似乎中毒了,帮忙看看啊!@在线等@!@!附sreng2日志 bbs.ikaka.com

小小妖儿 - 2006-9-17 22:31:00

机器出了很多问题,好象都是中毒的症状,我没有办法了,请帮我看看吧,
下面附上我的日志:
2006-09-17,22:18:41

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<PcSync><C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog> [Time Information Services Ltd.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> []
<ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE> [Network Associates, Inc.]
<McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey> [Network Associates, Inc.]
<Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"> [Network Associates, Inc.]
<PCSuiteTrayApplication><C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup> [Nokia]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> []
<helper.dll><C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<CnsHook.dll><regsvr32 /s C:\WINDOWS\DOWNLO~1\CnsHook.dll> [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll> [北京三七二一科技有限公司]

==================================
启动文件夹
[河南网通宽带用户客户端]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\河南网通宽带用户客户端.lnk><N>

==================================
服务
[McAfee Framework 服务 / McAfeeFramework]
<C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield]
<"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager]
<"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.>
[ServiceLayer / ServiceLayer]
<"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>

小小妖儿 - 2006-9-17 22:33:00

==================================
浏览器加载项
[SurfHelper Class]
{5C5673D1-714A-4b15-99CF-A6885992DF8D} <C:\WINDOWS\system32\swqhost.dll, Microsoft Corporation>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[PRBHO.HTMLDocumentCtrl]
{AAC73F50-03DD-47E5-AD18-FDD65BF29E3D} <C:\WINDOWS\system32\ZComBHO.dll, zcom>
[PrjZKBaiduBHO.ZKBaiduBHO]
{BBF3E65D-762A-41AC-BFDA-7C6D97E65A73} <C:\WINDOWS\system32\ZKBaiduBHO.dll, zcom>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[寻宝乐趣多]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[易趣购物]
{DE607145-AC19-425e-869A-9D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[SurfHelper Class]
{5C5673D1-714A-4B15-99CF-A6885992DF8D} <C:\WINDOWS\system32\swqhost.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[PRBHO.HTMLDocumentCtrl]
{AAC73F50-03DD-47E5-AD18-FDD65BF29E3D} <C:\WINDOWS\system32\ZComBHO.dll, zcom>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[PrjZKBaiduBHO.ZKBaiduBHO]
{BBF3E65D-762A-41AC-BFDA-7C6D97E65A73} <C:\WINDOWS\system32\ZKBaiduBHO.dll, zcom>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[ 发送图片到手机]
<C:\Program Files\ZCOMPRDIY\MenuSendImg.htm, N/A>
[用比特精灵下载(&B)]
<C:\Program Files\BitSpirit\bsurl.htm, N/A>

小小妖儿 - 2006-9-17 22:34:00

==================================
正在运行的进程
[PID: 420][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 476][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 500][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 544][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[PID: 556][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[PID: 708][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[PID: 752][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[PID: 816][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[PID: 860][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[PID: 904][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[PID: 1224][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] <北京三七二一科技有限公司><1, 0, 2, 9>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\PROGRA~1\3721\alrex.dll] <><1, 0, 1, 1001>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[C:\Program Files\Network Associates\VirusScan\shext.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\RES04\ShExtRes.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll] <Nokia><6, 81, 46, 1>
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] <Nokia><6, 81, 68, 0>
[C:\WINDOWS\system32\ConnAPI.DLL] <Nokia.><6, 81, 62, 0>
[C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr] <Nokia><6, 81, 29, 0>
[C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr] <Nokia><6, 81, 11, 0>
[C:\PROGRA~1\3721\autolive.dll] <><1, 1, 7, 1326>
[C:\PROGRA~1\3721\alLiveEx.dll] < ><1, 0, 3, 1006>
[C:\PROGRA~1\baidu\bar\baidubar.dll] <Baidu.com, Inc.><2, 0, 2, 106>
[C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll] <Nokia><6, 81, 26, 0>
[C:\WINDOWS\system32\ZComBHO.dll] <zcom><1.00>
[C:\WINDOWS\system32\ZKBaiduBHO.dll] <zcom><1.00>
[PID: 1284][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1332][C:\WINDOWS\system32\Rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\WINDOWS\DOWNLO~1\CnsMinIO.dll] <北京三七二一科技有限公司><1, 0, 3, 7>
[C:\WINDOWS\DOWNLO~1\cnsio.dll] <北京三七二一科技有限公司><1, 0, 2, 8>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMinEx.dll] <国风因特软件(北京)有限公司><1, 0, 3, 3>
[PID: 1544][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\nailog.dll] <Network Associates, Inc.><3.5.0.474>
[C:\Program Files\Network Associates\Common Framework\naXML.dll] <Network Associates, Inc.><3.5.0.474>
[C:\Program Files\Network Associates\Common Framework\naCmnLib.dll] <Network Associates, Inc.><3.5.0.474>
[C:\Program Files\Network Associates\Common Framework\applib.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\Logging.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\InternetManager.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\naInet.dll] <Network Associates, Inc.><3.5.0.474>
[C:\Program Files\Network Associates\Common Framework\UserSpace.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\Management.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\cmalib.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\Scheduler.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\TCSubSys.dll] <Network Associates, Inc.><3.5.0.412>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll] <Network Associates, Inc.><3.5.0.412>
[PID: 1588][C:\Program Files\Network Associates\VirusScan\Mcshield.exe] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Network Associates\VirusScan\Res04\McShield.DLL] <Network Associates, Inc.><8.0.0.251>

RX销售员 - 2006-9-17 22:34:00

可以扫描另一种Log吗？等你。

小小妖儿 - 2006-9-17 22:34:00

[C:\Program Files\Network Associates\VirusScan\FTL.Dll] <Network Associates, Inc.><8.0.0.135>
[C:\Program Files\Network Associates\VirusScan\naiann.dll] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\VirusScan\NaEventU.DLL] <Network Associates, Inc.><8.0.0.342>
[C:\Program Files\Network Associates\VirusScan\Res04\naEvtRes.dll] <Network Associates, Inc.><8.0.0.342>
[C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL] <McAfee, Inc.><4.4.00>
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\VirusScan\EntSrv.Dll] <Network Associates, Inc><8.0.0.277>
[PID: 1636][C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe] <Network Associates, Inc.><3.5.0.412>
[C:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll] <Network Associates, Inc.><3.5.0.474>
[C:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll] <Network Associates, Inc.><3.5.0.474>
[C:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll] <Network Associates, Inc.><3.5.0.474>
[C:\PROGRA~1\NETWOR~1\COMMON~1\0804\AgentRes.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\VirusScan\VsPlugin.dll] <Network Associates, Inc.><8.0.0.912>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[PID: 1680][C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\naicondl.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\RES04\VsTskMgr.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll] <McAfee, Inc.><8.0.0.152>
[C:\Program Files\Network Associates\VirusScan\BBCpl.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\coptcpl.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\EmCfgCpl.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\RES04\SEmalRes.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\RES04\Product.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\nvpcpl.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\ftcfg.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Network Associates\VirusScan\Res04\McShield.dll] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Network Associates\VirusScan\OASCpl.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\vsodscpl.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\ftl.dll] <Network Associates, Inc.><8.0.0.135>
[C:\Program Files\Network Associates\VirusScan\vsupdcpl.dll] <Network Associates, Inc.><8.0.0.912>
[PID: 520][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 964][C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\RES04\shstat.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\RES04\Product.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\RES04\McShield.dll] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Network Associates\VirusScan\RES04\Shutilrc.dll] <Network Associates, Inc.><8.0.0.912>
[C:\Program Files\Network Associates\VirusScan\Graphics.dll] <Network Associates, Inc.><8.0.0.912>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[PID: 980][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\nailog.dll] <Network Associates, Inc.><3.5.0.474>
[C:\Program Files\Network Associates\Common Framework\naCmnLib.dll] <Network Associates, Inc.><3.5.0.474>
[C:\Program Files\Network Associates\Common Framework\naXML.dll] <Network Associates, Inc.><3.5.0.474>
[C:\Program Files\Network Associates\Common Framework\0804\UpdRes.dll] <Network Associates, Inc.><3.5.0.412>
[C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll] <Network Associates, Inc.><3.5.0.412>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] <Network Associates, Inc.><3.5.0.412>
[PID: 1028][C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe] <Network Associates, Inc.><2.0.275.0>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[PID: 1056][C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE] <Nokia><6, 81, 61, 4>
[C:\WINDOWS\system32\ConnAPI.DLL] <Nokia.><6, 81, 62, 0>
[C:\PROGRA~1\Nokia\NOKIAP~1\PCSCM.dll] <Nokia><6, 81, 68, 0>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll] <Nokia><6, 81, 26, 0>
[C:\PROGRA~1\Nokia\NOKIAP~1\Lang\LaunchApplication_chi-sc.NLR] <Nokia><6, 81, 60, 0>
[C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll] <Nokia><6, 81, 46, 1>
[C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr] <Nokia><6, 81, 29, 0>
[C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr] <Nokia><6, 81, 11, 0>
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] <北京三七二一科技有限公司><1, 0, 2, 9>
[PID: 1068][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.1622>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[PID: 1120][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\PROGRA~1\3721\autolive.dll] <><1, 1, 7, 1326>
[C:\PROGRA~1\3721\notifier.dll] <><1, 0, 0, 5>
[C:\PROGRA~1\3721\alLiveEx.dll] < ><1, 0, 3, 1006>
[PID: 1092][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[PID: 1184][C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe] <Time Information Services Ltd.><2.00 (506)>
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] <Nokia><6, 81, 68, 0>
[C:\WINDOWS\system32\ConnAPI.DLL] <Nokia.><6, 81, 62, 0>
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSL.dll] <Nokia><6, 81, 7, 0>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\Lang\PcSync2_chi-sc.nlr] <Time Information Services Ltd.><9.00 (506)>
[C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\Resource\PcSync2_Nokia.ngr] <Time Information Services Ltd.><9.00 (506)>
[C:\Program Files\Common Files\Nokia\Adapters\NclSet.dll] <Nokia><6.81.9.0>
[C:\Program Files\Common Files\Nokia\Adapters\Nclaeo.dsc] <Nokia Mobile Phones Ltd.><4.00.008>
[C:\Program Files\Common Files\Nokia\MPAPI\MPAPIps.dll] <Nokia Corporation><6.81.73.0>
[C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll] <Nokia><6, 81, 26, 0>
[C:\Program Files\Nokia\Nokia PC Suite 6\CommonSelectDevice.dll] <Nokia><6, 81, 73, 0>
[PID: 1344][C:\Program Files\racer-henan-cnc\racer.exe] <Putian Runway><2, 0, 51, 92>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\Program Files\racer-henan-cnc\rwxre.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\nspr4.dll] <Netscape Communications Corporation><4.5 Beta>
[C:\Program Files\racer-henan-cnc\xpcom.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\nss3.dll] <Netscape Communications Corporation><3.9.1>
[C:\Program Files\racer-henan-cnc\softokn3.dll] <Netscape Communications Corporation><3.9.1>
[C:\Program Files\racer-henan-cnc\gkgfx.dll] <Mozilla Foundation><1.7.3: 2005040616>

小小妖儿 - 2006-9-17 22:34:00

[C:\Program Files\racer-henan-cnc\js3250.dll] <Netscape Communications Corporation><4.0>
[C:\Program Files\racer-henan-cnc\components\racer_base_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\xpcom_compat.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\racer_base.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\components\pipnss.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\gklayout.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\jar50.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\xpcom_compat_c.dll] <Mozilla Foundation><1.7.3: 2005040616>
[C:\Program Files\racer-henan-cnc\components\racer_ad_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\components\racer_access_dhcpplus.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\dhcpplus.dll] <北京润汇科技有限公司><0, 13, 21, 45>
[C:\Program Files\racer-henan-cnc\components\racer_nss4_comp.dll] <Putian Runway><2,0,47,87>
[C:\Program Files\racer-henan-cnc\nss4.dll] <北京普天润汇科技有限公司><1, 0, 0, 3>
[C:\Program Files\racer-henan-cnc\wpcap.dll] <Politecnico di Torino><3, 0, 0, 18>
[C:\Program Files\racer-henan-cnc\pthreadVC.dll] <N/A><N/A>
[C:\Program Files\racer-henan-cnc\packet.dll] <Politecnico di Torino><3, 0, 0, 18>
[PID: 2116][C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe] <Nokia.><6, 81, 60, 0>
[C:\WINDOWS\system32\NclTools.dll] <Nokia.><6, 81, 21, 1>
[C:\Program Files\Common Files\PCSuite\Transports\NCLIrDAMM.dll] <Nokia Corp.><6, 81, 27, 0>
[C:\Program Files\Common Files\PCSuite\Transports\NCLRSMM.dll] <Nokia><6, 81, 34, 1>
[C:\Program Files\Common Files\PCSuite\Transports\NCLUSBMM.dll] <Nokia><6, 81, 39, 1>
[C:\Program Files\Common Files\PCSuite\Transports\NclMSBTMM.dll] <Nokia.><6, 81, 40, 2>
[C:\Program Files\Common Files\PCSuite\Services\NclDS.dll] <Nokia><6, 81, 14, 0>
[C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll] <Nokia><6, 81, 26, 0>
[C:\WINDOWS\system32\ConnAPI.DLL] <Nokia.><6, 81, 62, 0>
[C:\Program Files\Common Files\PCSuite\Services\NclCapability.dll] <Nokia><6, 81, 19, 0>
[C:\Program Files\Common Files\PCSuite\Protocols\NOX.dll] <Nokia><6, 81, 44, 0>
[C:\Program Files\Common Files\PCSuite\Services\NclSync.dll] <Nokia.><6, 81, 9, 0>
[C:\Program Files\Common Files\PCSuite\Services\NclFT.dll] <Nokia><6, 81, 35, 0>
[PID: 2352][C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe] <Nokia Corporation><6.81.161.1>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\Program Files\Common Files\Nokia\MPAPI\MPAPIps.dll] <Nokia Corporation><6.81.73.0>
[PID: 3400][C:\Program Files\racer-henan-cnc\RacerKp.exe] <北京润汇科技有限公司><1, 0, 0, 1>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[PID: 3240][C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE] <Nokia Mobile Phones Ltd.><6, 81, 124, 1>
[C:\WINDOWS\system32\ConnAPI.DLL] <Nokia.><6, 81, 62, 0>
[C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\Lang\DataLayer_chi-sc.nlr] <Nokia><6, 81, 8, 0>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll] <Nokia><6, 81, 46, 1>
[C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] <Nokia><6, 81, 68, 0>
[C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr] <Nokia><6, 81, 29, 0>
[C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr] <Nokia><6, 81, 11, 0>
[C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll] <Nokia><6, 81, 26, 0>
[C:\Program Files\Common Files\PCSuite\DataLayer\DL2SmlNotes.dll] <Nokia Mobile Phones Ltd.><6, 81, 26, 1>
[C:\Program Files\Common Files\PCSuite\DataLayer\DL2SmlSMS.dll] <Nokia><6, 81, 11, 1>
[C:\Program Files\Common Files\PCSuite\DataLayer\EnginePlugin.dll] <Nokia Mobile Phones Ltd.><6, 81, 7, 0>
[PID: 824][C:\Program Files\BitSpirit\BitSpirit.exe] <LANSPIRIT.NET><3.2.1.125>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\Program Files\BitSpirit\plugin\peerid.dll] <N/A><N/A>
[PID: 640][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\EntApi.dll] <Network Associates, Inc><8.0.0.277>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\PROGRA~1\3721\scrblock.dll] <3721><1, 0, 1, 1000>
[C:\PROGRA~1\3721\alrex.dll] <><1, 0, 1, 1001>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\WINDOWS\DOWNLO~1\CnsHint.dll] <3721><1, 0, 1, 0>
[C:\PROGRA~1\3721\autolive.dll] <><1, 1, 7, 1326>
[C:\PROGRA~1\3721\alLiveEx.dll] < ><1, 0, 3, 1006>
[C:\WINDOWS\DOWNLO~1\cnsplus.dll] <3721><1, 0, 0, 2>
[C:\PROGRA~1\baidu\bar\baidubar.dll] <Baidu.com, Inc.><2, 0, 2, 106>
[C:\WINDOWS\system32\ZComBHO.dll] <zcom><1.00>
[C:\WINDOWS\system32\ZKBaiduBHO.dll] <zcom><1.00>
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] <北京三七二一科技有限公司><1, 0, 2, 9>
[C:\Program Files\Network Associates\VirusScan\scriptproxy.dll] <Network Associates, Inc.><8.0.0.955>
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Network Associates\VirusScan\Res04\McShield.dll] <Network Associates, Inc.><8.0.0.251>
[C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll] <McAfee, Inc.><4.4.00>
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] <Adobe Systems, Inc.><9,0,16,0>
[PID: 4080][C:\Program Files\Ringz Studio\Storm Codec\mplayerc.exe] <Gabest><6, 4, 9, 0>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[C:\WINDOWS\system32\tssoft32.acm] <DSP GROUP, INC.><1.01>
[C:\WINDOWS\system32\tsd32.dll] <N/A><N/A>
[C:\WINDOWS\system32\sl_anet.acm] <Sipro Lab Telecom Inc.><3.02>
[C:\WINDOWS\system32\iac25_32.ax] <Intel Corporation><2.05.53>
[C:\WINDOWS\system32\l3codeca.acm] <Fraunhofer Institut Integrierte Schaltungen IIS><1, 9, 0, 0305>
[C:\WINDOWS\system32\vorbis.acm] <HMS http://hp.vector.co.jp/authors/VA012897/><0, 0, 3, 6>
[C:\WINDOWS\system32\vct3216.acm] <Voxware, Inc.><1.6.0.17>
[C:\WINDOWS\system32\vct3216.dll] <Voxware, Inc.><1.6.0.12>
[C:\WINDOWS\system32\msms001.vwp] <Voxware, Inc.><2.0.2.61>
[C:\WINDOWS\system32\mvoice.vwp] <Voxware, Inc.><2.0.0.12.01>
[C:\WINDOWS\system32\ffdshow.ax] <N/A><1.0.2.2028>
[C:\Program Files\Ringz Studio\Storm Codec\Codecs\ff_realaac.dll] <N/A><N/A>
[C:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll] <Gabest><1, 0, 1, 3>
[C:\Program Files\Common Files\Real\Codecs\drv43260.dll] <RealNetworks, Inc.><6.0.7.2389>
[C:\WINDOWS\system32\PNCRT.dll] <Real Networks, Inc><6.0.0.0>
[C:\Program Files\Ringz Studio\Storm Codec\Codecs\TTL2Dec.dll] <N/A><N/A>
[PID: 2720][E:\gongju\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\PROGRA~1\3721\helper.dll] <><1, 1, 0, 1325>
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 9>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

RX销售员 - 2006-9-17 22:36:00

引用:

【RX销售员的贴子】可以扫描另一种Log吗？等你。
………………

可以扫描另一种Log吗？等你。

小小妖儿 - 2006-9-17 22:51:00

我不明白你的意思?什么是另一种Log?

小小妖儿 - 2006-9-18 19:24:00

怎么没有人帮我啊,今天连关机都困难,慢的真是可以,帮忙啊~!~

小小妖儿 - 2006-9-18 19:36:00

HijackThis_zww汉化版扫描日志 V1.99.1
保存于 21:21:03, 日期 2006-9-17
操作系统： Windows XP SP2 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\racer-henan-cnc\racer.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\racer-henan-cnc\RacerKp.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\BitSpirit\BitSpirit.exe
C:\Program Files\Ringz Studio\Storm Codec\mplayerc.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\gongju\HijackThis1[1].99.1\HijackThis1991zww.exe

O2 - BHO: SurfHelper Class - {5C5673D1-714A-4b15-99CF-A6885992DF8D} - C:\WINDOWS\system32\swqhost.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: PRBHO.HTMLDocumentCtrl - {AAC73F50-03DD-47E5-AD18-FDD65BF29E3D} - C:\WINDOWS\system32\ZComBHO.dll
O2 - BHO: PrjZKBaiduBHO.ZKBaiduBHO - {BBF3E65D-762A-41AC-BFDA-7C6D97E65A73} - C:\WINDOWS\system32\ZKBaiduBHO.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\CnsHook.dll
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - 启动项HKLM\\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - 启动项HKLM\\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - 启动项HKLM\\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - 启动项HKLM\\RunOnce: [CnsHook.dll] regsvr32 /s C:\WINDOWS\DOWNLO~1\CnsHook.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: 河南网通宽带用户客户端.lnk = C:\Program Files\racer-henan-cnc\racer.exe
O8 - IE右键菜单中的新增项目: 发送图片到手机 - C:\Program Files\ZCOMPRDIY\MenuSendImg.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm
O9 - 浏览器额外的按钮: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - 浏览器额外的按钮: 易趣购物 - {DE607145-AC19-425e-869A-9D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE607145-AC19-425e-869A-9D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS] 中文上网
O17 - HKLM\System\CCS\Services\Tcpip\..\{409C8164-5C7C-419B-8BC8-E76EA94D64A0}: NameServer = 202.96.128.86,202.96.128.166
O23 - NT 服务: McAfee Framework 服务 (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - NT 服务: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - NT 服务: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - NT 服务: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

小小妖儿 - 2006-9-18 20:40:00

New Malware.j就是这个毒

与时拒进 - 2006-9-18 20:45:00

C:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Internet Explorer\iexplore.exe
O4 - 启动项HKLM\\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O9 - 浏览器额外的按钮: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - 浏览器额外的按钮: 易趣购物 - {DE607145-AC19-425e-869A-9D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE607145-AC19-425e-869A-9D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
都有问题，确实有病毒，只能让高手具体指导

瑞星卡卡安全论坛