恶意网站：dvd16cn
一打开网页不久他就跳出来，过几分钟还会跳出来。进程中会显示2个IEXPLORE.EXE文件，一个就是那个恶意网站如何杀？我是单位的电脑，2000xp没有管理员权限。


我用了什么反劫持工具，还有一堆专杀，也没去掉。

2006-11-27,16:28:18

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件

【回复“zr5634”的帖子】
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [N/A]
    <DVDLauncher><"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe">  [CyberLink Corp.]
    <ISUSScheduler><"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [InstallShield Software Corporation]
    <ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE>  [Network Associates, Inc.]
    <McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey>  [Network Associates, Inc.]
    <rzt><C:\WINDOWS\Intel\rundll32.exe>  [N/A]
    <UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe">  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{06A48AD9-FF57-4E73-937B-B493E72F4226}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk>  [N/A]
    <{9915CFD1-6B7D-4AC5-ABAC-136924579E91}><C:\Program Files\Internet Explorer\PLUGINS\system.sys>  [N/A]
    <{1A404685-7563-4d02-B0F6-58B308A406A9}><c:\program files\network associates\virusscan\janvxrzl.dll>  [N/A]
    <{9A0CFC58-5A6F-41ba-9FFE-4320F4F621BA}><C:\WINDOWS\system32\Cnscheck001.dll>  [N/A]

==================================
启动文件夹
[Acrobat Assistant]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Acrobat Assistant.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\acrotray.exe [Adobe Systems Inc.]><N>

==================================
服务
[BDA269A1 / BDA269A1]
  <C:\WINDOWS\system32\BDA269A1.EXE -service><Microsoft Corporation>
[BDWinIe / BDWinIe]
  <C:\WINDOWS\system32\BDWin.exe -service><Microsoft Corporation>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[McAfee Framework Service / McAfeeFramework]
  <C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield]
  <"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager]
  <"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.>
[RpcService / RpcService]
  <C:\WINDOWS\SYSTEM32\EXPLORE.EXE><N/A>

==================================
驱动程序
[CdaC15BA / CdaC15BA]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[drvmcdb / drvmcdb]
  <\SystemRoot\system32\drivers\drvmcdb.sys><Sonic Solutions>
[drvnddm / drvnddm]
  <system32\drivers\drvnddm.sys><Sonic Solutions>
[Intel(R) PRO Adapter Driver / E100B]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[gwiopm / gwiopm]
  <\??\C:\Program Files\Wom\gwiopm.sys><N/A>
[HSFHWICH / HSFHWICH]
  <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[NaiAvFilter1 / NaiAvFilter1]
  <system32\drivers\naiavf5x.sys><Network Associates, Inc.>
[Netgroup Packet Filter / NPF]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[OMCI / OMCI]
  <\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS><Dell Computer Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[sscdbhk5 / sscdbhk5]
  <system32\drivers\sscdbhk5.sys><Sonic Solutions>
[ssrtln / ssrtln]
  <system32\drivers\ssrtln.sys><Sonic Solutions>
[SigmaTel C-Major Audio / STAC97]
  <system32\drivers\STAC97.sys><SigmaTel, Inc.>
[tfsnboio / tfsnboio]
  <system32\dla\tfsnboio.sys><Sonic Solutions>
[tfsncofs / tfsncofs]
  <system32\dla\tfsncofs.sys><Sonic Solutions>
[tfsndrct / tfsndrct]
  <system32\dla\tfsndrct.sys><Sonic Solutions>
[tfsndres / tfsndres]
  <system32\dla\tfsndres.sys><Sonic Solutions>
[tfsnifs / tfsnifs]
  <system32\dla\tfsnifs.sys><Sonic Solutions>
[tfsnopio / tfsnopio]
  <system32\dla\tfsnopio.sys><Sonic Solutions>
[tfsnpool / tfsnpool]
  <system32\dla\tfsnpool.sys><Sonic Solutions>
[tfsnudf / tfsnudf]
  <system32\dla\tfsnudf.sys><Sonic Solutions>
[tfsnudfa / tfsnudfa]
  <system32\dla\tfsnudfa.sys><Sonic Solutions>
[Conexant Setup API / UIUSys]
  <system32\drivers\UIUSys.sys><N/A>

浏览器加载项
[AdSwpr]
  {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} <D:\march\22\Adfiltr.dll, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[&IE修复专家工具栏]
  {123249EB-F891-44C4-946F-450064F9080E} <D:\march\22\IERBar.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx, Macromedia, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[AdSwpr]
  {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} <D:\march\22\Adfiltr.dll, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

正在运行的进程
[PID: 372][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 420][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 444][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\progra~1\networ~1\common~1\kigibopq.dll]  [, 1, 0, 0, 11]
    [c:\program files\cyberlink\powerdvd\tcrwwulg.dll]  [, 1, 0, 0, 11]
    [c:\program files\network associates\virusscan\janvxrzl.dll]  [, 1, 0, 0, 11]
[PID: 488][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 500][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 672][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 728][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 792][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 836][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 956][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1068][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\AdobePDF.dll]  [Adobe Systems Incorporated., 6.0.000]
    [C:\Program Files\Adobe\Acrobat 6.0\Distillr\AdistRes.CHS]  [N/A, N/A]
[PID: 1276][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.020]
[PID: 1352][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\nailog.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\Program Files\Network Associates\Common Framework\naXML.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\Program Files\Network Associates\Common Framework\NaiSign.dll]  [Network Associates, Inc., 3.1.0.197]
    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\Logging.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\InternetManager.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\naInet.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\Program Files\Network Associates\Common Framework\UserSpace.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\Management.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\Scheduler.dll]  [Network Associates, Inc., 3.1.1.184]
[PID: 1772][C:\Program Files\Network Associates\VirusScan\Mcshield.exe]  [Network Associates, Inc., 7.1.0.116]
    [C:\Program Files\Network Associates\VirusScan\Res09\McShield.DLL]  [Network Associates, Inc., 7.1.0.116]
    [C:\Program Files\Network Associates\VirusScan\FTL.Dll]  [Network Associates, Inc., 7.1.0.116]
    [C:\Program Files\Network Associates\VirusScan\naiann.dll]  [Network Associates, Inc., 7.1.0.116]
    [C:\Program Files\Network Associates\VirusScan\NAEVENTU.DLL]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\Res09\naEvtRes.dll]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL]  [McAfee, Inc., 4.4.00]
[PID: 1848][C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe]  [Network Associates, Inc., 3.1.1.184]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\NaiSign.dll]  [Network Associates, Inc., 3.1.0.197]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\0409\AgentRes.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\VirusScan\VsPlugin.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\FTL.dll]  [Network Associates, Inc., 7.1.0.116]
    [C:\Program Files\Network Associates\VirusScan\Res09\Product.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\Res09\Shutilrc.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\NAKRNLU.DLL]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\NAUTILU.DLL]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\Res09\naUtlRes.dll]  [Network Associates, Inc., 7.1.0.289]
[PID: 1956][C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\FTL.dll]  [Network Associates, Inc., 7.1.0.116]
    [C:\Program Files\Network Associates\VirusScan\Res09\VsTskMgr.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\Res09\Product.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\NAKRNLU.DLL]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\NAUTILU.DLL]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\Res09\naUtlRes.dll]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\NAEVENTU.DLL]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\Res09\naEvtRes.dll]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\Res09\Shutilrc.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll]  [Network Associates, Inc., 7.1.0.147]
[PID: 2004][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1456][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [c:\program files\cyberlink\powerdvd\tcrwwulg.dll]  [, 1, 0, 0, 11]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3943]
    [c:\program files\network associates\virusscan\janvxrzl.dll]  [, 1, 0, 0, 11]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.chs]  [Adobe Systems Inc., 1.0.0.2003051500]
[PID: 1580][C:\WINDOWS\system32\Com\CSRSS.EXE]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
[PID: 2092][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
[PID: 1392][C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe]  [CyberLink Corp., 3.00.0000]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
[PID: 1552][C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe]  [InstallShield Software Corporation, 3, 10, 100, 1155]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
[PID: 216][C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\FTL.dll]  [Network Associates, Inc., 7.1.0.116]
    [C:\Program Files\Network Associates\VirusScan\Res09\shstat.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\Res09\Product.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\Program Files\Network Associates\VirusScan\Res09\McShield.dll]  [Network Associates, Inc., 7.1.0.116]
    [C:\Program Files\Network Associates\VirusScan\NAKRNLU.DLL]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\NAUTILU.DLL]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\Res09\naUtlRes.dll]  [Network Associates, Inc., 7.1.0.289]
    [C:\Program Files\Network Associates\VirusScan\Res09\Shutilrc.dll]  [Network Associates, Inc., 7.1.0.187]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]

[PID: 2280][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\nailog.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\Program Files\Network Associates\Common Framework\naXML.dll]  [Network Associates, Inc., 3.1.1.159]
    [C:\Program Files\Network Associates\Common Framework\NaiSign.dll]  [Network Associates, Inc., 3.1.0.197]
    [C:\Program Files\Network Associates\Common Framework\0409\UpdRes.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  [Network Associates, Inc., 3.1.1.184]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
[PID: 2312][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
[PID: 2380][C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe]  [Adobe Systems Inc., 6.0.0.2003051500]
    [C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.chs]  [Adobe Systems Inc., 6.0.0.0]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
[PID: 3704][C:\WINDOWS\Intel\rundll32.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
[PID: 2680][D:\march\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Cnscheck001.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ztdll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]

==================================
文件关联
.TXT  Error. [NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [notepad.exe %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================