ewido anti-spyware - 扫描报告
---------------------------------------------------------

+ 创建时间:    14:47:42 2006-10-8

+ 扫描结果:   



C:\WINDOWS\system32\KillBHO.TEMP -> Adware.BHO : 已清除并备份(已隔离).
C:\WINDOWS\Temp\11\cdnforie.dll -> Adware.Cdn : 已清除并备份(已隔离).
C:\WINDOWS\Temp\11\cdnins.dll -> Adware.Cdn : 已清除并备份(已隔离).
C:\WINDOWS\Temp\11\cdnprh.dll -> Adware.Cdn : 已清除并备份(已隔离).
C:\WINDOWS\Temp\11\cdnprot.sys -> Adware.Cdn : 已清除并备份(已隔离).
C:\WINDOWS\Temp\11\cdnunins.exe -> Adware.Cdn : 已清除并备份(已隔离).
C:\WINDOWS\Temp\18\cdnunins.exe -> Adware.Cdn : 已清除并备份(已隔离).
C:\WINDOWS\Temp\2A\cdnunins.exe -> Adware.Cdn : 已清除并备份(已隔离).
C:\WINDOWS\Temp\6\cdnunins.exe -> Adware.Cdn : 已清除并备份(已隔离).
C:\WINDOWS\Temp\AF\cdnunins.exe -> Adware.Cdn : 已清除并备份(已隔离).
HKLM\SOFTWARE\Classes\CLSID\{A64E86D2-203D-4145-AA9B-2425BAF568E9} -> Adware.Generic : 清除过程中出错.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A64E86D2-203D-4145-AA9B-2425BAF568E9} -> Adware.Generic : 清除过程中出错.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A64E86D2-203D-4145-AA9B-2425BAF568E9} -> Adware.Generic : 清除过程中出错.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A64E86D2-203D-4145-AA9B-2425BAF568E9} -> Adware.Generic : 清除过程中出错.
HKU\S-1-5-21-776561741-1060284298-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A64E86D2-203D-4145-AA9B-2425BAF568E9} -> Adware.Generic : 清除过程中出错.
C:\WINDOWS\system32\drivers\ProcServ.sys -> Adware.Ncast : 已清除并备份(已隔离).
C:\WINDOWS\system32\NetWinDDE.dll -> Downloader.Agent.aww : 已清除并备份(已隔离).
C:\WINDOWS\Temp\Del6.tmp -> Downloader.Agent.ayd : 已清除并备份(已隔离).
C:\WINDOWS\system32\repair\IECWM\daemon.exe -> Downloader.Agent.ayd : 已清除并备份(已隔离).


::报告结束这个是Adware.Generic的报告
2006-10-09,11:22:12

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <msnmsgr><; "C:\Program Files\MSN Messenger\msnmsgr.exe" /background>  [Microsoft Corporation]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <KAVPersonal50><; "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize>  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]

==================================
启动文件夹
服务
[kavsvc / kavsvc]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[PnpWMmng / PnpWMmng]
  <F:\安装文件\完美卸载V2006\PnpWMmng.exe><Microsoft Corporation. All rights reserved.>
[UpdateService / UpdateService]
  <><N/A>

==================================
浏览器加载项
[perfdp]
  {995FF616-7583-4D6B-9675-EED24EDC93BB} <C:\WINDOWS\system32\perfiup.dll, N/A>
[Spoolsv Class]
  {9C363D55-07D7-433d-A13E-D9C105202F6F} <C:\WINDOWS\system32\drivers\spoolsv.dll, N/A>
[DDOC]
  {A64E86D2-203D-4145-AA9B-2425BAF568E9} <C:\WINDOWS\system32\henroer.dll, N/A>
[Macromedia. Flash8 Object]
  {C61A70F3-505E-4B90-916F-627A8706B4BC} <c:\WINDOWS\system32\FlashPlayer8OCX.dll, N/A>
[信息检索]
  {CE7C3CF0-98A8-474D-B2B5-1ED7E2E3B004} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[东方快车]
  {0B66EBA4-5F53-40e4-B17B-A0E9BC1E8D50} <C:\Program Files\!Sunv\DFKC2003\IEBand.DLL, 交大铭泰>
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <, N/A>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\flash\flash8.ocx, Macromedia, Inc.>
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\System32\CmbPb40.ocx, China Merchants Bank>
[google bar]
  {607E95A1-8F89-4343-B9BC-2EFC2B291BB4} <, N/A>
[perfdp]
  {995FF616-7583-4D6B-9675-EED24EDC93BB} <C:\WINDOWS\system32\perfiup.dll, N/A>
[WinSC Class]
  {9ACEEE31-1440-471B-AA46-72B061FE7D61} <, N/A>
[Spoolsv Class]
  {9C363D55-07D7-433D-A13E-D9C105202F6F} <C:\WINDOWS\system32\drivers\spoolsv.dll, N/A>
[DDOC]
  {A64E86D2-203D-4145-AA9B-2425BAF568E9} <C:\WINDOWS\system32\henroer.dll, N/A>
[Macromedia. Flash8 Object]
  {C61A70F3-505E-4B90-916F-627A8706B4BC} <c:\WINDOWS\system32\FlashPlayer8OCX.dll, N/A>
[信息检索]
  {CE7C3CF0-98A8-474D-B2B5-1ED7E2E3B004} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <, N/A>
[东方快车-保存翻译后的网页]
  <C:\Program Files\!Sunv\DFKC2003\ExtSave.htm, N/A>

==================================
正在运行的进程
[PID: 500][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 556][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 580][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 624][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 636][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 792][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 852][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 912][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 960][F:\安装文件\完美卸载V2006\PnpWMmng.exe]  <Microsoft Corporation. All rights reserved.><5.1.2600.2937 >
[PID: 980][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1008][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1192][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1392][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
[PID: 1484][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1616][C:\WINDOWS\system32\Svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [c:\windows\system32\msservices\svchost.dll]  <N/A><N/A>
    [c:\windows\system32\msservices\MsService.dll]  <><1, 0, 0, 1>
    [c:\windows\system32\msservices\unreg1.dll]  <N/A><N/A>
    [c:\windows\system32\msservices\OldUnReg.dll]  <N/A><N/A>
[PID: 176][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 892][F:\安装文件\TTraveler.exe]  <腾讯公司><3.1.0.259>
    [F:\安装文件\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll]  <Kaspersky Lab><5.0.1.18>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll]  <Kaspersky Lab><5.0.388.2>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl]  <Kaspersky Lab><5.0.388.0>
    [C:\WINDOWS\system32\Macromed\flash\flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
    [C:\WINDOWS\system32\FOURI_M3.IME]  <北京紫光华宇软件股份有限公司><4.0.0.5027>
[PID: 1476][C:\WINDOWS\system32\NOTEPAD.EXE]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2028][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1104][C:\Documents and Settings\yewu04a\桌面\咔咔社区杀毒软件\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================


这个不知道　对于　解决突然重起的问题有没有帮助？

谢谢！小妹在此有礼了！