2006-10-09,14:05:01

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional  (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <rx><D:\WINDOWS\System32\explore.exe>  [N/A]
    <wow><D:\WINDOWS\System32\Launcher.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TkBellExe><"D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <YLive.exe><D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [Yahoo! China]
    <yassistse><"D:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [Yahoo! China]
    <CnsMin><Rundll32.exe D:\WINDOWS\downlo~1\CnsMin.dll,Rundll32>  [北京三七二一科技有限公司]
    <stup.exe><D:\PROGRA~1\TENCENT\Adplus\stup.exe>  [Tencent]
    <wdfmgr32><D:\WINDOWS\System32\wdfmgr32.exe>  [N/A]
    <zt><D:\Program Files\Intel\svhost32.exe>  [N/A]
    <ms><D:\Program Files\Microsoft\svhost32.exe>  [N/A]
    <RavUpsr><D:\WINDOWS\System32\agetltfets.exe>  [N/A]
    <RavUpes><D:\WINDOWS\System32\agetltfes.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <9><D:\WINDOWS\System32\vpcrm.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [(Verified)Microsoft Corporation]
    <Userinit><D:\WINDOWS\System32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll>  [Yahoo! China]
    <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><D:\PROGRA~1\Yahoo!\ASSIST~1\assist\yclickon.dll>  [YAHOO Corporation Limited]
    <{08315C1A-9BA9-4B7C-A432-26885F78DF28}><D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp>  [N/A]
    <{6E44887F-5214-41F2-AB46-4728735C4CC6}><D:\Program Files\Internet Explorer\PLUGINS\system2.sys>  [N/A]
    <{21003462-3462-1005-6210-462004621005}><D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RavTray><; "D:\Program Files\Rising\Rav\RavTray.exe">  [Rising]
    <SECUPDATE><; D:\Program Files\MySec\secupdateaak.exe -sv>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Management Instrumentation Driver Extensions / 6to4]
  <D:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\winmide32.dll><N/A>
[ClipBook / ClipBook]
  <D:\WINDOWS\system32\clipsvr.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <D:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IMAPI CD-Burning COM Service / ImapiService]
  <D:\WINDOWS\System32\imapi.exe><Microsoft Corporation>
[Spectrum24 Events Monitor / IPRIP]
  <D:\WINDOWS\System32\svchost.exe -k netsvcs-->D:\WINDOWS\System32\acss.dll><LINKMEDIA Tech>
[JMediaService / JMediaService]
  <D:\WINDOWS\System32\rundll32.exe D:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><Microsoft Corporation>
[Kingsoft Personal Firewall Service / KPfwSvc]
  <"D:\KAV2006\KPfwSvc.EXE"><N/A>
[Kingsoft Antivirus KWatch Service / KWatchSvc]
  <D:\KAV2006\KWatch.EXE><N/A>
[NVIDIA Driver Helper Service / NVSvc]
  <D:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[NetMeeting Remote Desktop Agent / Nwsapagent]
  <D:\WINDOWS\System32\svchost.exe -k netsvcs-->D:\WINDOWS\System32\Nwsapagent.dll><LINKMEDIA Tech>
[RavService / RavService]
  <"D:\Program Files\Rising\Rav\RavService.exe" /service><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <D:\Program Files\Rising\Rav\CCenter.exe><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[StdService / StdService]
  <D:\WINDOWS\System32\rundll32.exe D:\WINDOWS\System32\STDSVER.DLL,Service><Microsoft Corporation>

驱动程序
[9 / 9]
  <\SystemRoot\system32\drivers\boot00.sys><N/A>
[99 / 99]
  <\SystemRoot\system32\drivers\boot00.sys><N/A>
[ADProt / ADProt]
  <\SystemRoot\system32\drivers\ADProt.sys><N/A>
[Albus / Albus]
  <\SystemRoot\System32\drivers\Albus.SYS><N/A>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cdnprot / cdnprot]
  <\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[C-Media WDM Audio Interface / cmuda]
  <system32\drivers\cmuda.sys><C-Media Inc>
[ExpScaner / ExpScaner]
  <\??\D:\Program Files\Rising\Rav\ExpScan.sys><>
[gbijabcj / gbijabcj]
  <\SystemRoot\system32\drivers\gbijabcj.sys><N/A>
[HookCont / HookCont]
  <\??\D:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\Program Files\Rising\Rav\HookSys.sys><Rising>
[jifehecd / jifehecd]
  <D:\WINDOWS\SYSTEM32\DRIVERS\jifehecd.SYS><中国互联网络信息中心(CNNIC)>
[KNetWch / KNetWch]
  <\??\D:\KAV2006\KNetWch.SYS><N/A>
[KRegEx / KRegEx]
  <\??\D:\PROGRA~1\KV2006\KRegEx.sys><N/A>
[KvMemon / KvMemon]
  <\??\D:\PROGRA~1\KV2006\KvMemon.sys><N/A>
[KWatch3 / KWatch3]
  <\??\D:\WINDOWS\System32\drivers\KWatch3.SYS><Kingsoft Corporation>
[MEMSCAN / MEMSCAN]
  <\??\D:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[New0 / New0]
  <\??\D:\WINDOWS\System32\new.sys><N/A>
[Netgroup Packet Filter / NPF]
  <System32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
  <\??\D:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[NPPTNT2 / NPPTNT2]
  <\??\D:\WINDOWS\System32\npptNT2.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PProtect / PProtect]
  <\??\D:\PROGRA~1\KV2006\PProtect.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><N/A>
[SIS AGP Bus Filter / sisagp]
  <\SystemRoot\System32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>

==================================
浏览器加载项
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[Vision]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <D:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <D:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[金山毒霸在线产品升级]
  {52DF16E3-6C4F-4B22-8BAF-09263E463B48} <D:\PROGRA~1\KOS\KOSInit.ocx, 金山软件股份有限公司>
[>>彩信发送<<]
  <res://D:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm, N/A>
[添加到雅虎订阅(&Y)]
  <res://D:\Program Files\Yahoo!\Assistant\Assist\yrss.dll/YRSSMENUEXT, N/A>

正在运行的进程
[PID: 432][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 496][\??\D:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 520][\??\D:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
[PID: 564][D:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 576][D:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 752][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
[PID: 800][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [d:\windows\system32\acss.dll]  [LINKMEDIA Tech, 1, 5, 0, 4]
    [d:\windows\system32\nwsapagent.dll]  [LINKMEDIA Tech, 1, 5, 0, 4]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 896][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 924][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 968][D:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1348][D:\WINDOWS\system32\clipsvr.exe]  [Microsoft Corporation, 5, 2, 3790, 0]
[PID: 1384][D:\WINDOWS\System32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\PROGRA~1\MMSASS~1\MMSSVER.DLL]  [, 1, 2, 0, 6]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
[PID: 1416][D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
[PID: 1528][D:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\PROGRA~1\MMSASS~1\mmsass~1.dll]  [, 1, 2, 0, 6]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [D:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [c:\viDll.dll]  [N/A, N/A]
[PID: 1532][D:\WINDOWS\System32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.4523]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
[PID: 1568][D:\Program Files\Rising\Rav\RavService.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 43]
    [D:\Program Files\Rising\Rav\DLCenter.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1828][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1972][D:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
[PID: 336][D:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\WINDOWS\System32\myztr.dll]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
    [D:\WINDOWS\System32\mywow.dll]  [N/A, N/A]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\yclickon.dll]  [YAHOO Corporation Limited, 3, 0, 0, 1001]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\yaLive.dll]  [yahoo! china, 3, 4, 0, 1091]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 1, 1010]
    [D:\PROGRA~1\MMSASS~1\mmsass~1.dll]  [, 1, 2, 0, 6]
[PID: 368][d:\windows\powermsgr.exe]  [Microsoft Corporation, 5.2.3790.1830]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
[PID: 472][D:\Program Files\CNNIC\Cdn\cdnup.exe]  [, 2, 4, 0, 10]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdntdns.dll]  [CNNIC, 2, 2, 0, 3]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
[PID: 836][D:\WINDOWS\System32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
[PID: 1924][D:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3510]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
[PID: 1060][D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]  [Yahoo! China, 3, 1, 2, 1018]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\yaLive.dll]  [yahoo! china, 3, 4, 0, 1091]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 1, 1010]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]

    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll]  [yahoo! china, 3, 0, 0, 1000]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 624][D:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]  [Yahoo! China, 3, 0, 2, 1003]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll]  [Yahoo! China, 3, 0, 3, 1005]
    [D:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll]  [Yahoo! China, 3, 0, 0, 1000]
    [D:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll]  [Yahoo! China, 3, 0, 1, 1001]
    [D:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll]  [Yahoo! China, 3, 0, 0, 1001]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
[PID: 184][D:\Program Files\Microsoft\svhost32.exe]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
[PID: 196][D:\WINDOWS\System32\agetltfes.exe]  [, ]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
[PID: 1340][D:\WINDOWS\System32\0.exe]  [, ]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
[PID: 376][D:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
[PID: 1224][D:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\WINDOWS\downlo~1\CnsHint.dll]  [3721, 1, 0, 1, 1]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  [Yahoo! China, 3, 0, 0, 1000]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\yaLive.dll]  [yahoo! china, 3, 4, 0, 1091]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 1, 1010]
    [D:\WINDOWS\downlo~1\cnsplus.dll]  [3721, 1, 0, 0, 2]
    [D:\PROGRA~1\MMSASS~1\mmsass~1.dll]  [, 1, 2, 0, 6]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [D:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
[PID: 2072][D:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\WINDOWS\downlo~1\CnsHint.dll]  [3721, 1, 0, 1, 1]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  [Yahoo! China, 3, 0, 0, 1000]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\yaLive.dll]  [yahoo! china, 3, 4, 0, 1091]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 1, 1010]
    [D:\WINDOWS\downlo~1\cnsplus.dll]  [3721, 1, 0, 0, 2]
    [D:\PROGRA~1\MMSASS~1\mmsass~1.dll]  [, 1, 2, 0, 6]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
[PID: 2180][D:\DOCUME~1\lxm\LOCALS~1\Temp\1.exe]  [N/A, N/A]
    [D:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 9]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
[PID: 2232][D:\WINDOWS\System32\cmd.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2256][D:\WINDOWS\System32\cmd.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2316][D:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
[PID: 2340][D:\WINDOWS\System32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\WINDOWS\System32\sdmAgent22.dll]  [LINKMEDIA Tech, 1, 5, 0, 7]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
[PID: 2388][D:\Documents and Settings\lxm\桌面\bingdu\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 2, 1020]
    [D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 1, 1017]
    [D:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [D:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [D:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 4, 0, 3]
    [D:\WINDOWS\System32\nmhxy.dll]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\system2.sys]  [N/A, N/A]
    [D:\WINDOWS\systemKey.DLL]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll]  [N/A, N/A]
    [D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [D:\WINDOWS\System32\msdll.dll]  [N/A, N/A]
    [D:\WINDOWS\System32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]

文件关联
.TXT  Error. [notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [hh.exe %1]
.HLP  Error. [D:\WINDOWS\System32\winhlp32.exe %1]
.INI  Error. [notepad.exe %1]
.INF  Error. [notepad.exe %1]
.VBS  Error. [wscript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1  localhost
61.188.38.64 www.gamezt.com.cn
61.188.38.64 meng.nicemm.cn
61.188.38.64 www.hyap98.com
61.188.38.64 upd.etsoft.com.cn
61.188.38.64 www.essonarts.com
61.188.38.64 ert0003.e76.163ns.com
61.188.38.64 sky001.e11.163ns.com
61.188.38.64 woool.100888290cs.com
61.188.38.64 rxjh.100888290cs.com
61.188.38.64 www.yowoool.com
61.188.38.64 13511.com
61.188.38.64 www.13511.com
61.188.38.64 ywg.cn

删除以下注册值

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll> [Yahoo! China]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><D:\PROGRA~1\Yahoo!\ASSIST~1\assist\yclickon.dll> [YAHOO Corporation Limited]
<{08315C1A-9BA9-4B7C-A432-26885F78DF28}><D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp> [N/A]
<{6E44887F-5214-41F2-AB46-4728735C4CC6}><D:\Program Files\Internet Explorer\PLUGINS\system2.sys> [N/A]
<{21003462-3462-1005-6210-462004621005}><D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll> [N/A]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<9><D:\WINDOWS\System32\vpcrm.exe> [N/A]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<rx><D:\WINDOWS\System32\explore.exe> [N/A]
<wow><D:\WINDOWS\System32\Launcher.exe> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

<stup.exe><D:\PROGRA~1\TENCENT\Adplus\stup.exe> [Tencent]
<wdfmgr32><D:\WINDOWS\System32\wdfmgr32.exe> [N/A]
<zt><D:\Program Files\Intel\svhost32.exe> [N/A]
<ms><D:\Program Files\Microsoft\svhost32.exe> [N/A]
<RavUpsr><D:\WINDOWS\System32\agetltfets.exe> [N/A]
<RavUpes><D:\WINDOWS\System32\agetltfes.exe> []
运行services.msc查下列服务,双击,改启动类型为 禁止
Human Interface Device Access
StdService
重启安全模式删
建议有不能删除的文件在安本模式下用killbox删除,删除时有的需要选---<删除前先结束Explorer.EXE进程>或
<删除DLL文件前反注册此文件>

D:\WINDOWS\System32\STDSVER.DLL
D:\WINDOWS\System32\hidserv.dll
D:\WINDOWS\System32\agetltfes.exe
D:\WINDOWS\System32\agetltfets.exe
D:\Program Files\Microsoft\svhost32.exe
D:\Program Files\Intel\svhost32.exe
D:\WINDOWS\System32\wdfmgr32.exe
D:\PROGRA~1\TENCENT\Adplus\stup.exe
D:\WINDOWS\System32\Launcher.exe
D:\WINDOWS\System32\explore.exe
D:\WINDOWS\System32\vpcrm.exe
D:\Program Files\Common Files\Microsoft Shared\MSINFO\34621005.dll
D:\Program Files\Internet Explorer\PLUGINS\system2.sys
D:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp
D:\PROGRA~1\Yahoo!\ASSIST~1\assist\yclickon.dll
D:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll