无限复活的木马死活杀不掉大家救命阿！！！！ bbs.ikaka.com

ILOVENAN - 2006-7-4 1:20:00

请看刚才发的帖：http://forum.ikaka.com/topic.asp?board=28&artid=8116280

已经照一楼大哥的方法做了，但是刚才开机又出现提示了！还是两次！不过这次变了个文件名称：C：\Documents and Settings\KAI.(我电脑的注册号)\Local Settings\Temporary Internet Files\Temporary Internet Files\Content.IE5\QYDQVDOU(就是这个文件名称变了)\Patch[1].exe 这个文件还是查不到无法删除，然后还是提示C：\DOCUME~1\KAI~(电脑注册号但只有前四位)\LOCALS~1\Temp\~DF9.tmp这个病毒已被删除。。。但是每次开机还会复活，第一个那个文件又找不到删不了，怎么办啊大哥们救救我啊！！！！！！！！！！！！！！！！！！！

我无邪 - 2006-7-4 1:22:00

你要注意，你上了什么网站，这个目录是IE的临时文件夹。
请再扫份System Repair Engineer的日志粘上来。
不要另立帖子，就在这个帖子粘来。

ILOVENAN - 2006-7-4 1:43:00

昨天确实是不小心点开了个恶意网站然后就中了木马，但是就那一次之后再也没进过那网，然后无论我怎么删除脱机文件临时文件和COOKIES也不行，而诺顿也像我说的那样，每次开机都查出来，一个杀的掉一个杀不掉，杀掉的C：\DOCUME~1\KAI~(电脑注册号但只有前四位)\LOCALS~1\Temp\~DF9.tmp下次开机还会再次复活

以下是日志

注册表
启动文件夹
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk><N>
[Logitech Desktop Messenger]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Logitech Desktop Messenger.lnk><N>
[腾讯QQ]
<C:\Documents and Settings\KAI.82CC032E0C354A8\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA]
<C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[Symantec Event Manager / ccEvtMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Internet Security Password Validation / ccISPwdSvc]
<"C:\Program Files\Norton Internet Security\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Network Proxy / ccProxy]
<"C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[COM Host / comHost]
<"C:\Program Files\Norton Internet Security\comHost.exe"><Symantec Corporation>
[EvtEng / EvtEng]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPodService / iPodService]
<C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[MSCSPTISRV / MSCSPTISRV]
<"C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe"><Sony Corporation>
[Norton AntiVirus 自动防护服务 / navapsvc]
<"C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[Norton Protection Center Service / NSCService]
<"C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"><Symantec Corporation>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[PACSPTISVR / PACSPTISVR]
<"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[RegSrvc / RegSrvc]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Spectrum24 Event Monitor / S24EventMonitor]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Symantec AVScan / SAVScan]
<"C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe"><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc]
<"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec SPBBCSvc / SPBBCSvc]
<"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[Sony SPTI Service / SPTISRV]
<"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[SonicStage SCSI Service / SSScsiSV]
<C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe><Sony Corporation>
[Symantec Core LC / Symantec Core LC]
<"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation>
[VAIO Entertainment Aggregation and Control Service / VAIO Entertainment Aggregation and Control Service]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe"><Sony Corporation>
[VAIO Entertainment Task Scheduler / VAIO Entertainment Task Scheduler]
<"C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe"><Sony Corporation>
[VAIO Entertainment TV Device Arbitration Service / VAIO Entertainment TV Device Arbitration Service]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe"><Sony Corporation>
[VAIO Event Service / VAIO Event Service]
<C:\Program Files\Sony\VAIO Event Service\VESMgr.exe><Sony Corporation>
[VAIO Media Integrated Server / VAIOMediaPlatform-IntegratedServer-AppServer]
<C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe><Sony Corporation>
[VAIO Media Integrated Server (HTTP) / VAIOMediaPlatform-IntegratedServer-HTTP]
<"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP"><N/A>
[VAIO Media Integrated Server (UPnP) / VAIOMediaPlatform-IntegratedServer-UPnP]
<C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe><Sony Corporation>
[VAIO Media Gateway Server / VAIOMediaPlatform-Mobile-Gateway]
<"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server"><N/A>
[VAIO Entertainment UPnP Client Adapter / Vcsw]
<C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -RunBySCM><Sony Corporation>
[VAIO Entertainment Database Service / VzCdbSvc]
<"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"><Sony Corporation>
[VAIO Entertainment File Import Service / VzFw]
<C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe><Sony Corporation>

ILOVENAN - 2006-7-4 1:44:00

浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[CNisExtBho Class]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[CNavExtBho Class]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <C:\PROGRA~1\KuGoo2\KUGOO3~1.OCX, N/A>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\downlo~1\CnsHook.dll, N/A>
[Java Plug-in]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Yahoo 1G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[寻宝乐趣多]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[MSN 搜索工具栏]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll, Microsoft Corporation>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[Norton Internet Security 2006]
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[Norton AntiVirus]
{C4069E3A-68F1-403E-B40E-20066696354B} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[金山快译(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[PowerList Control]
{20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\WINDOWS\DOWNLO~1\POWERL~1.OCX, PPStream.com>
[Office Update Installation Engine]
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Java Plug-in]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[MessengerStatsClient Class]
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} <C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll, Microsoft Corporation>
[PicUploadCtrl Class]
{BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} <C:\WINDOWS\Downloaded Program Files\PicUpload.dll, Sohu.com Inc.>
[Java Plug-in]
{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[CNisExtBho Class]
{9ECB9560-04F9-4BBC-943D-298DDF1699E1} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[CNavExtBho Class]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <C:\PROGRA~1\KuGoo2\KUGOO3~1.OCX, N/A>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\downlo~1\CnsHook.dll, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

ILOVENAN - 2006-7-4 1:46:00

正在运行的进程
[PID: 696][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 760][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 784][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2505 (xpsp.040806-1825)>
[C:\WINDOWS\system32\VESWinlogon.dll] <Sony Corporation><2.0.00.09300>
[PID: 828][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 840][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1020][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1088][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1184][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1236][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] <Intel Corporation><9, 0, 1, 12>
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] <Intel Corporation><9, 0, 1, 14>
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] <Intel Corporation><9, 0, 1, 22>
[PID: 1332][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] <Intel Corporation ><9, 0, 1, 41>
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] <Intel Corporation><9, 0, 1, 22>
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] <Intel Corporation><9, 0, 1, 14>
[PID: 1424][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1504][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1600][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><104.0.4.3>
[PID: 1772][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\PROGRA~1\3721\alrex.dll] <><1, 0, 1, 1001>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCEXT.DLL] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCEXT.LOC] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll] <><2, 0, 5, 1031>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] < ><2, 0, 1, 1007>
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><7.0.5.2005092300>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] <Yahoo! China><1, 1, 2, 1034>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] <Yahoo!><2, 1, 8, 1048>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] <><1, 2, 7, 1006>
[C:\PROGRA~1\KuGoo2\KUGOO3~1.OCX] <N/A><N/A>
[PID: 1800][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASSPMEVT.DLL] <Symantec Corporation><2006.2.00.153>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] <Symantec Corporation><2,0,0,73>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCPXYEVT.DLL] <Symantec Corporation><104.0.1.17>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\NORTON~1\ISSVC.DLL] <Symantec Corporation><9.0.0.73>
[C:\WINDOWS\system32\SymNeti.DLL] <Symantec Corporation><6.0.0.99>
[C:\PROGRA~1\NORTON~1\NORTON~1\HPPEVT32.DLL] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\NORTON~1\NORTON~1\HPPRES32.loc] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\NORTON~1\NORTON~1\NAVEVENT.DLL] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\ObrkData.dll] <Symantec Corporation><9.0.0.73>
[PID: 536][C:\Program Files\Common Files\Symantec Shared\ccProxy.exe] <Symantec Corporation><104.0.1.17>
[C:\WINDOWS\system32\SYMREDIR.dll] <Symantec Corporation><6.0.0.99>
[C:\WINDOWS\system32\SymNeti.DLL] <Symantec Corporation><6.0.0.99>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\rcProxy.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\DPHTML.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\DPJS.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\DPVBS.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\PFPriv.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\PFSec.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\PFAdBlk.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\PFMisc.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\PxyHTTP.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\DPHTTP.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\PxyIM.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\ccLogin.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccCharCv.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS_2_7.DLL] <Symantec Corporation><2.7.39.0>
[C:\Program Files\Symantec\LiveUpdate\ProductRegComPS_2_7.DLL] <Symantec Corporation><2.7.39.0>
[PID: 568][C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe] <Symantec Corporation><6.0.0.99>
[C:\WINDOWS\system32\SymNeti.dll] <Symantec Corporation><6.0.0.99>

独孤豪侠 - 2006-7-4 1:46:00

牛人.
第一次看到这么多服务项.
真不知道哪些是有用的哪些是没用的.唉~~~

ILOVENAN - 2006-7-4 1:47:00

[PID: 640][C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe] <Symantec Corporation><2,0,0,73>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll] <Symantec Corporation><2,0,0,73>
[C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll] <Symantec Corporation><2,0,0,73>
[PID: 124][C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe] <Symantec Corporation><1.9.1.762>
[C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll] <Symantec Corporation><1.9.1.762>
[PID: 1376][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1764][C:\WINDOWS\system32\msdtc.exe] <Microsoft Corporation><2001.12.4414.258>
[PID: 1936][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1992][C:\WINDOWS\system32\drivers\CDAC11BA.EXE] <Macrovision><4.20.030>
[PID: 2012][C:\WINDOWS\system32\cisvc.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 132][C:\WINDOWS\system32\inetsrv\inetinfo.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 168][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] <Microsoft Corporation><7.00.9466>
[PID: 336][C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.7.0.10>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.loc] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\N32Exclu.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll] <Symantec Corporation><3.1.30.0>
[PID: 380][C:\WINDOWS\system32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.7083>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.7083>
[PID: 440][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] <Intel Corporation><9, 0, 1, 10>
[PID: 1468][C:\WINDOWS\system32\tcpsvcs.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1520][C:\WINDOWS\System32\snmp.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1632][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1624][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1712][C:\Program Files\Sony\VAIO Event Service\VESMgr.exe] <Sony Corporation><2.1.00.13210>
[C:\Program Files\Sony\VAIO Event Service\VESSuEvent.dll] <Sony Corporation><2.1.00.13210>
[C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll] <N/A><N/A>
[C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll] <Sony Corporation><6, 1, 0, 13260>
[C:\Program Files\Common Files\Sony Shared\SXBIOS\sxbios.dll] <Sony Corporation><4.02.8170>
[C:\WINDOWS\system32\NvCpl.dll] <NVIDIA Corporation><6.14.10.7083>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.7083>
[C:\Program Files\Sony\VAIO Event Service\VESWndMsg.dll] <Sony Corporation><2.1.00.13210>
[C:\Program Files\Sony\VAIO Event Service\VESTransform.dll] <Sony Corporation><2.1.00.13280>
[C:\Program Files\Sony\VAIO Event Service\VESWndMsgHook.dll] <Sony Corporation><2.1.00.13210>
[C:\Program Files\Sony\VAIO Power Management\VESPowerMgr.dll] <Sony Corporation><2.0.00.10290>
[C:\Program Files\Sony\VAIO Event Service\VESSemiPnP.dll] <Sony Corporation><2.1.00.13210>
[C:\Program Files\Sony\VAIO Event Service\VESSuPerform.dll] <Sony Corporation><2.1.00.13240>
[C:\Program Files\Sony\VAIO Event Service\VESVideo.dll] <Sony Corporation><2.1.00.13210>
[C:\Program Files\Sony\VAIO Event Service\VESPerform.dll] <Sony Corporation><2.1.00.13280>
[C:\Program Files\Sony\VAIO Event Service\VESFnLock.dll] <Sony Corporation><2.1.00.13280>
[C:\Program Files\Sony\VAIO Event Service\VESHKWndCommon.dll] <Sony Corporation><2.1.00.13280>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRsPS.dll] <Sony Corporation><1.4.00.14090>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 1888][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe] <Sony Corporation><1.2.01.11110>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\sonyuppc.dll] <Sony Corporation><6.0.00.08050>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\UPnPCtrl.dll] <Sony Corporation><2, 0, 1, 10010>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll] <Sony Corporation><1.2.01.11110>
[PID: 2208][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbVcds.dll] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSsDB.dll] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbLocalDB.dll] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll] <Sony Corporation><1.2.01.11110>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcps.dll] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\AvLib\Metallic.dll] <Sony Corporation><2.8.00.12140>
[PID: 2356][C:\WINDOWS\system32\mqsvc.exe] <Microsoft Corporation><5.01.1108>
[PID: 2412][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFwImport.dll] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdb.dll] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcps.dll] <Sony Corporation><1.2.01.11060>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCs.dll] <Sony Corporation><1.3.00.11080>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCsDsAudioFile.vzcs] <Sony Corporation><1.3.00.11080>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCsDsVideoFile.vzcs] <Sony Corporation><1.4.00.12030>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCsImageFile.vzcs] <Sony Corporation><1.3.00.11080>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCsVideoCapsule.vzcs] <Sony Corporation><1.3.00.11080>
[PID: 2820][C:\WINDOWS\system32\mqtgsvc.exe] <Microsoft Corporation><5.01.1108>
[PID: 3132][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe] <Sony Corporation><1.4.00.14090>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\System.dll] <Sony Corporation><1.4.00.14090>
[C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRsPS.dll] <Sony Corporation><1.4.00.14090>
[PID: 3200][C:\WINDOWS\system32\Rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[PID: 3368][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] < ><2, 0, 0, 1002>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll] <><2, 0, 5, 1031>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] < ><2, 0, 1, 1007>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 3420][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe] <Yahoo!><1, 0, 1, 1001>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll] <Yahoo><1, 0, 1, 1006>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll] <Yahoo><1, 0, 2, 1002>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll] <Yahoo><1, 0, 1, 1001>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll] <Yahoo><1, 0, 0, 2>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 3500][C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe] <N/A><3.0.00.13241>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRVps.dll] <Sony Corporation><4.1.00.13261>

ILOVENAN - 2006-7-4 1:48:00

[PID: 3556][C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] <Sony Corporation><1, 6, 1, 13140>
[C:\Program Files\Sony\VAIO Power Management\SPMDAM.dll] <Sony Corporation><1.0.00.08250>
[C:\Program Files\Sony\VAIO Power Management\SPMRes.dll] <Sony Corporation><1.6.00.09210>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll] <Sony Corporation><1.6.01.14010>
[C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll] <Sony Corporation><6, 1, 0, 13260>
[C:\Program Files\Common Files\Sony Shared\SXBIOS\sxbios.dll] <Sony Corporation><4.02.8170>
[C:\WINDOWS\system32\NvCpl.dll] <NVIDIA Corporation><6.14.10.7083>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.7083>
[PID: 3576][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3660][C:\Program Files\QuickTime\qttask.exe] <Apple Computer, Inc.><7.0.4>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[PID: 4000][C:\Program Files\Logitech\Video\LogiTray.exe] <Logitech Inc.><8.0.3.1112>
[C:\Program Files\Logitech\Video\QCUI2.dll] <Logitech Inc.><8.0.3.1112>
[C:\Program Files\Logitech\Video\LTWVC12n.dll] <LEAD Technologies, Inc.><12.1.0.011>
[C:\Program Files\Logitech\Video\LQCUI2.dll] <Logitech Inc.><8.0.3.1112>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\Logitech\Video\LLogTray.dll] <Logitech Inc.><8.0.3.1112>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\Logitech\Video\fxsvrps.dll] <Logitech Inc.><8.0.3.1112>
[C:\WINDOWS\system32\LVComC.dll] <Logitech Inc.><7.3.0.1113>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[PID: 2036][C:\Program Files\iTunes\iTunesHelper.exe] <Apple Computer, Inc.><6.0.2.23>
[C:\Program Files\iTunes\iTunesHelper.Resources\zh_CN.lproj\iTunesHelperLocalized.DLL] <Apple Computer, Inc.><6.0.2.11>
[C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] <Apple Computer, Inc.><6.0.2.23>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[PID: 1500][C:\Program Files\Sony\ISB Utility\ISBMgr.exe] <Sony Corporation><1, 0, 0, 2180>
[C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll] <Sony Corporation><6, 1, 0, 13260>
[C:\Program Files\Common Files\Sony Shared\SXBIOS\sxbios.dll] <Sony Corporation><4.02.8170>
[C:\WINDOWS\system32\NvCpl.dll] <NVIDIA Corporation><6.14.10.7083>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.7083>
[C:\Program Files\Sony\ISB Utility\ISBRes.dll] <Sony Corporation><1, 0, 1, 9290>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[PID: 2244][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>

ILOVENAN - 2006-7-4 1:49:00

[PID: 2256][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\OPTIONS\SYMDYNLD.DLL] <Symantec Corporation><2006.2.00.153>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCTRAY.DLL] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCTRAY.LOC] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\NORTON~1\ISLALERT.DLL] <Symantec Corporation><9.0.0.73>
[C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\NORTON~1\AlertRes.dll] <Symantec Corporation><9.0.0.73>
[C:\PROGRA~1\NORTON~1\NISTRAY.DLL] <Symantec Corporation><9.0.0.73>
[C:\WINDOWS\system32\SymNeti.DLL] <Symantec Corporation><6.0.0.99>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><104.0.4.3>
[C:\WINDOWS\system32\SYMREDIR.DLL] <Symantec Corporation><6.0.0.99>
[C:\PROGRA~1\NORTON~1\NISTrRes.dll] <Symantec Corporation><9.0.0.73>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCUICOR.dll] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCUICOR.LOC] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\NORTON~1\NORTON~1\CCIMSCAN.DLL] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\Security Console\NSC_Hlpr.dll] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\NORTON~1\NORTON~1\DEFALERT.DLL] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\NORTON~1\NORTON~1\HPP32.DLL] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Common Files\Symantec Shared\ccLogin.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\NORTON~1\NORTON~1\HPPRES32.loc] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Common Files\Symantec Shared\AntiSpam\asFilter.dll] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\AntiSpam\asUniPlg.dll] <Symantec Corporation><2006.2.00.153>
[C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.DLL] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\NORTON~1\NORTON~1\apwutil.dll] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\NORTON~1\ccFWSetg.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\HPPEVT32.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Common Files\Symantec Shared\AntiSpam\asSpmEvt.dll] <Symantec Corporation><2006.2.00.153>
[C:\PROGRA~1\NORTON~1\NORTON~1\navapw32.loc] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\NORTON~1\NORTON~1\NAVOPTRF.DLL] <Symantec Corporation><12.0.0.94>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\NORTON~1\NORTON~1\STATUSHP.DLL] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\Navlcom.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll] <Symantec Corporation><2,0,0,73>
[C:\PROGRA~1\NORTON~1\NORTON~1\apwutil.loc] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVError.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\apwcmdnt.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\ccAVMail.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\apwcmdNT.loc] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\naverror.loc] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\ccEmlflt.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Norton Internet Security\ObrkData.dll] <Symantec Corporation><9.0.0.73>
[C:\Program Files\Norton Internet Security\ObrkAV.dll] <Symantec Corporation><9.0.0.73>
[C:\PROGRA~1\NORTON~1\NORTON~1\NAVSTATS.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVEvent.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Symantec\LiveUpdate\NetDetectController_2_7.DLL] <Symantec Corporation><2.7.39.0>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCSRVPS.DLL] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCUIBL.DLL] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\NORTON~1\NORTON~1\NAVTasks.dll] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\NORTON~1\NORTON~1\NAVTasks.loc] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\ObrkIDS.dll] <Symantec Corporation><9.0.0.73>
[C:\Program Files\Norton Internet Security\SymFWAgt.dll] <Symantec Corporation><104.0.1.17>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\N32Exclu.dll] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\COMMON~1\SYMANT~1\rcAlert.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVOpts.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\navopts.loc] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSCR.dll] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Symantec\LiveUpdate\ProductRegCom_2_7.DLL] <Symantec Corporation><2.7.39.0>
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS_2_7.DLL] <Symantec Corporation><2.7.39.0>
[C:\Program Files\Norton Internet Security\NISAlert.dll] <Symantec Corporation><9.0.0.73>
[C:\Program Files\Norton Internet Security\NISRes.dll] <Symantec Corporation><9.0.0.73>
[C:\Program Files\Norton Internet Security\TLevel.dll] <Symantec Corporation><104.0.1.17>
[PID: 2268][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[PID: 2520][C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe] <Sony Corporation><3.0.00.13241>
[C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRVps.dll] <Sony Corporation><4.1.00.13261>
[PID: 2528][C:\Program Files\Apoint\Apoint.exe] <Alps Electric Co., Ltd.><5.5.7.136>
[C:\WINDOWS\system32\VXDIF.DLL] <Alps Electric Co., Ltd.><6.0.2.65>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\Apoint\ApWheel.dll] <ALPS ELECTRIC CO., LTD.><4.2.0.9>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\Program Files\Apoint\Apoint.DLL] <Alps Electric Co., Ltd.><5.5.6.177>
[C:\Program Files\Apoint\ApRes.dll] <Alps Electric Co., Ltd.><5.5.6.17>
[C:\Program Files\Apoint\EzAuto.dll] <Alps Electric Co., Ltd.><4.5.1.83>
[C:\Program Files\Apoint\EzLaunch.DLL] <Alps Electric Co., Ltd.><5.5.1.59>

ILOVENAN - 2006-7-4 1:49:00

[PID: 2600][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[PID: 2692][C:\Program Files\MSN Messenger\MsnMsgr.Exe] <Microsoft Corporation><8.0.0792.00>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[PID: 892][C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe] <Logitech><2.30.04>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\backWeb.dll] <BackWeb Technologies Inc.><Version 7.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwsec.dll] <BackWeb><Version 4.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\clntutil.dll] <N/A><N/A>
[C:\PROGRA~1\Logitech\DESKTO~1\8876480\720~1.157\program\EN\ClientRC.dll] <BackWeb Technologies Inc.><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll] <Logitech><Version 7.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWfiles.dll] <><Version 7.2.0 (Build 157R)>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll] <Logitech><Version 7.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWDocMapExt.dll] <><Version 7.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll] <Logitech><Version 7.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwscriptext.dll] <><Version 7.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll] <Logitech><2.30.04>
[PID: 644][C:\PROGRA~1\KuGoo2\KuGoo.exe] <><3.2.0.78>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[PID: 3068][C:\Program Files\iPod\bin\iPodService.exe] <Apple Computer, Inc.><6.0.2.23>
[C:\Program Files\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.DLL] <Apple Computer, Inc.><6.0.2.11>
[C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] <Apple Computer, Inc.><6.0.2.23>
[PID: 3612][C:\Program Files\Tencent\QQ\QQ.exe] <TENCENT><0, 0, 0, 0>
[C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\QQHelperDll.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\BasicCtrlDll.dll] <Tencent><5, 0, 200, 14>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\Tencent\QQ\QQAPI.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\TIMProxy.dll] <tencent><0, 3, 2, 4>
[C:\Program Files\Tencent\QQ\LoginCtrl.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\npkcntc.dll] <INCA Internet Co., Ltd.><2005, 9, 1, 1>
[C:\Program Files\Tencent\QQ\npkpdb.dll] <INCA Internet Co., Ltd.><2003, 10, 1, 1>
[C:\Program Files\Tencent\QQ\QQRes.dll] <tencent><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\QQMainFrame.dll] <N/A><N/A>
[C:\Program Files\Tencent\QQ\CQQApplication.dll] <N/A><N/A>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\Program Files\Tencent\QQ\NewSkin.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\HostingMgr.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\CameraDll.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\MailSummary.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\QQSpace.dll] <><1, 0, 0, 1>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[C:\Program Files\Tencent\QQ\QQGroupMng.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\QQConfigPlugin.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\UserDefinedHead.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\QRingMng.dll] <N/A><N/A>
[C:\Program Files\Tencent\QQ\PhoneAPI.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\DialerAllinOne.dll] <tencent><1, 4, 0, 0>
[C:\Program Files\Tencent\QQ\QQSysMsgMng.dll] <N/A><N/A>
[C:\Program Files\Tencent\QQ\LongConnection.dll] <tencent><0, 3, 3, 8>
[C:\Program Files\Tencent\QQ\QQAvatar.dll] <N/A><N/A>
[C:\Program Files\Tencent\QQ\FlashAvatarDll.dll] <><1, 4, 0, 1>
[C:\Program Files\Tencent\QQ\QQPet.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\BQQApplication.dll] <N/A><N/A>
[C:\Program Files\Tencent\QQ\QQPlugin.dll] <N/A><N/A>
[C:\Program Files\Tencent\QQ\CommercesMng.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
[C:\Program Files\Tencent\QQ\QQAddr.dll] <深圳市腾讯计算机系统有限公司><5, 0, 101, 141>
[C:\Program Files\Tencent\QQ\QQSceneMng.dll] <N/A><N/A>
[C:\Program Files\Tencent\QQ\QQPhoneHelper.dll] <腾讯科技（深圳）有限公司><2, 0, 4, 40>

ILOVENAN - 2006-7-4 1:50:00

[PID: 3620][C:\Program Files\Apoint\Apntex.exe] <Alps Electric Co., Ltd.><5.0.1.15>
[C:\WINDOWS\system32\VXDIF.DLL] <Alps Electric Co., Ltd.><6.0.2.65>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[PID: 2184][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1628][C:\WINDOWS\system32\conime.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[PID: 3564][C:\Program Files\Tencent\QQ\TIMPlatform.exe] <tencent><0, 3, 1, 8>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\Tencent\QQ\TIMProxy.dll] <tencent><0, 3, 2, 4>
[PID: 3780][C:\WINDOWS\system32\LVComS.exe] <Logitech Inc.><7.3.0.1113>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\WINDOWS\system32\LVComC.dll] <Logitech Inc.><7.3.0.1113>
[PID: 4776][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 4980][C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCSRVPS.DLL] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCUIBL.DLL] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCUICOR.LOC] <Symantec Corporation><2006.1.1.2>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCJSBL.DLL] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Norton Internet Security\Norton AntiVirus\avFPXY.dll] <Symantec Corporation><2006.1.0.107>
[C:\Program Files\Norton Internet Security\isFtMst.dll] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Norton Internet Security\nscNISpi.dll] <Symantec Corporation><9.0.0.73>
[C:\PROGRA~1\NORTON~1\NORTON~1\avNSCPlg.dll] <Symantec Corporation><12.0.0.94>
[C:\PROGRA~1\NORTON~1\NORTON~1\avNSCPlg.loc] <Symantec Corporation><12.0.0.94>
[C:\Program Files\Common Files\Symantec Shared\Security Console\NSC_WSCR.DLL] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Common Files\Symantec Shared\Security Console\NSC_WSCR.LOC] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Common Files\Symantec Shared\Security Console\NSC_Hlpr.dll] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Norton Internet Security\isFtPxy.dll] <Symantec Corporation><2006.1.1.2>
[C:\Program Files\Norton Internet Security\NISRes.dll] <Symantec Corporation><9.0.0.73>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Norton Internet Security\nisProd.dll] <Symantec Corporation><9.0.0.73>
[C:\Program Files\Common Files\Symantec Shared\AntiSpam\asFtPxy.dll] <Symantec Corporation><2006.1.0.107>
[C:\Program Files\Common Files\Symantec Shared\AntiSpam\asNSCPlg.dll] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\Options\asOpts.dll] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccLogin.dll] <Symantec Corporation><104.0.4.3>
[C:\Program Files\Common Files\Symantec Shared\AdBlocking\adFtPxy.dll] <Symantec Corporation><2006.1.0.107>
[C:\Program Files\Common Files\Symantec Shared\AdBlocking\adNscPlg.dll] <Symantec Corporation><2006.2.00.150>
[C:\Program Files\Common Files\Symantec Shared\Options\SymAd.dll] <Symantec Corporation><2006.2.00.150>
[PID: 5320][C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE] <Symantec Corporation><2.7.39.0>
[C:\PROGRA~1\Symantec\LIVEUP~1\unrar.dll] <N/A><N/A>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS_2_7.DLL] <Symantec Corporation><2.7.39.0>
[C:\Program Files\Symantec\LiveUpdate\ProductRegCom_2_7.DLL] <Symantec Corporation><2.7.39.0>
[C:\Program Files\Symantec\LiveUpdate\NetDetectController_2_7.DLL] <Symantec Corporation><2.7.39.0>
[PID: 4696][C:\Program Files\Tencent\TT\TTraveler.exe] <腾讯公司><3.0.0.250>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll] <><2, 0, 5, 1031>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] < ><2, 0, 1, 1007>
[C:\Program Files\Tencent\TT\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
[C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[C:\Program Files\NJStar Communicator\Njhook32.dll] <NJStar Software Corp.><2, 60, 1, 60308>
[C:\Program Files\NJStar Communicator\NJDBCS32.DLL] <NJStar Software Corp.><5, 10, 0, 60218>
[C:\Program Files\NJStar Communicator\NJTEXT32.DLL] <NJStar Software Corp.><5, 10, 0, 60218>
[PID: 1588][C:\WINDOWS\system32\cidaemon.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 4440][C:\WINDOWS\system32\cidaemon.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 3300][C:\Program Files\WinRAR\WinRAR.exe] <N/A><N/A>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\Program Files\NJStar Communicator\Njhook32.dll] <NJStar Software Corp.><2, 60, 1, 60308>
[C:\Program Files\NJStar Communicator\NJDBCS32.DLL] <NJStar Software Corp.><5, 10, 0, 60218>
[C:\Program Files\NJStar Communicator\NJTEXT32.DLL] <NJStar Software Corp.><5, 10, 0, 60218>
[PID: 396][C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\Rar$EX00.781\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\Rar$EX00.781\SREng2\Plugins\SREngPluginDemo.SRE] <Smallfrogs Studio><1, 1, 1, 0>
[C:\Program Files\NJStar Communicator\Njhook32.dll] <NJStar Software Corp.><2, 60, 1, 60308>
[C:\Program Files\NJStar Communicator\NJDBCS32.DLL] <NJStar Software Corp.><5, 10, 0, 60218>
[C:\Program Files\NJStar Communicator\NJTEXT32.DLL] <NJStar Software Corp.><5, 10, 0, 60218>
[PID: 1256][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><4.7.3001>
[C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>
[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL] <Symantec Corporation><2006.2.00.153>
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] <Symantec Corporation><104.0.4.3>
[C:\PROGRA~1\3721\helper.dll] <><1, 0, 9, 1324>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] <><2, 0, 1, 1018>

ILOVENAN - 2006-7-4 1:51:00

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

天啊总算发完了累死了大哥帮帮忙阿！

ILOVENAN - 2006-7-4 1:56:00

注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [Microsoft Corporation]
<LDM><C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe> [Logitech]
<Kugoo><C:\PROGRA~1\KuGoo2\KuGoo.exe> []
<eMuleAutoStart><C:\Program Files\eMule\eMule.exe -AutoStart> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
<run><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CnsMin><Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<CorelDRAW Graphics Suite 11b><C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=012506 serial=DR12CRC-7032960-LBH lang=EN> []
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [ ]
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [Yahoo!]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> []
<Switcher.exe><C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe> [Sony Corporation]
<SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe> []
<SsAAD.exe><C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe> []
<SonyPowerCfg><C:\Program Files\Sony\VAIO Power Management\SPMgr.exe> [Sony Corporation]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> []
<MsmqIntCert><regsvr32 /s mqrt.dll> []
<LogitechVideoTray><C:\Program Files\Logitech\Video\LogiTray.exe> [Logitech Inc.]
<LogitechVideoRepair><C:\Program Files\Logitech\Video\ISStart.exe> [Logitech Inc.]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> []
<iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [Apple Computer, Inc.]
<ISBMgr.exe><C:\Program Files\Sony\ISB Utility\ISBMgr.exe> [Sony Corporation]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [Microsoft Corporation]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE> [Microsoft Corporation]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [Intel Corporation]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [Intel Corporation]
<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [Symantec Corporation]
<BluetoothAuthenticationAgent><rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent> [Microsoft Corporation]
<Apoint><C:\Program Files\Apoint\Apoint.exe> [Alps Electric Co., Ltd.]
<Alcmtr><ALCMTR.EXE> [Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
<WinlogonNotify: VESWinlogon><VESWinlogon.dll> [Sony Corporation]

我无邪 - 2006-7-4 1:58:00

C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll
这个东东可疑
建议你到安全模式下

C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp删除这个文件夹里所有的东东
打开一个IE窗口，工具，internte选项，点“删除文件”弹出一个窗口勾选“删除所有脱机内容”删除cookies,确定。（注意你打开的网站）
回到正常模式，你再扫一次看看还有没有病毒。

ILOVENAN - 2006-7-4 2:36:00

还是不行，这个楼上老大的方法其实之前已经用过一次了，刚才又用了一次，还是不行，还有会出现发现病毒提示，永远也杀不完。。。其实每天我上完网都会删除COOKIES和临时文件的，但没想到昨天不小心点错了，进入了个该死的恶意网站(忘了是什么网站了)就成这样了，现在老大看我这病毒是不是杀不掉了啊？！是不是只有唯一的办法-重装系统了！？！？！？唉。。。

ILOVENAN - 2006-7-4 3:11:00

没人能帮我解答吗？

黑灯黑火 - 2006-7-4 7:52:00

如果你没有清空历史记录，说不定还能看到~~

另，~
你可以学着用用SSM这个工具~~
说不定会让你获益非浅哦~~
（用SSM在这里搜索一下~~可以找到很多关于这个工具的帖子~~）
去看看吧~~

另，C:\DOCUME~1\KAI~1.82C\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 7.2.0 (Build 157R)>

这个确实是病毒~~
不过，它寄存在3721调用的rundll32.exe里~
要清除它要先结束这个rundll32.exe

然后，再手动到这个temp 里清空那里的文件。（尤其是这个东东~）
要打开这个temp可能要先显示所有文件~
打开我的电脑》工具》文件夹选项》查看》显示所有文件，不隐藏受保护的操作系统文件》确定

结束所有的IE进程！（在任务管理器里结束~）
IE（桌面上的图标）》右击点属性》删除文件（包括脱机文件）》确定

黑灯黑火 - 2006-7-4 8:09:00

另，下面的应该就是这个临时文件在你电脑里生成的东西吧~
[PID: 892][C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe] <Logitech><2.30.04>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\backWeb.dll] <BackWeb Technologies Inc.><Version 7.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwsec.dll] <BackWeb><Version 4.2.0 (Build 157R)>
[C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\clntutil.dll] <N/A><N/A>
[C:\PROGRA~1\Logitech\DESKTO~1\8876480\720~1.157\program\EN\ClientRC.dll] <BackWeb Technologies Inc.><Version 7.2.0 (Build 157R)>

下面这是它在注册表里的启动项（所以才会开机就有~）
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

LDM

<LDM><C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe> [Logitech]

另，我看下面这个运行项最好也给删了（只是删除注册表里的，实际文件暂时不要动~）

<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [Microsoft Corporation]

瑞星卡卡安全论坛