杀毒后,照样跳出每次都不同的网页!IE无法开启! bbs.ikaka.com

170 - 2006-8-30 0:08:00

开网页只能到"开始菜单"里的ie上开!在桌面上开,都变成了如图所示的情况!右键点属性也禁用了!现在开启网页后,虽然没有杀毒前那么多,但是时不时也经常迸出不同的网页!

垃圾啊!气死我了!我下载了N个什么HijackThis,根本就没有办法打开!如图!

附件: 253123200683000020.jpg

170 - 2006-8-30 0:09:00

上图是正常开启桌面上的IE的结果!下图这个是点右键的属性的结果![

附件: 253123200683000153.jpg

我无邪 - 2006-8-30 0:11:00

请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

170 - 2006-8-30 0:13:00

HijackThis从来都开不了!点了没有一点反应!

附件: 253123200683000508.jpg

秋日里的蓝天 - 2006-8-30 0:13:00

开始－－运行－－浏览找到HIJACKTHIS－－打开－－确定，看能不能扫描上来

170 - 2006-8-30 0:18:00

2006-08-30,00:07:50

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<pyjj><C:\Program Files\jj4\jjsvr4.exe> [加加开发组]
<ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<Realplayer.exe><C:\WINDOWS\system32\Realplayer.exe> []
<MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<WangWang><; "E:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE"> [淘宝（中国）软件有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<3721C:\WINDOWS\DOWNLO~1\cnshook.dll22718><regsvr32 /s C:\WINDOWS\DOWNLO~1\cnshook.dll> [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
<Torjan Program><C:\WINDOWS\WINLOGON.EXE> [LizdIfRNUy8GolDCvSEs]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<1><C:\WINDOWS\wingdi.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe 1> []
<Userinit><userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><NVDESK32.DLL> [NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\cnshook.dll> [北京三七二一科技有限公司]
<_{32CD708B-60A7-4C00-9377-D73EAA495F0F}><Rising Execute File Exts hook> []
<{08315C1A-9BA9-4B7C-A432-26885F78DF28}><> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<DelayRun><> []
<webwork><C:\WINDOWS\webwork\webwork.dll> [MSWebwork Cop.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\skwinlogon]
<WinlogonNotify: skwinlogon><dll.dll> []

170 - 2006-8-30 0:18:00

启动文件夹
[联想键盘驱动程序]
<C:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\联想键盘驱动程序.lnk><N>
[河南网通宽带用户客户端]
<C:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\河南网通宽带用户客户端.lnk><N>
[腾讯QQ珊瑚虫版]
<C:\Documents and Settings\legend\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk><N>

==================================
服务
[JMediaService / JMediaService]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><N/A>
[LexBce Server / LexBceS]
<C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[MySQL / MySQL]
<"E:\Program Files\Pit Software\BK2\mysql\bin\mysqld-nt" MySQL><N/A>
[NVIDIA Driver Helper Service / NVSvc]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><N/A>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SVCHOST / SVCHOST]
<C:\WINDOWS\SVCHOST.exe><N/A>
[Sysdll / Sysdll]
<C:\WINDOWS\Sysdll.exe><N/A>
[System Event Notification Logs / System Event Notification Logs]
<C:\WINDOWS\system32\drivers\lsass.exe><N/A>

170 - 2006-8-30 0:19:00

==================================
浏览器加载项
[Query Class]
{01C2F1E8-5C69-4B5C-B052-26941B6C23A6} <C:\WINDOWS\system32\iequery.dll, N/A>
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IEHelper\IEHelper_5001.dll, Microsoft Corporation>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[Vision]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[BHOImp Class]
{70AFF2CB-9DA2-499C-8D15-900729FCE83D} <C:\WINDOWS\system32\YHBO.dll, YHBO>
[MSHlper Class]
{721E6521-4CAD-4A8D-A7F1-4E230B31EF19} <C:\WINDOWS\system32\mshlp.dll, N/A>
[CpapView Class]
{77962960-536E-47EC-9DDB-52651519705F} <C:\WINDOWS\system32\Rundl132.dll, N/A>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Spoolsv Class]
{9C363D55-07D7-433d-A13E-D9C105202F6F} <C:\WINDOWS\system32\drivers\spoolsv.dll, >
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[Java Enhancer]
{AF098F95-7CEA-407A-8552-3846737CC4B2} <C:\WINDOWS\system32\funcwin.dll, Sun MicroSystems, Inc.>
[Count Class]
{CFF6E0CF-02FB-47F5-95A4-DD8610D59284} <C:\WINDOWS\system32\bsnviewer.dll, >
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, 北京三七二一科技有限公司>
[51导航]
{D271A289-57EB-4D0E-9131-A0CD25D4D1F8} <C:\WINDOWS\system32\browsewmzero.dll, N/A>
[DuiSo.com Search]
{E2218499-2FD4-4EED-A94A-7F0B9C6E300E} <C:\WINDOWS\system32\Inte32.dll, N/A>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <d:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[寻宝乐趣多]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[联想]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[MMSAssistMenu]
{6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[5chaa]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E4} <http://www.5chaa.com, N/A>
[易趣购物]
{DE607148-AC19-428e-863A-3D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll, yahoo! china>
[天下搜索]
{56A7DC70-E102-4408-A34A-AE06FEF01586} <, N/A>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v13.dll, Thunder Networking Technologies,LTD>
[Query Class]
{01C2F1E8-5C69-4B5C-B052-26941B6C23A6} <C:\WINDOWS\system32\iequery.dll, N/A>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[InfosecCertInstall Class]
{0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\WINDOWS\system32\certInStall.dll, >
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IEHelper\IEHelper_5001.dll, Microsoft Corporation>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[nEdit Control]
{32D72994-45B9-42B5-8980-FB561D1BE2D0} <C:\WINDOWS\system32\nEdit\nEdit.ocx, NetEase Information Technology (Beijing) Co. Ltd>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[ClientLogin.LoginPassEncrypt]
{39B3428A-7441-40AF-8F5B-BC2F8D35DC64} <C:\WINDOWS\Downloaded Program Files\ClientLogin.ocx, 星启天网络>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll, yahoo! china>
[HHCtrl Object]
{41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>

170 - 2006-8-30 0:19:00

[天下搜索]
{56A7DC70-E102-4408-A34A-AE06FEF01586} <, N/A>
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll, yahoo! china>
[InfoSecNetSign Class]
{62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\system32\NetSign.dll, Infosec Technologies Co., Ltd.>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL, yahoo! china>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Vision]
{6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[BHOImp Class]
{70AFF2CB-9DA2-499C-8D15-900729FCE83D} <C:\WINDOWS\system32\YHBO.dll, YHBO>
[MSHlper Class]
{721E6521-4CAD-4A8D-A7F1-4E230B31EF19} <C:\WINDOWS\system32\mshlp.dll, N/A>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <d:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin07.dll, Thunder Networking Technologies,LTD>
[CpapView Class]
{77962960-536E-47EC-9DDB-52651519705F} <C:\WINDOWS\system32\Rundl132.dll, N/A>
[AutoLive]
{7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, >
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[Spoolsv Class]
{9C363D55-07D7-433D-A13E-D9C105202F6F} <C:\WINDOWS\system32\drivers\spoolsv.dll, >
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[Java Enhancer]
{AF098F95-7CEA-407A-8552-3846737CC4B2} <C:\WINDOWS\system32\funcwin.dll, Sun MicroSystems, Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[3721]
{B83FC273-3522-4CC6-92EC-75CC86678DA4} <C:\WINDOWS\Downloaded Program Files\CnsMin.dll, 北京三七二一科技有限公司>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[CSetLET Class]
{C35D7AE1-0865-4A30-BF07-29FA29324155} <C:\WINDOWS\system32\GDSetLET.dll, >
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[AUDIO__WAV Moniker Class]
{CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Count Class]
{CFF6E0CF-02FB-47F5-95A4-DD8610D59284} <C:\WINDOWS\system32\bsnviewer.dll, >
[RootCertInstall Class]
{D1056C7C-E30B-4234-9A4B-7E1038B167A7} <C:\WINDOWS\system32\RootCert.dll, >
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, 北京三七二一科技有限公司>
[51导航]
{D271A289-57EB-4D0E-9131-A0CD25D4D1F8} <C:\WINDOWS\system32\browsewmzero.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[TencentVmpCtl Class]
{D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[AxUSBKey Class]
{DA215190-98B2-47DE-AE24-DA95481DFFBA} <C:\WINDOWS\system32\USBKey.dll, >
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[DuiSo.com Search]
{E2218499-2FD4-4EED-A94A-7F0B9C6E300E} <C:\WINDOWS\system32\Inte32.dll, N/A>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China>
[&使用迅雷下载]
<d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[>>彩信发送<<]
<res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
<D:\Program Files\KuGoo3\KuGoo3DownX.htm, N/A>
[使用网际快车下载]
<C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\qq\AddEmotion.htm, N/A>

170 - 2006-8-30 0:20:00

正在运行的进程
[PID: 416][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 472][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 496][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\system32\dll.dll] <N/A><N/A>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 540][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 552][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 700][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 744][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[PID: 916][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 1008][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 1224][C:\WINDOWS\Explorer.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] <北京三七二一科技有限公司><1, 0, 2, 7>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\webwork\webwork.nls] <MSWebwork Cop.><1, 0, 0, 1>
[C:\WINDOWS\system32\brlmon.dll] <N/A><N/A>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ywiper.dll] <Yahoo! China><3, 0, 0, 1000>
[C:\Program Files\Tencent\qq\qdshm.dll] <><1, 0, 101, 20>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\PROGRA~1\MMSASS~1\albus.dll] <Albus><1, 0, 0, 2>
[d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[C:\WINDOWS\system32\drivers\spoolsv.dll] <><1, 0, 1, 1>
[C:\PROGRA~1\FLASHGET\jccatch.dll] <Amaze Soft><1, 1, 4, 0>
[C:\WINDOWS\system32\funcwin.dll] <Sun MicroSystems, Inc.><1, 0, 0, 1>
[C:\WINDOWS\system32\bsnviewer.dll] <><1, 0, 0, 1>
[C:\WINDOWS\uprxda.dll] <N/A><N/A>
[PID: 1296][C:\WINDOWS\system32\LEXBCES.EXE] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\system32\lexp2p32.dll] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\lex2kusb.dll] <Lexmark International, Inc.><7.4>
[PID: 1324][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\system32\LEXLMPM.DLL] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\LexBce.dll] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LGAXPP5C.dll] <Lexmark International><1.0.4.0>
[C:\WINDOWS\system32\LGAXpwr.dll] <Lexmark International, Inc.><1, 0, 1, 0>
[PID: 1332][C:\WINDOWS\system32\LEXPPS.EXE] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\WINDOWS\system32\LEXBCE.DLL] <Lexmark International, Inc.><7.4>
[PID: 1420][C:\WINDOWS\System32\SCardSvr.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 1468][C:\WINDOWS\system32\Rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\DOWNLO~1\CnsMinIO.dll] <北京三七二一科技有限公司><1, 0, 3, 7>
[C:\WINDOWS\DOWNLO~1\cnsio.dll] <北京三七二一科技有限公司><1, 0, 2, 8>
[C:\WINDOWS\DOWNLO~1\CnsMinEx.dll] <国风因特软件(北京)有限公司><1, 0, 3, 3>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[PID: 1568][C:\Program Files\jj4\jjsvr4.exe] <加加开发组><4.0.0.20>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1644][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\PROGRA~1\MMSASS~1\MMSSVER.DLL] <><1, 2, 0, 6>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1784][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 2044][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 876][E:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE] <淘宝（中国）软件有限公司><1, 7, 6, 811>
[E:\Program Files\淘宝网\淘宝旺旺\AliViewCtrl.dll] <vline><1, 0, 0, 1>
[E:\Program Files\淘宝网\淘宝旺旺\VLNetwork.dll] <><1, 0, 0, 6>
[E:\Program Files\淘宝网\淘宝旺旺\AliViewMedia.dll] <vline><1, 0, 0, 1>
[E:\Program Files\淘宝网\淘宝旺旺\VideoCAP.dll] <><1, 0, 0, 4>
[E:\Program Files\淘宝网\淘宝旺旺\VLAudio.dll] <><1, 0, 0, 4>
[E:\Program Files\淘宝网\淘宝旺旺\JsmShow.dll] <><1, 0, 0, 3>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[E:\Program Files\淘宝网\淘宝旺旺\Ali_Res.DLL] <N/A><N/A>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[E:\Program Files\淘宝网\淘宝旺旺\RichOne.dll] <淘宝(中国)软件有限公司><1.0.0.1>
[E:\Program Files\淘宝网\淘宝旺旺\WangWangX0.dll] <><1, 0, 0, 1>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[C:\WINDOWS\uprxda.dll] <N/A><N/A>

我无邪 - 2006-8-30 0:23:00

问题挺多的，一步步来
这个链接里有它的专杀，建议你下载幸福狮子的专杀，到安全模式下杀一次。
http://forum.ikaka.com/topic.asp?board=28&artid=8141143

关于www.7939.com劫持的解决方法（Realplayer.exe）
http://forum.ikaka.com/topic.asp?board=67&artid=8155668

做完这两项后
下载超级兔子,专业卸载。
http://www.pctutu.com/news.asp?id=92
安装好后，打开“winspeed”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。
卸载完后重启。
再扫份日志粘上来。

170 - 2006-8-30 0:23:00

[PID: 1136][C:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1148][C:\WINDOWS\system32\Realplayer.exe] <N/A><N/A>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[PID: 1064][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1484][C:\Program Files\Rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
[C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 664][C:\Program Files\LEGEND\联想标准功能键盘驱动程序安装\skdaemon.exe] <><1, 0, 0, 1>
[C:\Program Files\LEGEND\联想标准功能键盘驱动程序安装\MacFun.dll] <Silitek><1, 0, 0, 0>
[C:\Program Files\LEGEND\联想标准功能键盘驱动程序安装\OpenDriver.dll] <Silitek><1, 0, 0, 0>
[C:\Program Files\LEGEND\联想标准功能键盘驱动程序安装\OSD.dll] <silitek><1, 0, 0, 1>
[C:\WINDOWS\system32\lxkeyled.dll] <Silitek><1, 0, 0, 1>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1560][C:\Program Files\racer-henan-cnc\racer.exe] <Putian Runway><2, 0, 49, 90>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\Program Files\racer-henan-cnc\rwxre.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\nspr4.dll] <Netscape Communications Corporation><4.5 Beta>
[C:\Program Files\racer-henan-cnc\xpcom.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\nss3.dll] <Netscape Communications Corporation><3.9.1>
[C:\Program Files\racer-henan-cnc\softokn3.dll] <Netscape Communications Corporation><3.9.1>
[C:\Program Files\racer-henan-cnc\gkgfx.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\js3250.dll] <Netscape Communications Corporation><4.0>
[C:\Program Files\racer-henan-cnc\components\racer_base_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\xpcom_compat.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\racer_base.dll] <Putian Runway><2,0,47,87>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\Program Files\racer-henan-cnc\components\pipnss.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\gklayout.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\jar50.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\xpcom_compat_c.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\racer_ad_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\components\racer_access_dhcpplus.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\dhcpplus.dll] <北京润汇科技有限公司><0, 12, 20, 44>
[C:\Program Files\racer-henan-cnc\components\racer_nss4_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\nss4.dll] <北京普天润汇科技有限公司><1, 0, 0, 3>
[C:\Program Files\racer-henan-cnc\wpcap.dll] <Politecnico di Torino><3, 0, 0, 18>
[C:\Program Files\racer-henan-cnc\pthreadVC.dll] <N/A><N/A>
[C:\Program Files\racer-henan-cnc\packet.dll] <Politecnico di Torino><3, 0, 0, 18>
[PID: 2684][C:\Program Files\racer-henan-cnc\RacerKp.exe] <北京润汇科技有限公司><1, 0, 0, 1>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>

170 - 2006-8-30 0:23:00

[PID: 3932][D:\Program Files\KC\KC2005.exe] <N/A><N/A>
[D:\Program Files\KC\mpBkl.dll] <N/A><N/A>
[D:\Program Files\KC\kccommon.dll] <N/A><N/A>
[D:\Program Files\KC\KcCommBook.dll] <N/A><N/A>
[D:\Program Files\KC\kccache.dll] <N/A><N/A>
[D:\Program Files\KC\Kclib.dll] <TODO: <Company name>><1.0.0.1>
[D:\Program Files\KC\KcUrl.dll] <TODO: <Company name>><1.0.0.1>
[D:\Program Files\KC\libcurl.dll] <N/A><N/A>
[D:\Program Files\KC\LIBEAY32.dll] <N/A><N/A>
[D:\Program Files\KC\SSLEAY32.dll] <N/A><N/A>
[D:\Program Files\KC\KcPop3.dll] <N/A><N/A>
[D:\Program Files\KC\HttpMail.dll] <N/A><N/A>
[D:\Program Files\KC\HtmlLib.dll] <N/A><N/A>
[D:\Program Files\KC\qqlib.dll] <N/A><N/A>
[D:\Program Files\KC\msnlib.dll] <N/A><N/A>
[D:\Program Files\KC\KCVoip.dll] <KeepC.com><1.0.0.3>
[D:\Program Files\KC\UsbPhone.dll] <N/A><N/A>
[D:\Program Files\KC\NetLib.dll] <N/A><N/A>
[D:\Program Files\KC\webmail.dll] <N/A><N/A>
[D:\Program Files\KC\kcsoftphone.dll] <liusoft><1.0.0.1>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\WINDOWS\uprxda.dll] <N/A><N/A>
[PID: 1480][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><4.7.3000>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 3020][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[PID: 636][C:\WINDOWS\system32\conime.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 3000][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\DOWNLO~1\CnsHint.dll] <3721><1, 0, 1, 0>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\DOWNLO~1\cnsplus.dll] <3721><1, 0, 0, 2>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] <yahoo! china><3, 0, 0, 1001>
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] <><1, 2, 0, 6>
[C:\PROGRA~1\MMSASS~1\albus.dll] <Albus><1, 0, 0, 2>
[d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[C:\WINDOWS\DOWNLO~1\cnshook.dll] <北京三七二一科技有限公司><1, 0, 2, 7>
[C:\WINDOWS\system32\drivers\spoolsv.dll] <><1, 0, 1, 1>
[C:\PROGRA~1\FLASHGET\jccatch.dll] <Amaze Soft><1, 1, 4, 0>
[D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX] <N/A><N/A>
[C:\WINDOWS\system32\funcwin.dll] <Sun MicroSystems, Inc.><1, 0, 0, 1>
[C:\WINDOWS\system32\bsnviewer.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll] <Yahoo! China><3, 0, 7, 1012>
[C:\WINDOWS\uprxda.dll] <N/A><N/A>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] <Adobe Systems, Inc.><9,0,16,0>

170 - 2006-8-30 0:23:00

[PID: 2628][d:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe] <Thunder Networking Technologies,LTD><5.3.0.220>
[d:\Program Files\Thunder Network\Thunder\Program\UpdateDownload.dll] <Thunder Networking Technologies,LTD><1, 0, 1, 8>
[d:\Program Files\Thunder Network\Thunder\Program\download_interface.dll] <Thunder Networking Technologies,LTD><1, 0, 4, 71>
[d:\Program Files\Thunder Network\Thunder\Program\log4cplus.dll] <><1, 0, 2, 1>
[d:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll] <STLport Consulting, Inc.><4.6.2003.1031>
[d:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll] <N/A><N/A>
[d:\Program Files\Thunder Network\Thunder\Program\msgmanage.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 15>
[d:\Program Files\Thunder Network\Thunder\Program\historyinfo_manage.dll] <Thunder Networking Technologies,LTD><5, 2, 0, 148>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[d:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll] <Thunder Networking Technologies,LTD><2, 1, 0, 18>
[d:\Program Files\Thunder Network\Thunder\Program\FloatBar.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 2>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[d:\Program Files\Thunder Network\Thunder\Plugins\TingTing\TingTing.dll] <Thunder Networking Technologies,LTD><1, 1, 1, 9>
[d:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll] <　><1, 0, 0, 11>
[d:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed04.dll] <　><2, 3, 0, 37>
[d:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll] <Thunder Networking Technologies,LTD><1, 0, 3, 8>
[C:\WINDOWS\DOWNLO~1\cnshook.dll] <北京三七二一科技有限公司><1, 0, 2, 7>
[d:\Program Files\Thunder Network\Thunder\Program\iTargetAd.dll] <Thunder Networking Technologies,LTD><1, 0, 1, 55>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] <Adobe Systems, Inc.><9,0,16,0>
[C:\WINDOWS\uprxda.dll] <N/A><N/A>
[C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll] <yahoo! china><3, 0, 3, 1038>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[PID: 668][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\DOWNLO~1\CnsHint.dll] <3721><1, 0, 1, 0>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\DOWNLO~1\cnsplus.dll] <3721><1, 0, 0, 2>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] <yahoo! china><3, 0, 0, 1001>
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] <><1, 2, 0, 6>
[C:\PROGRA~1\MMSASS~1\albus.dll] <Albus><1, 0, 0, 2>
[d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[C:\WINDOWS\DOWNLO~1\cnshook.dll] <北京三七二一科技有限公司><1, 0, 2, 7>
[C:\WINDOWS\system32\drivers\spoolsv.dll] <><1, 0, 1, 1>
[C:\PROGRA~1\FLASHGET\jccatch.dll] <Amaze Soft><1, 1, 4, 0>
[D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX] <N/A><N/A>
[C:\WINDOWS\system32\funcwin.dll] <Sun MicroSystems, Inc.><1, 0, 0, 1>
[C:\WINDOWS\system32\bsnviewer.dll] <><1, 0, 0, 1>
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll] <Yahoo! China><3, 0, 7, 1012>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\WINDOWS\uprxda.dll] <N/A><N/A>
[C:\Program Files\Rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1348][C:\Program Files\WinRAR\WinRAR.exe] <N/A><N/A>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\uprxda.dll] <N/A><N/A>
[PID: 2180][C:\DOCUME~1\legend\LOCALS~1\Temp\Rar$EX04.360\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\WINDOWS\system32\NVDESK32.DLL] <NVIDIA Corporation><5.13.01.1520>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\uprxda.dll] <N/A><N/A>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

170 - 2006-8-30 0:25:00

还有一点要说明的是:在发生浏览器劫持前,我的瑞星防火墙莫名其妙的无法使用了!找不到文件了

170 - 2006-8-30 0:25:00

高手大哥!问题很多吗?

170 - 2006-8-30 0:27:00

【回复“我无邪”的帖子】做完这三项就基本能解决了吧?

我无邪 - 2006-8-30 0:29:00

至少还有二个病毒，这个好解决，你解决前三项再说。

170 - 2006-8-30 0:48:00

这些都做完后,然后后面的病毒怎么处理呢

我无邪 - 2006-8-30 0:49:00

做完后，你扫个日志粘上来，我就给你答案。
好晚了，你做完后，把你帖子的链接发到我的悄悄话来，明天我再帮你看。

170 - 2006-8-30 3:36:00

杀毒中出现一个对话框:说什么DCOM中止,电脑将在59秒内关闭"然后就关了.也不知道怎么回事了.
这个先暂且不说,我重启后进入安全模式下,用超级兔子卸载插件有三个总是弄不掉,等我再回到普通模式下,又成了四个总是不掉了!具体见图!

附件: 253123200683032829.jpg

170 - 2006-8-30 3:37:00

四

附件: 253123200683032904.JPG

170 - 2006-8-30 3:40:00

另外除了意外中止,插件无法卸载外,瑞星的伞也不见了,跑到快速启动那里了,我拖不到右边,就删除了!绿伞怎么可能跑到快速启动里呢?绿伞也不打开了.

第四个是:如图所示,出现了个"web文件"什么东西啊!咳!乱七八糟!

附件: 253123200683033202.jpg

170 - 2006-8-30 3:41:00

最后我用瑞星杀了一下毒,又发现六个毒!

170 - 2006-8-30 3:42:00

病毒名称处理结果发现日期扫描方式路径文件病毒来源
Trojan.DL.Delf.cxw 删除成功 2006-08-30 01:32 手动扫描 C:\WINDOWS\system32 brlmon.dll 本机
Trojan.PSW.QQPass.pwb 删除成功 2006-08-30 01:33 手动扫描 C:\WINDOWS\system32 wdfmgr32.log 本机
Dropper.Agent.dhu 删除成功 2006-08-30 01:41 手动扫描 C:\WINDOWS cnt.exe 本机
Trojan.PSW.QQPass.pwb 删除成功 2006-08-30 01:45 手动扫描 C:\Program Files\Internet Explorer\PLUGINS system.jmp 本机
Trojan.PSW.QQPass 删除成功 2006-08-30 01:45 手动扫描 C:\Program Files\Internet Explorer\PLUGINS system.sys 本机
Trojan.PSW.Misc.ds 删除成功 2006-08-30 01:45 手动扫描 C:\Program Files\Internet Explorer dll1.exe>>NsPack 本机

170 - 2006-8-30 3:56:00

以下为处理后的扫描结果:
2006-08-30,03:44:42

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<pyjj><C:\Program Files\jj4\jjsvr4.exe> [加加开发组]
<ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<MSMSGS><; ; "C:\Program Files\Messenger\msmsgs.exe" /background> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
<run><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<WangWang><; "E:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE"> [淘宝（中国）软件有限公司]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<gemstrmw><; ; C:\WINDOWS\system32\gemstrmw.exe /r> [Gemplus]
<helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32> []
<IMJPMIG8.1><; ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<IMSCMig><; ; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [Microsoft Corporation]
<InsertImage><; ; d:\Program Files\!Sunv\DFVCD2003\InsertImage.exe> []
<Install Alitalk><; ; C:\WINDOWS\temp\alitalk\alitalk.exe -hideframe> []
<KernelFaultCheck><; ; %systemroot%\system32\dumprep 0 -k> []
<NewRmtService ><; ; C:\Program Files\NewRemoteControl\NewRmtService.exe> []
<PHIME2002A><; ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<PHIME2002ASync><; ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<RavScanBD><; "C:\Program Files\Rising\Rav\ScanBD.exe" /INST> [Beijing Rising Technology Co., Ltd.]
<RegNetPass><; ; C:\WINDOWS\system32\regcsp.exe> []
<RfwMain><; "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<SoundMan><; ; SOUNDMAN.EXE> []
<TkBellExe><; ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\cnshook.dll> [北京三七二一科技有限公司]
<_{32CD708B-60A7-4C00-9377-D73EAA495F0F}><Rising Execute File Exts hook> []
<{08315C1A-9BA9-4B7C-A432-26885F78DF28}><> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<webwork><C:\WINDOWS\webwork\webwork.dll> [MSWebwork Cop.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\skwinlogon]
<WinlogonNotify: skwinlogon><dll.dll> []

170 - 2006-8-30 3:56:00

==================================
启动文件夹
[联想键盘驱动程序]
<C:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\联想键盘驱动程序.lnk><N>
[河南网通宽带用户客户端]
<C:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\河南网通宽带用户客户端.lnk><N>
[腾讯QQ珊瑚虫版]
<C:\Documents and Settings\legend\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk><N>

==================================
服务
[LexBce Server / LexBceS]
<C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[MySQL / MySQL]
<"E:\Program Files\Pit Software\BK2\mysql\bin\mysqld-nt" MySQL><N/A>
[NVIDIA Driver Helper Service / NVSvc]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Sysdll / Sysdll]
<><N/A>
[System Event Notification Logs / System Event Notification Logs]
<C:\WINDOWS\system32\drivers\lsass.exe><N/A>

==================================
浏览器加载项
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IEHelper\IEHelper_5001.dll, N/A>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, 北京三七二一科技有限公司>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <d:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[寻宝乐趣多]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[联想]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[5chaa]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E4} <http://www.5chaa.com, N/A>
[易趣购物]
{DE607148-AC19-428e-863A-3D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v13.dll, Thunder Networking Technologies,LTD>
[Query Class]
{01C2F1E8-5C69-4B5C-B052-26941B6C23A6} <, N/A>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[InfosecCertInstall Class]
{0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\WINDOWS\system32\certInStall.dll, >
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IEHelper\IEHelper_5001.dll, N/A>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[nEdit Control]
{32D72994-45B9-42B5-8980-FB561D1BE2D0} <C:\WINDOWS\system32\nEdit\nEdit.ocx, NetEase Information Technology (Beijing) Co. Ltd>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation>
[ClientLogin.LoginPassEncrypt]
{39B3428A-7441-40AF-8F5B-BC2F8D35DC64} <C:\WINDOWS\Downloaded Program Files\ClientLogin.ocx, 星启天网络>
[HHCtrl Object]
{41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]

170 - 2006-8-30 3:56:00

{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>
[InfoSecNetSign Class]
{62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\system32\NetSign.dll, Infosec Technologies Co., Ltd.>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <d:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin07.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <, N/A>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[Spoolsv Class]
{9C363D55-07D7-433D-A13E-D9C105202F6F} <, N/A>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <, N/A>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[Java Enhancer]
{AF098F95-7CEA-407A-8552-3846737CC4B2} <, N/A>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[3721]
{B83FC273-3522-4CC6-92EC-75CC86678DA4} <C:\WINDOWS\Downloaded Program Files\CnsMin.dll, 北京三七二一科技有限公司>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[CSetLET Class]
{C35D7AE1-0865-4A30-BF07-29FA29324155} <C:\WINDOWS\system32\GDSetLET.dll, >
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[AUDIO__WAV Moniker Class]
{CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Count Class]
{CFF6E0CF-02FB-47F5-95A4-DD8610D59284} <, N/A>
[RootCertInstall Class]
{D1056C7C-E30B-4234-9A4B-7E1038B167A7} <C:\WINDOWS\system32\RootCert.dll, >
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[TencentVmpCtl Class]
{D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[AxUSBKey Class]
{DA215190-98B2-47DE-AE24-DA95481DFFBA} <C:\WINDOWS\system32\USBKey.dll, >
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[&使用迅雷下载]
<d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[使用网际快车下载]
<C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\qq\AddEmotion.htm, N/A>

==================================

170 - 2006-8-30 3:57:00

正在运行的进程
[PID: 412][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 468][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 492][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\dll.dll] <N/A><N/A>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 536][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 548][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 692][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 752][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[PID: 816][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[PID: 868][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 940][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1032][c:\program files\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
[c:\program files\rising\rfw\RfwRule.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
[c:\program files\rising\rfw\rfwlog.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
[c:\program files\rising\rfw\Rfwdrv.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
[c:\program files\rising\rfw\MonDrv.dll] <rs><1, 0, 0, 4>
[c:\program files\rising\rfw\ProcLib.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1244][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\webwork\webwork.nls] <MSWebwork Cop.><1, 0, 0, 1>
[C:\WINDOWS\DOWNLO~1\cnshook.dll] <北京三七二一科技有限公司><1, 0, 2, 8>
[PID: 1308][C:\Program Files\jj4\jjsvr4.exe] <加加开发组><4.0.0.20>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[PID: 1392][C:\WINDOWS\system32\LEXBCES.EXE] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\lexp2p32.dll] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\lex2kusb.dll] <Lexmark International, Inc.><7.4>
[PID: 1428][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[C:\WINDOWS\system32\LEXLMPM.DLL] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\system32\LexBce.dll] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LGAXPP5C.dll] <Lexmark International><1.0.4.0>
[C:\WINDOWS\system32\LGAXpwr.dll] <Lexmark International, Inc.><1, 0, 1, 0>
[PID: 1436][C:\WINDOWS\system32\LEXPPS.EXE] <Lexmark International, Inc.><7.4>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\WINDOWS\system32\LEXBCE.DLL] <Lexmark International, Inc.><7.4>
[PID: 1524][C:\WINDOWS\System32\SCardSvr.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1696][C:\WINDOWS\system32\Rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1724][C:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1732][C:\Program Files\Rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
[C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1744][c:\program files\rising\rfw\RfwMain.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 52>
[c:\program files\rising\rfw\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[c:\program files\rising\rfw\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[c:\program files\rising\rfw\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 1868][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 580][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[PID: 1096][C:\Program Files\LEGEND\联想标准功能键盘驱动程序安装\skdaemon.exe] <><1, 0, 0, 1>
[C:\Program Files\LEGEND\联想标准功能键盘驱动程序安装\MacFun.dll] <Silitek><1, 0, 0, 0>
[C:\Program Files\LEGEND\联想标准功能键盘驱动程序安装\OpenDriver.dll] <Silitek><1, 0, 0, 0>
[C:\Program Files\LEGEND\联想标准功能键盘驱动程序安装\OSD.dll] <silitek><1, 0, 0, 1>
[C:\WINDOWS\system32\lxkeyled.dll] <Silitek><1, 0, 0, 1>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>

170 - 2006-8-30 3:57:00

[PID: 1200][C:\Program Files\racer-henan-cnc\racer.exe] <Putian Runway><2, 0, 51, 92>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\Program Files\racer-henan-cnc\rwxre.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\nspr4.dll] <Netscape Communications Corporation><4.5 Beta>
[C:\Program Files\racer-henan-cnc\xpcom.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\nss3.dll] <Netscape Communications Corporation><3.9.1>
[C:\Program Files\racer-henan-cnc\softokn3.dll] <Netscape Communications Corporation><3.9.1>
[C:\Program Files\racer-henan-cnc\gkgfx.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\js3250.dll] <Netscape Communications Corporation><4.0>
[C:\Program Files\racer-henan-cnc\components\racer_base_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\xpcom_compat.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\racer_base.dll] <Putian Runway><2,0,47,87>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\Program Files\racer-henan-cnc\components\pipnss.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\gklayout.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\jar50.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\xpcom_compat_c.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\racer_ad_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\components\racer_access_dhcpplus.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\dhcpplus.dll] <北京润汇科技有限公司><0, 13, 21, 45>
[C:\Program Files\racer-henan-cnc\components\racer_nss4_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\nss4.dll] <北京普天润汇科技有限公司><1, 0, 0, 3>
[C:\Program Files\racer-henan-cnc\wpcap.dll] <Politecnico di Torino><3, 0, 0, 18>
[C:\Program Files\racer-henan-cnc\pthreadVC.dll] <N/A><N/A>
[C:\Program Files\racer-henan-cnc\packet.dll] <Politecnico di Torino><3, 0, 0, 18>
[PID: 1252][C:\Program Files\Tencent\qq\QQ.exe] <TENCENT><0, 0, 0, 0>
[C:\Program Files\Tencent\qq\CoralAssist.DLL] <Coral Team><4.5.0 build 20060515>
[C:\Program Files\Tencent\qq\CoralQQ.DLL] <Coral Team><4.5.1 Build 20060620>
[C:\Program Files\Tencent\qq\ipsearcher.dll] <N/A><1.0.0.4>
[C:\Program Files\Tencent\qq\QQBaseClassInDll.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\QQHelperDll.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\BasicCtrlDll.dll] <Tencent><5, 0, 200, 160>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\Program Files\Tencent\qq\QQAPI.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\QQ\TIMProxy.dll] <tencent><0, 3, 2, 4>
[C:\Program Files\Tencent\qq\LoginCtrl.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\npkcntc.dll] <INCA Internet Co., Ltd.><2006, 3, 2, 1>
[C:\Program Files\Tencent\qq\npkpdb.dll] <INCA Internet Co., Ltd.><2003, 10, 1, 1>
[C:\Program Files\Tencent\qq\QQRes.dll] <tencent><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\QQMainFrame.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\CQQApplication.dll] <N/A><N/A>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\NewSkin.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\HostingMgr.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\CameraDll.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\MailSummary.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\QQSpace.dll] <><1, 0, 0, 1>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\QQGroupMng.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\GroupLive.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\UserDefinedHead.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\QQPlugin.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\QQConfigPlugin.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\FlashAvatarDll.dll] <><1, 4, 0, 1>
[C:\Program Files\Tencent\qq\LongConnection.dll] <tencent><5, 0, 200, 160>
[C:\Program Files\Tencent\qq\QQAvatar.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\QRingMng.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\PhoneAPI.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\DialerAllinOne.dll] <tencent><1, 4, 0, 0>
[C:\Program Files\Tencent\qq\QQPet.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\QQSysMsgMng.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\BQQApplication.dll] <N/A><N/A>
[C:\Program Files\Tencent\qq\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
[C:\Program Files\Tencent\qq\CommercesMng.dll] <><1, 0, 0, 1>
[C:\Program Files\Tencent\qq\QQAddr.dll] <深圳市腾讯计算机系统有限公司><5, 0, 101, 200>
[PID: 1784][C:\Program Files\Tencent\qq\TIMPlatform.exe] <tencent><0, 3, 1, 8>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\Program Files\Tencent\QQ\TIMProxy.dll] <tencent><0, 3, 2, 4>
[PID: 2016][C:\WINDOWS\system32\conime.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 2844][C:\Program Files\racer-henan-cnc\RacerKp.exe] <北京润汇科技有限公司><1, 0, 0, 1>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 3272][C:\WINDOWS\system32\wuauclt.exe] <Microsoft Corporation><5.4.3790.2182 built by: srv03_rtm(ntvbl04)>
[PID: 4080][C:\Program Files\WinRAR\WinRAR.exe] <N/A><N/A>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[PID: 172][C:\DOCUME~1\legend\LOCALS~1\Temp\Rar$EX00.000\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 3>
[C:\WINDOWS\system32\PYJJ4.IME] <加加工作组><4.0.0.21>
[C:\WINDOWS\system32\WSD_SOCK32.dll] <N/A><N/A>

瑞星卡卡安全论坛