Logfile of HijackThis v1.99.1
Scan saved at 12:42:11, on 2007-3-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\软件\拼音加加\jj4\jjsvr4.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
D:\软件\遨游浏览器\Maxthon.exe
C:\WINDOWS\system32\notepad.exe
c:\program files\mcafee\msc\mcuimgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\program files\Internet Explorer\IEXPLORE.EXE
D:\软件\压缩软件\WinRAR.exe
C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rar$EX01.625\HijackThis.exe
C:\program files\Internet Explorer\IEXPLORE.EXE

R3 - URLSearchHook: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - D:\软件\全能助手\AssistIEBar.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O3 - Toolbar: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - D:\软件\全能助手\AssistIEBar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\Resources\Themes\VistaDrv\vsdrv.exe
O4 - HKLM\..\Run: [FlashGet] ; C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [SoundMan] ; SOUNDMAN.EXE
O4 - HKLM\..\Run: [PRONoMgr.exe] ; C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [nwiz] ; nwiz.exe /install
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [pyjj] D:\软件\拼音加加\jj4\jjsvr4.exe
O4 - HKCU\..\Run: [System Boot Check] C:\WINDOWS\system32\sysload3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\软件\腾讯QQ\AddToNetDisk.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://D:\软件\Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\软件\腾讯QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\软件\腾讯QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\软件\腾讯QQ\SendMMS.htm
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

[CODE]

2007-03-31,12:47:05

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <pyjj><D:\软件\拼音加加\jj4\jjsvr4.exe>  [加加开发组]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <Vistadrv><C:\WINDOWS\Resources\Themes\VistaDrv\vsdrv.exe>  [N/A]
    <FlashGet><; C:\Program Files\FlashGet\FlashGet.exe /min>  [N/A]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <PRONoMgr.exe><; C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe>  [Intel(R) Corporation]
    <nwiz><; nwiz.exe /install>  [N/A]
    <cmdbcs><C:\WINDOWS\cmdbcs.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\夜光时~1.SCR>  [N/A]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><H>

==================================
服务
[McAfee E-mail Proxy / Emproxy][Stopped/Manual Start]
  <C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe><McAfee, Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[McAfee HackerWatch Service / McAfee HackerWatch Service][Running/Auto Start]
  <"C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"><McAfee, Inc.>
[McAfee Update Manager / mcmispupdmgr][Stopped/Manual Start]
  <C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe><McAfee, Inc.>
[McAfee Services / mcmscsvc][Running/Auto Start]
  <C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe><McAfee, Inc.>
[McAfee Network Agent / McNASvc][Running/Auto Start]
  <"c:\program files\common files\mcafee\mna\mcnasvc.exe"><McAfee, Inc.>
[McAfee Scanner / McODS][Running/Auto Start]
  <C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe><McAfee, Inc.>
[McAfee Protection Manager / mcpromgr][Running/Auto Start]
  <C:\PROGRA~1\McAfee\MSC\mcpromgr.exe><McAfee, Inc.>
[McAfee Redirector Service / McRedirector][Running/Auto Start]
  <c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe><McAfee, Inc.>
[McAfee Real-time Scanner / McShield][Running/Auto Start]
  <C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe><McAfee, Inc.>
[McAfee SystemGuards / McSysmon][Running/Auto Start]
  <C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe><McAfee, Inc.>
[McAfee Personal Firewall Service / MpfService][Running/Auto Start]
  <"C:\Program Files\McAfee\MPF\MPFSrv.exe"><McAfee, Inc.>
[Windows Installer / MSIServer][Stopped/Manual Start]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[Intel NCS NetService / NetSvc][Stopped/Manual Start]
  <C:\Program Files\Intel\NCS\Sync\NetSvc.exe><Intel(R) Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
  <C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[gdrv / gdrv][Stopped/Manual Start]
  <\??\C:\WINDOWS\gdrv.sys><Windows (R) 2000 DDK provider>
[McAfee Inc. / mfeavfk][Running/Manual Start]
  <system32\drivers\mfeavfk.sys><McAfee, Inc.>
[McAfee Inc. / mfebopk][Running/Manual Start]
  <system32\drivers\mfebopk.sys><McAfee, Inc.>
[McAfee Inc. / mfehidk][Running/Manual Start]
  <system32\drivers\mfehidk.sys><McAfee, Inc.>
[McAfee Inc. / mferkdk][Stopped/Manual Start]
  <system32\drivers\mferkdk.sys><McAfee, Inc.>
[McAfee Inc. / mfesmfk][Running/Manual Start]
  <system32\drivers\mfesmfk.sys><McAfee, Inc.>
[MPFP / MPFP][Running/System Start]
  <System32\Drivers\Mpfp.sys><McAfee, Inc.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\软件\腾讯QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>

浏览器加载项
[McAfee SiteAdvisor]
  {0BF43445-2F28-4351-9252-17FE6E806AA0} <C:\Program Files\SiteAdvisor\4144\SiteAdv.dll, McAfee, Inc.>
[全能助手广告拦截专家]
  {ED51E9A3-16C5-4236-99E0-9F093B021433} <D:\软件\全能助手\AssistIEBar.dll, 全能助手工作室>
[]
  {089FD14D-132B-48FC-8861-0048AE113215} <C:\Program Files\SiteAdvisor\4144\SiteAdv.dll, McAfee, Inc.>
[McAfee SiteAdvisor]
  {0BF43445-2F28-4351-9252-17FE6E806AA0} <C:\Program Files\SiteAdvisor\4144\SiteAdv.dll, McAfee, Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[scriptproxy]
  {7DB2D5A0-7241-4E79-B68D-6309F01C5231} <c:\program files\mcafee\virusscan\scriptcl.dll, McAfee, Inc.>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[全能助手广告拦截专家]
  {ED51E9A3-16C5-4236-99E0-9F093B021433} <D:\软件\全能助手\AssistIEBar.dll, 全能助手工作室>
[上传到QQ网络硬盘]
  <D:\软件\腾讯QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://D:\软件\Office\Office10\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <D:\软件\腾讯QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\软件\腾讯QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\软件\腾讯QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 588][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 656][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 680][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 964][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1056][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1100][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1188][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1352][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1588][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8198]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8198]
    [C:\WINDOWS\system32\ContextBG.dll]  [Grigri, 1, 0, 0, 1]
    [C:\WINDOWS\system32\nvshell.dll]  [N/A, N/A]
    [D:\软件\压缩软件\rarext.dll]  [N/A, N/A]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mcodsax.dll]  [McAfee, Inc., 11,2,121,0]
    [C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rav20.dll]  [N/A, N/A]
[PID: 1740][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1748][D:\软件\拼音加加\jj4\jjsvr4.exe]  [加加开发组, 4.0.0.19]
[PID: 1840][C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe]  [McAfee, Inc., 8.2.104.0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll]  [McAfee, Inc., 8.2.104.0]
[PID: 1896][C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll]  [McAfee, Inc., 7,2,112,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee\msc\mcdbmgr.dll]  [McAfee, Inc., 7,2,142,0]
[PID: 1956][c:\program files\common files\mcafee\mna\mcnasvc.exe]  [McAfee, Inc., 1,2,106,0]
    [C:\PROGRA~1\COMMON~1\McAfee\MSC\McUtil.dll]  [McAfee, Inc., 7,2,112,0]
    [c:\PROGRA~1\mcafee\msc\mcnmcsrv.dll]  [McAfee, Inc., 1,2,106,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\msc\mcshllps.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL]  [McAfee, Inc., 1,2,106,0]
    [c:\PROGRA~1\mcafee\msc\mcnmcsps.dll]  [McAfee, Inc., 1,2,106,0]
    [c:\program files\mcafee\msc\mcregobj\7,2,142,0\mcregobj.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\program files\mcafee\msc\mcmismgr.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\program files\mcafee\msc\mcsubmgr\7,2,142,0\mcsubmgr.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\COMMON~1\mcafee\mna\mcuj.dll]  [McAfee, Inc., 1,2,106,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcRes.dll]  [McAfee, Inc., 1,2,106,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcLoR.dll]  [McAfee, Inc., 1,2,106,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcCoR.dll]  [McAfee, Inc., 1,2,106,0]
[PID: 2008][C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe]  [McAfee, Inc., 11,2,121,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mcodsax.dll]  [McAfee, Inc., 11,2,121,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 7,2,142,0]
[PID: 2040][C:\PROGRA~1\McAfee\MSC\mcpromgr.exe]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\COMMON~1\McAfee\MSC\McUtil.dll]  [McAfee, Inc., 7,2,112,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\msc\mcshllps.dll]  [McAfee, Inc., 7,2,142,0]

[c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\program files\mcafee\msc\mcsubmgr\7,2,142,0\mcsubmgr.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee\msc\mcmscver.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvsap.dll]  [McAfee, Inc., 11,2,121,0]
    [c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll]  [McAfee, Inc., 8.2.117.0]
    [C:\Program Files\McAfee\MPF\L10N.DLL]  [McAfee Security, 8.2.115.0]
    [C:\Program Files\SiteAdvisor\4144\SiteAdv.dll]  [McAfee, Inc., 1.7.0.53]
    [c:\program files\mcafee\virusscan\mcvspp.dll]  [McAfee, Inc., 11,2,121,0]
    [c:\program files\mcafee\msc\mcprotpv.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\program files\mcafee\msc\mcnmcprv.dll]  [McAfee, Inc., 1,2,106,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcRes.dll]  [McAfee, Inc., 1,2,106,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcLoR.dll]  [McAfee, Inc., 1,2,106,0]
    [C:\PROGRA~1\McAfee\MSC\McNmcCoR.dll]  [McAfee, Inc., 1,2,106,0]
    [c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL]  [McAfee, Inc., 1,2,106,0]
    [c:\PROGRA~1\mcafee\msc\mcnmcsps.dll]  [McAfee, Inc., 1,2,106,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\program files\mcafee\msc\mcregobj\7,2,142,0\mcregobj.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\program files\mcafee\mpf\mc\mpfp.dll]  [McAfee, Inc., 8.2.115.0]
    [C:\PROGRA~1\McAfee\MSC\McProHlp.dll]  [McAfee, Inc., 7,2,142,0]
[PID: 212][c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe]  [McAfee, Inc., 1,2,112,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll]  [McAfee, Inc., 2,2,103,0]
[PID: 248][C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe]  [McAfee, Inc., VSCORE.13.3.2.101.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\LockDown.dll]  [McAfee, Inc., VSCORE.13.3.2.101.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mytilus.dll]  [McAfee, Inc., VSCORE.13.3.2.101.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mytilus2.dll]  [McAfee, Inc., VSCORE.13.3.2.101.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\RES00\McShield.dll]  [McAfee, Inc., VSCORE.13.3.2.101]
    [C:\PROGRA~1\McAfee\VIRUSS~1\FTL.Dll]  [McAfee, Inc., VSCORE.13.3.2.101.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\naiann.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mcvsqt.dll]  [McAfee, Inc., 11,2,127,0]
    [C:\PROGRA~1\McAfee\VIRUSS~1\McQtLib.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll]  [McAfee, Inc., 2,2,103,0]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll]  [McAfee, Inc., 11,2,121,0]
    [C:\PROGRA~1\McAfee\VIRUSS~1\scriptsv.dll]  [McAfee, Inc., VSCORE.13.3.2.101.x86]
    [C:\Program Files\McAfee\VirusScan\mcscan32.dll]  [McAfee, Inc., 5.1.00]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfebopa.dll]  [McAfee, Inc., SYSCORE.13.3.0.120.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll]  [McAfee, Inc., SYSCORE.13.3.0.120.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfeavfa.dll]  [McAfee, Inc., SYSCORE.13.3.0.120.x86]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 7,2,142,0]
[PID: 332][C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe]  [McAfee, Inc., 11,2,131,0]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll]  [McAfee, Inc., 11,2,121,0]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfesmfa.dll]  [McAfee, Inc., SYSCORE.13.3.0.120.x86]
    [C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll]  [McAfee, Inc., SYSCORE.13.3.0.120.x86]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll]  [McAfee, Inc., 8.2.104.0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\program files\mcafee\msc\mcsubmgr\7,2,142,0\mcsubmgr.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll]  [McAfee, Inc., 11,2,127,0]
[PID: 412][C:\Program Files\McAfee\MPF\MPFSrv.exe]  [McAfee, Inc., 8.2.115.0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll]  [McAfee, Inc., 8.2.104.0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll]  [McAfee, Inc., 8.2.117.0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\Program Files\McAfee\MPF\L10N.DLL]  [McAfee Security, 8.2.115.0]
    [c:\program files\mcafee\mpf\mc\mpfaltps.dll]  [McAfee, Inc., 8.2.115.0]
[PID: 448][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8198]
[PID: 528][C:\WINDOWS\system32\oodag.exe]  [O&O Software GmbH, 8.0.1398]
    [C:\WINDOWS\system32\OODAGRS.DLL]  [O&O Software GmbH, 8.0.1.1347]
[PID: 624][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 1496][c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe]  [McAfee, Inc., 11,2,121,0]
    [C:\PROGRA~1\McAfee\MSC\McAltLib.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll]  [McAfee, Inc., 11,2,127,0]
    [c:\PROGRA~1\mcafee\msc\mcuicfg.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee\msc\mccfgpv.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
    [C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rav20.dll]  [N/A, N/A]
[PID: 1848][C:\PROGRA~1\mcafee.com\agent\mcagent.exe]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\program files\mcafee\msc\mcsubmgr\7,2,142,0\mcsubmgr.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\program files\mcafee\msc\mcregobj\7,2,142,0\mcregobj.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\msc\mcmispps.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee\msc\mccfgpv.dll]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\mcafee\msc\mcuicfg.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
[PID: 2760][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1196][C:\WINDOWS\system32\notepad.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2560][c:\program files\mcafee\msc\mcuimgr.exe]  [McAfee, Inc., 7,2,142,0]
    [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll]  [McAfee, Inc., 2,2,103,0]
    [c:\PROGRA~1\mcafee\msc\mcshllps.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\McLocRes.dll]  [McAfee, Inc., 7,2,142,0]
    [C:\PROGRA~1\McAfee\MSC\Mccobres.dll]  [McAfee, Inc., 7,2,142,0]
[PID: 3276][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\软件\全能助手\AssistIEBar.dll]  [全能助手工作室, 6, 0, 8, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rav20.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
    [c:\program files\mcafee\virusscan\scriptcl.dll]  [McAfee, Inc., VSCORE.13.3.2.101.x86]
[PID: 2700][C:\WINDOWS\system32\NOTEPAD.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rav20.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
[PID: 3028][D:\软件\千千静听\TTPlayer.exe]  [Alen Soft, 4, 6, 9, 0]
    [D:\软件\千千静听\ttpcomm.dll]  [N/A, N/A]
    [D:\软件\千千静听\ttpres.dll]  [Alen Soft, 4, 6, 9, 0]
    [C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rav20.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
    [D:\软件\千千静听\AddIn\ttp_lrcsh.dll]  [N/A, N/A]
[PID: 3788][D:\软件\压缩软件\WinRAR.exe]  [N/A, N/A]
    [C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rav20.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
[PID: 3816][C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rar$EX00.672\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\DOCUME~1\JIAO\LOCALS~1\Temp\Rav20.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1      mmm.caifu18.net
127.0.0.1      www.18dmm.com
127.0.0.1      d.qbbd.com
127.0.0.1      www.5117music.com
127.0.0.1      www.union123.com
127.0.0.1      www.wu7x.cn
127.0.0.1      www.54699.com
127.0.0.1      60.169.0.66
127.0.0.1      60.169.1.29
127.0.0.1      www.97725.com
127.0.0.1      down.97725.com
127.0.0.1      ip.315hack.com
127.0.0.1      ip.54liumang.com
127.0.0.1      www.41ip.com
127.0.0.1      xulao.com
127.0.0.1      www.heixiou.com
127.0.0.1      www.9cyy.com
127.0.0.1      www.hunll.com
127.0.0.1      www.down.hunll.com
127.0.0.1      do.77276.com
127.0.0.1      www.baidulink.com
127.0.0.1      adnx.yygou.cn
127.0.0.1      222.73.220.45
127.0.0.1      www.f5game.com
127.0.0.1      www.guazhan.cn
127.0.0.1      wm,103715.com
127.0.0.1      www.my6688.cn
127.0.0.1      i.96981.com
127.0.0.1      d.77276.com
127.0.0.1      www1.cw988.cn
127.0.0.1      cool.47555.com
127.0.0.1      www.asdwc.com
127.0.0.1      55880.cn
127.0.0.1      61.152.169.234
127.0.0.1      cc.wzxqy.com
127.0.0.1      www.54699.com

==================================
API HOOK
N/A

==================================


[/CODE]