瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 请高手帮帮忙
追风龙 - 2006-10-10 9:00:00
请高手帮忙看看这日志,我的电脑中毒了,但是杀了还有,
杀毒软件总是报有毒,汗~~~
谢谢先

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ BDAgent    BDSwitch Application    SOFTWIN S.R.L.    c:\program files\softwin\bitdefender10\bdagent.exe

+ BDMCon    BitDefender Management Console    SOFTWIN S.R.L.    c:\program files\softwin\bitdefender10\bdmcon.exe


这是病毒报表:

C:\Program Files\Common Files\{406A1408-086E-2052-1110-040407040056}\Update.exe发现: Adware.ToolBar888.B
C:\Program Files\Common Files\{406A1408-086E-2052-1110-040407040056}\Update.exe杀毒失败
C:\Program Files\Common Files\{406A1408-086E-2052-1110-040407040056}\Update.exe移动
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll发现: Adware.ToolBar888.B
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll杀毒失败
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll移动
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Activate.exe发现: Adware.ToolBar888.B
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Activate.exe杀毒失败
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Activate.exe移动
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Uninst.exe发现: Adware.ToolBar888.B
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Uninst.exe杀毒失败
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Uninst.exe移动


+ IMJPMIG8.1            File not found: ;

+ PHIME2002A            File not found: ;

+ PHIME2002ASync            File not found: ;

+ QuickTime Task            File not found: ;

+ Skype            File not found: ;

+ SoundMan    Realtek Sound Manager    Realtek Semiconductor Corp.    c:\windows\soundman.exe

+ Thunder            File not found: ;

+ TkBellExe            File not found: ;

+ WebThunder            File not found: ;

C:\Documents and Settings\All Users\「开始」菜单\程序\启动           

+ AutoCAD 启动加速器.lnk    AutoCAD Startup Accelerator    Autodesk, Inc    c:\program files\common files\autodesk shared\acstart17.exe

C:\Documents and Settings\Administrator\「开始」菜单\程序\启动           

+ 腾讯QQ珊瑚虫版.lnk    CoralQQ 加载程序    珊瑚虫工作室    d:\program files\tencent珊瑚虫\qq\coralqq.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run           

+ {406A1408-086E-2052-1110-040407040056}            File not found: C:\Program Files\Common Files\{406A1408-086E-2052-1110-040407040056}\Update.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run           

+ eMuleAutoStart    eMule    http://www.emule.org.cn    c:\program files\emule\emule.exe

+ kugoo            File not found: ;

+ MSMSGS            File not found: ;

+ updatereal            File not found: C:\WINDOWS\realupdate.exe other

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components           

+ 0            File not found: About:Home

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ AutoCAD 数字签名图标覆盖处理程序    AcSignIcon Module    Autodesk    c:\windows\system32\acsignicon.dll

+ Autodesk Drawing Preview    AcThumbnail Module    Autodesk    c:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll

+ Display Panning CPL Extension            File not found: deskpan.dll

+ HyperTerminal Icon Ext    HyperTerminal Applet Library    Hilgraeve, Inc.    c:\windows\system32\hticons.dll

+ Shell Extensions for RealOne Player    RealPlayer Shell Extensions    RealNetworks, Inc.    c:\program files\real\realplayer\rpshell.dll

+ WinRAR shell extension            c:\program files\winrar\rarext.dll

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ Web 文件夹            c:\program files\common files\microsoft shared\web folders\msonsext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects           

+ ToolBar888            File not found: C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll

+ 超级兔子上网精灵    HaoKanBar Toolbar Module    Xiang Feng Technology    d:\program files\超级兔子\magicset\haokanbar.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar           

+ googletoolbar1.dll            File not found: c:\program files\google\googletoolbar1.dll

+ MyToolBar.dll            File not found: C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions           

+ 豪杰超级解霸V8            d:\herosoft\herov8\sthsdvd.exe

+ 启动Web迅雷            File not found: http://my.xunlei.com

+ 启动迅雷        Thunder Networking Technologies,LTD    d:\program files\thunder network\thunder\thunder.exe

+ 腾讯QQ            File not found: D:\Program Files\Tencent\QQ\QQ.EXE

HKLM\System\CurrentControlSet\Services           

+ bdss    Scans media for viruses and other security threats        c:\program files\common files\softwin\bitdefender scan server\bdss.exe

+ C-DillaCdaC11BA    Macrovision RTS Service    Macrovision    c:\windows\system32\drivers\cdac11ba.exe

+ C-DillaSrv    C-Dilla RTS Service    C-Dilla Ltd    c:\windows\system32\drivers\cdantsrv.exe

+ LIVESRV    Downloads BitDefender updates and new malware signatures from the Internet    SOFTWIN S.R.L.    c:\program files\common files\softwin\bitdefender update service\livesrv.exe

+ NetWorkLogons    支持网络上计算机远程登陆事件。如果此服务被停用,网络登陆将不可用。如果此服务被禁用,任何依赖它的服务将无法启动。        c:\windows\system32\kb27861012.log

+ Unigraphics License Server (uglmd)    为此 NX 产品准备许可证    Macrovision Corporation    c:\program files\ugs\license servers\ugnxflexlm\lmgrd.exe

+ VSSERV    Scans media for viruses and other security threats    SOFTWIN S.R.L.    c:\program files\softwin\bitdefender10\vsserv.exe

+ XCOMM    Ensures proper communication between BitDefender components    Softwin    c:\program files\common files\softwin\bitdefender communicator\xcommsvr.exe

HKLM\System\CurrentControlSet\Services           

+ ALCXSENS    Sensaura WDM 3D Audio Driver    Sensaura    c:\windows\system32\drivers\alcxsens.sys

+ ALCXWDM    Realtek AC'97 Audio Driver (WDM)    Realtek Semiconductor Corp.    c:\windows\system32\drivers\alcxwdm.sys

+ bdfdll            c:\program files\softwin\bitdefender10\bdfdll.sys

+ BDFSDRV            c:\program files\softwin\bitdefender10\bdfsdrv.sys

+ BDRSDRV            c:\program files\softwin\bitdefender10\bdrsdrv.sys

+ C-Dilla    C-Dilla Windows NT RTS    Macrovision    c:\windows\system32\drivers\cdant.sys

+ CdaC15BA    Macrovision SECURITY Driver    Macrovision Europe Ltd    c:\windows\system32\drivers\cdac15ba.sys

+ DS1410D            File not found: SYSTEM32\drivers\DS1410D.SYS

+ FETNDIS    NDIS 5.0 miniport driver    VIA Technologies, Inc.                  c:\windows\system32\drivers\fetnd5.sys

+ k750bus    Sony Ericsson 750 Driver    MCCI    c:\windows\system32\drivers\k750bus.sys

+ k750mdfl    Sony Ericsson 750 USB WMC Modem Filter    MCCI    c:\windows\system32\drivers\k750mdfl.sys

+ k750mdm    Sony Ericsson 750 USB WMC Modem Drivers    MCCI    c:\windows\system32\drivers\k750mdm.sys

+ k750mgmt    Sony Ericsson 750 USB WMC Device Management Drivers    MCCI    c:\windows\system32\drivers\k750mgmt.sys

+ k750obex    Sony Ericsson 750 USB WMC OBEX Interface Drivers    MCCI    c:\windows\system32\drivers\k750obex.sys

+ kmsinput            c:\windows\system32\drivers\kmsinput.sys

+ npkcrypt    nProtect KeyCrypt Driver    INCA Internet Co., Ltd.    d:\program files\tencent\qq\npkcrypt.sys

+ nv    NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73     NVIDIA Corporation    c:\windows\system32\drivers\nv4_mini.sys

+ pfc    Padus(R) ASPI Shell    Padus, Inc.    c:\windows\system32\drivers\pfc.sys

+ Ptilink    Direct Parallel Link Driver    Parallel Technologies, Inc.    c:\windows\system32\drivers\ptilink.sys

+ Secdrv    SafeDisc driver        c:\windows\system32\drivers\secdrv.sys

+ SONYPVU1    Sony USB Lower Filter driver    Sony Corporation    c:\windows\system32\drivers\sonypvu1.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls           

+ sockspy.dll            c:\windows\system32\sockspy.dll

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors           

+ EPSON V5 2KMonitor    EPSON Bidirectional Monitor    SEIKO EPSON CORPORATION    c:\windows\system32\ebpmon2.dll


这是system扫描的日志

注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
    <kugoo><; C:\PROGRA~1\KUGOO2\KUGOO.EXE>  []
    <updatereal><C:\WINDOWS\realupdate.exe other>  []
    <eMuleAutoStart><C:\Program Files\eMule\eMule.exe -AutoStart>  [http://www.emule.org.cn]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <QuickTime Task><; "F:\qttask.exe" -atboottime>  []
    <Skype><; C:\Program Files\skype\Phone\Skype.exe>  []
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <Thunder><; "D:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <Super Rabbit SafeEdit><D:\Program Files\超级兔子\MagicSet\SRFC.EXE /Load>  [Super Rabbit Soft]
    <SKYNET Personal FireWall><; D:\极品五笔\FIREWALL\pfw.exe>  []
    <BDMCon><"C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg>  [SOFTWIN S.R.L.]
    <BDAgent><"C:\Program Files\Softwin\BitDefender10\bdagent.exe">  [SOFTWIN S.R.L.]
    <WebThunder><; C:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [深圳市迅雷网络技术有限公司]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><sockspy.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><LogonUI.EXE>  [Microsoft Corporation]

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>
[AutoCAD 启动加速器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk><H>
[腾讯QQ珊瑚虫版]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk><H>





附件: 6207992006101095712.BMP
snliuxun - 2006-10-10 9:11:00
看不懂
先删注册值
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

+ {406A1408-086E-2052-1110-040407040056} File not found: C:\Program Files\Common Files\{406A1408-086E-2052-1110-040407040056}\Update.exe

用sreng2扫日志贴上来吧.也把报的毒贴上来吧
追风龙 - 2006-10-10 10:00:00
这是病毒报表:

C:\Program Files\Common Files\{406A1408-086E-2052-1110-040407040056}\Update.exe发现: Adware.ToolBar888.B
C:\Program Files\Common Files\{406A1408-086E-2052-1110-040407040056}\Update.exe杀毒失败
C:\Program Files\Common Files\{406A1408-086E-2052-1110-040407040056}\Update.exe移动
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll发现: Adware.ToolBar888.B
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll杀毒失败
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll移动
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Activate.exe发现: Adware.ToolBar888.B
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Activate.exe杀毒失败
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Activate.exe移动
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Uninst.exe发现: Adware.ToolBar888.B
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Uninst.exe杀毒失败
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\Uninst.exe移动
westbeck - 2006-10-10 10:31:00
你把日志贴完吧
追风龙 - 2006-10-10 10:39:00
谢谢你们的帮忙,这是全部的
2006-10-10,10:25:12

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
    <kugoo><; C:\PROGRA~1\KUGOO2\KUGOO.EXE>  []
    <updatereal><C:\WINDOWS\realupdate.exe other>  []
    <eMuleAutoStart><C:\Program Files\eMule\eMule.exe -AutoStart>  [http://www.emule.org.cn]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <QuickTime Task><; "F:\qttask.exe" -atboottime>  []
    <Skype><; C:\Program Files\skype\Phone\Skype.exe>  []
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <Thunder><; "D:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <Super Rabbit SafeEdit><D:\Program Files\超级兔子\MagicSet\SRFC.EXE /Load>  [Super Rabbit Soft]
    <SKYNET Personal FireWall><; D:\极品五笔\FIREWALL\pfw.exe>  []
    <BDMCon><"C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg>  [SOFTWIN S.R.L.]
    <BDAgent><"C:\Program Files\Softwin\BitDefender10\bdagent.exe">  [SOFTWIN S.R.L.]
    <WebThunder><; C:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [深圳市迅雷网络技术有限公司]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><sockspy.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><LogonUI.EXE>  [Microsoft Corporation]

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>
[AutoCAD 启动加速器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk><H>
[腾讯QQ珊瑚虫版]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk><H>
追风龙 - 2006-10-10 10:40:00
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Autodesk Licensing Service / Autodesk Licensing Service]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[BitDefender Scan Server / bdss]
  <"C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service><N/A>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[C-DillaSrv / C-DillaSrv]
  <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[BitDefender Desktop Update Service / LIVESRV]
  <"C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service><SOFTWIN S.R.L.>
[Remote Cortrol King / Remote Cortrol King]
  <><N/A>
[Unigraphics 许可证服务器(uglmd) / Unigraphics License Server (uglmd)]
  <"C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe"><Macrovision Corporation>
[BitDefender Virus Shield / VSSERV]
  <"C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service><SOFTWIN S.R.L.>

==================================
浏览器加载项
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\PROGRA~1\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[ToolBar888]
  {C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <C:\Program Files\浩方对战平台\GameClient.exe, N/A>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <D:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\Program Files\Tencent珊瑚虫\QQ\QQIEHelper.dll, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\PROGRA~1\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[ToolBar888]
  {C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
[LiveMediaOcx Control]
  {4AF6677A-373A-4BB9-BD9F-6196B6FC35B3} <C:\PROGRA~1\qqtv\QQTV.ocx, >
[PhotoUploadCtrl Control]
  {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <D:\PROGRA~1\TENCEN~1\QQ\QZone\PHOTOU~1.OCX, tencent>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_013.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, N/A>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\PROGRA~1\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Program Files\Tencent珊瑚虫\QQ\QQIEHelper.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\PROGRA~1\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\WebThunder\MediaAddin08.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, N/A>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <C:\PROGRA~1\KuGoo2\KUGOO3~1.OCX, N/A>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, N/A>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Microsoft DirectAnimation Control]
  {B6FFC24C-7E13-11D0-9B47-00C04FC2F51D} <C:\WINDOWS\system32\danim.dll, Microsoft Corporation>
[ToolBar888]
  {C004DEC2-2623-438E-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>
[Adobe Acrobat Control for ActiveX]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\pdf.ocx, Adobe Systems Incorporated>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[&使用迅雷下载]
  <D:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent珊瑚虫\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent珊瑚虫\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent珊瑚虫\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent珊瑚虫\QQ\SendMMS.htm, N/A>

snliuxun - 2006-10-10 10:40:00
删些文件夹
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}

扫新日志.全部贴上来吧
追风龙 - 2006-10-10 10:54:00
最新的
2006-10-10,10:41:54

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
    <kugoo><; C:\PROGRA~1\KUGOO2\KUGOO.EXE>  []
    <updatereal><C:\WINDOWS\realupdate.exe other>  []
    <eMuleAutoStart><C:\Program Files\eMule\eMule.exe -AutoStart>  [http://www.emule.org.cn]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <QuickTime Task><; "F:\qttask.exe" -atboottime>  []
    <Skype><; C:\Program Files\skype\Phone\Skype.exe>  []
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <Thunder><; "D:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <Super Rabbit SafeEdit><D:\Program Files\超级兔子\MagicSet\SRFC.EXE /Load>  [Super Rabbit Soft]
    <SKYNET Personal FireWall><; D:\极品五笔\FIREWALL\pfw.exe>  []
    <BDMCon><"C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg>  [SOFTWIN S.R.L.]
    <BDAgent><"C:\Program Files\Softwin\BitDefender10\bdagent.exe">  [SOFTWIN S.R.L.]
    <WebThunder><; C:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [深圳市迅雷网络技术有限公司]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><sockspy.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><LogonUI.EXE>  [Microsoft Corporation]

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>
[AutoCAD 启动加速器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk><H>
[腾讯QQ珊瑚虫版]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk><H>

==================================
追风龙 - 2006-10-10 10:54:00
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Autodesk Licensing Service / Autodesk Licensing Service]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[BitDefender Scan Server / bdss]
  <"C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service><N/A>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[C-DillaSrv / C-DillaSrv]
  <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[BitDefender Desktop Update Service / LIVESRV]
  <"C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service><SOFTWIN S.R.L.>
[Remote Cortrol King / Remote Cortrol King]
  <><N/A>
[Unigraphics 许可证服务器(uglmd) / Unigraphics License Server (uglmd)]
  <"C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe"><Macrovision Corporation>
[BitDefender Virus Shield / VSSERV]
  <"C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service><SOFTWIN S.R.L.>

==================================
浏览器加载项
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\PROGRA~1\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[ToolBar888]
  {C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <C:\Program Files\浩方对战平台\GameClient.exe, N/A>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <D:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\Program Files\Tencent珊瑚虫\QQ\QQIEHelper.dll, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\PROGRA~1\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[ToolBar888]
  {C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
[LiveMediaOcx Control]
  {4AF6677A-373A-4BB9-BD9F-6196B6FC35B3} <C:\PROGRA~1\qqtv\QQTV.ocx, >
[PhotoUploadCtrl Control]
  {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <D:\PROGRA~1\TENCEN~1\QQ\QZone\PHOTOU~1.OCX, tencent>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_013.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, N/A>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\PROGRA~1\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Program Files\Tencent珊瑚虫\QQ\QQIEHelper.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\PROGRA~1\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\WebThunder\MediaAddin08.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, N/A>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <C:\PROGRA~1\KuGoo2\KUGOO3~1.OCX, N/A>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, N/A>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Microsoft DirectAnimation Control]
  {B6FFC24C-7E13-11D0-9B47-00C04FC2F51D} <C:\WINDOWS\system32\danim.dll, Microsoft Corporation>
[ToolBar888]
  {C004DEC2-2623-438E-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>
[Adobe Acrobat Control for ActiveX]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\pdf.ocx, Adobe Systems Incorporated>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[&使用迅雷下载]
  <D:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent珊瑚虫\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent珊瑚虫\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent珊瑚虫\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent珊瑚虫\QQ\SendMMS.htm, N/A>
追风龙 - 2006-10-10 10:55:00
正在运行的进程
[PID: 584][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 640][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 664][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 708][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 720][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 880][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 944][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1060][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1132][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1192][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1476][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [C:\WINDOWS\system32\EBPMON2.DLL]  <SEIKO EPSON CORPORATION><2, 16, 0, 0>
[PID: 1576][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><17.0.54.0>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><17.0.54.110>
    [C:\WINDOWS\system32\KB27861012.log]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\bdshelxt.dll]  <N/A><1, 0, 0, 2>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
[PID: 1760][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5.1.0.29>
[PID: 1812][C:\Program Files\Softwin\BitDefender10\bdmcon.exe]  <SOFTWIN S.R.L.><10, 0, 0, 2>
    [C:\WINDOWS\system32\XCOMM.dll]  <Softwin><1, 8, 12, 0>
    [C:\Program Files\Softwin\BitDefender10\procinf.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\TxTools.dll]  <SOFTWIN S.R.L><9, 0, 0, 0>
    [C:\Program Files\Softwin\BitDefender10\bdch.dll]  <SOFTWIN><1, 0, 0, 266>
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll]  <SOFTWIN><1, 0, 0, 143>
    [C:\Program Files\Softwin\BitDefender10\bdGUICtrl.dll]  <Softwin><2, 1, 3, 7>
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll]  <Softwin><1, 0, 0, 1>
    [C:\Program Files\Softwin\BitDefender10\NAG.dll]  <TODO: <Company name>><10.0.0.0>
    [C:\Program Files\Softwin\BitDefender10\popup.dll]  <SOFTWIN S.R.L.><9, 0, 0, 5>
    [C:\Program Files\Softwin\BitDefender10\agentreg.dll]  <TODO: <Company name>><10.0.0.0>
    [C:\Program Files\Softwin\BitDefender10\getfile.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\bdusers.dll]  <TODO: <Company name>><1.0.0.1>
    [C:\Program Files\Softwin\BitDefender10\main.dll]  <SOFTWIN S.R.L.><10, 0, 0, 2>
    [C:\Program Files\Softwin\BitDefender10\antivirus.dll]  <SOFTWIN S.R.L.><10, 0, 0, 20>
    [C:\Program Files\Softwin\BitDefender10\bdGUICtl.dll]  <Softwin><2, 1, 5, 0>
    [C:\Program Files\Softwin\BitDefender10\firewall.dll]  <SOFTWIN S.R.L.><10, 0, 0, 33>
    [C:\Program Files\Softwin\BitDefender10\Wizards.dll]  <SOFTWIN S.R.L.><10, 0, 0, 8>
    [C:\Program Files\Softwin\BitDefender10\dbokf.dll]  <SOFTWIN><1.0.0.1>
    [C:\Program Files\Softwin\BitDefender10\antispam.dll]  <SOFTWIN S.R.L><10.0.0.0>
    [C:\Program Files\Softwin\BitDefender10\antispy.dll]  <SOFTWIN S.R.L.><10, 0, 0, 22>
    [C:\Program Files\Softwin\BitDefender10\live.dll]  <SOFTWIN S.R.L.><10, 0, 0, 8>
    [C:\Program Files\Softwin\BitDefender10\vshield.dll]  <SOFTWIN S.R.L.><10, 0, 0, 89>
    [C:\Program Files\Softwin\BitDefender10\vscan.dll]  <SOFTWIN S.R.L.><10, 0, 0, 22>
    [C:\Program Files\Softwin\BitDefender10\quar.dll]  <SOFTWIN S.R.L.><10, 0, 0, 28>
    [C:\Program Files\Softwin\BitDefender10\quarcore.dll]  <SOFTWIN S.R.L.><10, 0, 0, 1>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><17.0.54.0>
    [C:\Program Files\Softwin\BitDefender10\bwlist.dll]  <SOFTWIN S.R.L.><10.0.0.0>
    [C:\Program Files\Softwin\BitDefender10\ashield.dll]  <SOFTWIN S.R.L.><10, 0, 0, 73>
    [C:\Program Files\Softwin\BitDefender10\privintf.dll]  <SOFTWIN S.R.L.><10, 0, 0, 17>
    [C:\Program Files\Softwin\BitDefender10\sysinfo.dll]  <SOFTWIN S.R.L.><10, 0, 0, 1039>
[PID: 1824][C:\Program Files\Softwin\BitDefender10\bdagent.exe]  <SOFTWIN S.R.L.><10, 0, 0, 3>
    [C:\WINDOWS\system32\XCOMM.dll]  <Softwin><1, 8, 12, 0>
    [C:\Program Files\Softwin\BitDefender10\bdch.dll]  <SOFTWIN><1, 0, 0, 266>
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll]  <SOFTWIN><1, 0, 0, 143>
    [C:\Program Files\Softwin\BitDefender10\bdoe.dll]  <SOFTWIN S.R.L.><10, 0, 0, 0>
[PID: 1848][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  <Macrovision><4.20.030>
[PID: 1868][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE]  <C-Dilla Ltd><3.23.000>
[PID: 1980][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 2036][C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe]  <Macrovision Corporation><9, 2, 2, 0>
[PID: 216][C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe]  <Softwin><1, 8, 11, 0>
[PID: 308][C:\Program Files\UGS\License Servers\UGNXFLEXlm\uglmd.exe]  <N/A><N/A>
[PID: 336][C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe]  <N/A><N/A>
    [C:\WINDOWS\system32\XCOMM.dll]  <Softwin><1, 8, 12, 0>
    [C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdcore.dll]  <SOFTWIN SRL><7, 0, 0, 2329>
    [C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdsubmit.dll]  <SOFTWIN><1, 0, 0, 143>
    [C:\Program Files\Common Files\Softwin\BitDefender Scan Server\libfn.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Softwin\BitDefender Scan Server\avxdisk.dll]  <N/A><N/A>
[PID: 424][C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe]  <SOFTWIN S.R.L.><10, 0, 0, 4>
    [C:\WINDOWS\system32\XCOMM.dll]  <Softwin><1, 8, 12, 0>
    [C:\Program Files\Common Files\Softwin\BitDefender Update Service\HTTPGETF.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Softwin\BitDefender Update Service\zlib.dll]  <N/A><1.1.3>
    [C:\Program Files\Common Files\Softwin\BitDefender Update Service\bdch.dll]  <SOFTWIN><1, 0, 0, 266>
    [C:\Program Files\Common Files\Softwin\BitDefender Update Service\bdsubmit.dll]  <SOFTWIN><1, 0, 0, 143>
[PID: 616][C:\Program Files\Softwin\BitDefender10\vsserv.exe]  <SOFTWIN S.R.L.><10, 0, 0, 28>
    [C:\Program Files\Softwin\BitDefender10\zlib.dll]  <N/A><1.1.3>
    [C:\WINDOWS\system32\XCOMM.dll]  <Softwin><1, 8, 12, 0>
    [C:\Program Files\Softwin\BitDefender10\procinf.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\mimeinf.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\bdch.dll]  <SOFTWIN><1, 0, 0, 266>
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll]  <SOFTWIN><1, 0, 0, 143>
    [C:\Program Files\Softwin\BitDefender10\librtvr.dll]  <Softwin SRL><1, 3, 0, 0>
    [C:\Program Files\Softwin\BitDefender10\bdfdll_x86.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\privscan.dll]  <SOFTWIN S.R.L.><10, 0, 0, 4>
    [C:\Program Files\Softwin\BitDefender10\quarcore.dll]  <SOFTWIN S.R.L.><10, 0, 0, 1>
    [C:\WINDOWS\system32\sockspy.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\as2core.dll]  <SOFTWIN S.R.L.><2, 1, 178, 0>
    [C:\Program Files\Softwin\BitDefender10\astracer.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\asemlbr.mdl]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\asemldsp.mdl]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\asemlf.mdl]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\asemlnn.mdl]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\ashttpbr.mdl]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\ashttpdsp.mdl]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\ashttpf.mdl]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\asemlrbl.mdl]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\mimepack.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\XRegLib.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\iconv.dll]  <Free Software Foundation><1.9>
    [C:\Program Files\Softwin\BitDefender10\asregex.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\sch_serv.dll]  <SOFTWIN S.R.L.><10, 0, 0, 7>
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll]  <Softwin><1, 0, 0, 1>
    [C:\Program Files\Softwin\BitDefender10\bdpop3p.dll]  <SOFTWIN S.R.L.><9, 0, 0, 0>
    [C:\Program Files\Softwin\BitDefender10\bdsmtpp.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\httproxy.dll]  <N/A><1, 0, 4, 0>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><17.0.54.0>
追风龙 - 2006-10-10 10:57:00
[PID: 1532][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2540][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\sockspy.dll]  <N/A><N/A>
[PID: 7016][C:\Program Files\AutoCAD 2004\acad.exe]  <Autodesk, Inc.><R16.00.086>
    [C:\Program Files\Common Files\Autodesk Shared\ac1st16.dll]  <Autodesk, Inc.><16.1.63.0>
    [C:\Program Files\Common Files\Autodesk Shared\acdb16.dll]  <Autodesk, Inc.><16.1.63.10>
    [C:\Program Files\Common Files\Autodesk Shared\AcGe16.dll]  <Autodesk, Inc.><16.1.63.0>
    [C:\Program Files\AutoCAD 2004\acui16.dll]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\ANav.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\adui16.dll]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\dswhip.dll]  <Autodesk Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\heidi8.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\dlint8.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\SFTTABAC.dll]  <Softel vdm><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\UserData.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\adlmdll.dll]  <Autodesk, Inc.><4.0.0.2>
    [C:\Program Files\AutoCAD 2004\adctrls.dll]  <Autodesk, Inc.><16.0.0.86>
    [C:\WINDOWS\system32\sockspy.dll]  <N/A><N/A>
    [C:\Program Files\AutoCAD 2004\adui16res.dll]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AnavRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\acui16res.dll]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\DsWhipRes.dll]  <Autodesk Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\sfttabacRes.dll]  <Softel vdm><16.0.0.86>
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~ef4b6b\~df394b.tmp]  <N/A><N/A>
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~ef4b6b\~de8c3a.tmp]  <N/A><2.20.020>
    [C:\Program Files\AutoCAD 2004\ADCtrlsRes.dll]  <Autodesk, Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\acadbtn.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\acadres.dll]  <Autodesk, Inc.><16.0.0.86>
    [C:\Program Files\Common Files\Autodesk Shared\acdb16enures.dll]  <Autodesk, Inc.><16.1.63.0>
    [C:\Program Files\AutoCAD 2004\adlmres.dll]  <Autodesk, Inc.><4.0.0.2>
    [C:\Program Files\AutoCAD 2004\PrxyInet.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\PrxyInetRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\oleaprot.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\colorRes.dll]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\drv\gdi8.hdi]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\drv\gdi8Res.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\drv\szb8.hdi]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\drv\rblast8.hdi]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\drv\gdifont8.hdi]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\acgs.dll]  <Autodesk Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\acgsRes.dll]  <Autodesk Inc.><16.0.0.86>
    [c:\program files\common files\autodesk shared\achapi16.dbx]  <Autodesk, Inc.><16.1.63.0>
    [C:\Program Files\AutoCAD 2004\hcreg8.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\hcreg8Res.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\vl.arx]  <Autodesk Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\VLMSG.DLL]  <Autodesk Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\VLLIB.DLL]  <Autodesk Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcApp.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcDblClkEdit.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcDblClkEditPE.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcDblClkEditRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\acdim.arx]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\ShareAC.dll]  <Autodesk, Inc><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\ShareMFC.dll]  <Autodesk, Inc><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcDimRes.dll]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\aceplotx.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcEplotXRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\achlnkui.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\achlnkuiRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcIDropMgr.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcIDropMgrRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcLayerP.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcLayerPRes.dll]  <Autodesk, Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcPltStamp.arx]  <Autodesk, Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\APPERR.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\plotcfg8.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\pm8.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\pctres8.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\apperrRes.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\pmres8.dll]  <Autodesk, Inc.><8.0.16.86>
    [C:\Program Files\AutoCAD 2004\AcPltStampRes.dll]  <Autodesk, Inc.><16.0.0.86>
追风龙 - 2006-10-10 10:57:00

    [C:\Program Files\AutoCAD 2004\AcSign.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcSignRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcSpaceTrans.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcSpaceTransRes.dll]  <Autodesk, Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcStd.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcStStdRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcTp.arx]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcTc.DLL]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcTcUi.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcTcRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\AcTcUiRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\whohas.arx]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\whohasRes.dll]  <><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\acetlodr.arx]  <Autodesk, Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\WSCommCntrAcCon.arx]  <Autodesk, Inc.><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\WSCommCntrAcConRes.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\AutoCAD 2004\support\vel.arx]  <><0,0,16,0>
    [c:\program files\common files\autodesk shared\modlr16.dll]  <Autodesk, Inc.><16.1.63.0>
    [c:\program files\common files\autodesk shared\ASMkern80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMlaw80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMbase80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMfct80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMintr80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMcstr80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMbool80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMeulr80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMcovr80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMblnd80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMofst80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMga80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMswp80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMrem80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMlopt80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMrbi80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMct80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMsbool80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMlop80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMshl80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ASMihl80A.dll]  <Autodesk, Inc.><8.0.2.7023>
    [c:\program files\common files\autodesk shared\ad16asm80.dll]  <Autodesk><16.1.63.0>
[PID: 7408][C:\WINDOWS\system32\wuauclt.exe]  <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
    [C:\WINDOWS\system32\sockspy.dll]  <N/A><N/A>
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~e5d141.tmp]  <Macrovision Europe Ltd.><1, 0, 0, 1>
    [C:\WINDOWS\system32\sockspy.dll]  <N/A><N/A>
[PID: 11004][C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe]  <Autodesk, Inc.><17.0.54.0>
    [C:\WINDOWS\system32\sockspy.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Autodesk Shared\WebServices1.dll]  <Autodesk, Inc.><17.0.54.0>
[PID: 12400][C:\Program Files\Softwin\BitDefender10\bdlite.exe]  <SOFTWIN S.R.L.><10, 0, 0, 35>
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll]  <Softwin><1, 0, 0, 1>
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll]  <SOFTWIN><1, 0, 0, 143>
    [C:\Program Files\Softwin\BitDefender10\bdch.dll]  <SOFTWIN><1, 0, 0, 266>
    [C:\WINDOWS\system32\XCOMM.dll]  <Softwin><1, 8, 12, 0>
    [C:\Program Files\Softwin\BitDefender10\librtvr.dll]  <Softwin SRL><1, 3, 0, 0>
    [C:\WINDOWS\system32\sockspy.dll]  <N/A><N/A>
    [C:\Program Files\Softwin\BitDefender10\quarcore.dll]  <SOFTWIN S.R.L.><10, 0, 0, 1>
[PID: 30704][C:\Documents and Settings\Administrator\桌面\杀毒软件\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>    [C:\WINDOWS\system32\sockspy.dll]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  Error. [AutoCADScriptFile]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
snliuxun - 2006-10-10 11:18:00
打开 System Repair Engineer 2(也就是的扫描软件sreng2)
打开启动项目--注册表

删除以下项
C:\PROGRA~1\KUGOO2\KUGOO.EXE
C:\WINDOWS\realupdate.exe other
F:\qttask.exe" -atboottime
C:\Program Files\skype\Phone\Skype.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe


sockspy.dll




系统修复--浏览器加载项--删除以下项
[ToolBar888]
{C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>
[ToolBar888]
{C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>

[Microsoft DirectAnimation Control]
{B6FFC24C-7E13-11D0-9B47-00C04FC2F51D} <C:\WINDOWS\system32\danim.dll, Microsoft Corporation>
[ToolBar888]
{C004DEC2-2623-438E-9CA2-C9043AB28508} <C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll, N/A>


重启安全模式




[PID: 1848][C:\WINDOWS\system32\drivers\CDAC11BA.EXE] <Macrovision><4.20.030>
[PID: 1868][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE] <C-Dilla Ltd><3.23.000>
删除
C:\Program Files\Common Files\{306A1408-086E-2052-1110-040407040056}\MyToolBar.dll
C:\WINDOWS\system32\danim.dll
1
查看完整版本: 请高手帮帮忙
© 2000 - 2026 Rising Corp. Ltd.