老是有网站www.588088.com拦截我打开的网页，很烦，请求帮忙 bbs.ikaka.com

齐齐齐齐 - 2006-6-20 20:44:00

2006-06-20,20:26:57

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [Microsoft Corporation]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [Microsoft Corporation]
<services><C:\WINDOWS\services.exe> [rsexdklckldkl]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
<services><C:\WINDOWS\services.exe> [rsexdklckldkl]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
<run><C:\WINDOWS\services.exe> [rsexdklckldkl]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [Microsoft Corporation]
<Corel Reminder><> []
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> []
<QQ><C:\Program Files\system\system.exe> [dudu]
<Str3><hongqt> []
<LongData><焼> []
<BinaryData><"3D梯> []
<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [Symantec Corporation]
<vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe> [Symantec Corporation]
<IESAddr><> []
<helper.dll><C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32> []
<assistse><"C:\PROGRA~1\3721\assistse.exe"> [yahoo]
<services><C:\WINDOWS\services.exe> [rsexdklckldkl]
<CnsMin><Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<renewup><C:\Program Files\CNNIC\Cdn\cdnrenew.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
<services><C:\WINDOWS\services.exe> [rsexdklckldkl]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
<WinlogonNotify: NavLogon><C:\WINDOWS\System32\NavLogon.dll> [Symantec Corporation]

齐齐齐齐 - 2006-6-20 20:50:00

启动文件夹
[AutoCAD 启动加速器]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk><N>
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>
[IE-BAR]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\IE-BAR.lnk><N>

==================================
服务
[Autodesk Licensing Service / Autodesk Licensing Service]
<"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Symantec Event Manager / ccEvtMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
<"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Crypkey License / Crypkey License]
<crypserv.exe><Kenonic Controls Ltd.>
[Symantec AntiVirus Definition Watcher / DefWatch]
<"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[SavRoam / SavRoam]
<"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc]
<"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
<"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[VIPTray / VIPTray]
<C:\WINDOWS\System32\VIPTray.exe><N/A>

==================================
浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[BrowserHelper Class]
{2D99E8F4-56B7-457B-9A92-61B5D247D263} <C:\WINDOWS\System32\WinDefendor.dll, TODO: <公司名>>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\Program Files\3721\Assist\Angling.dll, Yahoo Inc.>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Macrosoft Class]
{58DB541D-F15A-4e95-A5D9-5DF5EE13920C} <c:\windows\system32\winlogin.dll, macrosoft>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <D:\Program Files\Xi\Net Transport\NTIEHelper.dll, Xi>
[XjvWmnrq Class]
{DBA815AA-B62F-2014-0851-B7C0E0810B06} <C:\WINDOWS\DOWNLO~1\vuflrxe.dll, cqepbsoft>
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[TOL24]
{345ff7d8-2364-4ef7-889b-7d3c1d0bd342} <http://www.TOL24.com, N/A>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[东方卫士]
{A26ABCF0-1C8F-46e7-A67C-0489DC21B9CE} <C:\WINDOWS\System32\dfvs\dfvsol\DFVSIEBR.dll, >
[在线杀毒]
{A26ABCF0-1C8F-46e7-A67C-0489DC21B9EE} <http://www.i110.com/dfvsonline/, N/A>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[BitCometBar]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} <C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll, N/A>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, 3721>
[DFVSScanFile Control]
{9BBD100C-E820-4930-9937-E8F3AA40E584} <C:\WINDOWS\system32\dfvs\dfvsol\DFVSSFOL.ocx, >
[SysMonOCX Control]
{9BDBC41E-C335-4263-83C0-ECE78EE28A33} <C:\WINDOWS\DOWNLO~1\SYSMON~1.OCX, AhnLab>
[sawuidskyszajkz.UserControl1]
{B2900CC6-9736-4AF5-8B98-FFFCBBDD46D8} <C:\WINDOWS\Downloaded Program Files\RealPlayer.ocx, dqwkjdfioryjkcf>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
<D:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用影音传送带下载]
<D:\PROGRA~1\Xi\NETTRA~1\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
<D:\PROGRA~1\Xi\NETTRA~1\NTAddList.html, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<D:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<D:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[访问通用网址]
<C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>

齐齐齐齐 - 2006-6-20 20:52:00

正在运行的进程
[PID: 508][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 728][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 752][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\System32\NavLogon.dll] <Symantec Corporation><9.0.0.338>
[PID: 796][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 808][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 992][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1040][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1172][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1200][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1272][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><2.2.0.577>
[PID: 1292][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><2.2.0.577>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] <Symantec Corporation><2.2.0.577>
[PID: 1420][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1548][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[c:\windows\system32\winmide32.dll] <N/A><N/A>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1560][C:\WINDOWS\system32\crypserv.exe] <Kenonic Controls Ltd.><5.4.0>
[PID: 1580][C:\Program Files\Symantec AntiVirus\DefWatch.exe] <Symantec Corporation><9.0.0.338>
[PID: 1684][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1744][C:\Program Files\Symantec AntiVirus\Rtvscan.exe] <Symantec Corporation><9.0.0.338>
[C:\WINDOWS\System32\CBA.DLL] <Intel? Corporation><6.12.0.112 E>
[C:\WINDOWS\System32\MsgSys.dll] <Intel? Corporation><6.12.0.112 E>
[C:\WINDOWS\System32\NTS.dll] <Intel? Corporation><6.12.0.112 E>
[C:\WINDOWS\System32\PDS.DLL] <Intel? Corporation><6.12.0.112 E>
[C:\Program Files\Symantec AntiVirus\NAVLU.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\I2ldvp3.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\ecmldr32.DLL] <Symantec Corp.><1.1.0.3>
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.3.0.28>
[C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] <Symantec Corporation><9.0.0.338>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060614.035\ecmsvr32.dll] <Symantec Corporation><61.1.0.11>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060614.035\NAVEX32a.DLL] <Symantec Corporation><20061.1.0.14>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060614.035\NAVENG32.DLL] <Symantec Corporation><20061.1.0.14>
[C:\Program Files\Symantec AntiVirus\IMail.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\NotesExt.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\vpmsece.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\DecSDK.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2ID.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2ZIP.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2SS.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2GZIP.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2CAB.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2LHA.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2ARJ.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2TNEF.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2LZ.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2AMG.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2TAR.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2RTF.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2Text.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll] <Symantec Corporation><9.0.0.338>

齐齐齐齐 - 2006-6-20 20:53:00

PID: 1860][C:\WINDOWS\System32\VIPTray.exe] <N/A><N/A>
[PID: 644][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\System32\AcSignIcon.dll] <Autodesk><16.2.54.0>
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] <Autodesk><16.2.54.0>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\PROGRA~1\3721\alrex.dll] <><1, 0, 1, 1001>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[C:\PROGRA~1\3721\AutoLive.dll] <><1, 1, 4, 1026>
[C:\PROGRA~1\3721\alLiveEx.dll] < ><1, 0, 2, 1005>
[C:\Program Files\3721\Assist\asbar.dll] <3721><1, 0, 1, 1021>
[C:\PROGRA~1\3721\Assist\TbWrap.dll] <3721><1, 0, 0, 2>
[C:\PROGRA~1\3721\Assist\asnoad.dll] <><1, 0, 0, 9>
[C:\PROGRA~1\3721\Assist\aswiper.dll] <3721><1, 0, 1, 1004>
[C:\PROGRA~1\3721\Assist\asiesec.dll] <yahoo><1, 0, 1, 1000>
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><7.0.5.2005092300>
[C:\WINDOWS\System32\WinDefendor.dll] <TODO: <公司名>><1.0.0.2>
[D:\Program Files\Xi\Net Transport\NTIEHelper.dll] <Xi><1.20.7>
[PID: 1072][C:\WINDOWS\services.exe] <rsexdklckldkl><1.00>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1116][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3018>
[PID: 1140][C:\Program Files\CNNIC\Cdn\cdnup.exe] <><2, 3, 0, 8>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\cdntdns.dll] <CNNIC><2, 2, 0, 3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[PID: 1184][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] <Symantec Corporation><2.2.0.577>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL] <Symantec Corporation><2.0.39.0>
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL] <Symantec Corporation><2.0.39.0>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] <Symantec Corporation><2.2.0.577>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] <Symantec Corporation><2.2.0.577>
[C:\WINDOWS\System32\SYMREDIR.dll] <Symantec Corporation><5.3.0.46>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Symantec AntiVirus\SavEmail.dll] <Symantec Corporation><9.0.0.338>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><2.2.0.577>
[PID: 1256][C:\PROGRA~1\SYMANT~1\VPTray.exe] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.3.0.28>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\Symantec AntiVirus\Cliproxy.dll] <Symantec Corporation><9.0.0.338>
[C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\Cliscan.dll] <Symantec Corporation><9.0.0.338>
[PID: 1268][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\PROGRA~1\3721\AutoLive.dll] <><1, 1, 4, 1026>
[C:\PROGRA~1\3721\alLiveEx.dll] < ><1, 0, 2, 1005>
[C:\Program Files\3721\Notifier.dll] <><1, 0, 0, 5>
[PID: 1700][C:\PROGRA~1\3721\assistse.exe] <yahoo><1, 0, 1, 1001>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\PROGRA~1\3721\shell\Assecblk.dll] <3721><1, 0, 0, 9>
[C:\PROGRA~1\3721\shell\AsMenu.dll] <3721><1, 0, 1, 1006>
[C:\PROGRA~1\3721\Assist\assist.dll] <><2, 0, 3, 3>
[C:\PROGRA~1\3721\shell\IEAngel.dll] <yahoo><1, 0, 0, 3>
[C:\PROGRA~1\3721\shell\MenuInfo.dll] <yahoo><1, 0, 0, 2>
[PID: 1768][C:\WINDOWS\System32\Rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 5>

齐齐齐齐 - 2006-6-20 20:54:00

[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[PID: 1820][C:\WINDOWS\System32\ctfmon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[PID: 1992][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><4.7.0041>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[PID: 2348][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\Progra~1\IE-BAR\Cast\dmipn.dll] <千橡互联><2, 2, 1, 0>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\Progra~1\IE-BAR\Cast\dmshell.dll] <千橡互联><2, 2, 1, 0>
[C:\Progra~1\IE-BAR\Cast\221~1.0\dmplayer.dll] <千橡互联><2, 2, 1, 0>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 2396][D:\Program Files\Maxthon\Maxthon.exe] <MY Soft Technology><1, 1, 0, 90>
[D:\Program Files\Maxthon\zlib.dll] <N/A><N/A>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\WINDOWS\System32\AcSignIcon.dll] <Autodesk><16.2.54.0>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[D:\Program Files\Maxthon\Plugin\FloatBar\FloatBar.dll] <><1, 8, 0, 0>
[D:\Program Files\Maxthon\Services\RealTime\real_time.dll] <><1, 0, 0, 1>
[C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 2368][C:\Program Files\system\system3.exe] <dudu><1.00>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\Program Files\system\dmshell.dll] <N/A><N/A>
[PID: 4044][E:\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\CNNIC\Cdn\cdnspie.dll] <><2, 1, 0, 4>
[C:\Program Files\CNNIC\Cdn\imaoe.dll] <CNNIC><2, 2, 0, 1>
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] <CNNIC><1, 0, 0, 11>
[C:\Program Files\CNNIC\Cdn\cdndet.dll] <CNNIC><2, 2, 0, 4>
[C:\WINDOWS\System32\cdnns.dll] <CNNIC><2, 0, 0, 0>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

齐齐齐齐 - 2006-6-20 20:55:00

很长，不好意思，估计？？？看得眼睛都花了吧？嘿嘿！！第一次上论坛，感觉很新奇，这里有人帮助你，真的很感谢！！

我无邪 - 2006-6-20 22:51:00

建议你下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后，打开“超级兔子优化王”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。
运行System Repair Engineer，点“启动项目，服务，点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务VIPTray，选择“删除服务”点“设置”选择“否”最后重启
请到www.27814939.ys168.com下载诺顿进程管理器终止所有C:\WINDOWS\services.exe，C:\Program Files\system\system.exe 的进程，注意不要终止错。
关闭所有浏览窗口以及一些不必要的程序
运行System Repair Engineer，使用“系统修复，浏览器加载项”来删除以下选项。
c:\windows\system32\winlogin.dll
运行System Repair Engineer，使用“启动项目，注册表”来删除以下选项。

C:\WINDOWS\services.exe
C:\WINDOWS\services.exe
C:\WINDOWS\services.exe
C:\Program Files\system\system.exe
C:\WINDOWS\services.exe

双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示确定更改时，单击“是”，清除“隐藏已知文件类型的扩展名
删除
C:\WINDOWS\services.exe
C:\Program Files\system\system.exe

C:\Program Files\CNNIC
C:\Program Files\system
C:\PROGRA~1\3721
C:\Program Files\IE-BAR
C:\WINDOWS\System32\VIPTray.exe
C:\WINDOWS\System32\WinDefendor.dll
c:\windows\system32\winlogin.dll
C:\WINDOWS\DOWNLO~1\vuflrxe.dll
c:\windows\system32\winmide32.dll
以下问题应该是c:\windows\system32\winmide32.dll，注意它。
修复后，请重启，请再扫份日志粘上来。

齐齐齐齐 - 2006-6-21 9:53:00

我在按照你说的操作过程中发现一些问题：
1 删除C:\Program Files\system\system.exe 时有三个这样的文件分别是system3.exe system2.exe system.exe ，而且system.exe 删不掉，决绝被访问。

齐齐齐齐 - 2006-6-21 10:00:00

删除C:\Program Files\system也删不掉拒绝被访问
C:\WINDOWS\System32\VIPTray.exe也删不掉拒绝被访问
你说的“运行System Repair Engineer”里的“System Repair Engineer”在哪里？我找不到，不好意思，麻烦了，我真是不懂！

我无邪 - 2006-6-21 13:26:00

删除C:\Program Files\system也删不掉拒绝被访问
这个你是否这样做了？首先要终止它的进程，另外你说所说的，system3.exe system2.exe system.exe ，都删除它们。
请到www.27814939.ys168.com下载诺顿进程管理器终止所有C:\WINDOWS\services.exe，C:\Program Files\system\system.exe 的进程，注意不要终止错。
C:\WINDOWS\System32\VIPTray.exe
这一个我很有把握，要删除它的服务后，重启才能删除的。
运行System Repair Engineer，就是打开SREng，这下明白了。
请按楼上的步骤去做，不要略过。

齐齐齐齐 - 2006-6-21 15:06:00

C:\WINDOWS\services.exe我终止之后，机子就弹出来一个对话框，说系统即将关机，一分钟倒计时，很郁闷！！！我把日志扫上来让你看一下，我按照你说的做了，有的执行不了，你先看看。

齐齐齐齐 - 2006-6-21 15:08:00

2006-06-21,14:58:58

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [Microsoft Corporation]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
<run><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [Microsoft Corporation]
<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [Symantec Corporation]
<vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe> [Symantec Corporation]
<renewup><C:\Program Files\CNNIC\Cdn\cdnrenew.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
<WinlogonNotify: NavLogon><C:\WINDOWS\System32\NavLogon.dll> [Symantec Corporation]

==================================
启动文件夹
[AutoCAD 启动加速器]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk><N>
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>
[IE-BAR]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\IE-BAR.lnk><N>

齐齐齐齐 - 2006-6-21 15:09:00

服务
[Autodesk Licensing Service / Autodesk Licensing Service]
<"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Symantec Event Manager / ccEvtMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
<"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Crypkey License / Crypkey License]
<crypserv.exe><Kenonic Controls Ltd.>
[Symantec AntiVirus Definition Watcher / DefWatch]
<"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[SavRoam / SavRoam]
<"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc]
<"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
<"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[VIPTray / VIPTray]
<C:\WINDOWS\System32\VIPTray.exe><N/A>

==================================
浏览器加载项
[BrowserHelper Class]
{2D99E8F4-56B7-457B-9A92-61B5D247D263} <C:\WINDOWS\System32\WinDefendor.dll, TODO: <公司名>>
[TOL24]
{345ff7d8-2364-4ef7-889b-7d3c1d0bd342} <http://www.TOL24.com, N/A>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[在线杀毒]
{A26ABCF0-1C8F-46e7-A67C-0489DC21B9EE} <http://www.i110.com/dfvsonline/, N/A>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <d:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[BitCometBar]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} <C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll, N/A>
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\Program Files\3721\Assist\asbar.dll, N/A>
[DFVSScanFile Control]
{9BBD100C-E820-4930-9937-E8F3AA40E584} <C:\WINDOWS\system32\dfvs\dfvsol\DFVSSFOL.ocx, >
[SysMonOCX Control]
{9BDBC41E-C335-4263-83C0-ECE78EE28A33} <C:\WINDOWS\DOWNLO~1\SYSMON~1.OCX, AhnLab>
[sawuidskyszajkz.UserControl1]
{B2900CC6-9736-4AF5-8B98-FFFCBBDD46D8} <C:\WINDOWS\Downloaded Program Files\RealPlayer.ocx, dqwkjdfioryjkcf>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
<D:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用影音传送带下载]
<D:\PROGRA~1\Xi\NETTRA~1\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
<D:\PROGRA~1\Xi\NETTRA~1\NTAddList.html, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<D:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<D:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

齐齐齐齐 - 2006-6-21 15:09:00

正在运行的进程
[PID: 456][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 724][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 752][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\System32\NavLogon.dll] <Symantec Corporation><9.0.0.338>
[PID: 796][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 808][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 980][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1028][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1124][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1168][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1256][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><2.2.0.577>
[PID: 1276][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><2.2.0.577>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] <Symantec Corporation><2.2.0.577>
[PID: 1392][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[PID: 1512][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[c:\windows\system32\winmide32.dll] <N/A><N/A>
[PID: 1524][C:\WINDOWS\system32\crypserv.exe] <Kenonic Controls Ltd.><5.4.0>
[PID: 1544][C:\Program Files\Symantec AntiVirus\DefWatch.exe] <Symantec Corporation><9.0.0.338>
[PID: 1616][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1656][C:\Program Files\Symantec AntiVirus\Rtvscan.exe] <Symantec Corporation><9.0.0.338>
[C:\WINDOWS\System32\CBA.DLL] <Intel? Corporation><6.12.0.112 E>
[C:\WINDOWS\System32\MsgSys.dll] <Intel? Corporation><6.12.0.112 E>
[C:\WINDOWS\System32\NTS.dll] <Intel? Corporation><6.12.0.112 E>
[C:\WINDOWS\System32\PDS.DLL] <Intel? Corporation><6.12.0.112 E>
[C:\Program Files\Symantec AntiVirus\NAVLU.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\I2ldvp3.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\ecmldr32.DLL] <Symantec Corp.><1.1.0.3>
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.3.0.28>
[C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] <Symantec Corporation><9.0.0.338>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060614.035\ecmsvr32.dll] <Symantec Corporation><61.1.0.11>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060614.035\NAVEX32a.DLL] <Symantec Corporation><20061.1.0.14>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060614.035\NAVENG32.DLL] <Symantec Corporation><20061.1.0.14>
[C:\Program Files\Symantec AntiVirus\IMail.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\NotesExt.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\vpmsece.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\DecSDK.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2ID.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2ZIP.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2SS.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2GZIP.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2CAB.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2LHA.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2ARJ.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2TNEF.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2LZ.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2AMG.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2TAR.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2RTF.dll] <Symantec Corporation><3.02.11.32>
[C:\Program Files\Symantec AntiVirus\Dec2Text.dll] <Symantec Corporation><3.02.11.32>
[PID: 1996][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\System32\AcSignIcon.dll] <Autodesk><16.2.54.0>
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] <Autodesk><16.2.54.0>
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[C:\WINDOWS\System32\WinDefendor.dll] <TODO: <公司名>><1.0.0.2>
[PID: 428][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3018>
[PID: 464][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL] <Symantec Corporation><2.0.39.0>
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL] <Symantec Corporation><2.0.39.0>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] <Symantec Corporation><2.2.0.577>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] <Symantec Corporation><2.2.0.577>
[C:\WINDOWS\System32\SYMREDIR.dll] <Symantec Corporation><5.3.0.46>
[C:\Program Files\Symantec AntiVirus\SavEmail.dll] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><2.2.0.577>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><2.2.0.577>
[PID: 480][C:\PROGRA~1\SYMANT~1\VPTray.exe] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.3.0.28>
[C:\Program Files\Symantec AntiVirus\Cliproxy.dll] <Symantec Corporation><9.0.0.338>
[C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL] <Symantec Corporation><9.0.0.338>
[C:\Program Files\Symantec AntiVirus\Cliscan.dll] <Symantec Corporation><9.0.0.338>
[PID: 536][C:\WINDOWS\System32\ctfmon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 660][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><4.7.0041>
[PID: 1248][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\Progra~1\IE-BAR\Cast\dmipn.dll] <千橡互联><2, 2, 1, 0>
[C:\Progra~1\IE-BAR\Cast\dmshell.dll] <千橡互联><2, 2, 1, 0>
[C:\Progra~1\IE-BAR\Cast\221~1.0\dmplayer.dll] <千橡互联><2, 2, 1, 0>
[PID: 1796][D:\Program Files\Maxthon\Maxthon.exe] <MY Soft Technology><1, 1, 0, 90>
[D:\Program Files\Maxthon\zlib.dll] <N/A><N/A>
[C:\WINDOWS\System32\AcSignIcon.dll] <Autodesk><16.2.54.0>
[D:\Program Files\Maxthon\Plugin\FloatBar\FloatBar.dll] <><1, 8, 0, 0>
[D:\Program Files\Maxthon\Services\RealTime\real_time.dll] <><1, 0, 0, 1>
[C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 2400][E:\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\WINDOWS\System32\AcSignIcon.dll] <Autodesk><16.2.54.0>
[PID: 2572][C:\WINDOWS\System32\VIPTray.exe] <N/A><N/A>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

瑞星卡卡安全论坛