完美杀毒伴侣 查毒报告
---------------------
查毒日期:2006年1月22日14时31分
查毒结果:
文件: D:\WINDOWS\system32\New.sys,病毒名称:Horse.052402.Trojan,状态:用户放弃!
文件: D:\WINDOWS\system32\MsPMSPSv.exe,病毒名称:Horse.060408.Trojan,状态:用户放弃!
文件: D:\WINDOWS\system32\CTsvcCDA.EXE,病毒名称:Horse.060110.Trojan,状态:用户放弃!

我的2000和XP系统下都有!一样的!ewido security suite我用这个专业木马检测查杀发现更加多!怎么回事啊?

没有这个软件

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      16:04:22, 日期 2006-1-22
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Rising\Rav\CCenter.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Rising\Rav\Ravmond.exe
d:\program files\rising\rfw\rfwproxy.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\Program Files\Rising\Rav\RavStub.exe
D:\WINDOWS\System32\CTsvcCDA.exe
D:\WINDOWS\System32\inetsrv\inetinfo.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\tcpsvcs.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\Rundll32.exe
D:\PROGRA~1\3721\assistse.exe
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\DrvMon.exe
D:\Program Files\rising\Rfw\rfwmain.exe
d:\program files\rising\rfw\rfwsrv.exe
E:\Program Files\Tencent\TM\TMDlls\TIMPlatform.exe
E:\Program Files\Tencent\QQ\QQ.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\rising\Rav\Rav.exe
D:\Program Files\ewido\security suite\SecuritySuite.exe
D:\Documents and Settings\期待你的到来\桌面\hijackthisV1.99.1_CN.exe
D:\Documents and Settings\期待你的到来\桌面\新建文件夹 (2)\HijackThis1991汉化版\HijackThis1991zww.exe

R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - D:\PROGRA~1\3721\Assist\asbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - D:\PROGRA~1\3721\Assist\asbar.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - D:\WINDOWS\downlo~1\CnsHook.dll
O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - D:\PROGRA~1\3721\Assist\asbar.dll
O4 - 启动项HKLM\\Run: [assistse] "D:\PROGRA~1\3721\assistse.exe"
O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe D:\WINDOWS\downlo~1\CnsMin.dll,Rundll32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [MSPY2002] D:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DrvMon.exe] D:\WINDOWS\system32\DrvMon.exe
O8 - IE右键菜单中的新增项目: Foxy 下载 - res://D:\Program Files\电脑迷共享空间\Foxy.exe/download.htm
O8 - IE右键菜单中的新增项目: Foxy 搜索 - res://D:\Program Files\电脑迷共享空间\Foxy.exe/search.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Program Files\Tencent\QQ\SendMMS.htm
O9 - 浏览器额外的按钮: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=U_3721_assist (file missing)
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - E:\Program Files\LongMaster\UC\UC.exe
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - 浏览器额外的按钮: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O11 - Options group: [!IESearch] !IESearch
O16 - DPF: {0A4FAD2D-460D-11D4-9FCE-0050BACC2C9F} (EYOUVoiceMail Class) - http://freemail5.eyou.com/cabs/EYOUVoice.cab
O16 - DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} (Panasonic Network Camera) - http://ioc.jpn.ph:81/IPV6CAM.CAB
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://www.3way.cn/plugin/PowerPlr.ocx
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://219.117.243.105:8080/kxhcm10.ocx
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/10085b97cece04104300/netzip/RdxIE601_cn.cab
O16 - DPF: {59CCB4A0-727D-11CF-AC36-00AA00A47DD2} (Timer Object) - http://www.3way.cn/tools/ietimer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120298211153
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://211.167.82.2/activex/AxisCamControl.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - https://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38592.7142592593
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{92AA3C7D-4BB2-4567-AAAE-2178FD2EA962}: NameServer = 202.96.107.29 202.96.107.28
O17 - HKLM\System\CCS\Services\Tcpip\..\{C98B79A3-E299-4E31-9169-10FDC8624CC1}: NameServer = 192.168.1.27
O23 - NT 服务: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTsvcCDA.exe
O23 - NT 服务: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - NT 服务: ewido security suite guard - ewido networks - D:\Program Files\ewido\security suite\ewidoguard.exe
O23 - NT 服务: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - NT 服务: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\Ravmond.exe

2006-01-22,16:11:38

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows XP Professional Service Pack 2 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <DrvMon.exe><D:\WINDOWS\system32\DrvMon.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <assistse><"D:\PROGRA~1\3721\assistse.exe">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <CnsMin><Rundll32.exe D:\WINDOWS\downlo~1\CnsMin.dll,Rundll32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002ASync><D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002A><D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NvMediaCenter><RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <MSPY2002><D:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NvCplDaemon><RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <nwiz><nwiz.exe /install>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><"D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><D:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <helper.dll><; D:\WINDOWS\system32\rundll32.exe D:\PROGRA~1\3721\helper.dll,Rundll32>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <InCD><; D:\Program Files\Nero\Nero 7\InCD\InCD.exe>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <NeroFilterCheck><; D:\WINDOWS\system32\NeroCheck.exe>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <popo2004><; >
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>

启动文件夹
服务
[Creative Service for CDROM Access / Creative Service for CDROM Access]
  <D:\WINDOWS\System32\CTsvcCDA.exe><Creative Technology Ltd>
[InCD Helper / InCDsrv]
  <D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe><Nero AG>
[LexBce Server / LexBceS]
  <D:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[NVIDIA Driver Helper Service / NVSvc]
  <D:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <E:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <D:\PROGRA~1\3721\Assist\asbar.dll, 3721>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <D:\WINDOWS\downlo~1\CnsHook.dll, 北京三七二一科技有限公司>
[手机短信]
  {00000000-0000-0001-0001-596BAEDD1289} <http://sms.3721.com/ie/index.htm?pid=U_3721_assist, N/A>
[新浪UC]
  {2253922F-1B26-4C74-8B57-E3AEE748DBB8} <E:\Program Files\LongMaster\UC\UC.exe, 北京新浪信息技术有限公司>
[Yahoo 1G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.mail.yahoo.com/promo/rd1, N/A>
[寻宝乐趣多]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://hot.3721.com/rd/shop_btn.htm, N/A>
[上网助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://assistant.3721.com/index.htm?fb=Cns, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://assistant.3721.com/security1.htm?fb=Cns, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <D:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://assistant.3721.com/clean1.htm?fb=Cns, N/A>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <D:\PROGRA~1\3721\Assist\asbar.dll, 3721>
[EYOUVoiceMail Class]
  {0A4FAD2D-460D-11D4-9FCE-0050BACC2C9F} <D:\WINDOWS\DOWNLO~1\EYOUVO~1.DLL, eYou Corp.>
[Panasonic Network Camera]
  {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} <D:\WINDOWS\DOWNLO~1\IPV6CAM.OCX, Panasonic Communications Co., Ltd.>
[PowerPlr Control]
  {2354A44B-3CEB-4829-9940-545B03103538} <D:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital>
[KX-HCM10 Control]
  {2E28242B-A689-11D4-80F2-0040266CBB8D} <D:\WINDOWS\DOWNLO~1\kxhcm10.ocx, Panasonic Communications Co., Ltd.>
[MalwareCleaner Class]
  {4B48D5DF-9021-45F7-A240-60304302A215} <D:\WINDOWS\Downloaded Program Files\WebCleaner.dll, Microsoft Corporation>
[RdxIE Class]
  {56336BCB-3D8A-11D6-A00B-0050DA18DE71} <D:\WINDOWS\Downloaded Program Files\RdxIE.dll, RealNetworks, Inc.>
[Timer Object]
  {59CCB4A0-727D-11CF-AC36-00AA00A47DD2} <D:\WINDOWS\Downloaded Program Files\ietimer.ocx, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <D:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[DmiReader Class]
  {90A29DA5-D020-4B18-8660-6689520C7CD7} <D:\WINDOWS\DOWNLO~1\SYSPRO~1.DLL, Dell Computer Corporation>
[CamImage Class]
  {917623D1-D8E5-11D2-BE8B-00104B06BDE3} <D:\WINDOWS\Downloaded Program Files\AxisCamControl.ocx, >
[Update Class]
  {9F1C11AA-197B-4942-BA54-47A8489BB47F} <D:\WINDOWS\system32\iuctl.dll, Microsoft Corporation>
[SassCln Object]
  {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} <D:\WINDOWS\Downloaded Program Files\SassCln.dll, Microsoft Corporation>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <D:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[Java Plug-in 1.3.1_04]
  {CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} <D:\Program Files\JavaSoft\JRE\1.3.1_04\bin\npjava131_04.dll, JavaSoft / Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[UdiskActiveX Control]
  {014B69F7-4FBA-42BF-8FA1-75D465305FF9} <D:\PROGRA~1\MEIZU\MEIZUM~1\UDISKA~1.OCX, 魅族>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Genuine Advantage]
  {17492023-C23A-453E-A040-C7C580BBF700} <D:\WINDOWS\system32\LegitCheckControl.dll, Microsoft? Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <D:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[PowerPlr Control]
  {2354A44B-3CEB-4829-9940-545B03103538} <D:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <D:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <D:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[AutoLive]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <D:\PROGRA~1\3721\autolive.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <E:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[QQPlayer Control]
  {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} <E:\PROGRA~1\Tencent\QQ\VQQPLA~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <D:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[3721]
  {B83FC273-3522-4CC6-92EC-75CC86678DA4} <D:\WINDOWS\downlo~1\CnsMin.dll, 北京三七二一科技有限公司>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <D:\PROGRA~1\3721\Assist\asbar.dll, 3721>
[Acrobat Control-用于 ActiveX]
  {CA8A9780-280D-11CF-A24D-444553540000} <f:\Program Files\Adobe\Acrobat 4.0\Reader\ActiveX\pdf.ocx, Adobe Systems Incorporated>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\WINDOWS\System32\rmoc3260.dll, RealNetworks, Inc.>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <D:\WINDOWS\downlo~1\CnsHook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <c:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[Foxy 下载]
  <res://D:\Program Files\电脑迷共享空间\Foxy.exe/download.htm, N/A>
[Foxy 搜索]
  <res://D:\Program Files\电脑迷共享空间\Foxy.exe/search.htm, N/A>
[上传到QQ网络硬盘]
  <E:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <E:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <E:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <E:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

部分

引用:

【阿拉伯伯的贴子】日志中看不出问题!把三个病毒文件发过来吧:wl1983_7@yahoo.com.cn ...........................

不发了!这是三个疑似病毒!

把(X)的连接复制下来,用FlashGet下载下来!把文件名改成*.RAR格式!
把里面的文件改成如下就可以了!就是病毒样本!
New.sys
MsPMSPSv.exe
CTsvcCDA.EXE

引用:

【●△■☆★□▲○的贴子】没什么问题啊 ...........................

问题是我的2000也就这些!就出问题了!IE没有办法重装!里面的输入框没法输入!第三方软件使用无效!