秋日再救 bbs.ikaka.com

hogameboy - 2006-10-17 15:34:00

2006-10-17,14:33:43

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><; ??粒?粒粒粒??粒?粒???粒澴矚> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<SoundMan><; SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<rzt><; C:\WINDOWS\Intel\rundll32.exe> [N/A]
<eKeyDaemon><; "D:\信城通\桌面安全套件 V2.5.12\eKeyDaemon.exe"> [北京信城通数码科技有限公司]
<HotKeysCmds><; C:\WINDOWS\system32\hkcmd.exe> [(Verified)Intel Corporation]
<IgfxTray><; C:\WINDOWS\system32\igfxtray.exe> [(Verified)Intel Corporation]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<run><C:\WINDOWS\system32\rundll32.exe rsrc.dll s> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<9><C:\WINDOWS\system32\vpcrm.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{08315C1A-9BA9-4B7C-A432-26885F78DF28}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp> [N/A]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> D:\asberdr\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>

==================================
服务
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Spectrum24 Events Monitor / IPRIP]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\acss.dll><LINKMEDIA Tech>
[NetMeeting Remote Desktop Agent / Nwsapagent]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Nwsapagent.dll><LINKMEDIA Tech>
[ServiceLayer / ServiceLayer]
<"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>

hogameboy - 2006-10-17 15:34:00

==================================
驱动程序
[a320raid / a320raid]
<\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[AAC / AAC]
<\SystemRoot\System32\DRIVERS\AAC.SYS><Adaptec, Inc.>
[aar1210 / aar1210]
<\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[abp480n5 / abp480n5]
<\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
<system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m]
<\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[adpu320 / adpu320]
<\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210]
<\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260]
<\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280]
<\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC6290 / AEC6290]
<\SystemRoot\System32\DRIVERS\AEC6290.SYS><ACARD Technology Corp.>
[AEC67160 / AEC67160]
<\SystemRoot\System32\DRIVERS\AEC67160.SYS><ACARD Technology Corp.>
[AEC671X / AEC671X]
<\SystemRoot\System32\DRIVERS\AEC671X.SYS><ACARD Technology Corp.>
[AEC6880 / AEC6880]
<\SystemRoot\System32\DRIVERS\AEC6880.SYS><ACARD Technology Corp.>
[AEC6890 / AEC6890]
<\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5]
<\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[Aha154x / Aha154x]
<\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
<\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
<\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Service for WDM 3D Audio Driver / ALCXSENS]
<system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
<\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8]
<System32\DRIVERS\amdk8.sys><Microsoft Corporation>
[arc / arc]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[asc / asc]
<\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550]
<\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cd20xrnt / cd20xrnt]
<C:\WINDOWS\SYSTEM32\DRIVERS\cd20xrnt.SYS><Microsoft Corporation>
[CmdIde / CmdIde]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k]
<\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
<\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[elxstor / elxstor]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[FASTSX / FASTSX]
<\SystemRoot\System32\DRIVERS\FASTSX.SYS><Promise Technology, Inc.>
[fasttrak / fasttrak]
<\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k]
<\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[fasttx2k2 / fasttx2k2]
<\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[GMSIPCI / GMSIPCI]
<\??\G:\INSTALL\GMSIPCI.SYS><N/A>
[HOOKAPI / HOOKAPI]
<\??\C:\PROGRAM FILES\RISING\RAV\HookApi.Sys><瑞星软件有限公司>
[HpCISSs / HpCISSs]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Hpt366 / Hpt366]
<\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[HPT371 / HPT371]
<\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[hpt374 / hpt374]
<\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx]
<\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv]
<\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro]
<\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[ialm / ialm]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel Integrated RAID / iaStor]
<\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[iirsp / iirsp]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[ini910u / ini910u]
<\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[ITERAID_Service_Install / iteraid]
<\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_SAS / LSI_SAS]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[m5228 / m5228]
<\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281]
<\SystemRoot\system32\drivers\m5281.sys><ALi Corporation>
[MegaIDE / MegaIDE]
<\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[megasas / megasas]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mraid2k / mraid2k]
<\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.>
[mraid35x / mraid35x]
<\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[nfrd960 / nfrd960]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[Nokia USB Generic / Nokia USB Generic]
<system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem]
<system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent]
<system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Port / Nokia USB Port]
<system32\drivers\nmwcdcj.sys><Nokia>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\QQ2005\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Intel SCSI Controller / NvAtaBus]
<\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid]
<\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[PNP649R / PNP649R]
<\SystemRoot\System32\DRIVERS\PNP649R.SYS><CMD Technology, Inc.>
[SiI 680 ATA Controller / Pnp680]
<\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r]
<\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
<\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
<\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
<\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
<\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[QLogic Fibre Channel SCSI Miniport Driver / ql2300]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[RAIDSRC / RAIDSRC]
<\SystemRoot\System32\DRIVERS\RAIDSRC.SYS><Intel/ICP>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139]
<system32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[S150SX8 / S150SX8]

hogameboy - 2006-10-17 15:35:00

<\SystemRoot\System32\DRIVERS\S150SX8.SYS><Promise Technology, Inc.>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[SiI-3512 SATALink Controller / SI3112]
<\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[Silicon Image SiI 3512 SATARaid Controller / SI3112r]
<\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc>
[SiI-3114 SATALink Controller / SI3114]
<\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r]
<\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124]
<\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r]
<\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter]
<\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SISIDE / SISIDE]
<\SystemRoot\System32\DRIVERS\SISIDE.SYS><Silicon Integrated Systems Corp.>
[SiSRaid / SiSRaid]
<\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid1 / SiSRaid1]
<\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems>
[SISRAIDS / SISRAIDS]
<\SystemRoot\System32\DRIVERS\SISRAIDS.SYS><Silicon Integrated Systems Corp>
[Sparrow / Sparrow]
<\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak]
<\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[symc810 / symc810]
<\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
<\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SYMMPI / SYMMPI]
<\SystemRoot\System32\DRIVERS\SYMMPI.SYS><LSI Logic>
[sym_hi / sym_hi]
<\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
<\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TCP/IP Protocol Driver / Tcpip]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TosIde / TosIde]
<\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[UlSata / UlSata]
<\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ULSATAS / ULSATAS]
<\SystemRoot\System32\DRIVERS\ULSATAS.SYS><Promise Technology, Inc.>
[ultra / ultra]
<\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[iTowNet USB Key Device / utkey]
<System32\Drivers\utkey.sys><Union Technology>
[iTowNet Virtual SmartCard / utvsc]
<system32\DRIVERS\utvsc.sys><Union Technology>
[ViaIde / ViaIde]
<\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation>
[viamraid / viamraid]
<\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VIA ATA/ATAPI Host Controller / viapdsk]
<\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viaraid / viaraid]
<\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
[viasraid / viasraid]
<\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi]
<\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.>
[yaskp / yaskp]
<\SystemRoot\system32\drivers\yaskp.sys><Copyright (C) yahoo Corporation.>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\asberdr\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\UserData\IEHelper_5125.dll, N/A>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll, yahoo! china>
[SafeMe Internet Explorer Helper]
{3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\NetTransport 2\NTIEHelper.dll, Xi>
[bho Class]
{ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} <C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll, 深圳世强软件开发部>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China>
[微软]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, N/A>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll, yahoo! china>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\asberdr\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\UserData\IEHelper_5125.dll, N/A>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll, yahoo! china>
[SafeMe Internet Explorer Helper]
{3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll, yahoo! china>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\Program Files\Yahoo!\Assistant\yaLive.dll, yahoo! china>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\NetTransport 2\NTIEHelper.dll, Xi>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[bho Class]
{ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} <C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll, 深圳世强软件开发部>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China>
[上传到QQ网络硬盘]

hogameboy - 2006-10-17 15:37:00

<D:\QQ\AddToNetDisk.htm, N/A>
[使用影音传送带下载]
<C:\Program Files\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
<C:\Program Files\NetTransport 2\NTAddList.html, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<D:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\QQ\AddEmotion.htm, N/A>
[添加到雅虎订阅(&Y)]
<res://C:\Program Files\Yahoo!\Assistant\Assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信发送该图片]
<D:\QQ\SendMMS.htm, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll/203, N/A>

==================================
正在运行的进程
[PID: 432][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 480][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 504][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 548][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[PID: 560][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[PID: 752][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\acss.dll] [LINKMEDIA Tech, 1, 5, 0, 4]
[c:\windows\system32\nwsapagent.dll] [LINKMEDIA Tech, 1, 5, 0, 4]
[PID: 932][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 964][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1228][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[C:\WINDOWS\system32\myztr.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[d:\asberdr\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612U.DLL] [RICOH, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612C.DLL] [RICOH, 1.5.2.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612L.DLL] [RICOH, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612X.DLL] [RICOH, 3.6.1.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612ZU.DLL] [RICOH Corp, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612WU.DLL] [RICOH, 2.0.0.5]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612K.DLL] [RICOH, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612P.DLL] [RICOH, 3.6.1.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612J.DLL] [RICOH, 2.2.0.9]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612ZK.DLL] [RICOH Corp, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612WK.DLL] [RICOH, 2.0.0.5]
[D:\QQ\qqst.dll] [N/A, N/A]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[D:\万能五笔\WNMKEY.DLL] [深圳世强软件开发部 www.wnwb.com , 2005, 7, 5, 1]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[d:\asberdr\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll] [Yahoo! China, 3, 0, 3, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [yahoo! china, 3, 0, 1, 1001]
[C:\Program Files\NetTransport 2\NTIEHelper.dll] [Xi, 1.91.12]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll] [Yahoo! China, 3, 1, 0, 1015]
[PID: 1300][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612L.DLL] [RICOH, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612X.DLL] [RICOH, 3.6.1.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612P.DLL] [RICOH, 3.6.1.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612J.DLL] [RICOH, 2.2.0.9]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612ZK.DLL] [RICOH Corp, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612WK.DLL] [RICOH, 2.0.0.5]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612U.DLL] [RICOH, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612C.DLL] [RICOH, 1.5.2.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612ZU.DLL] [RICOH Corp, 1.8.0.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\RIC612WU.DLL] [RICOH, 2.0.0.5]
[PID: 1336][C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1584][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[PID: 1640][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 168][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 564][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1064][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[D:\QQ\qqst.dll] [N/A, N/A]

hogameboy - 2006-10-17 15:38:00

[PID: 1412][C:\Program Files\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[C:\Program Files\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\HookWeb.dll] [rising, 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\Program Files\Rising\Rav\MailMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
[C:\Program Files\Rising\Rav\RSUnpack.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[C:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[PID: 1472][C:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp] [N/A, N/A]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[D:\QQ\qqst.dll] [N/A, N/A]
[PID: 1372][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3422]
[C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[D:\QQ\qqst.dll] [N/A, N/A]
[PID: 1904][C:\Program Files\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3440][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.24]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[D:\QQ\qqst.dll] [N/A, N/A]
[PID: 3456][C:\WINDOWS\Download\svhost32.exe] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[PID: 3652][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[D:\QQ\qqst.dll] [N/A, N/A]
[PID: 3668][C:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.0.0812.00]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[D:\QQ\qqst.dll] [N/A, N/A]
[PID: 3132][D:\QQ\QQ.exe] [TENCENT, 0, 0, 0, 0]
[D:\QQ\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[D:\QQ\QQHelperDll.dll] [, 1, 0, 0, 1]
[D:\QQ\BasicCtrlDll.dll] [Tencent, 5, 0, 200, 160]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[D:\QQ\qqst.dll] [N/A, N/A]
[D:\QQ\QQAPI.dll] [, 1, 0, 0, 1]
[D:\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[D:\QQ\LoginCtrl.dll] [, 1, 0, 0, 1]
[D:\QQ\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 3, 2, 1]
[D:\QQ\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[D:\QQ\QQRes.dll] [tencent, 1, 0, 0, 1]
[D:\QQ\QQMainFrame.dll] [N/A, N/A]
[D:\QQ\CQQApplication.dll] [N/A, N/A]
[D:\QQ\NewSkin.dll] [, 1, 0, 0, 1]
[D:\QQ\HostingMgr.dll] [, 1, 0, 0, 1]
[D:\QQ\CameraDll.dll] [, 1, 0, 0, 1]
[D:\QQ\MailSummary.dll] [, 1, 0, 0, 1]
[D:\QQ\QQSpace.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[D:\QQ\QQGroupMng.dll] [, 1, 0, 0, 1]
[D:\QQ\GroupLive.dll] [N/A, N/A]
[D:\QQ\UserDefinedHead.dll] [, 1, 0, 0, 1]
[D:\QQ\QQPlugin.dll] [N/A, N/A]
[D:\QQ\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[D:\QQ\QQAvatar.dll] [N/A, N/A]
[D:\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx] [Macromedia, Inc., 8,0,22,0]
[D:\QQ\QQAllInOne.dll] [N/A, N/A]
[D:\QQ\SCCore.dll] [N/A, N/A]
[D:\QQ\QQPet.dll] [, 1, 0, 0, 1]
[D:\QQ\QQCustomFace.dll] [N/A, N/A]
[D:\QQ\QRingMng.dll] [N/A, N/A]
[D:\QQ\QQSceneMng.dll] [N/A, N/A]
[D:\QQ\LongConnection.dll] [tencent, 5, 0, 200, 160]
[D:\QQ\PhoneAPI.dll] [, 1, 0, 0, 1]
[D:\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[D:\QQ\QQSysMsgMng.dll] [N/A, N/A]
[C:\WINDOWS\system32\wb121951.ime] [深圳世强软件开发部 www.wnwb.com , 2005, 11, 30, 1]
[C:\WINDOWS\system32\WNWBIO.IME] [深圳世强软件开发部 www.wnwb.com , 2005, 1, 31, 1]
[D:\万能五笔\WNMKEY.DLL] [深圳世强软件开发部 www.wnwb.com , 2005, 7, 5, 1]
[D:\QQ\BQQApplication.dll] [N/A, N/A]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[D:\QQ\CommercesMng.dll] [, 1, 0, 0, 1]
[D:\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[D:\QQ\QQUdpGetFileLib.dll] [tencent, 0, 2, 2, 3]
[D:\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 200]
[D:\QQ\QQPhoneHelper.dll] [腾讯科技（深圳）有限公司, 2, 0, 6, 60]
[D:\QQ\GroupConnection.dll] [Tencent, 5, 0, 202, 170]

hogameboy - 2006-10-17 15:38:00

[PID: 3332][D:\QQ\TIMPlatfrom.exe] [tencent, 0, 3, 1, 8]
[D:\QQ\qqst.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[D:\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 3784][D:\万能五笔\wnwb.exe] [深圳世强软件开发部 www.wnwb.com , 2005, 11, 19, 1]
[D:\QQ\qqst.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[D:\万能五笔\WNMKEY.DLL] [深圳世强软件开发部 www.wnwb.com , 2005, 7, 5, 1]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[PID: 2192][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\sdmAgent22.dll] [LINKMEDIA Tech, 1, 5, 0, 7]
[D:\QQ\qqst.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[PID: 2500][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\QQ\qqst.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[d:\asberdr\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll] [Yahoo! China, 3, 0, 3, 1005]
[C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll] [yahoo! china, 3, 0, 2, 1003]
[C:\WINDOWS\system32\SafeHelper12.dll] [LINKMEDIA Tech, 2, 0, 0, 3]
[D:\QQ\QQIEHelper.dll] [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [yahoo! china, 3, 0, 1, 1001]
[C:\Program Files\NetTransport 2\NTIEHelper.dll] [Xi, 1.91.12]
[C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll] [深圳世强软件开发部, 2005, 8, 30, 1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll] [Yahoo! China, 3, 1, 0, 1015]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]
[D:\万能五笔\WNMKEY.DLL] [深圳世强软件开发部 www.wnwb.com , 2005, 7, 5, 1]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3544][D:\bt\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[D:\QQ\qqst.dll] [N/A, N/A]
[C:\WINDOWS\system32\rsrc.dll] [N/A, N/A]
[C:\WINDOWS\system32\xydll.dll] [N/A, N/A]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[E:\]
[AutoRun]
open=sxs.exe
shellexecute=sxs.exe
shell\Auto\command=sxs.exe
[F:\]
[AutoRun]
open=sxs.exe
shellexecute=sxs.exe
shell\Auto\command=sxs.exe

==================================
HOSTS 文件
125.91.1.20 localhost
125.91.1.20 www.7322.com
125.91.1.20 www.5566.net
125.91.1.20 www.v111.com
125.91.1.20 www.gjj.cc
125.91.1.20 www.hao123.com
125.91.1.20 hao123.com
125.91.1.20 www.9991.com
125.91.1.20 9991.com
125.91.1.20 www.gjj.cc
61.162.230.31 www.7939.com
61.162.230.31 7939.com
61.162.230.31 59.34.148.98
61.162.230.31 about:blank
61.141.31.11 down.Virussky.com
61.141.31.11 60.191.60.108
61.141.31.11 219.153.20.209
61.141.31.11 forum.ikaka.com
61.141.31.11 bbs.360safe.com
61.141.31.11 www.360safe.com
61.141.31.11 www.piaoxue.com
61.141.31.11 61.129.58.12
61.141.31.11 forum.jiangmin.com
61.141.31.11 luosoft.com
125.91.1.20 post.baidu.com
61.141.31.11 60.191.60.107
61.141.31.11 219.139.58.97
61.141.31.11 59.34.148.81
125.91.1.20 60.191.60.114
125.91.1.20 www.ycdy.com
61.141.31.11 cn.zs.yahoo.com
61.141.31.11 www.znmq.com
61.141.31.11 www.btbbt.com
61.141.31.11 bbs.btbbt.com
125.91.1.20 auto.search.msn.com
125.91.1.20 www.pcav.cn
125.91.1.20 www.cnhx.com.cn
125.91.1.20 btbaicai.com
125.91.1.20 www.btbaicai.com
125.91.1.20 219.239.102.77

==================================

瑞星卡卡安全论坛