我朋友用一U盘插入我电脑，然后我的........ bbs.ikaka.com

迷花不事君 - 2006-7-21 21:59:00

【回复“不言放弃”的帖子】
Logfile of HijackThis v1.99.1
Scan saved at 21:47:29, on 2006-7-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\KV2006\KVSrvXP.exe
C:\Program Files\KV2006\kvwsc.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\KV2006\UIHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\UPEngine.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Thunder Network\Thunder\Thunder.exe
C:\Program Files\KV2006\kvscan.kxp
C:\TDdownload\HijackThis.exe

O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KvMonXP] "C:\Program Files\KV2006\KVMonXP.kxp" /auto
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] C:\PROGRA~1\ALWILS~1\Avast4\ASWREG~1.EXE "C:\Program Files\Alwil Software\Avast4\AhAScr.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [KvXP] "C:\Program Files\KV2006\KvXP.kxp" /ScanBoot /ScanSys
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O9 - Extra 'Tools' menuitem: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6036BC07-D478-49AD-A26A-3019EDCC0B5F}: NameServer = 61.166.150.101 202.98.160.68
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: KVSrvXP - Jiangmin Co. Ltd - C:\Program Files\KV2006\KVSrvXP.exe
O23 - Service: KVWSC - Jiangmin Co.Ltd - C:\Program Files\KV2006\kvwsc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

我无邪 - 2006-7-21 22:04:00

关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O8 - Extra context menu item: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O9 - Extra 'Tools' menuitem: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
重启后删除
C:\PROGRA~1\MMSASS~1
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

迷花不事君 - 2006-7-22 3:10:00

2006-07-22,02:59:22

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<H/PC Connection Agent><"C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"> [Microsoft Corporation]
<KvXP><"C:\Program Files\KV2006\KvXP.kxp" /ScanBoot /ScanSys> [Jiangmin Co.Ltd]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<KvMonXP><"C:\Program Files\KV2006\KVMonXP.kxp" /auto> [Jiangmin Co.Ltd]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]

==================================
启动文件夹
[Microsoft Office]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>

==================================
服务
[avast! iAVS4 Control Service / aswUpdSv]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><N/A>
[Ati HotKey Poller / Ati HotKey Poller]
<C:\WINDOWS\system32\Ati2evxx.exe><N/A>
[ATI Smart / ATI Smart]
<C:\WINDOWS\system32\ati2sgag.exe><>
[avast! Antivirus / avast! Antivirus]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><N/A>
[avast! Mail Scanner / avast! Mail Scanner]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[JMediaService / JMediaService]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><N/A>
[KVSrvXP / KVSrvXP]
<C:\Program Files\KV2006\KVSrvXP.exe /Service><Jiangmin Co. Ltd>
[KVWSC / KVWSC]
<"C:\Program Files\KV2006\kvwsc.exe"><Jiangmin Co.Ltd>
[O&O Defrag / O&O Defrag]
<C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>

==================================
浏览器加载项
[Vision]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[MMSAssistMenu]
{6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, N/A>
[ActiveMovieControl Object]
{05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, N/A>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[HHCtrl Object]
{41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[FiltrateWebObj Class]
{42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} <C:\Program Files\KV2006\KVBHO.dll, Jiangmin Co.Ltd>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Vision]
{6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\MediaAddin03.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\getallurl.htm, N/A>
[>>彩信发送<<]
<res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm, N/A>

==================================
正在运行的进程
[PID: 468][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 540][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 568][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 612][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 624][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 784][C:\WINDOWS\system32\Ati2evxx.exe] <N/A><N/A>
[PID: 796][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 852][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 928][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 996][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1056][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1316][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] <><1, 2, 0, 5>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[C:\Program Files\Alwil Software\Avast4\ashShell.dll] <ALWIL Software><4, 7, 835, 0>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[PID: 1372][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1600][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] <ATI Technologies, Inc.><6.14.10.5090>
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll] <ATI Technologies, Inc.><6.14.10.5090>
[C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS] <ATI Technologies, Inc.><6.14.10.5090>
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll] <ATI Technologies, Inc.><6.14.10.5090>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 1616][C:\WINDOWS\SOUNDMAN.EXE] <Realtek Semiconductor Corp.><5.1.0.29>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 1624][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3510>

迷花不事君 - 2006-7-22 3:11:00

[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[C:\Program Files\KV2006\KVMonXP.kxp] <Jiangmin Co.Ltd><9, 2, 0, 60103>
[C:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[C:\Program Files\KV2006\lang\Kvxp0804.lng] <N/A><N/A>
[C:\Program Files\KV2006\GUIExt.dll] <Jiangmin Co.Ltd><9, 0, 5, 927>
[C:\Program Files\KV2006\lang\GUIExt0804.lng] <JiangMin Ltd.><7, 1, 0, 200>
[C:\Program Files\KV2006\EngFace.dll] <Jiangmin Co.Ltd><9.0.0.50809>
[C:\Program Files\KV2006\EngPS.dll] <Jiangmin Co.Ltd><9, 2, 0, 50817>
[C:\Program Files\KV2006\KvMemory.dll] <Jiangmin Co. Ltd.><9, 0, 6, 0214>
[C:\Program Files\KV2006\KvOffice.dll] <JiangMin New Tech.><9.0.0.1213>
[C:\Program Files\KV2006\lang\KVOffice0804.lng] <N/A><N/A>
[C:\Program Files\KV2006\VirusUpload.dll] <N/A><2, 0, 0, 0>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[C:\Program Files\KV2006\PProtect.dll] <Jiangmin Co. Ltd.><9.0.0.921>
[PID: 1640][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] <N/A><5, 0, 0, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] <ALWIL Software><4, 7, 824, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] <ALWIL Software><4, 7, 844, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] <ALWIL Software><4, 7, 824, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] <ALWIL Software><4, 7, 800, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] <ALWIL Software><4, 7, 844, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] <ALWIL Software><4, 6, 763, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ChineseS\Base.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\ChineseS\Lang.dll] <ALWIL Software><4, 7, 824, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] <ALWIL Software><4, 7, 835, 0>
[c:\program files\alwil software\avast4\ahruijs.dll] <N/A><4, 7, 844, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] <ALWIL Software><4, 7, 844, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] <Codejock Software><1, 9, 4, 0>
[c:\program files\alwil software\avast4\ahruimai.dll] <ALWIL Software><4, 7, 844, 0>
[c:\program files\alwil software\avast4\ahruimes.dll] <ALWIL Software><4, 7, 844, 0>
[c:\program files\alwil software\avast4\ahruins.dll] <ALWIL Software><4, 7, 844, 0>
[c:\program files\alwil software\avast4\ahruiout.dll] <ALWIL Software><4, 7, 844, 0>
[c:\program files\alwil software\avast4\ahruip2p.dll] <ALWIL Software><4, 7, 844, 0>
[c:\program files\alwil software\avast4\ahruistd.dll] <ALWIL Software><4, 7, 844, 0>
[c:\program files\alwil software\avast4\ahruiws.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[PID: 1684][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 1720][C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE] <Microsoft Corporation><3.7.1.4034>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 504][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] <N/A><N/A>
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] <ALWIL Software><4, 7, 824, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] <ALWIL Software><4, 7, 824, 0>
[PID: 528][C:\Program Files\Alwil Software\Avast4\ashServ.exe] <N/A><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] <ALWIL Software><4, 7, 824, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] <ALWIL Software><4, 7, 824, 0>
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] <ALWIL Software><4, 7, 835, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] <ALWIL Software><4, 6, 665, 0>
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ChineseS\Base.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] <N/A><N/A>
[C:\Program Files\Alwil Software\Avast4\AhResJs.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\Alwil Software\Avast4\aswRes.dll] <ALWIL Software><4, 7, 835, 0>
[PID: 744][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\MMSASS~1\MMSSVER.DLL] <><1, 2, 0, 5>
[PID: 900][C:\Program Files\KV2006\KVSrvXP.exe] <Jiangmin Co. Ltd><9.2.0.50822>
[C:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[C:\Program Files\KV2006\SvcSafe.dll] <Jiangmin Co. Ltd><9, 2, 0, 51107>
[C:\Program Files\KV2006\lang\SvcSafe0804.lng] <N/A><N/A>
[C:\Program Files\KV2006\RegProt.dll] <Jiangmin Co.Ltd><9, 0, 5, 1212>
[C:\Program Files\KV2006\Scan.dll] <Jiangmin Co., Ltd.><1.0.6.07110>
[C:\Program Files\KV2006\FileGD.dll] <Jiangmin Co.Ltd><9.2.0.50809>
[C:\Program Files\KV2006\KvSPI.dll] <Jiangmin Co. Ltd.><1.0.6.06030>
[C:\Program Files\KV2006\lang\KVSpi0804.lng] <N/A><N/A>
[C:\Program Files\KV2006\ScanHost.dll] <Jiangmin Co. Ltd><9, 2, 0, 50822>
[C:\Program Files\KV2006\KVWPSet.dll] <Jiangmin Co.Ltd><9, 0, 0, 60220>
[C:\Program Files\KV2006\EngPS.dll] <Jiangmin Co.Ltd><9, 2, 0, 50817>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\KV2006\KVEnhS.dll] <Jiangmin Co., Ltd.><9, 2, 6, 02040>
[C:\Program Files\KV2006\KVEnhJ.dll] <Jiangmin Co.Ltd><9, 1, 0, 50822>
[C:\Program Files\KV2006\KVExtCab.dll] <JiangMin Co. Ltd><9, 2, 0, 50822>
[C:\Program Files\KV2006\KVExtEml.dll] <Jiangmin Co. Ltd.><9, 2, 6, 07050>
[C:\Program Files\KV2006\lang\KVExtEml0804.lng] <N/A><N/A>
[C:\Program Files\KV2006\KVExtGz.dll] <Jiangmin Co. Ltd><9, 0, 6, 04200>
[C:\Program Files\KV2006\KVExtLZH.dll] <JiangMin Co. Ltd.><9, 2, 6, 0316>
[C:\Program Files\KV2006\KvExtRar.dll] <JiangMin Co. Ltd.><9, 2, 6, 04020>
[C:\Program Files\KV2006\KVExtTar.dll] <Jiangmin Co. Ltd><9, 2, 0, 50822>
[C:\Program Files\KV2006\KVExtZ.dll] <Jiangmin Co. Ltd><9.2.0.503>
[C:\Program Files\KV2006\KvExtZip.dll] <JiangMin Co Ltd.><9, 2, 0, 50822>
[C:\Program Files\KV2006\KVEnhK.dll] <Jiangmin Co.Ltd><9, 1, 0, 51209>
[C:\Program Files\KV2006\Fix.dll] <Jiangmin Co.Ltd><9, 2, 6, 07110>
[C:\Program Files\KV2006\KvCkMail.dll] <N/A><9, 0, 6, 619>
[C:\Program Files\KV2006\lang\KvMailRes0804.lng] <N/A><N/A>
[PID: 1032][C:\Program Files\KV2006\kvwsc.exe] <Jiangmin Co.Ltd><9, 0, 5, 908>
[C:\Program Files\KV2006\EngPS.dll] <Jiangmin Co.Ltd><9, 2, 0, 50817>
[C:\Program Files\KV2006\EngFace.dll] <Jiangmin Co.Ltd><9.0.0.50809>
[C:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[PID: 1128][C:\WINDOWS\system32\oodag.exe] <O&O Software GmbH><8.0.1341>
[C:\WINDOWS\system32\OODAGRS.DLL] <O&O Software GmbH><8.0.1.1319>
[PID: 2292][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] <ALWIL Software><4, 7, 844, 0>

迷花不事君 - 2006-7-22 3:12:00

[C:\Program Files\Alwil Software\Avast4\ashUInt.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] <ALWIL Software><4, 7, 824, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] <ALWIL Software><4, 7, 824, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\XT1922.dll] <Codejock Software><1, 9, 4, 0>
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ChineseS\Base.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] <ALWIL Software><4, 7, 835, 0>
[C:\Program Files\Alwil Software\Avast4\ChineseS\Lang.dll] <ALWIL Software><4, 7, 824, 0>
[C:\Program Files\Alwil Software\Avast4\ChineseS\langmai.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[PID: 2316][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] <ALWIL Software><4, 7, 824, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] <ALWIL Software><4, 7, 824, 0>
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\Alwil Software\Avast4\ChineseS\Base.dll] <ALWIL Software><4, 7, 800, 0>
[C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] <ALWIL Software><4, 7, 835, 0>
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] <ALWIL Software><4, 7, 835, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] <ALWIL Software><4, 7, 844, 0>
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] <ALWIL Software><4, 7, 844, 0>
[PID: 2552][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\KV2006\TrojDie.kxp] <Jiangmin Co.Ltd><9.0.6.0413>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[C:\Program Files\KV2006\lang\TrojDie0804.lng] <Jiangmin Co.Ltd><9.0.0.0813>
[C:\Program Files\KV2006\GUIExt.dll] <Jiangmin Co.Ltd><9, 0, 5, 927>
[C:\Program Files\KV2006\lang\GUIExt0804.lng] <JiangMin Ltd.><7, 1, 0, 200>
[C:\Program Files\KV2006\PProtect.dll] <Jiangmin Co. Ltd.><9.0.0.921>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[C:\Program Files\KV2006\ComUIPS.dll] <Jiangmin Ltd.><9. 5. 5. 20>
[PID: 2816][C:\Program Files\KV2006\KRegEx.exe] <Jiangmin Co.Ltd><9.0.6.210>
[C:\Program Files\KV2006\KRegEx.dll] <Jiangmin Co. Ltd.><9.0.6.0119>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\KV2006\KRegTrust.dll] <Jiangmin Co. Ltd.><9.0.0.825>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 2896][C:\Program Files\KV2006\UIHost.exe] <Jiangmin Co. Ltd><9.2.0.50822>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[C:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[C:\Program Files\KV2006\ComUI.dll] <Jiangmin Ltd.><9. 0. 0.509>
[C:\Program Files\KV2006\ComUIPS.dll] <Jiangmin Ltd.><9. 5. 5. 20>
[C:\Program Files\KV2006\GUIExt.dll] <Jiangmin Co.Ltd><9, 0, 5, 927>
[C:\Program Files\KV2006\lang\GUIExt0804.lng] <JiangMin Ltd.><7, 1, 0, 200>
[PID: 3052][C:\WINDOWS\system32\wuauclt.exe] <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
[PID: 3736][C:\Program Files\Internet Explorer\IEXPLORE.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] <><1, 2, 0, 5>
[C:\Program Files\Alwil Software\Avast4\AhAScr.dll] <ALWIL Software><4, 7, 844, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] <ALWIL Software><4, 7, 844, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] <ALWIL Software><4, 7, 844, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] <ALWIL Software><4, 7, 824, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] <ALWIL Software><4, 7, 824, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] <ALWIL Software><4, 7, 800, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] <ALWIL Software><4, 7, 844, 0>
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] <ALWIL Software><4, 6, 763, 0>
[C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 3992][C:\Documents and Settings\蔡鸟\桌面\sreng\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\Program Files\KV2006\KVHookG_1.dll] <Jiangmin Co.Ltd><9.0.0.1226>
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] <ALWIL Software><4, 6, 763, 0>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

迷花不事君 - 2006-7-22 17:47:00

【回复“我无邪”的帖子】
删除了C:\PROGRA~1\MMSASS~1又出来

mopery - 2006-7-22 18:40:00

http://www.pctutu.com/srmsdown.asp
下载超级兔子..用超级兔子清理王卸载流氓软件...(安全模式...)
用超级兔子来删..

迷花不事君 - 2006-7-24 20:37:00

诸位大佬，俺啥都试了，超级兔子垃圾王，雅虎猪手等等，就是不成。俺的文件夹选项就是无法修改，隐藏文件就是看不到，文件后缀就是看不到，C:\PROGRA~1\MMSASS~1删了TMD就是出来，俺在发一份日志，请诸位大佬帮俺看看是啥毛病，呜呼，可怜可怜俺吧

2006-07-24,20:25:33

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<H/PC Connection Agent><"C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
<run><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> []
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [Yahoo! China]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<Super Rabbit Winspeed><"C:\Program Files\Super Rabbit\MagicSet\winspeed.exe" /autokill:shutdown.exe> [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]

==================================
启动文件夹
服务
[Ati HotKey Poller / Ati HotKey Poller]
<C:\WINDOWS\system32\Ati2evxx.exe><N/A>
[ATI Smart / ATI Smart]
<C:\WINDOWS\system32\ati2sgag.exe><>
[JMediaService / JMediaService]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><N/A>
[O&O Defrag / O&O Defrag]
<C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>

==================================
浏览器加载项
[Vision]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[MMSAssistMenu]
{6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll, yahoo! china>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, N/A>
[ActiveMovieControl Object]
{05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, N/A>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>

迷花不事君 - 2006-7-24 20:37:00

[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, N/A>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll, N/A>
[HHCtrl Object]
{41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll, yahoo! china>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL, yahoo! china>
[Vision]
{6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\MediaAddin03.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[>>彩信发送<<]
<res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm, N/A>

==================================
正在运行的进程
[PID: 468][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 532][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 560][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 604][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 616][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 772][C:\WINDOWS\system32\Ati2evxx.exe] <N/A><N/A>
[PID: 784][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 844][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 924][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 976][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1008][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1328][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] <><1, 2, 0, 5>
[PID: 1376][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1624][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] <ATI Technologies, Inc.><6.14.10.5090>
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll] <ATI Technologies, Inc.><6.14.10.5090>
[C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS] <ATI Technologies, Inc.><6.14.10.5090>
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll] <ATI Technologies, Inc.><6.14.10.5090>
[PID: 1640][C:\WINDOWS\SOUNDMAN.EXE] <Realtek Semiconductor Corp.><5.1.0.29>
[PID: 1652][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe] <Yahoo! China><3, 0, 0, 1001>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll] <Yahoo! China><3, 0, 0, 1001>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll] <Yahoo! China><3, 0, 0, 1002>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll] <Yahoo! China><3, 0, 0, 1000>
[C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll] <Yahoo! China><3, 0, 0, 1000>
[PID: 1660][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1668][C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE] <Microsoft Corporation><3.7.1.4034>
[PID: 268][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\MMSASS~1\MMSSVER.DLL] <><1, 2, 0, 5>
[PID: 308][C:\WINDOWS\system32\oodag.exe] <O&O Software GmbH><8.0.1341>
[C:\WINDOWS\system32\OODAGRS.DLL] <O&O Software GmbH><8.0.1.1319>
[PID: 1508][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1708][C:\Program Files\Internet Explorer\IEXPLORE.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] <><1, 2, 0, 5>
[C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll] <yahoo! china><3, 0, 2, 1036>
[C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx] <Macromedia, Inc.><8,0,24,0>
[C:\WINDOWS\system32\unispim.ime] <北京清华紫光软件股份有限公司><2.3.0.1063>
[PID: 1920][C:\WINDOWS\system32\UPEngine.EXE] <北京清华紫光软件股份有限公司><2.3.0.1063>
[PID: 488][C:\Documents and Settings\蔡鸟\桌面\sreng2\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

瑞星卡卡安全论坛