【求助】电脑中病毒了付日志. 请高手帮忙看下 bbs.ikaka.com

gfgfgf123 - 2006-9-2 13:50:00

HijackThis_zww汉化版扫描日志 V1.99.1
保存于 13:33:28, 日期 2006-9-2
操作系统： Windows XP SP2 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LoadPlugin.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\windows\system32\inetsrv\csrss.exe
C:\WINDOWS\NTService.exe
c:\windows\system32\servicers.exe
C:\WINDOWS\system32\SmartNet.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\atetime11.exe
C:\WINDOWS\explorer.exe
D:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\Realplayer.exe
C:\WINDOWS\system32\windowoutnew.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\winla\winla.exe
C:\windows\system32\stonedrv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
F:\卡通\BaiduX\BaiduX.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\system32\taskmgr.exe
D:\迅雷\Program\Thunder5.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\专杀工具\orangeaug.com
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\rundll32.exe
E:\专杀工具\hijackthis\HijackThis1991zww.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
R3 - URLSearchHook: Kuaiso Toolsbar - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - C:\Program Files\Kuaiso Toolsbar\Kuaiso_06003.dll
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00016.exe"
F3 - REG:win.ini: load=C:\WINDOWS\842ib34.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\atetime11.exe
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\system32\wmpdrm.dll
O2 - BHO: Shockwave Flash Object - {14A21378-5BB1-4BC4-95D5-5D3F51527F6F} - C:\WINDOWS\system32\cryptext32.dll
O2 - BHO: (no name) - {295CD217-AD34-4B66-91BA-48D5EFD9CA20} - C:\WINDOWS\system32\NBBHO.dll
O2 - BHO: isObject Class - {BE0B5843-553A-48C2-9A42-258A1D791AFC} - C:\PROGRA~1\pcast\hbcast.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [DAEMON Tools-2052] "D:\Program Files\D-Tools\daemon.exe" -lang 2052
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [Thunder] "D:\迅雷\Thunder.exe" /s
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - 启动项HKLM\\Run: [BaiduXUpdate] "F:\卡通\BaiduX\MovieUpdate.exe" --Update
O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - 启动项HKLM\\Run: [Realplayer.exe] C:\WINDOWS\system32\Realplayer.exe
O4 - 启动项HKLM\\Run: [WindowOutNew] C:\WINDOWS\system32\windowoutnew.exe
O4 - 启动项HKLM\\Run: [SKYNET Personal FireWall] D:\防火墙\FIREWALL\pfw.exe
O4 - 启动项HKLM\\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - 启动项HKLM\\Run: [iebaru] C:\WINDOWS\system32\101228u.exe
O4 - 启动项HKLM\\Run: [winla] c:\winla\winla.exe
O4 - 启动项HKLM\\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O4 - 启动项HKLM\\Run: [RichMedia] C:\WINDOWS\system32\Rundll32.exe "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows
O4 - 启动项HKLM\\Run: [svc] C:\WINDOWS\svchost.exe
O4 - 启动项HKLM\\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe
O4 - HKCU\..\Run: [ScanRegistry] c:\windows\update1.exe
O4 - HKCU\..\Run: [caishowmanage] C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE
O4 - HKCU\..\Run: [Realplayer.exe] C:\WINDOWS\system32\Realplayer.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\SRIECLI.EXE /LOAD
O4 - HKCU\..\Run: [svc] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - Startup: office文件检索.exe
O4 - Startup: 腾讯QQ.lnk = D:\qq\QQ.exe
O4 - Global Startup: 百度下吧.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - D:\迅雷\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - D:\迅雷\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\qq\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 添加到雅虎订阅(&Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 用炫彩图铃发送该图片 - C:\Program Files\CaiShow Tech\CaiShow\SendMMS.htm
O8 - IE右键菜单中的新增项目: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - IE右键菜单中的新增项目: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - IE右键菜单中的新增项目: 翻译英文字词(&T) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - IE右键菜单中的新增项目: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - 浏览器额外的按钮: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - 浏览器额外的按钮: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - 浏览器额外的按钮: 天心传奇，国内在线人数最多的传奇 - {B44CEFF3-EE81-45F8-ABF7-1DF940AE9C18} - http://www.234567.net/ (file missing)
O9 - 浏览器额外的按钮: 泡游戏，给你推荐最新最好玩的游戏 - {E4623A52-D862-4580-A0B7-A525C79423F3} - http://www.paogame.com/ (file missing)
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - 浏览器额外的按钮: 中文网址导航 - {FDDED1AA-8156-416D-85F7-94BEA1997739} - http://www.234567.com/ (file missing)
O9 - 浏览器额外的按钮: 开心溜溜娱乐门户网，电影、音乐、DJ、相声、小品、FLASH等等应有尽有 - {FDFD318D-E647-458A-918D-E0418559BB9E} - http://www.kx66.com/ (file missing)
O9 - 浏览器额外的按钮: 哇哇网址导航 - {f15c22ef-534e-414d-ab5d-1425cd806e41} - http://www.51viva.com/plugin/redirect.jsp?refer=toolbar&cur=http://114.yesky.com/ (file missing) (HKCU)
O9 - 浏览器额外的“工具”菜单项: 哇哇网址导航 - {f15c22ef-534e-414d-ab5d-1425cd806e41} - http://www.51viva.com/plugin/redirect.jsp?refer=toolbar&cur=http://114.yesky.com/ (file missing) (HKCU)
O9 - 浏览器额外的按钮: 哇哇软件下载 - {f15c22ef-534e-414d-ab5d-1425cd806e42} - http://www.51viva.com/plugin/redirect.jsp?refer=toolbar&cur=http://www.mydown.com/ (file missing) (HKCU)
O9 - 浏览器额外的“工具”菜单项: 哇哇软件下载 - {f15c22ef-534e-414d-ab5d-1425cd806e42} - http://www.51viva.com/plugin/redirect.jsp?refer=toolbar&cur=http://www.mydown.com/ (file missing) (HKCU)
O11 - Options group: [!CNS] 网络实名
O11 - Options group: [!IESearch] 百度搜索伴侣
O11 - Options group: [TBH] 搜搜地址栏搜索
O14 - IERESET.INF: START_PAGE_URL=http://www.tomatolei.com
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{806B84C9-4A90-4CD2-B6E4-2D348F61D115}: NameServer = 202.103.96.112 211.98.2.4
O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\jtru0799e.dll
O23 - NT 服务: ClipBoard - Unknown owner - C:\WINDOWS\system32\LoadPlugin.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Sample NT Service (SampleService) - Ceramiche Ariostea - C:\WINDOWS\NTService.exe
O23 - NT 服务: Volume Shadow Copyre (ServiceCopyre) - Unknown owner - c:\windows\system32\servicers.exe
O23 - NT 服务: Smart Nets - Unknown owner - C:\WINDOWS\system32\SmartNet.exe

gfgfgf123 - 2006-9-2 13:55:00

另付详细日志
2006-09-02,13:42:06

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<bgswitch><C:\WINDOWS\system32\bgswitch.exe> []
<ScanRegistry><c:\windows\update1.exe> []
<caishowmanage><C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE> []
<Realplayer.exe><C:\WINDOWS\system32\Realplayer.exe> []
<Super Rabbit IEPro><D:\SRIECLI.EXE /LOAD> [Super Rabbit Soft]
<svc><C:\WINDOWS\svchost.exe> []
<stonedrv><c:\windows\system32\stonedrv.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><C:\WINDOWS\842ib34.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<DAEMON Tools-2052><"D:\Program Files\D-Tools\daemon.exe" -lang 2052> [DAEMON'S HOME]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> []
<NvMediaCenter><RunDLL32.exe NvMCTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<Thunder><"D:\迅雷\Thunder.exe" /s> [Thunder Networking Technologies,LTD]
<stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe> [Tencent]
<BaiduXUpdate><"F:\卡通\BaiduX\MovieUpdate.exe" --Update> [Baidu.com, Inc.]
<CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<Realplayer.exe><C:\WINDOWS\system32\Realplayer.exe> []
<WindowOutNew><C:\WINDOWS\system32\windowoutnew.exe> [Solid]
<SKYNET Personal FireWall><D:\防火墙\FIREWALL\pfw.exe> [广州众达天网技术有限公司]
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> []
<91cast><> []
<iebaru><C:\WINDOWS\system32\101228u.exe> []
<winla><c:\winla\winla.exe> []
<stonedrv><c:\windows\system32\stonedrv.exe> []
<spoolsv><C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer> [广州傲讯信息科技有限公司]
<RichMedia><C:\WINDOWS\system32\Rundll32.exe "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows> [Shanghai Henbang Technology Co., Ltd]
<svc><C:\WINDOWS\svchost.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
<stonedrv><c:\windows\system32\stonedrv.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<Galaxy><rundll32.exe C:\WINDOWS\system32\ppgaxea.dll,Su> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00016.exe"> []
<Userinit><C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\atetime11.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<GinaDLL><rpcfap.dll> []
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{914B076F-8FC6-4452-93C8-D810062C81F9}><C:\WINDOWS\system32\fileap.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunOnce]
<WinlogonNotify: RunOnce><C:\WINDOWS\system32\jtru0799e.dll> []

==================================
启动文件夹
[百度下吧]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\百度下吧.lnk><N>
[office文件检索]
<C:\Documents and Settings\二手玩具\「开始」菜单\程序\启动\office文件检索.exe><N>
[腾讯QQ]
<C:\Documents and Settings\二手玩具\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

gfgfgf123 - 2006-9-2 13:55:00

==================================
服务
[ClipBoard / ClipBoard]
<C:\WINDOWS\system32\LoadPlugin.exe><N/A>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Sample NT Service / SampleService]
<C:\WINDOWS\NTService.exe><Ceramiche Ariostea>
[Volume Shadow Copyre / ServiceCopyre]
<c:\windows\system32\servicers.exe><>
[Smart Nets / Smart Nets]
<C:\WINDOWS\system32\SmartNet.exe><N/A>
[Update Service For Windows / winupdate]
<C:\WINDOWS\winupdate.exe><N/A>

==================================
浏览器加载项
[wmpdrm]
{0E674588-66B7-4E19-9D0E-2053B800F69F} <C:\WINDOWS\system32\wmpdrm.dll, Allsum Info. Tech. Ltd.>
[Shockwave Flash Object]
{14A21378-5BB1-4BC4-95D5-5D3F51527F6F} <C:\WINDOWS\system32\cryptext32.dll, Macromedia, Inc.>
[]
{295CD217-AD34-4B66-91BA-48D5EFD9CA20} <C:\WINDOWS\system32\NBBHO.dll, N/A>
[isObject Class]
{BE0B5843-553A-48C2-9A42-258A1D791AFC} <C:\PROGRA~1\pcast\hbcast.dll, Shanghai Henbang Technology Co., Ltd>
[]
{E730189A-9973-4121-B046-AD1C161EC3AF} <C:\WINDOWS\system32\37211.dll, 3721公司<推荐使用>>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[寻宝乐趣多]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[天心传奇，国内在线人数最多的传奇]
{B44CEFF3-EE81-45F8-ABF7-1DF940AE9C18} <http://www.234567.net/, N/A>
[泡游戏，给你推荐最新最好玩的游戏]
{E4623A52-D862-4580-A0B7-A525C79423F3} <http://www.paogame.com/, N/A>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[中文网址导航]
{FDDED1AA-8156-416D-85F7-94BEA1997739} <http://www.234567.com/, N/A>
[开心溜溜娱乐门户网，电影、音乐、DJ、相声、小品、FLASH等等应有尽有]
{FDFD318D-E647-458A-918D-E0418559BB9E} <http://www.kx66.com/, N/A>
[哇哇网址导航]
{f15c22ef-534e-414d-ab5d-1425cd806e41} <http://www.51viva.com/plugin/redirect.jsp?refer=toolbar&cur=http://114.yesky.com/, N/A>
[哇哇软件下载]
{f15c22ef-534e-414d-ab5d-1425cd806e42} <http://www.51viva.com/plugin/redirect.jsp?refer=toolbar&cur=http://www.mydown.com/, N/A>
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[MonitorURL Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr1.dll, Tencent>
[ChajianHelper Class]
{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} <C:\WINDOWS\system32\SYSREA~1.DLL, Kmedia>
[wmpdrm]
{0E674588-66B7-4E19-9D0E-2053B800F69F} <C:\WINDOWS\system32\wmpdrm.dll, Allsum Info. Tech. Ltd.>
[Shockwave Flash Object]
{14A21378-5BB1-4BC4-95D5-5D3F51527F6F} <C:\WINDOWS\system32\cryptext32.dll, Macromedia, Inc.>
[MyIEHelper Class]
{16A770A0-0E87-4278-B748-2460D64A8386} <, N/A>
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5010.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[]
{295CD217-AD34-4B66-91BA-48D5EFD9CA20} <C:\WINDOWS\system32\NBBHO.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} <C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, TODO: <公司名>>
[]
{3D898C55-74CC-4B7C-B5F1-45913F368388} <C:\PROGRA~1\SYSTEM~1\SYSTEM~1.DLL, N/A>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\haokanbar.dll, Xiang Feng Technology>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\wuwebex.dll, Microsoft Corporation>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[XBTP03129 Class]
{6029B367-250A-4696-925C-641709CA7381} <C:\PROGRA~1\KUAISO~1\KUAISO~1.DLL, IE Toolbar>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[JMX.JmxCenter]
{63859236-76BF-493C-A587-DF479EBA2D4B} <C:\WINDOWS\system32\EJMX.dll, 广州盛行网络有限公司>
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[bbmao Toolbar]
{6AE02E1C-8859-4F57-9097-5A55A56A4CAF} <C:\Program Files\bbmao toolbar\bbmao_tb_v1_0_pd1002.dll, IE Toolbar>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Kuaiso Toolsbar]
{6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} <C:\Program Files\Kuaiso Toolsbar\Kuaiso_06003.dll, IE Toolbar>
[BHOImp Class]
{70AFF2CB-9DA2-499C-8D15-900729FCE83D} <C:\WINDOWS\system32\YHBO.dll, YHBO>
[XBTP05676 Class]
{72BA415A-AE03-4279-ACAB-39A3DF73FD4E} <C:\PROGRA~1\BBMAOT~1\BBMAO_~1.DLL, IE Toolbar>
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\haokanbar.dll, Xiang Feng Technology>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\迅雷\Components\InMedia\MediaAddin07.dll, Thunder Networking Technologies,LTD>
[]
{76C10393-6E0B-4868-A1D2-7729842DD8BA} <C:\WINDOWS\system32\TBHO.dll, N/A>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[WinSC Class]
{9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\WinSC32.dll, N/A>
[Internet Explorer helper Objects]
{9C9F9B89-B243-4613-9710-87060F137118} <C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSIEHE~1.DLL, Microsoft Corporation. All rights reserved.>
[Yahoo Bar]
{A697BC46-BC93-4833-93F5-1E365011E88A} <C:\WINDOWS\ODBINT.dll, N/A>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[isObject Class]
{BE0B5843-553A-48C2-9A42-258A1D791AFC} <C:\PROGRA~1\pcast\hbcast.dll, Shanghai Henbang Technology Co., Ltd>
[Sun Java2]
{C61A70F3-505E-4B90-916F-627A8706B4BC} <c:\WINDOWS\system32\COMBoHEvent.dll, N/A>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[51导航]
{D271A289-57EB-4D0E-9131-A0CD25D4D1F8} <C:\WINDOWS\system32\browsewmzero.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[DuiSo.com Search]
{E2218499-2FD4-4EED-A94A-7F0B9C6E300E} <C:\WINDOWS\system32\Inte32.dll, N/A>
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[]
{E730189A-9973-4121-B046-AD1C161EC3AF} <C:\WINDOWS\system32\37211.dll, 3721公司<推荐使用>>
[VqqSpeedDlProxy Class]
{F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, Tencent>
[BHelper Class]
{F2E37336-BFDB-409B-8D0E-6F013C438B20} <C:\WINDOWS\842ob342.dll, N/A>
[google bar]
{F651FCAA-F826-4922-8990-C6F99CC67AFC} <C:\WINDOWS\Win32ef.dll, N/A>

gfgfgf123 - 2006-9-2 13:58:00

[&使用迅雷下载]
<D:\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<D:\迅雷\Program\GetAllUrl.htm, N/A>
[Google 搜索(&G)]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
<D:\qq\AddToNetDisk.htm, N/A>
[反向链接]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html, N/A>
[添加到QQ自定义面板]
<D:\qq\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\qq\AddEmotion.htm, N/A>
[添加到雅虎订阅(&Y)]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信发送该图片]
<D:\qq\SendMMS.htm, N/A>
[用炫彩图铃发送该图片]
<C:\Program Files\CaiShow Tech\CaiShow\SendMMS.htm, N/A>
[类似网页]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html, N/A>
[缓存的网页快照]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html, N/A>
[翻译英文字词(&T)]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html, N/A>
[访问通用网址]
<C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>

乖乖21 - 2006-9-2 14:02:00

找到准确位子删除了再用瑞星方火墙永远禁止使用该程序就行了

gfgfgf123 - 2006-9-2 14:04:00

==================================
正在运行的进程
[PID: 1836][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\weaueng1.dll] <N/A><N/A>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 2016][C:\WINDOWS\system32\atetime11.exe] <N/A><N/A>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\system32\dmshell.dll] <千橡互联><2, 2, 0, 0>
[PID: 180][C:\WINDOWS\explorer.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\weaueng1.dll] <N/A><N/A>
[C:\WINDOWS\system32\fileap.dll] <><2, 1, 0, 1>
[C:\WINDOWS\system32\ppgaxea.dll] <><1, 0, 0, 0>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\system32\Rsvtub.dll] <N/A><N/A>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\system32\msicn\msibm.dll] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\system32\msicn\plugins\as.dll] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\system32\msicn\plugins\bm.dll] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\system32\msicn\plugins\bse.dll] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\system32\msicn\plugins\lup.dll] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\system32\msicn\plugins\navangel.dll] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\system32\SystemDll.dll] <N/A><N/A>
[C:\WINDOWS\system32\nvcpl.dll] <NVIDIA Corporation><6.14.10.9131>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.9131>
[C:\WINDOWS\system32\nvshell.dll] <N/A><N/A>
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] <北京三七二一科技有限公司><1, 0, 2, 8>
[C:\WINDOWS\downlo~1\Olhw.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\system32\cryptext32.dll] <Macromedia, Inc.><6.8.29.1>
[C:\WINDOWS\system32\NBBHO.dll] <N/A><N/A>
[PID: 860][D:\Program Files\D-Tools\daemon.exe] <DAEMON'S HOME><3.47.0.0>
[C:\WINDOWS\daemon.dll] <N/A><3.47.0.0>
[D:\Program Files\D-Tools\PFCTOC.DLL] <Padus(R), Inc.><1, 0, 0, 12>
[D:\Program Files\D-Tools\Plugins\Images\ccdmount.dll] <GENERIC><1.02.0.0>
[D:\Program Files\D-Tools\Plugins\Images\mdsmount.dll] <GENERIC><1.01.0.0>
[D:\Program Files\D-Tools\Plugins\Images\pdimount.dll] <GENERIC><1.01.0.0>
[D:\Program Files\D-Tools\Plugins\Images\nrgmount.dll] <GENERIC><1.02.0.0>
[D:\Program Files\D-Tools\Plugins\Images\bw5mount.dll] <N/A><1.0.2.0>
[C:\WINDOWS\system32\msicn\msibm.dll] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 848][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\DOCUME~1\二手玩具\TEMPLA~1\e65e00e\1.dll] <千橡互联><3, 0, 1, 0>
[C:\DOCUME~1\二手玩具\TEMPLA~1\e65e00e\3.dll] <千橡互联><3, 0, 1, 0>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\DOCUME~1\二手玩具\TEMPLA~1\e65e00e\4.dll] <千橡互联><3, 0, 1, 0>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 1148][C:\WINDOWS\SOUNDMAN.EXE] <Realtek Semiconductor Corp.><5.1.0.42>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 1240][C:\WINDOWS\system32\RunDLL32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NvMCTray.dll] <NVIDIA Corporation><6.14.10.9131>
[C:\WINDOWS\system32\NVRSZHC.DLL] <NVIDIA Corporation><6.14.10.9131>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 1796][C:\WINDOWS\system32\Realplayer.exe] <N/A><N/A>
[PID: 2096][C:\WINDOWS\system32\windowoutnew.exe] <Solid><1.00>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 2136][C:\Program Files\CNNIC\Cdn\cdnup.exe] <><2, 4, 0, 4>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 2156][C:\winla\winla.exe] <><1, 0, 0, 1>
[PID: 2164][C:\windows\system32\stonedrv.exe] <N/A><N/A>
[PID: 2240][C:\WINDOWS\system32\Rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\pcast\hbcast.dll] <Shanghai Henbang Technology Co., Ltd><1, 1, 3, 8>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 2260][C:\WINDOWS\svchost.exe] <N/A><N/A>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[C:\WINDOWS\system32\l3codeca.acm] <Fraunhofer Institut Integrierte Schaltungen IIS><1, 9, 0, 0305>
[C:\WINDOWS\system32\iac25_32.ax] <Intel Corporation><2.05.53>
[PID: 2432][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>

gfgfgf123 - 2006-9-2 14:05:00

[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 2688][F:\卡通\BaiduX\BaiduX.exe] <Baidu Corporation><2, 1, 0, 1>
[F:\卡通\BaiduX\ProimpEx.dll] <Baidu.com, Inc.><2, 1, 0, 2>
[F:\卡通\BaiduX\xupnp.dll] <N/A><1, 0, 0, 5>
[F:\卡通\BaiduX\xcs.dll] <Baidu.com, Inc.><1, 0, 0, 8>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 2804][C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\downlo~1\Olhw.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\system32\wmpdrm.dll] <Allsum Info. Tech. Ltd.><2, 0, 0, 1>
[C:\WINDOWS\system32\cryptext32.dll] <Macromedia, Inc.><6.8.29.1>
[C:\WINDOWS\system32\NBBHO.dll] <N/A><N/A>
[C:\PROGRA~1\pcast\hbcast.dll] <Shanghai Henbang Technology Co., Ltd><1, 1, 3, 8>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\system32\msicn\msibm.dll] <广州傲讯信息科技有限公司><2, 0, 0, 1>
[C:\WINDOWS\Downloaded Program Files\OL2005.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\WINDOWS\system32\oleauto32.dll] <><2, 3, 0, 1>
[C:\WINDOWS\system32\ntcoredll.dll] <><4, 0, 2, 1>
[C:\WINDOWS\system32\macromed\flash\Flash85.ocx] <Macromedia, Inc.><8,5,0,133>
[D:\迅雷\ComDlls\XunLeiBHO_002.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[C:\WINDOWS\system32\Downdll.dll] <N/A><N/A>
[C:\WINDOWS\system32\37211.dll] <3721公司<推荐使用>><1.0.0.0>
[PID: 3296][C:\WINDOWS\system32\taskmgr.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 3276][D:\迅雷\Program\Thunder5.exe] <Thunder Networking Technologies,LTD><5.4.0.226>
[D:\迅雷\Program\UpdateDownload.dll] <Thunder Networking Technologies,LTD><1, 0, 1, 8>
[D:\迅雷\Program\download_interface.dll] <Thunder Networking Technologies,LTD><2, 0, 0, 1>
[D:\迅雷\Program\stlport_vc646.dll] <STLport Consulting, Inc.><4.6.2003.1031>
[D:\迅雷\Program\log4cplus.dll] <><1, 0, 2, 1>
[D:\迅雷\Program\asyn_dns.dll] <N/A><N/A>
[D:\迅雷\Program\msgmanage.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 15>
[D:\迅雷\Program\historyinfo_manage.dll] <Thunder Networking Technologies,LTD><5, 2, 0, 148>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[D:\迅雷\Program\RegisterDll.dll] <Thunder Networking Technologies,LTD><2, 1, 0, 18>
[D:\迅雷\Program\FloatBar.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 2>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[D:\迅雷\Plugins\TingTing\TingTing.dll] <Thunder Networking Technologies,LTD><1, 1, 1, 9>
[D:\迅雷\Components\InMedia\iEmbedShell.dll] <　><1, 0, 0, 11>
[D:\迅雷\Components\InMedia\iEmbed04.dll] <　><2, 3, 0, 37>
[D:\迅雷\Components\P4PClient\P4PClient.dll] <Thunder Networking Technologies,LTD><1, 0, 4, 10>
[C:\WINDOWS\system32\fileap.dll] <><2, 1, 0, 1>
[D:\迅雷\Program\iTargetAd.dll] <Thunder Networking Technologies,LTD><1, 0, 1, 59>
[C:\WINDOWS\system32\macromed\flash\Flash85.ocx] <Macromedia, Inc.><8,5,0,133>
[PID: 1968][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\downlo~1\Olhw.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\system32\wmpdrm.dll] <Allsum Info. Tech. Ltd.><2, 0, 0, 1>
[C:\WINDOWS\system32\cryptext32.dll] <Macromedia, Inc.><6.8.29.1>
[C:\WINDOWS\system32\NBBHO.dll] <N/A><N/A>
[C:\PROGRA~1\pcast\hbcast.dll] <Shanghai Henbang Technology Co., Ltd><1, 1, 3, 8>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\system32\fileap.dll] <><2, 1, 0, 1>
[E:\专杀工具\orangeaug.com] <Beijing Rising Tech. Co., Ltd.><1, 4, 6, 2>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 3808][C:\WINDOWS\system32\conime.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>

gfgfgf123 - 2006-9-2 14:06:00

[PID: 3836][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 4776][C:\WINDOWS\system32\NOTEPAD.EXE] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 5380][C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\downlo~1\Olhw.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\system32\wmpdrm.dll] <Allsum Info. Tech. Ltd.><2, 0, 0, 1>
[C:\WINDOWS\system32\cryptext32.dll] <Macromedia, Inc.><6.8.29.1>
[C:\WINDOWS\system32\NBBHO.dll] <N/A><N/A>
[C:\PROGRA~1\pcast\hbcast.dll] <Shanghai Henbang Technology Co., Ltd><1, 1, 3, 8>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\system32\macromed\flash\Flash85.ocx] <Macromedia, Inc.><8,5,0,133>
[PID: 3532][C:\WINDOWS\winupdate.exe] <N/A><N/A>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[PID: 4236][C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\downlo~1\Olhw.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\system32\wmpdrm.dll] <Allsum Info. Tech. Ltd.><2, 0, 0, 1>
[C:\WINDOWS\system32\cryptext32.dll] <Macromedia, Inc.><6.8.29.1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>
[C:\WINDOWS\system32\NBBHO.dll] <N/A><N/A>
[C:\PROGRA~1\pcast\hbcast.dll] <Shanghai Henbang Technology Co., Ltd><1, 1, 3, 8>
[C:\WINDOWS\system32\37211.dll] <3721公司<推荐使用>><1.0.0.0>
[C:\WINDOWS\system32\macromed\flash\Flash85.ocx] <Macromedia, Inc.><8,5,0,133>
[E:\专杀工具\SREng2\SREng2\SREng.com] <Smallfrogs Studio><2.0.21.505>
[C:\WINDOWS\downlo~1\Ozkah.dll] <Tencent><4, 2, 2, 21>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00017.dll] <N/A><N/A>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

瑞星卡卡安全论坛