又中毒了,帮帮我!!!尽快!! bbs.ikaka.com

aitongnuo - 2005-11-22 20:57:00

Logfile of HijackThis v1.99.1
Scan saved at 20:52:17, on 2005-11-22
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
D:\Program Files\Winamp\Winampa.exe
D:\Program Files\QQ2005\QQ.exe
D:\Program Files\QQ2005\TIMPlatform.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QQ2005\QQ.exe
D:\Program Files\3721\ske\TrojanAssistant.exe
C:\WINDOWS\System32\ctfmon.exe
F:\248783200522382732\HijackThis.exe

R3 - URLSearchHook: QQ Search Hook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\AddrPlus\IEHelp2.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v6.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\AddrPlus\IEHelp2.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\Program Files\3721\Assist\Angling.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\QQ2005\QQIEHelper.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] rem C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] rem C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [helper.dll] rem C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AddrPlus3] RUNDLL32.EXE C:\PROGRA~1\TENCENT\AddrPlus\QAHook1.dll,Rundll32
O4 - HKLM\..\Run: [Microsoft] C:\WINDOWS\System32\iexplore.exe
O4 - HKLM\..\Run: [Sysqq] C:\WINDOWS\weiba.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] rem "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\QQ2005\QQ.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\QQ2005\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\QQ2005\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\QQ2005\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\QQ2005\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\QQ2005\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\QQ2005\QQIEHelper.dll
O11 - Options group: [TBH] QQ地址栏搜索插件
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} (QQPlayer Control) - http://219.133.62.236/QQPlayer.cab
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Rdps (Remote procedure Call(Rdps)) - Unknown owner - C:\WINDOWS\Mstaks.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe

神无 - 2005-11-22 21:02:00

O4 - HKLM\..\Run: [Microsoft] C:\WINDOWS\System32\iexplore.exe
O4 - HKLM\..\Run: [Sysqq] C:\WINDOWS\weiba.exe
终止进程,删除文件.

O23 - Service: Rdps (Remote procedure Call(Rdps)) - Unknown owner - C:\WINDOWS\Mstaks.exe
重启进安全模式,清空IE临时文件夹,打开注册表,定位到HKEY_LOCAL_MACHINE\ SYSTEM \CURRENTCONTROLSET \ SERVICES删除注册表左面菜单下的 Rdps 或 Remote procedure Call(Rdps) 这个服务项,整个删除.显示系统和隐藏文件,在C:\WINDOWS\文件夹中搜索Mstaks.exe、Mstaks.dll、Mstaks_hook.dll以及MstaksKey.dll这四个文件,不一定能全找到,找到删除,重启到正常模式,再扫个日志上来看看.

附件: 52209820051122210255.bmp

神无 - 2005-11-22 21:04:00

O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\QQ2005\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\QQ2005\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\QQ2005\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\QQ2005\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\QQ2005\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\QQ2005\QQIEHelper.dll
O11 - Options group: [TBH] QQ地址栏搜索插件
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} (QQPlayer Control) - http://219.133.62.236/QQPlayer.cab
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
修复这几项.

建议卸载上网助手.

aitongnuo - 2005-11-22 21:05:00

会自动弹出一个色情网页!!!

文雷 - 2005-11-22 21:06:00

Rdps (Remote procedure Call(Rdps)) - Unknown owner - C:\WINDOWS\Mstaks.exe
O4 - HKLM\..\Run: [Sysqq] C:\WINDOWS\weiba.exe
干掉他俩

aitongnuo - 2005-11-22 21:23:00

Logfile of HijackThis v1.99.1
Scan saved at 21:20:51, on 2005-11-22
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
F:\248783200522382732\HijackThis.exe

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-

1D9571695F55} - C:\WINDOWS\System32\xunleibho_v6.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-

0ED954731014} - C:\Program Files\TENCENT\AddrPlus\IEHelp2.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} -

C:\Program Files\3721\Assist\Angling.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} -

D:\Program Files\QQ2005\QQIEHelper.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} -

C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} -

C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE

/Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] rem C:\WINDOWS\System32

\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] rem C:\WINDOWS\System32

\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [helper.dll] rem C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe"

-Startup
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common

Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AddrPlus3] RUNDLL32.EXE C:\PROGRA~1

\TENCENT\AddrPlus\QAHook1.dll,Rundll32
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] rem "C:\Program Files\Messenger\msmsgs.exe"

/background
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\QQ2005\QQ.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program

Files\QQ2005\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program

Files\QQ2005\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\QQ2005

\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program

Files\QQ2005\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -

C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2

-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} -

D:\Program Files\QQ2005\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-

9460-4983E5A8AFE6} - D:\Program Files\QQ2005\QQIEHelper.dll
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) -

file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} (QQPlayer Control) -

http://219.133.62.236/QQPlayer.cab
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) -

file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) -

file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32

\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32

\DRIVERS\CDANTSRV.EXE
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing

Rising Technology Corporation Limited - c:\program

files\rising\rfw\rfwsrv.exe

我重启了,还是没有用!!

神无 - 2005-11-22 21:26:00

日志无异常,再用杀毒软件杀一下毒.还报不报毒了?

aitongnuo - 2005-11-22 21:31:00

会自动弹出一个色情网页,

关了"iexplore"这个进程以后才会消失

神无 - 2005-11-22 21:35:00

O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-

0ED954731014} - C:\Program Files\TENCENT\AddrPlus\IEHelp2.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} -

C:\Program Files\3721\Assist\Angling.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} -

D:\Program Files\QQ2005\QQIEHelper.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} -

C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} -

C:\Program Files\3721\Assist\asbar.dll
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program

Files\QQ2005\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program

Files\QQ2005\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\QQ2005

\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program

Files\QQ2005\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -

C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2

-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} -

D:\Program Files\QQ2005\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-

9460-4983E5A8AFE6} - D:\Program Files\QQ2005\QQIEHelper.dll
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) -

file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} (QQPlayer Control) -

http://219.133.62.236/QQPlayer.cab
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) -

file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) -

file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
修复这几项.

瑞星卡卡安全论坛