高手帮忙看看Win-Trojan/Xema.variant是个什么病毒? bbs.ikaka.com

病毒郁闷 - 2006-5-3 17:14:00

杀不了它帮忙看看

病毒郁闷 - 2006-5-3 17:24:00

2006-5-3 17:11:25 手工扫描:文件: C:\WINDOWS\system32\dmshell.dll，发现病毒Win-Trojan/Xema.variant，处理方式: 清除失败, 处理结果: 清除失败．

hbbdqya - 2006-5-3 17:31:00

用挪顿企业版杀.

病毒郁闷 - 2006-5-3 17:36:00

Win-Trojan/Xema.variant2是个什么病毒啊??

病毒郁闷 - 2006-5-3 18:18:00

没有高手有办法杀这个东西了吗/?

拒绝网游珍惜生命 - 2006-5-3 18:23:00

我是新手，我帮帮你试试吧卡卡助手扫描，粘贴全部日志。。。。。。

病毒郁闷 - 2006-5-3 18:27:00

3Q~我没有装瑞星用的是东方卫士

拒绝网游珍惜生命 - 2006-5-3 18:31:00

http://www.kztechs.com/sreng/sreng2.zip 下载，安装，扫描系统把日志全部粘贴上来！

病毒郁闷 - 2006-5-3 18:37:00

还有救吗?

拒绝网游珍惜生命 - 2006-5-3 18:41:00

http://www.kztechs.com/sreng/sreng2.zip 下载，安装，扫描系统把日志全部粘贴上来！
相信我啊

病毒郁闷 - 2006-5-3 18:49:00

不好意思~~~我装好扫描完了!!!

你说的日志在什么地方????

拒绝网游珍惜生命 - 2006-5-3 18:53:00

扫描以后保存在桌面，然后打开全部粘贴

病毒郁闷 - 2006-5-3 20:20:00

2006-05-03,20:18:22

System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows XP Home Edition Service Pack 2 - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<360Main.exe><C:\PROGRA~1\360so\360Main.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<dl_accel><C:\Program Files\3721\Dlaccel\YDownloader.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<MoveSearch><C:\Program Files\HuaCi\huaci\zsearch.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SearchNet_Up><"C:\Program Files\SearchNet\ServeUp.exe">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Iehelper><C:\WINDOWS\system32\iehelper.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CdnCtr><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<dfvsx><"D:\zxf\东方杀毒\DFVSX\DFVSX.exe" -Min>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>

==================================
启动文件夹
[租用服务器免费架私服]
<C:\Documents and Settings\gw\「开始」菜单\程序\启动\租用服务器免费架私服.lnk><N>
[腾讯QQ]
<C:\Documents and Settings\gw\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

病毒郁闷 - 2006-5-3 20:22:00

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA]
<C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[C-DillaSrv / C-DillaSrv]
<C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[EvtEng / EvtEng]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Groove Installer Service / GrooveInstallerService]
<C:\Program Files\Groove Networks\Groove\Bin\GrooveInstallerService.exe><Groove Networks, Inc.>
[Kingsoft Personal Firewall Service / KPfwSvc]
<"C:\KAV2006\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc]
<C:\KAV2006\KWatch.EXE><Kingsoft Corporation>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[RegSrvc / RegSrvc]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Remote Lo / Remote Log]
<system32\ServeHost.exe><北京中搜在线软件有限公司>
[Spectrum24 Event Monitor / S24EventMonitor]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation >
[SolidWorks SolidNetWork License Manager / SolidWorks SolidNetWork License Manager]
<C:\flexlm\Sw2005_SP0_licenses\SolidWorks SolidNetWork License Manager\lmgrd.exe><Macrovision Corporation>
[VAIO Entertainment Aggregation and Control Service / VAIO Entertainment Aggregation and Control Service]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe"><Sony Corporation>
[VAIO Entertainment Task Scheduler / VAIO Entertainment Task Scheduler]
<"C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe"><Sony Corporation>
[VAIO Entertainment TV Device Arbitration Service / VAIO Entertainment TV Device Arbitration Service]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe"><Sony Corporation>
[VAIO Event Service / VAIO Event Service]
<C:\Program Files\Sony\VAIO Event Service\VESMgr.exe><Sony Corporation>
[VAIO Media Integrated Server / VAIOMediaPlatform-IntegratedServer-AppServer]
<C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe><Sony Corporation>
[VAIO Media Integrated Server (HTTP) / VAIOMediaPlatform-IntegratedServer-HTTP]
<"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP"><N/A>
[VAIO Media Integrated Server (UPnP) / VAIOMediaPlatform-IntegratedServer-UPnP]
<C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe><Sony Corporation>
[VAIO Media Gateway Server / VAIOMediaPlatform-Mobile-Gateway]
<"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server"><N/A>
[VAIO Entertainment UPnP Client Adapter / Vcsw]
<C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -RunBySCM><Sony Corporation>
[VAIO Entertainment Database Service / VzCdbSvc]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"><Sony Corporation>
[VAIO Entertainment File Import Service / VzFw]
<C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe><Sony Corporation>
[Windows ServerNamx / WinServerNamx]
<C:\WINDOWS\system32\serviecs.exe -NetSata><N/A>

病毒郁闷 - 2006-5-3 20:23:00

==================================
浏览器加载项
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[MonitorURL Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[IDDTInitObj Class]
{15DDE989-CD45-4561-BF99-D22C0D5C2B74} <C:\PROGRA~1\sina\DLFast\ddtinit.dll, 北京新浪信息技术有限公司>
[Zhongsou Browser Helper]
{2A0176FE-008B-4706-90F5-BBA532A49731} <C:\Program Files\SearchNet\SNHpr.dll, Beijing Zhongsou Online Software>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll, Yahoo.>
[IE Browser Helper]
{3CE496D1-1746-41CD-9489-3C0B93DF10E2} <C:\WINDOWS\Downlo~1\IEHpr.dll, 中搜在线软件有限公司>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll, Yahoo!>
[BHOHelper Class]
{472101C2-1109-43f4-9112-31F33E3F2127} <C:\PROGRA~1\360so\360so.dll, 360搜>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <, N/A>
[手机短信]
{00000000-0000-0001-0001-596BAEDD1289} <http://sms.3721.com/ie/index.htm, N/A>
[Yahoo 1G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.mail.yahoo.com/promo/rd1, N/A>
[寻宝乐趣多]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://hot.3721.com/rd/shop_btn.htm, N/A>
[上网助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://assistant.3721.com/index.htm?fb=Cns, N/A>
[东方卫士]
{A26ABCF0-1C8F-46e7-A67C-0489DC21B9CE} <C:\PROGRA~1\DFVSIE~1\DFVSIEBR.dll, >
[东方卫士2005下载版]
{A26ABCF0-1C8F-46e7-A67C-0489DC21B9EE} <D:\zxf\东方杀毒\DFVSX\DFVSX.exe, N/A>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://assistant.3721.com/security1.htm?fb=Cns, N/A>
[新浪点点通]
{F60C7D81-8471-4D40-AAFE-56D318F34C2D} <C:\PROGRA~1\sina\DLFast\ddtong~1.dll, 北京新浪信息技术有限公司>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://assistant.3721.com/clean1.htm?fb=Cns, N/A>
[]
{974AD624-EA50-4831-A6C0-3040F6665396} <C:\PROGRA~1\sina\DLFast\rssband.dll, 北京新浪信息技术有限公司>
[新浪点点通阅读器]
{F0646DC8-58CD-4C64-8F6B-525043914685} <C:\PROGRA~1\sina\DLFast\rssband.dll, 北京新浪信息技术有限公司>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <, N/A>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll, Yahoo!>
[新浪点点通]
{F60C7D81-8471-4D40-AAFE-56D318F34C2D} <C:\PROGRA~1\sina\DLFast\ddtong~1.dll, 北京新浪信息技术有限公司>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[东方卫士]
{A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EF} <C:\PROGRA~1\DFVSIE~1\DFVSIEBR.dll, >
[WebActivater Control]
{3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
[Chaos Filter]
{AB89C9BF-9250-473B-BE49-D34F615CB678} <C:\WINDOWS\system32\chaos.ax, Gaov Info Tech Co, LTD.>
[VqqSpeedDlProxy Class]
{F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, Tencent>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[ActiveMovieControl Object]
{05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[MonitorURL Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[IDDTInitObj Class]
{15DDE989-CD45-4561-BF99-D22C0D5C2B74} <C:\PROGRA~1\sina\DLFast\ddtinit.dll, 北京新浪信息技术有限公司>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[PowerPlr Control]
{2354A44B-3CEB-4829-9940-545B03103538} <C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Zhongsou Browser Helper]
{2A0176FE-008B-4706-90F5-BBA532A49731} <C:\Program Files\SearchNet\SNHpr.dll, Beijing Zhongsou Online Software>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll, Yahoo.>
[IE Browser Helper]
{3CE496D1-1746-41CD-9489-3C0B93DF10E2} <C:\WINDOWS\Downlo~1\IEHpr.dll, 中搜在线软件有限公司>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll, Yahoo!>
[BHOHelper Class]
{472101C2-1109-43F4-9112-31F33E3F2127} <C:\PROGRA~1\360so\360so.dll, 360搜>
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[AutoLive]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\yaLive.dll, >
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[]
{974AD624-EA50-4831-A6C0-3040F6665396} <C:\PROGRA~1\sina\DLFast\rssband.dll, 北京新浪信息技术有限公司>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[东方卫士]
{A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EF} <C:\PROGRA~1\DFVSIE~1\DFVSIEBR.dll, >
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Chaos Filter]
{AB89C9BF-9250-473B-BE49-D34F615CB678} <C:\WINDOWS\system32\chaos.ax, Gaov Info Tech Co, LTD.>
[Microsoft Scriptlet Component]

病毒郁闷 - 2006-5-3 20:24:00

{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Microsoft DirectAnimation Control]
{B6FFC24C-7E13-11D0-9B47-00C04FC2F51D} <C:\WINDOWS\system32\danim.dll, Microsoft Corporation>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <, N/A>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[新浪点点通阅读器]
{F0646DC8-58CD-4C64-8F6B-525043914685} <C:\PROGRA~1\sina\DLFast\rssband.dll, 北京新浪信息技术有限公司>
[新浪点点通]
{F60C7D81-8471-4D40-AAFE-56D318F34C2D} <C:\PROGRA~1\sina\DLFast\ddtong~1.dll, 北京新浪信息技术有限公司>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\Program Files\Yahoo!\Assistant\Assist\yassist.dll, Yahoo!>
[&Google Search]
<res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html, N/A>
[&Translate English Word]
<res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html, N/A>
[&使用下载加速专家下载]
<C:\Program Files\3721\Dlaccel\geturl.htm, N/A>
[Backward Links]
<res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html, N/A>
[Cached Snapshot of Page]
<res://c:\program files\google\GoogleToolbar1.dll/cmcache.html, N/A>
[Similar Pages]
<res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html, N/A>
[Translate Page into English]
<res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html, N/A>
[使用新浪下载助手下载]
<C:\PROGRA~1\sina\DLFast\sinadl.htm, N/A>
[使用网际快车下载]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[添加到雅虎订阅(&Y)]
<res://C:\Program Files\Yahoo!\Assistant\Assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>

病毒郁闷 - 2006-5-3 20:25:00

==================================
正在运行的进程
[PID: 892][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 944][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 972][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2505 (xpsp.040806-1825)>
[PID: 1016][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1028][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1192][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1276][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1448][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1576][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] <Intel Corporation><9, 0, 0, 12>
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] <Intel Corporation><9, 0, 0, 14>
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] <Intel Corporation><9, 0, 0, 22>
[PID: 1620][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] <Intel Corporation ><9, 0, 0, 38>
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] <Intel Corporation><9, 0, 0, 22>
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] <Intel Corporation><9, 0, 0, 14>
[PID: 1756][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1904][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 556][C:\KAV2006\KWatch.EXE] <Kingsoft Corporation><2005, 9, 27, 51>
[C:\KAV2006\KAVIPC2.DLL] <Kingsoft Corporation><2004, 12, 28, 20>
[C:\KAV2006\KAEPlat.DLL] <Kingsoft Corp.><2004, 11, 26, 53>
[C:\KAV2006\KAEMem.DAT] <Kingsoft><2004, 11, 9, 11>
[PID: 744][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[C:\WINDOWS\system32\nvcpl.dll] <NVIDIA Corporation><6.14.10.7075>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.7075>
[C:\PROGRA~1\Yahoo!\ASSIST~1\yaLive.dll] <><2, 0, 2, 1025>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] < ><2, 0, 1, 1007>
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.1.2003110300>
[C:\PROGRA~1\FlashGet\jccatch.dll] <Amaze Soft><1, 1, 3, 0>
[PID: 876][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[C:\WINDOWS\system32\BBPDFPortMon.dll] <Bluebeam Software, Inc.><1, 0, 0, 1>
[C:\WINDOWS\system32\CNMLM6e.DLL] <CANON INC.><1.80.2.50>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD6e.DLL] <CANON INC.><1.80.2.50>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll] <Windows (R) 2000 DDK provider><5.00.2195.1620>
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMUI6e.DLL] <CANON INC.><1.80.2.50>
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMDR6e.DLL] <CANON INC.><1.80.2.50>
[PID: 1700][C:\Program Files\3721\Dlaccel\YDownloader.exe] <北京三七二一科技有限公司><1, 2, 0, 7>
[C:\Program Files\3721\Dlaccel\boost_thread-vc6-mt-1_31.dll] <N/A><N/A>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[PID: 1708][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] < ><2, 0, 0, 1001>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[C:\PROGRA~1\Yahoo!\ASSIST~1\yaLive.dll] <><2, 0, 2, 1025>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] < ><2, 0, 1, 1007>
[PID: 1716][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe] <Yahoo!><1, 0, 1, 1001>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>

病毒郁闷 - 2006-5-3 20:26:00

[C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll] <Yahoo><1, 0, 1, 1006>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll] <Yahoo><1, 0, 2, 1002>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll] <Yahoo><1, 0, 1, 1001>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll] <Yahoo><1, 0, 0, 2>
[PID: 2008][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.1622>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[PID: 280][C:\WINDOWS\system32\iehelper.exe] <N/A><N/A>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[C:\WINDOWS\system32\dmshell.dll] <N/A><N/A>
[C:\WINDOWS\system32\215~1.0\dmplayer.dll] <千橡互联><2, 1, 5, 0>
[PID: 460][C:\WINDOWS\system32\iehelper.exe] <N/A><N/A>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[C:\WINDOWS\system32\dmshell.dll] <N/A><N/A>
[PID: 468][D:\zxf\东方杀毒\DFVSX\DFVSX.exe] <N/A><N/A>
[D:\zxf\东方杀毒\DFVSX\rtl70.bpl] <Borland Software Corporation><7.0.4.453>
[D:\zxf\东方杀毒\DFVSX\vcl70.bpl] <Borland Software Corporation><7.0.4.453>
[D:\zxf\东方杀毒\DFVSX\vclx70.bpl] <Borland Software Corporation><7.0.4.453>
[D:\zxf\东方杀毒\DFVSX\inet70.bpl] <Borland Software Corporation><7.0.4.453>
[D:\zxf\东方杀毒\DFVSX\vclie70.bpl] <Borland Software Corporation><7.0.4.453>
[D:\zxf\东方杀毒\DFVSX\DFVSFM.dll] <N/A><N/A>
[D:\zxf\东方杀毒\DFVSX\v3flt.dll] <Ahnlab, Inc.><5, 1, 0, 12>
[D:\zxf\东方杀毒\DFVSX\AhnCtlKD.dll] <Ahnlab, Inc.><1, 0, 1, 2>
[D:\zxf\东方杀毒\DFVSX\FM_RO.dll] <交大铭泰><2.0>
[D:\zxf\东方杀毒\DFVSX\libwsc.DLL] <N/A><N/A>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[PID: 476][C:\Program Files\HuaCi\huaci\ZsUp.exe] <><1, 0, 0, 1>
[PID: 500][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[PID: 524][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><4.7.3001>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[PID: 1352][C:\WINDOWS\system32\drivers\CDAC11BA.EXE] <Macrovision><4.20.020>
[PID: 612][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE] <C-Dilla Ltd><3.23.000>
[PID: 1800][C:\KAV2006\KPfwSvc.EXE] <Kingsoft Corporation><2005, 9, 5, 28>
[PID: 1852][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] <Microsoft Corporation><7.00.9466>
[PID: 1932][C:\WINDOWS\system32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.7075>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.7075>
[PID: 116][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] <Intel Corporation><9, 0, 0, 10>
[PID: 288][C:\WINDOWS\system32\ServeHost.exe] <北京中搜在线软件有限公司><1, 0, 0, 1>
[PID: 804][C:\WINDOWS\system32\taskmgr.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[PID: 1440][C:\flexlm\Sw2005_SP0_licenses\SolidWorks SolidNetWork License Manager\lmgrd.exe] <Macrovision Corporation><9, 0, 0, 0>
[PID: 1512][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1828][C:\flexlm\Sw2005_SP0_licenses\SolidWorks SolidNetWork License Manager\SW_D.EXE] <N/A><N/A>
[PID: 1424][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1568][C:\Program Files\Sony\VAIO Event Service\VESMgr.exe] <Sony Corporation><2.0.00.09300>
[C:\Program Files\Sony\VAIO Event Service\VESSuEvent.dll] <Sony Corporation><2.0.00.10290>
[C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll] <N/A><N/A>
[C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll] <Sony Corporation><6, 0, 0, 10230>
[C:\Program Files\Common Files\Sony Shared\SXBIOS\sxbios.dll] <Sony Corporation><4.02.8170>
[C:\WINDOWS\system32\NvCpl.dll] <NVIDIA Corporation><6.14.10.7075>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.7075>
[C:\Program Files\Sony\VAIO Event Service\VESWndMsg.dll] <Sony Corporation><2.0.00.10290>
[C:\Program Files\Sony\VAIO Event Service\VESTransform.dll] <Sony Corporation><2.0.00.10290>
[C:\Program Files\Sony\VAIO Event Service\VESWndMsgHook.dll] <Sony Corporation><1.1.00.08050>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[C:\Program Files\Sony\VAIO Power Management\VESPowerMgr.dll] <Sony Corporation><2.0.00.102700>
[C:\Program Files\Sony\VAIO Event Service\VESSemiPnP.dll] <Sony Corporation><2.0.00.10290>
[C:\Program Files\Sony\VAIO Event Service\VESSuPerform.dll] <Sony Corporation><2.0.00.10290>
[C:\Program Files\Sony\VAIO Event Service\VESVideo.dll] <Sony Corporation><2.0.00.11050>
[C:\Program Files\Sony\VAIO Event Service\VESPerform.dll] <Sony Corporation><2.0.00.11050>
[C:\Program Files\Sony\VAIO Event Service\VESHKWndCommon.dll] <Sony Corporation><2.0.00.10290>
[PID: 2448][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe] <Sony Corporation><1.2.00.09101>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\sonyuppc.dll] <Sony Corporation><6.0.00.08050>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\UPnPCtrl.dll] <Sony Corporation><2, 0, 1, 10010>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll] <Sony Corporation><1.2.00.09101>
[PID: 2484][C:\WINDOWS\system32\serviecs.exe] <N/A><N/A>
[PID: 2592][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe] <Sony Corporation><1.2.01.10250>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbVcds.dll] <Sony Corporation><1.2.01.10070>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSsDB.dll] <Sony Corporation><1.2.01.10120>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbLocalDB.dll] <Sony Corporation><1.2.01.10070>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll] <Sony Corporation><1.2.00.09101>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcps.dll] <Sony Corporation><1.2.01.10250>
[C:\Program Files\Common Files\Sony Shared\AvLib\Metallic.dll] <Sony Corporation><2.7.00.14160>
[PID: 2612][C:\Program Files\ChinaNet\VnetClient.exe] <><2005, 11, 14, 1>

病毒郁闷 - 2006-5-3 20:27:00

[C:\Program Files\ChinaNet\Communicate.dll] <0><2005, 3, 3, 1>
[C:\Program Files\ChinaNet\DialModule.dll] <GDCN><2005, 11, 15, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[C:\PROGRA~1\ChinaNet\CLIENT~1.DLL] <><2004, 2, 28, 1>
[C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX] <><2005, 7, 27, 1>
[C:\PROGRA~1\ChinaNet\sign.dll] <0><2004, 12, 1, 1>
[C:\PROGRA~1\ChinaNet\SysPlug\206301~1\PICPUZ~1.DLL] <><2004, 12, 3, 0>
[C:\PROGRA~1\ChinaNet\PostPlug.dll] <><2004, 12, 16, 2>
[C:\PROGRA~1\ChinaNet\ADVERT~1.OCX] <><2005, 10, 13, 1>
[C:\Program Files\网络猪\Gif89.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\ChinaNet\VnetBs.ocx] <><2004, 11, 18, 1>
[C:\PROGRA~1\ChinaNet\ACCOUN~2.DLL] <><2005, 11, 14, 1>
[C:\PROGRA~1\ChinaNet\AccountMgr.dll] <><2005, 11, 14, 17>
[C:\PROGRA~1\ChinaNet\VnetSkin.ocx] <GDDC><2005, 11, 14, 1>
[C:\PROGRA~1\ChinaNet\DialogStyle.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\ChinaNet\Timer.ocx] <><2005, 10, 9, 14>
[C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX] <><2005, 2, 24, 1>
[C:\PROGRA~1\ChinaNet\NEWMES~1.DLL] <><2005, 8, 26, 1>
[C:\PROGRA~1\ChinaNet\PassCtrl.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\ChinaNet\PlugPush.dll] <><2004, 12, 21, 1>
[C:\PROGRA~1\ChinaNet\ALLINT~1.DLL] <><2004, 11, 23, 1>
[C:\PROGRA~1\ChinaNet\VNetLog.ocx] <><2005, 10, 9, 1>
[C:\PROGRA~1\ChinaNet\StatNum.dll] <><2004, 11, 18, 1>
[C:\PROGRA~1\ChinaNet\VNETON~1.OCX] <><2005, 3, 2, 1>
[C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL] <GDCN><2005, 10, 9, 1>
[C:\PROGRA~1\ChinaNet\VnetOptLog.dll] <><2005, 9, 13, 9>
[C:\PROGRA~1\ChinaNet\DlgSkin.ocx] <><2005, 11, 14, 1>
[C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[PID: 2656][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe] <Sony Corporation><1.2.01.10120>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFwImport.dll] <Sony Corporation><1.2.01.10250>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdb.dll] <Sony Corporation><1.2.01.10070>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcps.dll] <Sony Corporation><1.2.01.10250>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCs.dll] <Sony Corporation><1.3.00.10210>
[PID: 688][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] <Yahoo><1, 0, 1, 1000>
[C:\PROGRA~1\Yahoo!\ASSIST~1\yaLive.dll] <><2, 0, 2, 1025>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] < ><2, 0, 1, 1007>
[C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~3.DLL] <N/A><N/A>
[C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopAPI2.dll] <N/A><N/A>
[C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopResources_zh_cn.dll] <N/A><N/A>
[C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll] <Yahoo!><2, 1, 7, 1047>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] <Yahoo! China><1, 1, 2, 1034>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] <Yahoo><1, 0, 1, 1004>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] <Yahoo><1, 0, 2, 1003>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] <><1, 1, 2, 1004>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] <Yahoo><1, 0, 0, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] <Yahoo! China><1, 0, 1, 1015>
[c:\program files\google\googletoolbar1.dll] <Google Inc.><3, 0, 131, 0>
[C:\PROGRA~1\sina\DLFast\ddtong~1.dll] <北京新浪信息技术有限公司><1, 2, 1, 5>
[C:\PROGRA~1\sina\DLFast\ddtinit.dll] <北京新浪信息技术有限公司><1, 2, 1, 7>
[C:\PROGRA~1\sina\DLFast\DDTUpdate.dll] <北京新浪信息技术有限公司><1, 2, 1, 1>
[C:\PROGRA~1\sina\DLFast\ddtnews.ocx] <北京新浪信息技术有限公司><1, 1, 1, 5>
[C:\PROGRA~1\sina\DLFast\ddtcomm.dll] <北京新浪信息技术有限公司><1, 1, 0, 3>
[C:\PROGRA~1\DFVSIE~1\DFVSIEBR.dll] <><1, 0, 0, 1>
[C:\WINDOWS\system32\xunleibho_v8.dll] <><4, 5, 1, 33>
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.1.2003110300>
[C:\PROGRA~1\DESKAD~1\deskipn.dll] <><1, 0, 0, 1>
[C:\Program Files\SearchNet\SNHpr.dll] <Beijing Zhongsou Online Software><1, 0, 0, 1>
[C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll] <Yahoo.><1, 0, 2, 1002>
[C:\WINDOWS\Downlo~1\IEHpr.dll] <中搜在线软件有限公司><2, 0, 2, 5>
[C:\PROGRA~1\360so\360so.dll] <360搜><1, 0, 4, 1003>
[c:\PROGRA~1\chinanet\VNETTR~1.DLL] <><2005, 4, 6, 1>
[c:\PROGRA~1\chinanet\Communicate.dll] <0><2005, 3, 3, 1>
[C:\PROGRA~1\ChinaNet\CLIENT~1.DLL] <><2004, 2, 28, 1>
[C:\Program Files\Tencent\QQ\QQIEHelper.dll] <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] <><1, 2, 7, 1006>
[C:\PROGRA~1\FlashGet\jccatch.dll] <Amaze Soft><1, 1, 3, 0>
[C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] < ><1, 0, 2, 1001>
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] <Yahoo><1, 0, 2, 1002>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll] <Yahoo><1, 0, 1, 1001>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll] <Yahoo><1, 0, 6, 1319>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll] <3721.com><2, 1, 1, 87>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yXPStyle.dll] <Yahoo><1, 0, 2, 1309>
[PID: 1888][D:\zxf\SREng.exe] <Smallfrogs Studio><2.0.12.350>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 0, 1013>

病毒郁闷 - 2006-5-3 20:27:00

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [AutoCADScriptFile]
.CHM Error. ["hh.exe" %1]
.HLP Error. [winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

病毒郁闷 - 2006-5-3 20:28:00

搞定了!!!剩下就需要兄弟帮忙了!!!!!

病毒郁闷 - 2006-5-3 20:29:00

兄弟~~~~一定帮忙来看看哈~~~~

病毒郁闷 - 2006-5-3 20:33:00

拒绝网游珍惜生命
一定来看下,一看就知道是高手.
小漏一手就可以了!!!!!~@~

病毒郁闷 - 2006-5-3 20:44:00

还没有来啊????弄好了我请你吃饭!!!

拒绝网游珍惜生命 - 2006-5-3 20:50:00

我新手啊，呵呵

病毒郁闷 - 2006-5-3 20:54:00

加油~~~~搞好你就是油条了!还是老的那种

病毒郁闷 - 2006-5-3 20:58:00

我的任务管理器里总有个不是我的名字的东西在动

用户名SYSTEM

拒绝网游珍惜生命 - 2006-5-3 21:02:00

<C:\WINDOWS\system32\serviecs.exe -NetSata><N/A>
打开文件选择。让他显示全部系统文件，还有不要隐藏已知文件，然后windows 查找serviecs.exe
找到以后你打开属性，告诉我创建日期，我现在不敢确定这个是不是木马！

拒绝网游珍惜生命 - 2006-5-3 21:06:00

没事按照我上面的做，暂时不要删除。。。。。。你告诉我日期

病毒郁闷 - 2006-5-3 21:37:00

创建日期 2006年3月22日, 1:33:18
修改日期 2006年3月22日, 2:10:16
访问时间 2006年5月3日, 21:32:49

瑞星卡卡安全论坛