不用IE，开机后，桌面弹出很多广告。请教解决方法！谢谢。 bbs.ikaka.com

任我狂 - 2005-11-18 15:59:00

刚刚根据本版的指教，下载了HijackThis V1.99.1汉化版，在XP正常使用时扫描，日志如下，请帮我看看：（一次放不下，分两次）
HijackThis_815汉化版扫描日志 V1.99.1
保存于 15:41:37, 日期 05-11-18
操作系统： Windows XP SP1 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
G:\PROGRAM FILES\RISING\RAV\Ravmond.exe
G:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
G:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\Program Files\CNNIC\Cdn\cdnup.exe
E:\Program Files\Maxthon\Thundermini\ThunderMini.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
G:\popo2004\popo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\zsxz\UrlService.exe
G:\D盘\香草山\淘宝旺旺\WangWang.EXE
C:\Program Files\qq\2005107\QQ.exe
C:\WINDOWS\SYSTEM32\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
G:\Program Files\Kingsoft\PowerWord 2005\Xdict.exe
C:\Program Files\zsxz\IEUrldrive.exe
G:\Program Files\sina\Uc\uc.exe
G:\Program Files\Tencent\Qq\Qq.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
G:\Program Files\Tencent\Qq\TIMPlatform.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
G:\PROGRA~1\KINGSOFT\FASTAI~1\KTENGINE.EXE
G:\TongBao\TongBao.exe
G:\FIREFOX.EXE
C:\WINDOWS\NOTEPAD.EXE
G:\世界之窗浏览器\TheWorld\TheWorld.exe
C:\Downloads\4842302005817230232\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [RavMon] G:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - 启动项HKLM\\Run: [popo2004] G:\popo2004\Start.exe
O4 - 启动项HKLM\\Run: [thunder_mini] E:\Program Files\Maxthon\Thundermini\ThunderMini.exe
O4 - 启动项HKLM\\Run: [WangWang] "G:\D盘\香草山\淘宝旺旺\WangWang.EXE"
O4 - 启动项HKLM\\Run: [IMJPMIG8.2] C:\Program Files\qq\2005107\QQ.exe
O4 - 启动项HKLM\\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: 金山词霸 2005.lnk = G:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
O4 - Global Startup: 新浪UC.lnk = G:\Program Files\sina\UC\uc.exe
O4 - Global Startup: 腾讯QQ.lnk = G:\Program Files\Tencent\QQ\QQ.EXE
O4 - Global Startup: 桌面传媒.lnk = C:\WINDOWS\SYSTEM32\rundll32.exe
O8 - IE右键菜单中的新增项目: >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm
O8 - IE右键菜单中的新增项目: !搜一搜 - res://C:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003
O8 - IE右键菜单中的新增项目: &使用迷你迅雷下载 - E:\Program Files\Maxthon\Thundermini\geturl.htm
O8 - IE右键菜单中的新增项目: 使用新浪下载助手下载 - G:\PROGRA~1\SINA\UC\UCDDT\sinadl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - G:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - G:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - G:\Program Files\Tencent\Qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - G:\Program Files\Tencent\Qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - G:\Program Files\Tencent\Qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 百度-搜索MP3 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索图片 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索新闻 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索歌词 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索网页 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索贴吧 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM
O8 - IE右键菜单中的新增项目: 百度-词典搜索 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM
O8 - IE右键菜单中的新增项目: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm

魔法学徒 - 2005-11-18 15:59:00

问题仍在的话，请用最新版Hijackthis1.99.1扫描一个log贴上来。

hijackThis下载地址见置顶贴
[必读]本版说明及常用小软件下载
http://forum.ikaka.com/topic.asp?board=67&artid=5188931

任我狂 - 2005-11-18 16:00:00

（紧接一楼）
O9 - 浏览器额外的按钮: 梅静势沉吃瞎?
ForceRemove val - {022C4009-5283-4365-97BF-144054B40E2E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 舶凳 - {022C4009-5283-4365-97BF-144054B40E2E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的按钮: 完美卸载 - 清理上网垃圾,包括缓存,CookIE等 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - G:\UNINSTALL\IEBUTTON.EXE
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - 浏览器额外的按钮: 小蜜蜂多人聊天 - {0AD483DA-CC0E-4562-B828-C33E11F5FA62} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 小蜜蜂多人聊天 - {0AD483DA-CC0E-4562-B828-C33E11F5FA62} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - G:\Program Files\sina\UC\UC.exe
O9 - 浏览器额外的按钮: 唯刊.VIKA - {2BB49E59-100F-4ca6-9127-E0E3FF76F98E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 唯刊.VIKA - {2BB49E59-100F-4ca6-9127-E0E3FF76F98E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - 浏览器额外的“工具”菜单项: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - 浏览器额外的按钮: Dutchemails.com - {AE818C9D-7289-450c-80DE-B31FCAD3722C} - C:\Program Files\Internet Explorer\PLUGINS\toolbar541461.dll
O9 - 浏览器额外的“工具”菜单项: Dutchemails.com - {AE818C9D-7289-450c-80DE-B31FCAD3722C} - C:\Program Files\Internet Explorer\PLUGINS\toolbar541461.dll
O9 - 浏览器额外的按钮: 小蜜蜂网络电话 - {B35138BB-9270-4EF1-9A7B-9EEC90220024} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 小蜜蜂网络电话 - {B35138BB-9270-4EF1-9A7B-9EEC90220024} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的按钮: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - 浏览器额外的“工具”菜单项: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\PROGRAM FILES\TENCENT\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\PROGRAM FILES\TENCENT\QQ\QQ.EXE
O9 - 浏览器额外的按钮: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - G:\PROGRA~1\SINA\UC\UCDDT\DDTONG~1.DLL
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - 浏览器额外的“工具”菜单项: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - 浏览器额外的按钮: MistyAndSamsCash - {FBFD8C12-7530-4f0b-8E0A-8EEB4A3D503F} - C:\Program Files\Internet Explorer\PLUGINS\toolbar827328.dll
O9 - 浏览器额外的“工具”菜单项: MistyAndSamsCash - {FBFD8C12-7530-4f0b-8E0A-8EEB4A3D503F} - C:\Program Files\Internet Explorer\PLUGINS\toolbar827328.dll
O9 - 浏览器额外的按钮: (no name) - {974AD624-EA50-4831-A6C0-3040F6665396} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O9 - 浏览器额外的“工具”菜单项: 新浪点点通阅读器 - {974AD624-EA50-4831-A6C0-3040F6665396} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O9 - 浏览器额外的按钮: 新浪点点通阅读器 - {F0646DC8-58CD-4C64-8F6B-525043914685} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [CDNCLIENT] 中文上网
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125757284828
O16 - DPF: {733652F9-53EF-4BF1-B391-375980675D6F} (V3PROXL Control) - http://scan.online.cq.cn/plugin/myv3light.cab
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://bbmedia.qq.com/media/QQLiveSetup.exe
O16 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (KSHScan Control) - http://scan.kingsoft.com/scan/fangyi/KAllScan.CAB
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://ol.db.kingsoft.com/antiscan/setup/KAVClean.CAB
O16 - DPF: {CF051549-EDE1-40F5-B440-BCD646CF2C25} (Ppinstall Control) - http://popo.163.com/install/ppinstall.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown2.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/QQ/QQkill/rsonline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CCS\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O17 - HKLM\System\CS1\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CS1\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O17 - HKLM\System\CS2\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CS2\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/x-mrml - {C51721BE-858B-4A66-A8BF-D2882FF49820} - F:\比忍特亓铃迨手只机鶧DIY\Fantasia\players\MidRadio\MidRadio.ocx
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - G:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - NT 服务: Smart Card Event - Unknown owner - C:\Program Files\zsxz\UrlService.exe

魔法学徒 - 2005-11-18 16:09:00

开始→控制面板→性能和维护→管理工具→服务→查找Smart Card Event→右击→属性→启动类型→禁止→应用→停止→确定。

重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows

运行Hijackthis，扫描结束后在下列选项前打上勾，然后选修复“Fix Checked”：

R3 - 默认的URLSearchHook丢失。用HijackThis修复
O8 - IE右键菜单中的新增项目: >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm
O9 - 浏览器额外的按钮: 唯刊.VIKA - {2BB49E59-100F-4ca6-9127-E0E3FF76F98E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 唯刊.VIKA - {2BB49E59-100F-4ca6-9127-E0E3FF76F98E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - 浏览器额外的“工具”菜单项: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} - http://iebar.t2t2.com/iebar.cab

显示隐藏文件

双击我的电脑--工具---文件夹选项--查看选项卡--单击选取"显示隐藏文件或文件夹"--清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示您确定更改时，单击“是”--单击“确定”。

然后找到如下文件并删除（如果有的话）。

C:\PROGRA~1\MMSASS~1\
C:\Program Files\zsxz\UrlService.exe
C:\Program Files\zsxz\IEUrldrive.exe

任我狂 - 2005-11-18 22:48:00

非常感谢魔法学徒的指教。我一步一步按指示做了，只是没有解决问题。重新开机后，这几个网页依次弹出：http://www.mmwan.com ,http://www.3721xyx.com, http://www.ez.cn, http://www.567down.com, http://333.91cy.cn, http://union.sx2kingsoft.com,http://www.sooe.cn 隔几秒后它们又重复来一次。烦人啊！我再次扫描，请看看还有什么问题：
HijackThis_815汉化版扫描日志 V1.99.1
保存于 21:49:57, 日期 05-11-18
操作系统： Windows XP SP1 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
G:\PROGRAM FILES\RISING\RAV\Ravmond.exe
G:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
G:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\Program Files\CNNIC\Cdn\cdnup.exe
E:\Program Files\Maxthon\Thundermini\ThunderMini.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
G:\D盘\香草山\淘宝旺旺\WangWang.EXE
G:\popo2004\popo.exe
C:\Program Files\qq\2005107\QQ.exe
C:\WINDOWS\SYSTEM32\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
G:\Program Files\Kingsoft\PowerWord 2005\Xdict.exe
G:\Program Files\sina\Uc\uc.exe
G:\Program Files\Tencent\Qq\Qq.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
G:\Program Files\Tencent\Qq\TIMPlatform.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
G:\PROGRA~1\KINGSOFT\FASTAI~1\KTENGINE.EXE
C:\Downloads\4842302005817230232\HijackThis1991zww.exe

O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [RavMon] G:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - 启动项HKLM\\Run: [popo2004] G:\popo2004\Start.exe
O4 - 启动项HKLM\\Run: [thunder_mini] E:\Program Files\Maxthon\Thundermini\ThunderMini.exe
O4 - 启动项HKLM\\Run: [WangWang] "G:\D盘\香草山\淘宝旺旺\WangWang.EXE"
O4 - 启动项HKLM\\Run: [IMJPMIG8.2] C:\Program Files\qq\2005107\QQ.exe
O4 - 启动项HKLM\\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: 金山词霸 2005.lnk = G:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
O4 - Global Startup: 新浪UC.lnk = G:\Program Files\sina\UC\uc.exe
O4 - Global Startup: 腾讯QQ.lnk = G:\Program Files\Tencent\QQ\QQ.EXE
O4 - Global Startup: 桌面传媒.lnk = C:\WINDOWS\SYSTEM32\rundll32.exe
O8 - IE右键菜单中的新增项目: !搜一搜 - res://C:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003
O8 - IE右键菜单中的新增项目: &使用迷你迅雷下载 - E:\Program Files\Maxthon\Thundermini\geturl.htm
O8 - IE右键菜单中的新增项目: 使用新浪下载助手下载 - G:\PROGRA~1\SINA\UC\UCDDT\sinadl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - G:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - G:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - G:\Program Files\Tencent\Qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - G:\Program Files\Tencent\Qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - G:\Program Files\Tencent\Qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 百度-搜索MP3 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索图片 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索新闻 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索歌词 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索网页 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索贴吧 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM
O8 - IE右键菜单中的新增项目: 百度-词典搜索 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM
O8 - IE右键菜单中的新增项目: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - 浏览器额外的按钮: 梅静势沉吃瞎?
ForceRemove val - {022C4009-5283-4365-97BF-144054B40E2E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 舶凳 - {022C4009-5283-4365-97BF-144054B40E2E} - C:\WINDOWS\System32\shdocvw.dll

任我狂 - 2005-11-18 22:49:00

紧接5楼
O9 - 浏览器额外的按钮: 完美卸载 - 清理上网垃圾,包括缓存,CookIE等 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - G:\UNINSTALL\IEBUTTON.EXE
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - 浏览器额外的按钮: 小蜜蜂多人聊天 - {0AD483DA-CC0E-4562-B828-C33E11F5FA62} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 小蜜蜂多人聊天 - {0AD483DA-CC0E-4562-B828-C33E11F5FA62} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - G:\Program Files\sina\UC\UC.exe
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的按钮: Dutchemails.com - {AE818C9D-7289-450c-80DE-B31FCAD3722C} - C:\Program Files\Internet Explorer\PLUGINS\toolbar541461.dll
O9 - 浏览器额外的“工具”菜单项: Dutchemails.com - {AE818C9D-7289-450c-80DE-B31FCAD3722C} - C:\Program Files\Internet Explorer\PLUGINS\toolbar541461.dll
O9 - 浏览器额外的按钮: 小蜜蜂网络电话 - {B35138BB-9270-4EF1-9A7B-9EEC90220024} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 小蜜蜂网络电话 - {B35138BB-9270-4EF1-9A7B-9EEC90220024} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的按钮: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - 浏览器额外的“工具”菜单项: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\PROGRAM FILES\TENCENT\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\PROGRAM FILES\TENCENT\QQ\QQ.EXE
O9 - 浏览器额外的按钮: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - G:\PROGRA~1\SINA\UC\UCDDT\DDTONG~1.DLL
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - 浏览器额外的“工具”菜单项: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - 浏览器额外的按钮: MistyAndSamsCash - {FBFD8C12-7530-4f0b-8E0A-8EEB4A3D503F} - C:\Program Files\Internet Explorer\PLUGINS\toolbar827328.dll
O9 - 浏览器额外的“工具”菜单项: MistyAndSamsCash - {FBFD8C12-7530-4f0b-8E0A-8EEB4A3D503F} - C:\Program Files\Internet Explorer\PLUGINS\toolbar827328.dll
O9 - 浏览器额外的按钮: (no name) - {974AD624-EA50-4831-A6C0-3040F6665396} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O9 - 浏览器额外的“工具”菜单项: 新浪点点通阅读器 - {974AD624-EA50-4831-A6C0-3040F6665396} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O9 - 浏览器额外的按钮: 新浪点点通阅读器 - {F0646DC8-58CD-4C64-8F6B-525043914685} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [CDNCLIENT] 中文上网
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125757284828
O16 - DPF: {733652F9-53EF-4BF1-B391-375980675D6F} (V3PROXL Control) - http://scan.online.cq.cn/plugin/myv3light.cab
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://bbmedia.qq.com/media/QQLiveSetup.exe
O16 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (KSHScan Control) - http://scan.kingsoft.com/scan/fangyi/KAllScan.CAB
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://ol.db.kingsoft.com/antiscan/setup/KAVClean.CAB
O16 - DPF: {CF051549-EDE1-40F5-B440-BCD646CF2C25} (Ppinstall Control) - http://popo.163.com/install/ppinstall.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown2.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/QQ/QQkill/rsonline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CCS\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O17 - HKLM\System\CS1\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CS1\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O17 - HKLM\System\CS2\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CS2\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/x-mrml - {C51721BE-858B-4A66-A8BF-D2882FF49820} - F:\比忍特亓铃迨手只机鶧DIY\Fantasia\players\MidRadio\MidRadio.ocx
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - G:\PROGRAM FILES\RISING\RAV\Ravmond.exe

魔法学徒 - 2005-11-18 22:58:00

log看不出来异常

麻烦楼主用System Repair Engineer扫一个日志贴上来

下载地址见置顶贴
[必读]本版说明及常用小软件下载
http://forum.ikaka.com/topic.asp?board=67&artid=518893

任我狂 - 2005-11-19 0:15:00

2005-11-19,00:09:30

System Repair Engineer 1.1.0.269
Windows XP Professional Service Pack 1 - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<msnmsgr><"C:\Program Files\MSN Messenger\msnmsgr.exe" /background>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SystemTray><SysTray.Exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RavMon><G:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<popo2004><G:\popo2004\Start.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<thunder_mini><E:\Program Files\Maxthon\Thundermini\ThunderMini.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<WangWang><"G:\D盘\香草山\淘宝旺旺\WangWang.EXE">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.2><C:\Program Files\qq\2005107\QQ.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<QuickTime Task><"C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,>

==================================
启动文件夹
[金山词霸 2005]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\金山词霸 2005.lnk><N>
[新浪UC]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\新浪UC.lnk><N>
[腾讯QQ]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\腾讯QQ.lnk><N>
[桌面传媒]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\桌面传媒.lnk><N>

==================================
服务
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[RsRavMon Service / RsRavMon]
<G:\PROGRAM FILES\RISING\RAV\Ravmond.exe><Beijing Rising Technology Co., Ltd.>
[Smart Card Event / Smart Card Event]
<C:\Program Files\zsxz\UrlService.exe><N/A>

==================================
浏览器加载项
[CNNIC_IDN]
<C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll>
[BandIE Class]
<C:\PROGRA~1\baidu\bar\baidubar.dll>
[梅静势沉吃瞎?
ForceRemove val ]
<>
[完美卸载 - 清理上网垃圾,包括缓存,CookIE等]
<G:\UNINSTALL\IEBUTTON.EXE>
[Java Plug-in 1.5.0_05]
<C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll>
[MiPMchatBtn Class]
<g:\小蜜蜂\IeMibtn.dll>
[新浪UC]
<G:\Program Files\sina\UC\UC.exe>
[CNNIC_IDN]
<C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll>
[Dutchemails.com]
<C:\Program Files\Internet Explorer\PLUGINS\toolbar541461.dll>
[MiPBtn Class]
<g:\小蜜蜂\IeMibtn.dll>
[ICQ Lite]
<F:\Program Files\ICQLite\ICQLite.exe>
[QQ]
<G:\PROGRAM FILES\TENCENT\QQ\QQ.EXE>
[Real.com]
<C:\WINDOWS\SYSTEM32\SHDOCVW.DLL>
[FlashGet]
<G:\PROGRAM FILES\FLASHGET\FLASHGET.EXE>
[情景聊天]
<http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/>
[新浪点点通]
<G:\PROGRA~1\SINA\UC\UCDDT\DDTONG~1.DLL>
[Messenger]
<C:\Program Files\Messenger\MSMSGS.EXE>
[MistyAndSamsCash]
<C:\Program Files\Internet Explorer\PLUGINS\toolbar827328.dll>
[]
<G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL>
[新浪点点通阅读器]
<G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL>
[百度超级搜霸]
<C:\PROGRA~1\baidu\bar\baidubar.dll>
[Edit Class]
<C:\WINDOWS\SYSTEM32\CMBEdit.dll>
[Shockwave ActiveX Control]
<C:\WINDOWS\SYSTEM32\MACROMED\Shockwave 10\DOWNLOAD.DLL>
[YInstStarter Class]
<C:\WINDOWS\Downloaded Program Files\yinsthelper.dll>
[MSN Photo Upload Tool]
<C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll>
[WUWebControl Class]
<C:\WINDOWS\System32\wuweb.dll>
[V3PROXL Control]
<C:\WINDOWS\DOWNLO~1\v3proxl.ocx>
[Java Plug-in 1.5.0_05]
<C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll>
[LiveMediaOcx Control]
<G:\PROGRA~1\Tencent\QQLIVE~1\QQLive.ocx>
[KSHScan Control]
<C:\WINDOWS\SYSTEM\KINGSOFT\ONLINE~1\KSHSCAN.OCX>
[Kingsoft DUBA OnlineScan]
<C:\WINDOWS\SYSTEM\KINGSOFT\ONLINE~1\KAVCLEAN.OCX>
[Java Plug-in 1.5.0_05]
<C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll>
[Ppinstall Control]
<C:\WINDOWS\DOWNLO~1\PPINST~1.OCX>
[IEDown Class]
<C:\WINDOWS\SYSTEM32\GLIEDown2.dll>
[Shockwave Flash Object]
<C:\WINDOWS\SYSTEM32\Flash.ocx>
[Ravonline]
<C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\RSONLINE.DLL>
[!搜一搜]
<res://C:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003>
[&使用迷你迅雷下载]
<E:\Program Files\Maxthon\Thundermini\geturl.htm>
[使用新浪下载助手下载]
<G:\PROGRA~1\SINA\UC\UCDDT\sinadl.htm>
[使用网际快车下载]
<G:\Program Files\FlashGet\jc_link.htm>
[使用网际快车下载全部链接]
<G:\Program Files\FlashGet\jc_all.htm>
[新浪搜索]
<http://cha.sina.com.cn/ddt.html>
[添加到QQ自定义面板]
<G:\Program Files\Tencent\Qq\AddPanel.htm>
[添加到QQ表情]
<G:\Program Files\Tencent\Qq\AddEmotion.htm>
[用QQ彩信发送该图片]
<G:\Program Files\Tencent\Qq\SendMMS.htm>
[百度-搜索MP3]
<res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM>
[百度-搜索图片]
<res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM>
[百度-搜索新闻]
<res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM>
[百度-搜索歌词]
<res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM>
[百度-搜索网页]
<res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM>
[百度-搜索贴吧]
<res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM>
[百度-词典搜索]
<res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM>
[访问通用网址]
<C:\Program Files\CNNIC\Cdn\cnnic.htm>

==================================
正在运行的进程
[PID: 308][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 356][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 380][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 424][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 436][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 600][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 636][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 704][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 728][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 744][G:\PROGRAM FILES\RISING\RAV\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><17, 0, 1, 57>
[G:\PROGRAM FILES\RISING\RAV\guidll.dll] <rising><17, 0, 0, 13>
[G:\PROGRAM FILES\RISING\RAV\RsCommX.dll] <rising><17, 0, 0, 3>
[G:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL] <Rising Corp.><17, 0, 0, 7>
[G:\PROGRAM FILES\RISING\RAV\CfgDll.dll] <rising><17, 0, 0, 60>
[G:\Program Files\Rising\Rav\Scanner.dll] <Rising><17, 0, 0, 43>
[G:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><17, 0, 0, 17>
[G:\Program Files\Rising\Rav\libload.dll] <Rising><17, 0, 0, 14>
[G:\Program Files\Rising\Rav\VirusLib.dll] <Rising><17, 0, 0, 26>
[G:\PROGRAM FILES\RISING\RAV\MailMon.dll] < ><17, 0, 0, 9>
[G:\Program Files\Rising\Rav\engine.dll] <rising><17, 0, 0, 40>
[G:\Program Files\Rising\Rav\UnExe.dll] <Rising><17, 0, 0, 27>
[G:\Program Files\Rising\Rav\SpamEng.dll] <N/A><17, 0, 0, 7>
[G:\PROGRAM FILES\RISING\RAV\MemMon.dll] <北京瑞星><17, 8, 0, 0>
[G:\Program Files\Rising\Rav\ScanEx.dll] <Rising><17, 0, 0, 33>
[G:\Program Files\Rising\Rav\PostTrt.dll] <Rising><17, 0, 0, 21>
[G:\PROGRAM FILES\RISING\RAV\expscan.dll] <N/A><17, 0, 0, 6>
[G:\Program Files\Rising\Rav\NvFile.dll] <瑞星><17, 0, 0, 13>
[G:\PROGRAM FILES\RISING\RAV\regmon.dll] < ><17, 0, 0, 12>
[G:\PROGRAM FILES\RISING\RAV\HookWeb.dll] <rising><17, 0, 0, 4>
[G:\Program Files\Rising\Rav\ScanMac.dll] <rising><17, 0, 0, 17>
[G:\Program Files\Rising\Rav\ScanSct.dll] <rising><17, 0, 0, 30>
[G:\Program Files\Rising\Rav\ScanExec.dll] <N/A><17, 0, 0, 21>
[G:\Program Files\Rising\Rav\Unpacker.dll] <rising><17, 0, 0, 19>
[G:\Program Files\Rising\Rav\ExtOLE.dll] <rising><17, 0, 0, 20>
[PID: 760][G:\PROGRAM FILES\RISING\RAV\RavStub.exe] <Beijing Rising Technology Co., Ltd.><17, 0, 0, 27>
[G:\PROGRAM FILES\RISING\RAV\RsCommX.dll] <rising><17, 0, 0, 3>
[G:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><17, 0, 0, 17>
[PID: 944][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.1699 (xpsp2.050610-1533)>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1184][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[G:\Program Files\sina\Uc\UCIdleHook.dll] <北京新浪信息技术有限公司><1, 0, 1, 0>
[C:\PROGRA~1\baidu\bar\baidubar.dll] <Baidu.com, Inc.><2, 0, 2, 49>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[C:\WINDOWS\SYSTEM32\Flash.ocx] <Macromedia, Inc.><7,0,19,0>
[PID: 1348][G:\PROGRA~1\RISING\RAV\RAVMON.EXE] <Beijing Rising Technology Co., Ltd.><17, 0, 1, 37>
[G:\PROGRA~1\RISING\RAV\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><17, 0, 0, 40>

任我狂 - 2005-11-19 0:16:00

[G:\PROGRA~1\RISING\RAV\RSAPPMGR.DLL] <Rising Corp.><17, 0, 0, 7>
[G:\PROGRA~1\RISING\RAV\CfgDll.dll] <rising><17, 0, 0, 60>
[G:\PROGRA~1\RISING\RAV\RsCommX.dll] <rising><17, 0, 0, 3>
[G:\PROGRA~1\RISING\RAV\PngDll.dll] <Rising><17, 0, 0, 2>
[G:\PROGRA~1\RISING\RAV\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><17, 0, 0, 17>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[PID: 1356][C:\Program Files\CNNIC\Cdn\cdnup.exe] <N/A><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\cdntdns.dll] <CNNIC><2, 2, 0, 1>
[PID: 1400][E:\Program Files\Maxthon\Thundermini\ThunderMini.exe] <深圳市三代科技开发有限公司><1, 1, 0, 4>
[E:\Program Files\Maxthon\Thundermini\boost_thread-vc6-mt-1_31.dll] <N/A><N/A>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[PID: 1520][G:\popo2004\popo.exe] <网易(163.com)><1, 0, 0, 1>
[G:\popo2004\XGDI.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\XFile.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\P2PMgr.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\XComm.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\Trace.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\Updater.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\UNZIP32.dll] <Info-ZIP><5.5>
[G:\popo2004\ResLoc.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\MailChecker.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\ExtraEditor.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\XMP.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\fmod.dll] <Firelight Technologies Pty, Ltd><3.73>
[G:\popo2004\UrlObj.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\Bobo.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\SOX.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\share.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\XVideo.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\VCodec.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\XVoice.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\XEmotion.dll] <N/A><1, 0, 0, 1>
[G:\popo2004\MsgHis.dll] <N/A><1, 0, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[G:\popo2004\plugins\MSN.DLL] <N/A><1, 0, 0, 1>
[G:\popo2004\plugins\LIBCURL.dll] <N/A><N/A>
[G:\popo2004\plugins\SSLEAY32.dll] <N/A><N/A>
[G:\popo2004\plugins\LIBEAY32.dll] <N/A><N/A>
[C:\WINDOWS\SYSTEM32\Flash.ocx] <Macromedia, Inc.><7,0,19,0>
[PID: 1572][C:\WINDOWS\System32\inetsrv\inetinfo.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1600][C:\WINDOWS\System32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.5216>
[PID: 1668][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1736][C:\WINDOWS\System32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1844][G:\D盘\香草山\淘宝旺旺\WangWang.EXE] <浙江淘宝网络有限公司><1, 4, 5, 629>
[G:\D盘\香草山\淘宝旺旺\AliViewCtrl.dll] <vline><1, 0, 0, 1>
[G:\D盘\香草山\淘宝旺旺\VLNetwork.dll] <N/A><1, 0, 0, 6>
[G:\D盘\香草山\淘宝旺旺\AliViewMedia.dll] <vline><1, 0, 0, 1>
[G:\D盘\香草山\淘宝旺旺\VideoCAP.dll] <N/A><1, 0, 0, 4>
[G:\D盘\香草山\淘宝旺旺\VLAudio.dll] <N/A><1, 0, 0, 4>
[G:\D盘\香草山\淘宝旺旺\JsmShow.dll] <N/A><1, 0, 0, 3>
[G:\D盘\香草山\淘宝旺旺\Ali_Res.DLL] <N/A><N/A>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[C:\WINDOWS\System32\msdmo.dll] <N/A><N/A>
[G:\D盘\香草山\淘宝旺旺\WangWangX.dll] <N/A><1, 0, 0, 1>
[PID: 1856][C:\Program Files\qq\2005107\QQ.exe] <启动MOPO弹窗><1.00.0011>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\qq\2005107\dmshell.dll] <N/A><N/A>
[C:\PROGRA~1\qq\2005107\210~1.0\dmplayer.dll] <N/A><N/A>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1864][C:\WINDOWS\SYSTEM32\qttask.exe] <Apple Computer, Inc.><6.5.1>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[PID: 1880][C:\WINDOWS\System32\ctfmon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[PID: 1892][C:\WINDOWS\System32\RUNDLL32.EXE] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\System32\NVMCTRAY.DLL] <NVIDIA Corporation><6.14.10.5216>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[PID: 1900][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><4.7.2010>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[PID: 1908][C:\Program Files\MSN Messenger\msnmsgr.exe] <Microsoft Corporation><7.5.0311>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[C:\WINDOWS\System32\msdmo.dll] <N/A><N/A>
[PID: 2036][G:\Program Files\Kingsoft\PowerWord 2005\Xdict.exe] <Kingsoft Co, Ltd.><8, 5, 0, 0>
[G:\Program Files\Kingsoft\PowerWord 2005\DicMngr.dll] <Kingsoft><1, 0, 0, 0>
[G:\Program Files\Kingsoft\PowerWord 2005\doshow.dll] <N/A><N/A>

任我狂 - 2005-11-19 0:17:00

[G:\Program Files\Kingsoft\PowerWord 2005\ITextOut.dll] <Kingsoft><1, 1, 0, 0>
[G:\Program Files\Kingsoft\PowerWord 2005\KPic10.dll] <N/A><N/A>
[G:\Program Files\Kingsoft\PowerWord 2005\ijl11.dll] <Intel Corporation><1.1.2>
[G:\Program Files\Kingsoft\PowerWord 2005\NormGrab.DLL] <Kingsoft Co, Ltd.><6, 0, 0, 0>
[G:\Program Files\Kingsoft\PowerWord 2005\toTTSEngine50.dll] <Kingsoft Corporation><1, 0, 0, 1>
[G:\Program Files\Kingsoft\PowerWord 2005\xfile.dll] <N/A><N/A>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[G:\Program Files\Kingsoft\PowerWord 2005\DBCore10.dll] <Kingsoft Corp.><1, 0, 0, 0>
[G:\Program Files\Kingsoft\PowerWord 2005\XdictGrb.dll] <Kingsoft Co, Ltd.><8, 5, 0, 0>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[G:\Program Files\sina\Uc\UCIdleHook.dll] <北京新浪信息技术有限公司><1, 0, 1, 0>
[PID: 580][G:\Program Files\sina\Uc\uc.exe] <北京新浪信息技术有限公司><4.1.0.925>
[G:\Program Files\sina\Uc\languageres.dll] <北京新浪信息技术有限公司><1.0.0.0>
[G:\Program Files\sina\Uc\uchall.dll] <北京新浪信息技术有限公司><2.1.0.1>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[G:\Program Files\sina\Uc\UCIdleHook.dll] <北京新浪信息技术有限公司><1, 0, 1, 0>
[G:\Program Files\sina\Uc\UCHttpDl.dll] <北京新浪信息技术有限公司><1, 1, 9, 0>
[G:\Program Files\sina\Uc\HelpEx.dll] <北京新浪信息技术有限公司><1.0.0.0>
[G:\Program Files\sina\Uc\UCBugCatch.dll] <北京新浪信息技术有限公司><1, 2, 8, 0>
[G:\Program Files\sina\Uc\UCSocket.DLL] <北京新浪信息技术有限公司><1, 1, 21, 0>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 440][G:\Program Files\Tencent\Qq\Qq.exe] <TENCENT><13, 97, 0, 8229>
[G:\Program Files\Tencent\Qq\QQBaseClassInDll.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\QQHelperDll.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\BasicCtrlDll.dll] <Tencent><0, 3, 1, 0>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[G:\Program Files\Tencent\Qq\QQAPI.dll] <N/A><1, 0, 0, 1>
[G:\PROGRAM FILES\TENCENT\QQ\TIMPROXY.DLL] <tencent><2.05>
[G:\Program Files\Tencent\Qq\HostingMgr.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\LoginCtrl.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\QQRes.dll] <tencent><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\QQMainFrame.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\CQQApplication.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\NewSkin.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
[G:\Program Files\Tencent\Qq\QQAddr.dll] <深圳市腾讯计算机系统有限公司><0, 3, 0, 42>
[G:\Program Files\Tencent\Qq\QQSpace.dll] <N/A><1, 0, 0, 1>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[G:\Program Files\Tencent\Qq\BQQApplication.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\VideoDevice.dll] <Tencent><1.4.0.1>
[G:\Program Files\Tencent\Qq\inplus.dll] <Tencent><1.4.0.1>
[C:\WINDOWS\System32\msdmo.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\QQPlugin.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\QQSysMsgMng.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\UserDefinedHead.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\QQAvatar.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\FlashAvatarDll.dll] <N/A><1, 4, 0, 1>
[G:\Program Files\Tencent\Qq\QQConfigPlugin.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\PhoneAPI.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\DialerAllinOne.dll] <tencent><1, 4, 0, 0>
[G:\Program Files\Tencent\Qq\QRingMng.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\LongConnection.dll] <tencent><0, 3, 1, 7>
[G:\Program Files\Tencent\Qq\QQPet.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\sina\Uc\UCIdleHook.dll] <北京新浪信息技术有限公司><1, 0, 1, 0>
[G:\Program Files\Tencent\Qq\QQAllInOne.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\CameraDll.dll] <N/A><1, 0, 0, 1>
[G:\Program Files\Tencent\Qq\SCCore.dll] <N/A><N/A>
[G:\Program Files\Tencent\Qq\QQSceneMng.dll] <N/A><N/A>
[PID: 488][C:\WINDOWS\SYSTEM32\rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\Progra~1\DESKTO~1\Cast\dmipn.dll] <N/A><1, 1, 0, 1>
[C:\Progra~1\DESKTO~1\Cast\dmdaemon.dll] <dmcast><1, 1, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 284][C:\WINDOWS\System32\dllhost.exe] <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[PID: 2124][G:\Program Files\Tencent\Qq\TIMPlatform.exe] <tencent><3.17>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[G:\PROGRAM FILES\TENCENT\QQ\TIMPROXY.DLL] <tencent><2.05>
[PID: 2180][C:\WINDOWS\System32\inetsrv\DavCData.exe] <Microsoft Corporation><6.0.2600.0 (xpclient.010817-1148)>
[PID: 2676][G:\PROGRA~1\KINGSOFT\FASTAI~1\KTENGINE.EXE] <Kingsoft><1, 0, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[G:\PROGRA~1\KINGSOFT\FASTAI~1\GTS\EnglishSChinese\EngSCh.dll] <N/A><N/A>
[PID: 3372][C:\Downloads\sreng\SREng.exe] <Smallfrogs Studio><1.1.0.269>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <N/A><2, 0, 0, 6>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <cnnic><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <N/A><2, 1, 0, 0>
[C:\Program Files\CNNIC\Cdn\cdnglo.dll] <N/A><2, 1, 0, 0>
[G:\Program Files\sina\Uc\UCIdleHook.dll] <北京新浪信息技术有限公司><1, 0, 1, 0>

==================================
文件关联
.TXT Error. [NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [C:\WINDOWS\System32\winhlp32.exe %1]
.INI Error. [notepad.exe %1]
.INF OK. [C:\WINDOWS\System32\NOTEPAD.EXE %1]

==================================

飞跃迷离 - 2005-11-19 10:18:00

重新启动到安全模式（进入安全模式的方法:重新启动电脑, 开机自动检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式(Safe Mode)进入Windows。）

停止这个服务：
[Smart Card Event / Smart Card Event]
<C:\Program Files\zsxz\UrlService.exe><N/A>

删除文件夹C:\Program Files\zsxz

然后修复文件关联！

任我狂 - 2005-11-19 13:06:00

还是没解决问题。只是有两个网站的网页打不开。今天的日志：HijackThis_815汉化版扫描日志 V1.99.1
保存于 13:03:42, 日期 05-11-19
操作系统： Windows XP SP1 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
G:\PROGRAM FILES\RISING\RAV\Ravmond.exe
G:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
G:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\Program Files\CNNIC\Cdn\cdnup.exe
E:\Program Files\Maxthon\Thundermini\ThunderMini.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
G:\popo2004\popo.exe
G:\D盘\香草山\淘宝旺旺\WangWang.EXE
C:\Program Files\qq\2005107\QQ.exe
C:\WINDOWS\SYSTEM32\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
G:\Program Files\Kingsoft\PowerWord 2005\Xdict.exe
G:\Program Files\sina\Uc\uc.exe
G:\Program Files\Tencent\Qq\Qq.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
G:\Program Files\Tencent\Qq\TIMPlatform.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
G:\PROGRA~1\KINGSOFT\FASTAI~1\KTENGINE.EXE
C:\WINDOWS\explorer.exe
G:\FIREFOX.EXE
C:\Downloads\4842302005817230232\HijackThis1991zww.exe

O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [RavMon] G:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - 启动项HKLM\\Run: [popo2004] G:\popo2004\Start.exe
O4 - 启动项HKLM\\Run: [thunder_mini] E:\Program Files\Maxthon\Thundermini\ThunderMini.exe
O4 - 启动项HKLM\\Run: [WangWang] "G:\D盘\香草山\淘宝旺旺\WangWang.EXE"
O4 - 启动项HKLM\\Run: [IMJPMIG8.2] C:\Program Files\qq\2005107\QQ.exe
O4 - 启动项HKLM\\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: 金山词霸 2005.lnk = G:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
O4 - Global Startup: 新浪UC.lnk = G:\Program Files\sina\UC\uc.exe
O4 - Global Startup: 腾讯QQ.lnk = G:\Program Files\Tencent\QQ\QQ.EXE
O4 - Global Startup: 桌面传媒.lnk = C:\WINDOWS\SYSTEM32\rundll32.exe
O8 - IE右键菜单中的新增项目: !搜一搜 - res://C:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003
O8 - IE右键菜单中的新增项目: &使用迷你迅雷下载 - E:\Program Files\Maxthon\Thundermini\geturl.htm
O8 - IE右键菜单中的新增项目: 使用新浪下载助手下载 - G:\PROGRA~1\SINA\UC\UCDDT\sinadl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - G:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - G:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - G:\Program Files\Tencent\Qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - G:\Program Files\Tencent\Qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - G:\Program Files\Tencent\Qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 百度-搜索MP3 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索图片 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索新闻 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索歌词 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索网页 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索贴吧 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM
O8 - IE右键菜单中的新增项目: 百度-词典搜索 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM
O8 - IE右键菜单中的新增项目: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - 浏览器额外的按钮: 梅静势沉吃瞎?
ForceRemove val - {022C4009-5283-4365-97BF-144054B40E2E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 舶凳 - {022C4009-5283-4365-97BF-144054B40E2E} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的按钮: 完美卸载 - 清理上网垃圾,包括缓存,CookIE等 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - G:\UNINSTALL\IEBUTTON.EXE
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - 浏览器额外的按钮: 小蜜蜂多人聊天 - {0AD483DA-CC0E-4562-B828-C33E11F5FA62} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 小蜜蜂多人聊天 - {0AD483DA-CC0E-4562-B828-C33E11F5FA62} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - G:\Program Files\sina\UC\UC.exe
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的按钮: Dutchemails.com - {AE818C9D-7289-450c-80DE-B31FCAD3722C} - C:\Program Files\Internet Explorer\PLUGINS\toolbar541461.dll
O9 - 浏览器额外的“工具”菜单项: Dutchemails.com - {AE818C9D-7289-450c-80DE-B31FCAD3722C} - C:\Program Files\Internet Explorer\PLUGINS\toolbar541461.dll
O9 - 浏览器额外的按钮: 小蜜蜂网络电话 - {B35138BB-9270-4EF1-9A7B-9EEC90220024} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 小蜜蜂网络电话 - {B35138BB-9270-4EF1-9A7B-9EEC90220024} - g:\小蜜蜂\IeMibtn.dll (file missing)
O9 - 浏览器额外的按钮: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - 浏览器额外的“工具”菜单项: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\PROGRAM FILES\TENCENT\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\PROGRAM FILES\TENCENT\QQ\QQ.EXE
O9 - 浏览器额外的按钮: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - G:\PROGRA~1\SINA\UC\UCDDT\DDTONG~1.DLL
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - 浏览器额外的“工具”菜单项: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - 浏览器额外的按钮: MistyAndSamsCash - {FBFD8C12-7530-4f0b-8E0A-8EEB4A3D503F} - C:\Program Files\Internet Explorer\PLUGINS\toolbar827328.dll
O9 - 浏览器额外的“工具”菜单项: MistyAndSamsCash - {FBFD8C12-7530-4f0b-8E0A-8EEB4A3D503F} - C:\Program Files\Internet Explorer\PLUGINS\toolbar827328.dll
O9 - 浏览器额外的按钮: (no name) - {974AD624-EA50-4831-A6C0-3040F6665396} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O9 - 浏览器额外的“工具”菜单项: 新浪点点通阅读器 - {974AD624-EA50-4831-A6C0-3040F6665396} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O9 - 浏览器额外的按钮: 新浪点点通阅读器 - {F0646DC8-58CD-4C64-8F6B-525043914685} - G:\PROGRAM FILES\SINA\UC\UCDDT\RSSBAND.DLL (HKCU)
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [CDNCLIENT] 中文上网
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125757284828
O16 - DPF: {733652F9-53EF-4BF1-B391-375980675D6F} (V3PROXL Control) - http://scan.online.cq.cn/plugin/myv3light.cab
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://bbmedia.qq.com/media/QQLiveSetup.exe
O16 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (KSHScan Control) - http://scan.kingsoft.com/scan/fangyi/KAllScan.CAB
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://ol.db.kingsoft.com/antiscan/setup/KAVClean.CAB
O16 - DPF: {CF051549-EDE1-40F5-B440-BCD646CF2C25} (Ppinstall Control) - http://popo.163.com/install/ppinstall.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown2.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/QQ/QQkill/rsonline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CCS\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O17 - HKLM\System\CS1\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CS1\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O17 - HKLM\System\CS2\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: Domain = 5
O17 - HKLM\System\CS2\Services\Tcpip\..\{754FDC17-C0BE-4242-8BEC-C67AB27D8001}: NameServer = 202.197.89.69
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/x-mrml - {C51721BE-858B-4A66-A8BF-D2882FF49820} - F:\比忍特亓铃迨手只机鶧DIY\Fantasia\players\MidRadio\MidRadio.ocx
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - G:\PROGRAM FILES\RISING\RAV\Ravmond.exe

瑞星卡卡安全论坛