杀掉“帕虫”后为什么卡巴装不上了？ bbs.ikaka.com

香烟醉了 - 2007-8-23 22:40:00

现在把日志粘上来，希望大家帮忙看看。
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Internat.exe><Internat.exe> [Microsoft Corporation]
<Kugoo><; C:\PROGRA~1\KuGoo2\KuGoo.exe> [KuGoo(酷狗)]
<Super Rabbit IEPro><; C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD> [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SoundMan><; SOUNDMAN.EXE> [(Verified)Microsoft Windows XP Publisher]
<NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><; nwiz.exe /install> [NVIDIA Corporation]
<NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<BigDogPath><; C:\WINDOWS\VM_STI.EXE USB PC Camera 301P> [N/A]
<asgfdjs2><C:\WINDOWS\System32\vbsdaas2.exe> []
<iefyfoi><; C:\Program Files\Common Files\System\whqlijh.exe> [N/A]
<pytqewo><; C:\Program Files\Common Files\Microsoft Shared\cclaynh.exe> [N/A]
<RAVDHMON><C:\Program Files\Internet Explorer\RAVDHMON.exe> []
<RAVWLMON><C:\Program Files\Internet Explorer\RAVWLMON.exe> []
<RAVMYMON><C:\Program Files\NetMeeting\ravmymon.exe> []
<WinSys><C:\WINDOWS\IG.exe> []
<KVP><C:\WINDOWS\System32\drivers\svchost.exe> []
<RAVWDMON><C:\Program Files\Internet Explorer\RAVWDMON.exe> []
<RAVZXMON><C:\Program Files\NetMeeting\ravzxmon.exe> []
<TIMHost><C:\WINDOWS\TIMHost.exe> []
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<MSDWG32><LYLoadbr.exe> [N/A]
<MSDCG32 ><LYLeador.exe> [N/A]
<MSDOG32><LYLoador.exe> [N/A]
<MSDSG32><LYLoadar.exe> [N/A]
<MSDHG32><LYLoadhr.exe> [N/A]
<MSDQG32><LYLoadqr.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows XP Publisher]
<Userinit><C:\WINDOWS\System32\userinit.exe,> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><ztmpri.dll> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{A12BC423-3713-224D-3F55-32B35C62B11A}><C:\WINDOWS\System32\WinFormA5.dll> []
<{1231A43A-1642-641A-64FD-146ADAB223B1}><C:\WINDOWS\System32\mxaman.dll> []
<{859AFD5B-159F-ACD8-954C-ACD545FA6588}><C:\WINDOWS\System32\jzhpri.dll> []
<{5FFAB213-ABCF-F421-FBA1-3FA352343215}><C:\WINDOWS\System32\wsepri.dll> []
<{D1351752-5628-1547-FFAB-BADC13512AFD}><C:\WINDOWS\System32\ztmpri.dll> []
<{5731EA1D-6AAF-4DE9-BDDA-7B390A75B286}><C:\WINDOWS\System32\xk1s0.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{306D6C21-C1B6-4629-986C-E59E1875B8AF}]
<N/A><"C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]

香烟醉了 - 2007-8-23 22:46:00

服务
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[cn / cn][Stopped/Auto Start]
<C:\WINDOWS\windiwsexe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
<C:\WINDOWS\System32\rundll32.exe windhcp.ocx,input><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[acpidisk / acpidisk][Stopped/Auto Start]
<\??\C:\WINDOWS\System32\drivers\acpidisk.sys><N/A>
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
<system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AntiyNF / AntiyNF][Running/Auto Start]
<system32\drivers\AntiyNF.sys><N/A>
[EagleNT / EagleNT][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\drivers\EagleNT.sys><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\drivers\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><N/A>
[VIA AGP Filter / viaagp1][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[w75kp0g / w75kp0g6][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\w75kp0g6.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[xy2ow24 / xy2ow24][Running/Auto Start]
<\??\C:\WINDOWS\System32\drivers\xy2ow24.sys><N/A>
[USB PC Camera 301P / ZSMC301b][Running/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>

==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{7369D359-5B70-4A5B-B789-B25FE09B4AF3} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Tencent Safety Online Base Module]
{C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\System32\TSOBase\TSOBase.ocx, Tencent Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[Vod Class]
{EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer_Now.dll, XunLei>
[使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

香烟醉了 - 2007-8-23 22:50:00

正在运行的进程
[PID: 452 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 508 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 532 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 580 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\ztmpri.dll] [N/A, ]
[PID: 592 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\system32\ztmpri.dll] [N/A, ]
[PID: 768 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\ztmpri.dll] [N/A, ]
[PID: 816 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[PID: 916 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[PID: 980 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 1028 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\English\Base.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhResJs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswRes.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 1280 / mml][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\xk1s0.dll] [N/A, ]
[C:\WINDOWS\system32\k0dwb46k3z.dll] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\WINDOWS\System32\xk1s1.dll] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\System32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.5664]
[C:\WINDOWS\System32\nvshell.dll] [NVIDIA Corporation, 6.14.10.5664]
[C:\WINDOWS\System32\NVWRSZHC.DLL] [NVIDIA Corporation, 6.14.10.5664]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.2.9]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 4]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\ashShell.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 1504 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\system32\wsepri.dll] [N/A, ]
[PID: 1728 / mml][C:\WINDOWS\IG.exe] [N/A, ]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[

香烟醉了 - 2007-8-23 22:52:00

PID: 1828 / mml][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\English\Base.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\English\Lang.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruijs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
[c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[PID: 1844 / mml][C:\WINDOWS\System32\Internat.exe] [Microsoft Corporation, 5.00.2920.0000]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[PID: 1944 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[PID: 1976 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[PID: 2020 / SYSTEM][C:\WINDOWS\System32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.5664]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 196 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[PID: 796 / mml][C:\Program Files\Tencent\QQ\QQ.exe] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\CoralAssist.dll] [Coral Team, 5.0.0 build 20060829]
[C:\Program Files\Tencent\QQ\CoralQQ.dll] [Coral Team, 5.0.2 Build 20070716]
[C:\Program Files\Tencent\QQ\kql.dll] [Coral Team, 5.0.2 build 20070703]
[C:\Program Files\Tencent\QQ\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Tencent\QQ\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Tencent\QQ\mfc42.dll] [Microsoft Corporation, 6.00.8665.0]
[C:\Program Files\Tencent\QQ\ipsearcher.dll] [, 1.0.0.5]
[C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\QQHelperDll.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\BasicCtrlDll.dll] [TENCENT, 7,0,365,1701]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\NoDisturbFilter.cqx] [Coral Team, 1.0]
[C:\Program Files\Tencent\QQ\ConfigHotkey.cqx] [Coral Team, 1.0]
[C:\WINDOWS\System32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Tencent\QQ\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
[C:\Program Files\Tencent\QQ\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
[C:\Program Files\Tencent\QQ\QQAPI.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\LoginCtrl.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\LoginCtrlRes.dll] [TENCENT, 7,0,365,1701]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\xk1s1.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQRes.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\QQMainFrame.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\gdiplus.dll] [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Tencent\QQ\CQQApplication.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\Program Files\Tencent\QQ\NewSkin.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\HostingMgr.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\CameraDll.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\MailSummary.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\CoralHotkey.cqx] [Coral Team, 1.0]
[C:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\AutoReconnect.cqx] [Coral Team, 1.0.0]
[C:\Program Files\Tencent\QQ\QQAllInOne.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\SCCore.dll] [TENCENT, 1, 6, 0, 2]
[C:\Program Files\Tencent\QQ\QQSpace.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\vbscript.dll] [Microsoft Corporation, 5.6.0.7426]
[C:\WINDOWS\System32\msdmo.dll] [, ]
[C:\Program Files\Tencent\QQ\QQGroupMng.dll] [TENCENT, 7,0,365,1701]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Tencent\QQ\QQAvatar.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\UserDefinedHead.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\QQPlugin.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQConfigPlugin.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\QQCustomFace.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QRingMng.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\LongConnection.dll] [TENCENT, 7,0,365,1701]
[C:\WINDOWS\System32\msadp32.acm] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\Program Files\Tencent\QQ\PhoneAPI.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[C:\Program Files\Tencent\QQ\QQPet.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\QQSettingCtrl.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\QQSysMsgMng.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\QQLiveQMng.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\ImageOle.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Alwil Software\Avast4\AhAScr.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Tencent\QQ\BQQApplication.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[C:\Program Files\Tencent\QQ\QQZip.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\CommercesMng.dll] [TENCENT, 7,0,365,1701]
[C:\Program Files\Tencent\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 320]
[C:\Program Files\Tencent\QQ\QQSceneMng.dll] [N/A, ]
[C:\Program Files\Tencent\QQ\AddrSearch.dll] [腾讯科技（深圳）有限公司, 2, 1, 9, 95]
[C:\Program Files\Tencent\QQ\GroupConnection.dll] [TENCENT, 7,0,365,1701]

香烟醉了 - 2007-8-23 22:55:00

[PID: 1684 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\English\Base.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[C:\WINDOWS\System32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Alwil Software\Avast4\English\Lang.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\English\langmai.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 1288 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\English\Base.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 3484 / mml][C:\Program Files\Tencent\QQ\QZone\Qzone.exe] [腾讯公司, 1, 8, 102, 15]
[C:\Program Files\Tencent\QQ\QZone\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]

香烟醉了 - 2007-8-23 22:56:00

[PID: 3576 / mml][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.2.9]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 4]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Alwil Software\Avast4\AhAScr.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\xk1s1.dll] [N/A, ]
[PID: 2920 / mml][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.2.9]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 4]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\WINDOWS\System32\xk1s1.dll] [N/A, ]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Alwil Software\Avast4\AhAScr.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL] [Microsoft Corporation, 11.0.5510]
[PID: 3744 / mml][D:\标标\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\WINDOWS\System32\xk1s1.dll] [N/A, ]
[D:\标标\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

香烟醉了 - 2007-8-23 22:57:00

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1728, C:\WINDOWS\IG.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1844, C:\WINDOWS\SYSTEM32\INTERNAT.EXE]

==================================
API HOOK
入口点错误：CreateProcessA (危险等级: 高, 被下面模块所HOOK: C:\WINDOWS\System32\TIMHost.dll)
入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: C:\WINDOWS\System32\TIMHost.dll)

==================================
隐藏进程
N/A

==================================

[/CODE]

不堪回首 - 2007-8-23 23:04:00

看得头晕，先看看版主的置顶帖吧

香烟醉了 - 2007-8-23 23:11:00

我是先看过顶置贴后弄了没弄彻底才听网友的说发了日志上来的啊。

骄傲的蓝 - 2007-8-23 23:58:00

如果没有重要的东西,是一下金山的雨过天晴系统

wbxhs - 2007-8-24 9:21:00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<asgfdjs2><C:\WINDOWS\System32\vbsdaas2.exe> []
<iefyfoi><; C:\Program Files\Common Files\System\whqlijh.exe> [N/A]
<pytqewo><; C:\Program Files\Common Files\Microsoft Shared\cclaynh.exe> [N/A]
<RAVDHMON><C:\Program Files\Internet Explorer\RAVDHMON.exe> []
<RAVWLMON><C:\Program Files\Internet Explorer\RAVWLMON.exe> []
<RAVMYMON><C:\Program Files\NetMeeting\ravmymon.exe> []
<WinSys><C:\WINDOWS\IG.exe> []
<KVP><C:\WINDOWS\System32\drivers\svchost.exe> []
<RAVWDMON><C:\Program Files\Internet Explorer\RAVWDMON.exe> []
<RAVZXMON><C:\Program Files\NetMeeting\ravzxmon.exe> []
<TIMHost><C:\WINDOWS\TIMHost.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<MSDWG32><LYLoadbr.exe> [N/A]
<MSDCG32 ><LYLeador.exe> [N/A]
<MSDOG32><LYLoador.exe> [N/A]
<MSDSG32><LYLoadar.exe> [N/A]
<MSDHG32><LYLoadhr.exe> [N/A]
<MSDQG32><LYLoadqr.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><ztmpri.dll> []---------后面改成空值
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{A12BC423-3713-224D-3F55-32B35C62B11A}><C:\WINDOWS\System32\WinFormA5.dll> []
<{1231A43A-1642-641A-64FD-146ADAB223B1}><C:\WINDOWS\System32\mxaman.dll> []
<{859AFD5B-159F-ACD8-954C-ACD545FA6588}><C:\WINDOWS\System32\jzhpri.dll> []
<{5FFAB213-ABCF-F421-FBA1-3FA352343215}><C:\WINDOWS\System32\wsepri.dll> []
<{D1351752-5628-1547-FFAB-BADC13512AFD}><C:\WINDOWS\System32\ztmpri.dll> []
<{5731EA1D-6AAF-4DE9-BDDA-7B390A75B286}><C:\WINDOWS\System32\xk1s0.dll> []
服务
[cn / cn][Stopped/Auto Start]
<C:\WINDOWS\windiwsexe><N/A>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
<C:\WINDOWS\System32\rundll32.exe windhcp.ocx,input><Microsoft Corporation>
驱动
[acpidisk / acpidisk][Stopped/Auto Start]
<\??\C:\WINDOWS\System32\drivers\acpidisk.sys><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\drivers\npf.sys><CACE Technologies>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\npkycryp.sys><N/A>
[w75kp0g / w75kp0g6][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\w75kp0g6.sys><N/A>
[xy2ow24 / xy2ow24][Running/Auto Start]
<\??\C:\WINDOWS\System32\drivers\xy2ow24.sys><N/A>
相关文件
[C:\WINDOWS\System32\ztmpri.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\jzhpri.dll] [N/A, ]
[C:\WINDOWS\System32\wsepri.dll] [N/A, ]
[C:\WINDOWS\System32\xk1s0.dll] [N/A, ]
[C:\WINDOWS\system32\k0dwb46k3z.dll] [N/A, ]
[C:\Program Files\NetMeeting\ravmymon.dat] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWLMON.DAT] [N/A, ]
[C:\WINDOWS\System32\xk1s1.dll] [N/A, ]
[C:\Program Files\Internet Explorer\RAVWDMON.DAT] [N/A, ]
[C:\Program Files\NetMeeting\ravzxmon.dat] [N/A, ]
[C:\WINDOWS\System32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\system32\wsepri.dll] [N/A, ]
[PID: 1728 / mml][C:\WINDOWS\IG.exe] [N/A, ]
[C:\WINDOWS\System32\mxaman.dll] [N/A, ]
[C:\WINDOWS\System32\WinFormA5.dll] [N/A, ]

修复文件关联！

瑞星卡卡安全论坛