4a36ntos.dll, N/A>
[]
{C044DFCD-0427-42DE-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\42decfsb.dll, N/A>
[]
{C1717F84-75C1-4D48-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4d48ntos.dll, N/A>
[]
{C1ACF108-6949-4B76-94EF-0F3F24F10C49} <C:\WINDOWS\system32\Vqmi.dll, N/A>
[]
{C3A22510-A1AE-4929-87F9-321F11F0EC5B} <C:\WINDOWS\system32\Fqekl.dll, N/A>
[]
{C6C48126-8838-4D5B-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4d5bcfsb.dll, N/A>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[IE Browser Helper]
{D0903A3B-F0EA-434A-9742-98C5335C7946} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[]
{D487E4D8-0D39-4EFE-A88D-9C438406381A} <C:\WINDOWS\system32\Cnlwi.dll, N/A>
[GetInfo Class]
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} <C:\Program Files\Yahoo!\Common\YVerInfo.dll, Yahoo! Inc.>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <E:\杨超的资料夹\娱乐\Messenger\YPagerChecker.dll, TODO: <Company name>>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[]
{DE94E2A4-ED68-478D-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\478dcfsb.dll, N/A>
[8d80]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4ca4ntos.dll, N/A>
[]
{E0360531-71D0-4795-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4795cfsb.dll, N/A>
[Messenger Class]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <, N/A>
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[VqqSpeedDlProxy Class]
{F138084D-84D7-48CD-BEA8-04772457516E} <E:\Tencent\vqqsdl.dll, Tencent Technology (Shenzhen) Company Limited>
[]
{F869BB38-FFEF-4589-B986-610B7AD0ADA2} <C:\Program Files\yok\toolbar.dll, N/A>
[]
{FD0C39F2-3012-4A6B-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4a6bcfsb.dll, N/A>
[Alexa Web Search]
<http://client.alexa.com/holiday/script/actions/search.htm, N/A>
[Get Alexa Data]
superyang - 2007-5-6 17:31:00
<http://client.alexa.com/holiday/script/actions/sitedata.htm, N/A>
[Mail to a Friend...]
<http://client.alexa.com/holiday/script/actions/mailto.htm, N/A>
[See Related Links]
<http://client.alexa.com/holiday/script/actions/related.htm, N/A>
[Write a Review...]
<http://client.alexa.com/holiday/script/actions/review.htm, N/A>
[上传到QQ网络硬盘]
<E:\Tencent\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
<E:\Tencent\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\Tencent\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\Tencent\SendMMS.htm, N/A>
==================================
正在运行的进程
[PID: 1000][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1104][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1128][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Intel\Wireless\Bin\LgNotify.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\NavLogon.dll] [Symantec Corporation, 9.0.1.1000]
[PID: 1172][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 1184][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1908][C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll] [Intel Corporation, 9, 0, 3, 0]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, ]
[C:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9841.0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2288][C:\WINDOWS\Explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
[C:\WINDOWS\system32\xunleibho_v14.dll] [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\baidu\bar\baidubar.dll] [Baidu.com, Inc., 2, 0, 2, 136]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[C:\WINDOWS\system32\nlhtms.dll] [Microsoft Corporation, 5.01.2900.2180]
[C:\WINDOWS\system32\cpasevcl.dll] [, 1, 0, 0, 4]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.7370]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.7370]
[C:\WINDOWS\system32\nvshell.dll] [NVIDIA Corporation, 6.14.10.10049]
[c:\windows\system32\ppjuw.dll] [Microsoft Corporation, 5.1.2600.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[PID: 2304][C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe] [Intel, 9, 0, 3, 0]
[C:\PROGRA~1\Intel\Wireless\Bin\IntelAE5.dll] [Meetinghouse Data Communications, 3, 0, 30, 0]
[C:\PROGRA~1\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\PROGRA~1\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 3, 0]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2320][d:\瑞星杀毒软件\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[d:\瑞星杀毒软件\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[d:\瑞星杀毒软件\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[d:\瑞星杀毒软件\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[d:\瑞星杀毒软件\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[d:\瑞星杀毒软件\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[d:\瑞星杀毒软件\rising\rfw\PSAPI.DLL] [Microsoft Corporation, 4.00]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[PID: 2496][C:\Program Files\CNNIC\Cdn\cdnup.exe] [, 2, 4, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3756][C:\Program Files\ASUS\ASUS Probe\AsusProb.exe] [ASUSTeK Computer Inc, 1043.3.15.1]
[C:\WINDOWS\system32\VCL35.bpl] [Borland International, 3.0.3.70]
[C:\WINDOWS\system32\cp3240mt.dll] [Borland International, 4.0]
[C:\WINDOWS\system32\borlndmm.dll] [Borland Software Corporation, 6.0.10.155]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\ASUS\ASUS Probe\CODISK.DLL] [ASUSTeK Computer Inc, 1043.3.15.11]
[C:\Program Files\ASUS\ASUS Probe\DiskIco.dll] [N/A, ]
[C:\Program Files\ASUS\ASUS Probe\COLM7578.DLL] [ASUSTeK Computer Inc., 1043.3.15.1]
[C:\WINDOWS\system32\bcbsmp35.bpl] [, 1.0.0.0]
[C:\WINDOWS\system32\vclx35.bpl] [Borland International, 3.0.3.70]
[C:\Program Files\ASUS\ASUS Probe\Asusdmi.dll] [ASUSTeK Computer Inc., 1043.3.15.4]
[C:\Program Files\ASUS\ASUS Probe\COLMIco.dll] [N/A, ]
[C:\Program Files\ASUS\ASUS Probe\CODMI.DLL] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3784][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3208]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
superyang - 2007-5-6 17:31:00
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3856][C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\FrWrkCHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\IntWACHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, ]
[C:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9841.0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 4000][C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\EOUAPCfg.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\ownprot.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\EOUWzCHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 984][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2400][C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe] [Hewlett-Packard, 2, 0, 1, 26]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[PID: 2824][C:\WINDOWS\domino.exe] [, 3, 6, 703, 6]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[PID: 2844][C:\WINDOWS\VMSnap1.exe] [Vimicro, 4, 2, 1124, 6]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system\BisonCam.dll] [, 1, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3408][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 4]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[PID: 3628][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2612][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] [Google Inc., 1, 2, 1128, 5462]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_zh-CN.dll] [Google Inc., 1, 2, 1128, 5462]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll] [Google Inc., 1, 2, 1128, 5462]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3992][D:\瑞星杀毒软件\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[D:\瑞星杀毒软件\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2024][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3424]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 5716][c:\PROGRA~1\iesnap\navplay.exe] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 8176][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[PID: 6620][C:\WINDOWS\notepad.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 6800][C:\Program Files\Maxthon2\Maxthon.exe] [Maxthon International ltd., 2, 0, 1, 3018]
[C:\Program Files\Maxthon2\mxpp.dll] [Maxthon, 1, 0, 0, 5]
[C:\Program Files\Maxthon2\MxSk.dll] [Maxthon, 1, 0, 0, 82]
[C:\Program Files\Maxthon2\MxProxy.dll] [, 1, 0, 0, 1815]
[C:\Program Files\Maxthon2\maxzlib.dll] [, 1.2.3]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Maxthon2\MxFav.dll] [Maxthon, 1, 0, 0, 1]
[C:\Program Files\Maxthon2\mxtool.dll] [, 1, 0, 0, 1]
[C:\Program Files\Maxthon2\mxfeedU.dll] [, 1, 0, 45, 45]
[C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[D:\瑞星杀毒软件\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[c:\PROGRA~1\iesnap\navpref.dll] [, 1, 0, 1, 2]
[c:\PROGRA~1\iesnap\navseg.dll] [, 1, 0, 1, 1]
[c:\PROGRA~1\iesnap\navneg.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 5.00.2000.3]
[PID: 8412][C:\DOCUME~1\yang\LOCALS~1\Temp\Rar$EX83.890\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
API HOOK
N/A
==================================
隐藏进程
[712] C:\WINDOWS\system32\FBS.exe
==================================
[/CODE]
superyang - 2007-5-6 17:33:00
麻烦高手帮我看看.谢谢了!
六个木马病毒是:
Trojan.Clicker.Agent.arn
Trojan.DL.Inject.tp
Trojan.MNless.jra
Trojan.DL.MNless.rm
Trojan.Agent.ams
Rootkit.Agent.sd
逍遥浪子45 - 2007-5-6 17:37:00
都是代理木马....很抱歉啊,这个SRENG的日志太多了,我比较喜欢看绑架客星的日志..需要可来我博客下载我的反病毒工具包!~
http://hi.baidu.com/%E5%D0%D2%A3%CE%CA/blog/item/dea2abef4f25ff17fdfa3cc0.html
superyang - 2007-5-7 11:24:00
麻烦各位高手们帮我看看我的病毒需要怎么删除.谢谢各位了
湘m浪子 - 2007-5-7 11:42:00
太多问题了,帮你顶下,叫高手帮你看吧
superyang - 2007-5-8 9:16:00
麻烦高手帮帮看看啊....
饭后点心 - 2007-5-8 9:42:00
先清理下恶意软件.你系统里面恶意软件太多了.用兔子或者卡卡或者恶意软件清理什么的先弄下
<svpecld><C:\WINDOWS\system32\svpecld.exe> []似乎是互联星空的东西.推荐用XP自带的拨号上网.
清理完后再帖份日志上来吧
superyang - 2007-5-9 9:37:00
谢谢"饭后点心"的帮忙。我按照你说的方法用卡看把恶意软件清理了一下,但是好象还是显示有四个删除不了.
新的日志如下: 麻烦帮我看看.
[CODE]
2007-05-09,09:19:57
System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)]
<Yahoo! Pager><"E:\杨超的~1\娱乐\MESSEN~1\YAHOOM~1.EXE" -quiet> [Yahoo! Inc.]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<ASUS Probe><C:\Program Files\ASUS\ASUS Probe\AsusProb.exe> [ASUSTeK Computer Inc]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<IntelZeroConfig><C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe> [Intel Corporation]
<IntelWireless><C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless> [Intel Corporation]
<EOUApp><C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe> [Intel Corporation]
<Skype><E:\杨超的资料夹\娱乐\skype\Phone\Skype.exe> [N/A]
<OrderReminder><C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe> [Hewlett-Packard]
<Desktop><"C:\WINDOWS\system32\internet.exe"> []
<domino><C:\WINDOWS\domino.exe> []
<VMSnap1><C:\WINDOWS\VMSnap1.exe> [Vimicro]
<StormCodec_Helper><"d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> []
<svpecld><C:\WINDOWS\system32\svpecld.exe> []
<Thunder><"D:\yang\Thunder.exe" /s> [N/A]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<RavTask><"D:\瑞星杀毒软件\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"D:\瑞星杀毒软件\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<WebThunder><E:\Tencent\WebThunder.exe> [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe asp.exe> [N/A]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><C:\WINDOWS\system32\NTDLL32.dll> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<SysChunk><C:\WINDOWS\system32\syschunk.dll> [N/A]
<ovaj><C:\PROGRA~1\nusi\ovaj.dll> [N/A]
<wbwk><C:\PROGRA~1\nusi\ovaj.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptimg]
<WinlogonNotify: cryptimg><cryptig.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
<WinlogonNotify: IntelWireless><C:\Program Files\Intel\Wireless\Bin\LgNotify.dll> [Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
<WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll> [(Verified)Symantec Corporation]
==================================
superyang - 2007-5-9 9:38:00
启动文件夹
[Windows Update SP4]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Windows Update SP4.lnk --> C:\Program Files\Common Files\xp4update.exe [N/A]><N>
[QQ游戏启动加速程序]
<C:\Documents and Settings\yang\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\杨超的资料夹\QQGame\Accel.exe [N/A]><N>
[腾讯QQ]
<C:\Documents and Settings\yang\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\Tencent\QQ.exe [TENCENT]><N>
==================================
服务
[TP-LINK配置服务程序 / ACS][Stopped/Auto Start]
<C:\WINDOWS\system32\acs.exe><N/A>
[ATK Keyboard Service / ATKKeyboardService][Running/Auto Start]
<C:\WINDOWS\ATKKBService.exe><ASUSTeK COMPUTER INC.>
[System Administrator / AtWork][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\ppjuw.dll><Microsoft Corporation>
[EvtEng / EvtEng][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Gentad / Gentad][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\struts.dll><N/A>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Imsvc / Imsvc][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Webmail.dll><N/A>
[Internet Connection Manager / Internet Connection Manager][Stopped/Auto Start]
<"C:\WINDOWS\system32\internet.exe"><N/A>
[Navoct / Navoct][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< >
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[OwnershipProtocol / OwnershipProtocol][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe><Intel Corporation>
[Windows qxvl RunThem / qxvl][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\lsqg\vcaq.dll>< >
[RegSrvc / RegSrvc][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[RestoreService / RestoreService][Stopped/Auto Start]
<C:\WINDOWS\system32\Svchost.exe -k RestoreService-->C:\WINDOWS\system32\drivers\restore.dll><N/A>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<d:\瑞星杀毒软件\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<d:\瑞星杀毒软件\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"D:\瑞星杀毒软件\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"D:\瑞星杀毒软件\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Logical Disk Manager Amdindistrative Service9 / S8696669][Stopped/Auto Start]
<c:\windows\system\m9\iexplorer.exe><N/A>
[NT Data Provider / SoSCAR][Stopped/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL2KXP.EXE C:\WINDOWS\SYSTEM32\WBEM\YWWCE.DLL,Export 1087><Microsoft Corporation>
[Windows User Mode Driver Framework / UMWdf][Running/Auto Start]
<C:\WINDOWS\system32\wdfmgr.exe><Microsoft Corporation>
[Vsn wdbu Service / wdbu][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\cjhx\jqoe.dll,Service><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>
[ijimot / ijimot][Running/Auto Start]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\vjimut\vjimut.dll,Service -s><Microsoft Corporation>
==================================
驱动程序
[adpu64 / adpu64][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\adpu64.sys><N/A>
[AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[TP-LINK TL-WN310G/350G 11G Wireless Adapter Service / AR5211][Stopped/Manual Start]
<system32\DRIVERS\11gAdapter.sys><TP-LINK Technologies Co., Ltd.>
[aslm75 / aslm75][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\aslm75.sys><N/A>
[Enhanced Display Driver Helper Service / asuskbnt][Running/System Start]
<system32\drivers\atkkbnt.sys><ASUSTeK COMPUTER INC.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[BisonCam, NB Pro / Cam5603D][Running/Manual Start]
<System32\Drivers\BisonCam.sys><Bison Electronics. Inc.>
[cdjibcag / cdjibcag][Stopped/Boot Start]
<\SystemRoot\system32\drivers\cdjibcag.sys><N/A>
[cdnprot / cdnprot][Running/]
<2 - 系统找不到指定的文件。
><N/A>
[cmhtmo6 / cmhtmo60][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\cmhtmo60.sys><N/A>
[decdehbg / decdehbg][Stopped/Boot Start]
<\SystemRoot\system32\drivers\decdehbg.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\ExpScan.sys><>
[FBS / FBS][Running/Manual Start]
superyang - 2007-5-9 9:39:00
<\??\C:\WINDOWS\system32\drivers\FBS.sys><N/A>
[ffpbek / ffpbek][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ffpbek.sys><N/A>
[Microsoft 用于 High Definition Audio 服务的 UAA 功能驱动程序 / HdAudAddService][Stopped/Manual Start]
<system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
<system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Running/Manual Start]
<system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[Intel Wireless Connection Agent Miniport for Win XP / IWCA][Running/Manual Start]
<system32\DRIVERS\iwca.sys><Intel Corporation>
[kmsinput / kmsinput][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
<\??\d:\瑞星杀毒软件\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mspcidrv / mspcidrv][Running/System Start]
<system32\DRIVERS\mspcidrv.sys><N/A>
[ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
<system32\DRIVERS\ATKACPI.sys><>
[ndcia / ndcia][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ndcia.sys><N/A>
[ndrili / ndrili][Running/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\ndrili.sys><N/A>
[SCIC minipor / nlhtms][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nlhtms.sys><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\E:\Tencent\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkcusb / npkcusb][Stopped/Auto Start]
<\??\D:\Program Files\Tencent\QQ\npkcusb.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[qoex / qoexp][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qoexp.sys><N/A>
[R592 / R592][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\R592.sys><REDC>
[risdpntk / risdpntk][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\risdpntk.sys><REDC>
[romman / romman][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\romman.sys><N/A>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\D:\瑞星杀毒软件\Rising\Rav\RSPPSYS.sys><Rising>
[WLAN 传输 / s24trans][Running/Auto Start]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Europe Ltd>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
<system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[stdio / stdio][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\stdio.sys><N/A>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[ASUS Video3D Service / Video3D][Running/Manual Start]
<System32\Drivers\Video3D.sys><ASUSTeK COMPUTER INC.>
[voodoo / voodoo][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\voodoo.sys><N/A>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Running/Manual Start]
<system32\DRIVERS\w29n51.sys><Intel? Corporation>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[WINIO / WINIO][Stopped/Manual Start]
<\??\C:\WINDOWS\Downloaded Program Files\winio.sys><N/A>
[ws2ifsd / ws2ifsd][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ws2ifsd.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
<system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
<system32\DRIVERS\wudfrd.sys><Microsoft Corporation>
[NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter / yukonwxp][Running/Manual Start]
<system32\DRIVERS\yukonwxp.sys><Marvell Semiconductor Inc.>
[Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Stopped/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>
==================================
浏览器加载项
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\Tencent\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{0005A87B-D626-4B3A-84F9-1D9571695F55} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[wayr]
superyang - 2007-5-9 9:40:00
{0B9172E7-5642-4F52-8BDA-FA6439B4F854} <C:\PROGRA~1\cjhx\gnlb.dll, N/A>
[]
{1eee16ea-6442-4540-8b0d-4e03f37a8dbf} <C:\WINDOWS\system32\4540cfsb.dll, N/A>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[]
{bdbe32ba-8d80-4a36-ae2b-1b294ae19f4f} <C:\WINDOWS\system32\4a36ntos.dll, N/A>
[IE Browser Helper]
{D0903A3B-F0EA-434a-9742-98C5335C7946} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[]
{de94e2a4-ed68-478d-8b0d-4e03f37a8dbf} <C:\WINDOWS\system32\478dcfsb.dll, N/A>
[扑克]
{12341234-1234-5678-9012-123456789012} <C:\www.ufocn.com\开心斗地主\开心斗地主.exe, N/A>
[启动Web迅雷]
{962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Tencent\QQ.EXE, TENCENT>
[访问瑞星网站]
{FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} <http://www.rising.com.cn/?u=RSTB, N/A>
[访问卡卡社区]
{FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} <http://www.ikaka.com/?u=RSTB, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[实用搜索工具条2.0]
{03465FF5-00AE-411a-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, N/A>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[Alexa]
{3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} <C:\WINDOWS\system32\SHDOCVW.DLL, Microsoft Corporation>
[8d80]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4ca4ntos.dll, N/A>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[CCtInf Class]
{6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\Tencent\WebThunderBHO_016.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{0005A87B-D626-4B3A-84F9-1D9571695F55} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[实用搜索工具条2.0]
{03465FF5-00AE-411A-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, N/A>
[WebThunder Class]
{03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[ActiveMovieControl Object]
{05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[]
{0603B65D-6D39-4B44-BEF9-8FC3986F6D5A} <C:\WINDOWS\system32\Sktdb.dll, N/A>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[]
{068C1101-5828-4A45-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4a45cfsb.dll, N/A>
[wayr]
{0B9172E7-5642-4F52-8BDA-FA6439B4F854} <C:\PROGRA~1\cjhx\gnlb.dll, N/A>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[]
{119AD493-F427-4192-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4192cfsb.dll, N/A>
[CEnroll Class]
{127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[]
{128B99E2-0B8B-4DA2-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4da2ntos.dll, N/A>
[]
{1458BF0D-E55B-4CA4-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4ca4ntos.dll, N/A>
[]
{1A30E6BB-91FD-4A52-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4a52ntos.dll, N/A>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[]
{1EEE16EA-6442-4540-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4540cfsb.dll, N/A>
[]
{1FAB568D-D9F7-4A3B-95CD-797918471636} <C:\WINDOWS\system32\Sicgcy.dll, N/A>
[]
{222917AF-B582-40F7-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\40f7cfsb.dll, N/A>
[]
{22697B96-A338-4C7B-9C16-5C073D3CE5EE} <C:\WINDOWS\system32\Bfrhev.dll, N/A>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[]
{25DC97F2-58AE-4EB4-955E-C91D24CCB90F} <C:\WINDOWS\system32\Hlfk.dll, N/A>
[Menu Class]
{27D784D7-9217-4227-B43B-E06E4781E0CB} <C:\WINDOWS\system32\AlxTB1.dll, Alexa Internet>
[]
{286BA72B-46C0-4EB1-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4eb1cfsb.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[]
{30BAD658-6F09-4EED-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4eedntos.dll, N/A>
[]
{310BE68D-E57A-44F8-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\44f8ntos.dll, N/A>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[MsHelp Class]
{33C3992F-1963-49BE-88D7-974C8EE564B5} <C:\WINDOWS\system32\MsHelper.dll, Microsofts>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[Alexa]
{3CEFF6CD-6F08-4E4D-BCCD-FF7415288C3B} <C:\WINDOWS\system32\SHDOCVW.DLL, Microsoft Corporation>
[BitComet工具栏]
{3F1ABCDB-A875-46C1-8345-B72A4567E486} <E:\杨超的资料夹\娱乐\BitComet\BitCometBar\BitCometBar0.6.dll, >
[]
{4184FF83-C3E8-4622-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4622ntos.dll, N/A>
[]
{4753309C-F0F7-4AC8-95A8-5E0FEC9D48FF} <C:\WINDOWS\system32\Bhurfu.dll, N/A>
[]
{48573B77-B0E6-4CAA-AB2A-407CCB8CED47} <C:\WINDOWS\system32\Itcvre.dll, N/A>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[]
{48ACFC76-6432-4155-8B23-76F4168952D6} <C:\WINDOWS\system32\Nidgs.dll, N/A>
[]
{4CCAF72A-132B-4848-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4848cfsb.dll, N/A>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[]
{5B449989-F4B0-47D5-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\47d5cfsb.dll, N/A>
[]
{610646D6-F5C3-43CB-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\43cbntos.dll, N/A>
[]
{636DF580-E9B1-4A42-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4a42cfsb.dll, N/A>
[]
superyang - 2007-5-9 9:40:00
{654CA7D6-783E-4F7A-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4f7antos.dll, N/A>
[YOKHttpFilter Class]
{686D3343-D00D-49A1-96DF-66F3AF62F348} <C:\Program Files\yok\adblock.dll, N/A>
[BrowserProxy4 Class]
{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3} <C:\WINDOWS\system32\AlxTB1.dll, Alexa Internet>
[NewsWatch Class]
{6BD97C5B-7A34-4AE9-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4fd6cfsb.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CCtInf Class]
{6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[WangWangObj Class]
{6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <E:\杨超的资料夹\娱乐\淘宝旺旺\淘宝旺旺\WangWangX4.dll, 阿里软件(中国)有限公司>
[YOKAdBlock Class]
{718F4AD3-70D4-425E-9159-5598DFC732ED} <C:\Program Files\yok\adblock.dll, N/A>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[]
{74407D2F-FF35-41A8-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\41a8ntos.dll, N/A>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[]
{7C332FAE-A8EF-4094-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4094ntos.dll, N/A>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_09]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <, N/A>
[]
{8D3774E6-B246-44C7-9773-9FCF7FF5F12D} <C:\WINDOWS\system32\Mpfqo.dll, N/A>
[]
{918A890A-49C5-4341-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4341ntos.dll, N/A>
[]
{969D0316-7AC4-4114-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4114ntos.dll, N/A>
[]
{99919464-3CA7-4119-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4119ntos.dll, N/A>
[]
{A921EE79-DC70-4CBF-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4cbfcfsb.dll, N/A>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <E:\杨超的资料夹\娱乐\KuGoo3\KuGoo\KuGoo3\KuGoo3DownXControl.ocx, N/A>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[]
{B43D76B3-71C2-4FD6-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4fd6cfsb.dll, N/A>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[]
{B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[]
{BB7CA3F3-AF44-40D0-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\40d0cfsb.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[]
{BDBE32BA-8D80-4A36-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4a36ntos.dll, N/A>
[]
{C044DFCD-0427-42DE-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\42decfsb.dll, N/A>
[]
{C1717F84-75C1-4D48-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4d48ntos.dll, N/A>
[]
{C1ACF108-6949-4B76-94EF-0F3F24F10C49} <C:\WINDOWS\system32\Vqmi.dll, N/A>
[]
{C3A22510-A1AE-4929-87F9-321F11F0EC5B} <C:\WINDOWS\system32\Fqekl.dll, N/A>
[]
{C6C48126-8838-4D5B-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4d5bcfsb.dll, N/A>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[IE Browser Helper]
{D0903A3B-F0EA-434A-9742-98C5335C7946} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[]
{D487E4D8-0D39-4EFE-A88D-9C438406381A} <C:\WINDOWS\system32\Cnlwi.dll, N/A>
[GetInfo Class]
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} <C:\Program Files\Yahoo!\Common\YVerInfo.dll, Yahoo! Inc.>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <E:\杨超的资料夹\娱乐\Messenger\YPagerChecker.dll, TODO: <Company name>>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[]
{DE94E2A4-ED68-478D-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\478dcfsb.dll, N/A>
[8d80]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4ca4ntos.dll, N/A>
[]
{E0360531-71D0-4795-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4795cfsb.dll, N/A>
[Messenger Class]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <, N/A>
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[VqqSpeedDlProxy Class]
{F138084D-84D7-48CD-BEA8-04772457516E} <E:\Tencent\vqqsdl.dll, Tencent Technology (Shenzhen) Company Limited>
[]
{FD0C39F2-3012-4A6B-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4a6bcfsb.dll, N/A>
[Alexa Web Search]
<http://client.alexa.com/holiday/script/actions/search.htm, N/A>
[Get Alexa Data]
<http://client.alexa.com/holiday/script/actions/sitedata.htm, N/A>
[Mail to a Friend...]
<http://client.alexa.com/holiday/script/actions/mailto.htm, N/A>
[See Related Links]
<http://client.alexa.com/holiday/script/actions/related.htm, N/A>
[Write a Review...]
<http://client.alexa.com/holiday/script/actions/review.htm, N/A>
[上传到QQ网络硬盘]
<E:\Tencent\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
<E:\Tencent\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
<E:\Tencent\GetAllUrl.htm, N/A>
[添加到QQ自定义面板]
<E:\Tencent\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\Tencent\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\Tencent\SendMMS.htm, N/A>
==================================
正在运行的进程
[PID: 992][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1104][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1164][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Intel\Wireless\Bin\LgNotify.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\WINDOWS\system32\NavLogon.dll] [Symantec Corporation, 9.0.1.1000]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1736][C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 3, 0]
superyang - 2007-5-9 9:41:00
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll] [Intel Corporation, 9, 0, 3, 0]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9841.0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[PID: 616][C:\WINDOWS\Explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\WINDOWS\system32\nlhtms.dll] [Microsoft Corporation, 5.01.2900.2180]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\cpasevcl.dll] [, 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[C:\WINDOWS\system32\xunleibho_v14.dll] [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
[C:\PROGRA~1\baidu\bar\baidubar.dll] [Baidu.com, Inc., 2, 0, 2, 136]
[E:\Tencent\WebThunderBHO_016.dll] [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[PID: 784][C:\Program Files\CNNIC\Cdn\cdnup.exe] [, 2, 4, 0, 6]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[PID: 1140][d:\瑞星杀毒软件\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[d:\瑞星杀毒软件\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[d:\瑞星杀毒软件\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[d:\瑞星杀毒软件\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[d:\瑞星杀毒软件\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[d:\瑞星杀毒软件\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[d:\瑞星杀毒软件\rising\rfw\PSAPI.DLL] [Microsoft Corporation, 4.00]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[PID: 3324][C:\Program Files\ASUS\ASUS Probe\AsusProb.exe] [ASUSTeK Computer Inc, 1043.3.15.1]
[C:\WINDOWS\system32\VCL35.bpl] [Borland International, 3.0.3.70]
[C:\WINDOWS\system32\cp3240mt.dll] [Borland International, 4.0]
[C:\WINDOWS\system32\borlndmm.dll] [Borland Software Corporation, 6.0.10.155]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\ASUS\ASUS Probe\CODISK.DLL] [ASUSTeK Computer Inc, 1043.3.15.11]
[C:\Program Files\ASUS\ASUS Probe\DiskIco.dll] [N/A, ]
[C:\Program Files\ASUS\ASUS Probe\COLM7578.DLL] [ASUSTeK Computer Inc., 1043.3.15.1]
[C:\WINDOWS\system32\bcbsmp35.bpl] [, 1.0.0.0]
[C:\WINDOWS\system32\vclx35.bpl] [Borland International, 3.0.3.70]
[C:\Program Files\ASUS\ASUS Probe\Asusdmi.dll] [ASUSTeK Computer Inc., 1043.3.15.4]
[C:\Program Files\ASUS\ASUS Probe\COLMIco.dll] [N/A, ]
[C:\Program Files\ASUS\ASUS Probe\CODMI.DLL] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[PID: 3400][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3208]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[PID: 3456][C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\FrWrkCHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\IntWACHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9841.0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[PID: 3468][C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\EOUAPCfg.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\ownprot.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\EOUWzCHS.dll] [Intel Corporation, 9, 0, 3, 0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
superyang - 2007-5-9 9:42:00
[PID: 3740][C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe] [Hewlett-Packard, 2, 0, 1, 26]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[PID: 1396][C:\WINDOWS\domino.exe] [, 3, 6, 703, 6]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[PID: 2356][C:\WINDOWS\VMSnap1.exe] [Vimicro, 4, 2, 1124, 6]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system\BisonCam.dll] [, 1, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2508][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 4]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[PID: 3276][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[PID: 3844][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] [Google Inc., 1, 2, 1128, 5462]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll] [Google Inc., 1, 2, 1128, 5462]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[PID: 3528][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 2844][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2988][c:\PROGRA~1\iesnap\navplay.exe] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3808][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3600][C:\DOCUME~1\yang\LOCALS~1\Temp\Rar$EX00.796\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\WINDOWS\system32\acgubv.dll] [Microsoft Corporation, 5, 2, 2265, 3211]
[C:\PROGRA~1\COMMON~1\vjimut\whauws.nls] [, 3, 6, 0, 5]
[c:\progra~1\lsqg\yfdt.dll] [, 1, 0, 0, 6]
[c:\progra~1\lsqg\dkiy.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
API HOOK
N/A
==================================
隐藏进程
[1336] C:\WINDOWS\system32\FBS.exe
==================================
[/CODE]
superyang - 2007-5-9 9:44:00
麻烦高手帮我看看了.这些病毒已经困扰我好长一段时间了...
饭后点心 - 2007-5-9 10:16:00
朋友,推荐你重做系统比较快点.要是手动杀的话,可能有写程序会被破坏的.问题太多了......看得我眼花了.....可能我的处理方法还不完整.而且有些东西你要用IS删的.比较麻烦.而且可能还有后遗症.还有,你的流氓软件依然没有清理干净.不过问题基本都在C盘下,重做系统能解决.推荐重做系统.
手动杀的话:
运行SRENG
在注册表里删:
<Desktop><"C:\WINDOWS\system32\internet.exe"> []
<shell><Explorer.exe asp.exe> [N/A]把后面的ASP.EXE去掉
<AppInit_DLLs><C:\WINDOWS\system32\NTDLL32.dll> [N/A]后面的<C:\WINDOWS\system32\NTDLL32.dll>删掉
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<SysChunk><C:\WINDOWS\system32\syschunk.dll> [N/A]
<ovaj><C:\PROGRA~1\nusi\ovaj.dll> [N/A]
<wbwk><C:\PROGRA~1\nusi\ovaj.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptimg]
<WinlogonNotify: cryptimg><cryptig.dll> [N/A]
删除服务:
[System Administrator / AtWork][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\ppjuw.dll><Microsoft Corporation>
[Internet Connection Manager / Internet Connection Manager][Stopped/Auto Start]
<"C:\WINDOWS\system32\internet.exe"><N/A>
[Logical Disk Manager Amdindistrative Service9 / S8696669][Stopped/Auto Start]
<c:\windows\system\m9\iexplorer.exe><N/A>(这个我不确定.你可以找找资料)
[TP-LINK配置服务程序 / ACS][Stopped/Auto Start]
<C:\WINDOWS\system32\acs.exe><N/A>(不是你自己装的就灭掉)
[RestoreService / RestoreService][Stopped/Auto Start]
<C:\WINDOWS\system32\Svchost.exe -k RestoreService-->C:\WINDOWS\system32\drivers\restore.dll><N/A>
[Windows qxvl RunThem / qxvl][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\lsqg\vcaq.dll>< >
[Gentad / Gentad][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\struts.dll><N/A>
[Imsvc / Imsvc][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Webmail.dll><N/A>
[NT Data Provider / SoSCAR][Stopped/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL2KXP.EXE C:\WINDOWS\SYSTEM32\WBEM\YWWCE.DLL,Export 1087><Microsoft Corporation>
Vsn wdbu Service / wdbu][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\cjhx\jqoe.dll,Service><Microsoft Corporation>
[ijimot / ijimot][Running/Auto Start]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\vjimut\vjimut.dll,Service -s><Microsoft Corporation>
删除驱动:
[aslm75 / aslm75][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\aslm75.sys><N/A>
[adpu64 / adpu64][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\adpu64.sys><N/A>
[cdjibcag / cdjibcag][Stopped/Boot Start]
<\SystemRoot\system32\drivers\cdjibcag.sys><N/A>
[cdnprot / cdnprot][Running/]
<2 - 系统找不到指定的文件。
><N/A>
[cmhtmo6 / cmhtmo60][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\cmhtmo60.sys><N/A>
[decdehbg / decdehbg][Stopped/Boot Start]
<\SystemRoot\system32\drivers\decdehbg.sys><N/A>
ffpbek / ffpbek][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ffpbek.sys><N/A>
[stdio / stdio][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\stdio.sys><N/A>
[mspcidrv / mspcidrv][Running/System Start]
<system32\DRIVERS\mspcidrv.sys><N/A>
[qoex / qoexp][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\qoexp.sys><N/A>
[ws2ifsd / ws2ifsd][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ws2ifsd.sys><N/A>
[WINIO / WINIO][Stopped/Manual Start]
<\??\C:\WINDOWS\Downloaded Program Files\winio.sys><N/A>
[FBS / FBS][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\FBS.sys><N/A>
后面的看不动了......实在不行了...就前面的东西就有那么多的东西要处理掉...
superyang - 2007-5-9 10:24:00
呵呵...高手了,谢谢你!
重做系统就是重新装系统吗?
饭后点心 - 2007-5-9 10:28:00
就是把C盘格了再装.自己手动处理会很麻烦的.还是重做好了
1
© 2000 - 2026 Rising Corp. Ltd.