【求助】Rootkit.AdProt.g的解决方法。。有日志 bbs.ikaka.com

madlynn - 2006-11-18 0:42:00

2006-11-18,00:26:38

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Intel Corporation]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Intel Corporation]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<SysExplr><C:\Program Files\Herosoft\Hero 9\SysExplr.EXE> [N/A]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [Yahoo! China]
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [Yahoo! China]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<BigDogPath><C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll> [YAHOO Corporation Limited]
<{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll> [Yahoo! China]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll> [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<webwork><C:\WINDOWS\webwork\webwork.dll> [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\Bliss.scr> [Microsoft]

==================================

madlynn - 2006-11-18 0:44:00

启动文件夹
[壁纸自动换]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\壁纸自动换.lnk --> C:\WINDOWS\system32\bgswitch.exe [N/A]><N>
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
服务
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[VisionService / VisionService]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\vision\VISVER.DLL,Service><Microsoft Corporation>

==================================
驱动程序
[72140 / 72140]
<\SystemRoot\System32\drivers\72140.sys><N/A>
[a0 / a0]
<\SystemRoot\\SystemRoot\System32\drivers\72140.sys><N/A>
[a320raid / a320raid]
<\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[AAC / AAC]
<\SystemRoot\System32\DRIVERS\AAC.SYS><Adaptec, Inc.>
[aar1210 / aar1210]
<\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[abp480n5 / abp480n5]
<\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
<system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m]
<\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[adpu320 / adpu320]
<\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210]
<\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260]
<\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280]
<\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC6290 / AEC6290]
<\SystemRoot\System32\DRIVERS\AEC6290.SYS><ACARD Technology Corp.>
[AEC67160 / AEC67160]
<\SystemRoot\System32\DRIVERS\AEC67160.SYS><ACARD Technology Corp.>
[AEC671X / AEC671X]
<\SystemRoot\System32\DRIVERS\AEC671X.SYS><ACARD Technology Corp.>
[AEC6880 / AEC6880]
<\SystemRoot\System32\DRIVERS\AEC6880.SYS><ACARD Technology Corp.>
[AEC6890 / AEC6890]
<\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5]
<\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[Aha154x / Aha154x]
<\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
<\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
<\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
<\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8]
<System32\DRIVERS\amdk8.sys><Microsoft Corporation>
[arc / arc]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[asc / asc]
<\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550]
<\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[btfirst / btfirst]
<\SystemRoot\System32\DRIVERS\btfirst.sys><Copyright (C) YAHOO Corporation.>
[cd20xrnt / cd20xrnt]
<C:\WINDOWS\SYSTEM32\DRIVERS\cd20xrnt.SYS><Microsoft Corporation>
[CmdIde / CmdIde]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[CnsMinKP / CnsMinKP]
<\SystemRoot\system32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[dac2w2k / dac2w2k]
<\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
<\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[elxstor / elxstor]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[FASTSX / FASTSX]
<\SystemRoot\System32\DRIVERS\FASTSX.SYS><Promise Technology, Inc.>
[fasttrak / fasttrak]
<\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k]
<\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[fasttx2k2 / fasttx2k2]
<\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HpCISSs / HpCISSs]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Hpt366 / Hpt366]
<\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[HPT371 / HPT371]
<\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[hpt374 / hpt374]
<\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx]
<\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv]
<\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro]
<\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[ialm / ialm]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel Integrated RAID / iaStor]
<\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[iirsp / iirsp]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[ini910u / ini910u]
<\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[ITERAID_Service_Install / iteraid]
<\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_SAS / LSI_SAS]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[m5228 / m5228]
<\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281]
<\SystemRoot\system32\drivers\m5281.sys><ALi Corporation>
[MegaIDE / MegaIDE]
<\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[megasas / megasas]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mraid2k / mraid2k]
<\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.>
[mraid35x / mraid35x]
<\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[nfrd960 / nfrd960]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Intel SCSI Controller / NvAtaBus]
<\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid]
<\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[PNP649R / PNP649R]
<\SystemRoot\System32\DRIVERS\PNP649R.SYS><CMD Technology, Inc.>
[SiI 680 ATA Controller / Pnp680]
<\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r]
<\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
<\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]

madlynn - 2006-11-18 0:45:00

<\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
<\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
<\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[QLogic Fibre Channel SCSI Miniport Driver / ql2300]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[RAIDSRC / RAIDSRC]
<\SystemRoot\System32\DRIVERS\RAIDSRC.SYS><Intel/ICP>
[RsAntiSpyware / RsAntiSpyware]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
<\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[S150SX8 / S150SX8]
<\SystemRoot\System32\DRIVERS\S150SX8.SYS><Promise Technology, Inc.>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[SiI-3512 SATALink Controller / SI3112]
<\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[Silicon Image SiI 3512 SATARaid Controller / SI3112r]
<\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc>
[SiI-3114 SATALink Controller / SI3114]
<\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r]
<\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124]
<\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r]
<\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter]
<\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SISIDE / SISIDE]
<\SystemRoot\System32\DRIVERS\SISIDE.SYS><Silicon Integrated Systems Corp.>
[SiSRaid / SiSRaid]
<\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid1 / SiSRaid1]
<\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems>
[SISRAIDS / SISRAIDS]
<\SystemRoot\System32\DRIVERS\SISRAIDS.SYS><Silicon Integrated Systems Corp>
[Sparrow / Sparrow]
<\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak]
<\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[symc810 / symc810]
<\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
<\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SYMMPI / SYMMPI]
<\SystemRoot\System32\DRIVERS\SYMMPI.SYS><LSI Logic>
[sym_hi / sym_hi]
<\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
<\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TosIde / TosIde]
<\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[UlSata / UlSata]
<\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ULSATAS / ULSATAS]
<\SystemRoot\System32\DRIVERS\ULSATAS.SYS><Promise Technology, Inc.>
[ultra / ultra]
<\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde]
<\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation>
[viamraid / viamraid]
<\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VIA ATA/ATAPI Host Controller / viapdsk]
<\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viaraid / viaraid]
<\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
[viasraid / viasraid]
<\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi]
<\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.>

==================================

madlynn - 2006-11-18 0:46:00

浏览器加载项
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[Vision]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\KuGoo3\KuGoo3DownXControl.ocx, N/A>
[EyeOnIE Class]
{C14393E1-95FF-4DFF-9BE0-EA008D4EF930} <C:\PROGRA~1\test\BHOPLU~1.DLL, >
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
{6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[MMSAssistMenu]
{6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[QQIEFloatBarCfgCmd Class]

madlynn - 2006-11-18 0:48:00

{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[访问瑞星网站]
{FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} <http://www.rising.com.cn/?u=RSTB, N/A>
[访问卡卡社区]
{FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} <http://www.ikaka.com/?u=RSTB, N/A>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[VnetAnprIns Class]
{74447F9C-5691-4A9A-8BE4-564092E40B03} <C:\WINDOWS\Downloaded Program Files\anprins.dll, 中国电信股份有限公司>
[PicUploadCtrl Class]
{BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} <C:\WINDOWS\Downloaded Program Files\PicUpload.dll, Sohu.com Inc.>
[CyImgChinaCtl Class]
{EDEDED2E-A0A6-4085-BC52-A95255A96DBD} <C:\WINDOWS\Downloaded Program Files\CyImgChina.dll, N/A>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\Assistant\yalive.dll, yahoo! china>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[Vision]
{6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VnetAnprIns Class]
{74447F9C-5691-4A9A-8BE4-564092E40B03} <C:\WINDOWS\Downloaded Program Files\anprins.dll, 中国电信股份有限公司>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin07.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]

madlynn - 2006-11-18 0:48:00

{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\KuGoo3\KuGoo3DownXControl.ocx, N/A>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[3721]
{B83FC273-3522-4CC6-92EC-75CC86678DA4} <C:\WINDOWS\Downloaded Program Files\CnsMin.dll, 北京三七二一科技有限公司>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[PicUploadCtrl Class]
{BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} <C:\WINDOWS\Downloaded Program Files\PicUpload.dll, Sohu.com Inc.>
[EyeOnIE Class]
{C14393E1-95FF-4DFF-9BE0-EA008D4EF930} <C:\PROGRA~1\test\BHOPLU~1.DLL, >
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
{CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[CyImgChinaCtl Class]
{EDEDED2E-A0A6-4085-BC52-A95255A96DBD} <C:\WINDOWS\Downloaded Program Files\CyImgChina.dll, N/A>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[!搜一搜]
<res://C:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003, N/A>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[>>彩信发送<<]
<res://C:\PROGRA~1\vision\vision.dll/mms.htm, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\QQ\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
<D:\KuGoo3\KuGoo3DownX.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\QQ\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
<E:\比特精灵\BitSpirit\BitSpirit\bsurl.htm, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203, N/A>

==================================

madlynn - 2006-11-18 0:49:00

正在运行的进程
[PID: 584][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 664][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 708][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 868][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1036][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1068][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1168][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1272][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1284][C:\Program Files\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 1, 47]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 18, 1, 0, 12]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 33]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\psapi.dll] [Microsoft Corporation, 4.00]
[C:\Program Files\Rising\Rav\HookWeb.dll] [rising, 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[C:\Program Files\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\Program Files\Rising\Rav\MailMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
[C:\Program Files\Rising\Rav\RSUnpack.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 20]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 24]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 1444][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll] [YAHOO Corporation Limited, 3, 0, 1, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]

madlynn - 2006-11-18 0:50:00

[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 1, 0, 4, 2]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 4, 8, 1099]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 1, 1010]
[C:\PROGRA~1\vision\alvsn.dll] [N/A, 1, 0, 0, 4]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\DOCUME~1\new\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\WINDOWS\system32\xunleibho_v8.dll] [, 4, 5, 1, 33]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 4, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [yahoo! china, 3, 0, 0, 1000]
[C:\PROGRA~1\vision\vision.dll] [, 1, 2, 0, 7]
[D:\KuGoo3\KuGoo3DownXControl.ocx] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll] [Yahoo! China, 3, 1, 1, 1016]
[PID: 1480][c:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 33]
[c:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
[c:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
[c:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
[c:\program files\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00]
[c:\program files\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[c:\program files\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1620][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\WINDOWS\DOWNLO~1\CnsMinIO.dll] [北京三七二一科技有限公司, 1, 0, 3, 7]
[C:\WINDOWS\DOWNLO~1\cnsio.dll] [北京三七二一科技有限公司, 1, 0, 2, 8]
[C:\WINDOWS\DOWNLO~1\CnsMinEx.dll] [国风因特软件(北京)有限公司, 1, 0, 3, 5]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[PID: 1672][C:\Program Files\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1780][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1972][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4342]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4342]
[PID: 1980][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4342]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\igfxhk.dll] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4342]
[PID: 1988][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]

madlynn - 2006-11-18 0:50:00

[PID: 1996][C:\Program Files\Rising\Rfw\rfwmain.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 52]
[C:\Program Files\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
[C:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\DOCUME~1\new\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2012][C:\Program Files\Herosoft\Hero 9\SysExplr.EXE] [N/A, N/A]
[C:\Program Files\Herosoft\Hero 9\HttpReq.dll] [N/A, N/A]
[C:\Program Files\Herosoft\Hero 9\CoolMenu.dll] [N/A, N/A]
[C:\Program Files\Herosoft\Hero 9\httphlp.dll] [N/A, N/A]
[C:\Program Files\Herosoft\Hero 9\AVCDROM.dll] [N/A, N/A]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\Program Files\Herosoft\Hero 9\Sys936.DLL] [N/A, N/A]
[PID: 2016][C:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 1, 39]
[C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\DOCUME~1\new\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2044][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] [Yahoo! China, 3, 1, 6, 1022]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 4, 8, 1099]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 1, 1010]
[C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll] [yahoo! china, 3, 0, 0, 1000]
[PID: 176][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe] [Yahoo! China, 3, 0, 3, 1004]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll] [Yahoo! China, 3, 0, 7, 1010]
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll] [Yahoo! China, 3, 0, 0, 1001]
[C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll] [Yahoo! China, 3, 0, 0, 1000]
[C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll] [Yahoo! China, 3, 0, 1, 1001]
[PID: 208][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3427]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[PID: 328][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 392][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 496][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\vision\VISVER.DLL] [, 1, 2, 0, 7]
[PID: 516][C:\WINDOWS\VM_STI.EXE] [Vimicro, 4, 2, 1124, 6]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\DOCUME~1\new\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 576][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[PID: 416][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2120][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2484][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

madlynn - 2006-11-18 0:51:00

[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo! China, 3, 0, 0, 1000]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\WINDOWS\DOWNLO~1\CnsHint.dll] [3721, 1, 0, 1, 1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 4, 8, 1099]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 1, 1010]
[C:\WINDOWS\DOWNLO~1\cnsplus.dll] [3721, 1, 0, 0, 2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [yahoo! china, 3, 2, 3, 1075]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ysearch.dll] [Yahoo! China, 3, 1, 0, 1010]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] [yahoo! china, 3, 0, 1, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] [Yahoo! China, 3, 0, 1, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 3, 0, 4, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] [Yahoo! China, 3, 0, 0, 1000]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] [Yahoo! China, 3, 0, 0, 1000]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YSETTI~1.DLL] [yahoo! china, 3, 0, 7, 1013]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ymailp.dll] [Yahoo! China, 3, 0, 2, 1008]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll] [YAHOO Corporation Limited, 3, 0, 1, 1002]
[C:\WINDOWS\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 1, 0, 4, 2]
[C:\WINDOWS\system32\xunleibho_v8.dll] [, 4, 5, 1, 33]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [yahoo! china, 3, 0, 3, 1004]
[C:\Program Files\QQ\QQIEHelper.dll] [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [yahoo! china, 3, 0, 0, 1000]
[C:\PROGRA~1\vision\vision.dll] [, 1, 2, 0, 7]
[C:\PROGRA~1\vision\alvsn.dll] [N/A, 1, 0, 0, 4]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[D:\KuGoo3\KuGoo3DownXControl.ocx] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll] [Yahoo! China, 3, 1, 1, 1016]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [Yahoo! China, 3, 0, 1, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll] [Yahoo! China, 3, 0, 8, 1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll] [3721.com, 2, 1, 1, 87]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yoptimum.dll] [Yahoo! China, 3, 0, 1, 1004]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo! China, 3, 0, 7, 1010]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yxpstyle.dll] [Yahoo! China, 3, 0, 0, 1000]
[C:\WINDOWS\system32\macromed\flash\Flash85.ocx] [Macromedia, Inc., 8,5,0,133]
[C:\DOCUME~1\new\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\PROGRA~1\test\BHOPLU~1.DLL] [, 1, 0, 0, 1]
[PID: 216][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\new\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[PID: 3728][D:\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 3, 1021]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 4, 1020]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 1, 3]
[C:\DOCUME~1\new\LOCALS~1\Temp\11.jpg] [N/A, N/A]

==================================

madlynn - 2006-11-18 0:52:00

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
125.91.14.230 www.kzdh.com
125.91.14.230 www.7255.com
125.91.14.230 www.7322.com
125.91.14.230 www.7939.com
125.91.14.230 www.piaoxue.com
125.91.14.230 www.feixu.net
125.91.14.230 www.6781.com
125.91.14.230 www.7b.com.cn
125.91.14.230 7b.com.cn
125.91.14.230 www.918188.com
125.91.14.230 hao.allxue.com
125.91.14.230 good.allxue.com
125.91.14.230 baby.allxue.com
125.91.14.230 www.allxue.com
125.91.14.230 about.lank.la
125.91.14.230 www.x114x.com
125.91.14.230 www.37ss.com
125.91.14.230 www.7k.cc
125.91.14.230 www.73ss.com
125.91.14.230 www.hao123.com
125.91.14.230 www.81915.com
125.91.14.230 222.88.90.22
125.91.14.230 www.9991.com
125.91.14.230 www.my123.com
125.91.14.230 www.haokan123.com
125.91.14.230 www.5566.net
125.91.14.230 www.gjj.cc
125.91.14.230 www.2345.com
125.91.14.230 dl.hao318.com
125.91.14.230 www.123wa.com

==================================

madlynn - 2006-11-18 0:53:00

终于发完了..

最后的那些网站是怎么回事????

怎么有好多MS有毒的..MY123啊..7939啊什么的??

madlynn - 2006-11-18 1:09:00

C:\WINDOWS\system32\drivers\00004392.SYS

瑞星杀出来的是这个...

好郁闷..也没有什么故障现象吧..
就是每次一打开IE.就会弹出发现病毒的对话框..

听了一些网友的，用了冰刃，但也只是找到00004392.DAT的文件。怎么删除都是不行的，关了冰刃重新找也还是有~~~

我是一点法子都没有了。。。

周围有电脑的同学里，我中毒的次数是最多的，几乎每个月甚至一两个星期就中一次。
我就没上什么网站啊，在百度搜索图片，在网易和雅虎找图片也能中这么多毒~~555

madlynn - 2006-11-18 12:38:00

有没有人帮忙看看啊.

我真的不知道怎么办啊

风行蓝天下 - 2006-11-18 12:55:00

用unlock

303266474 - 2006-11-18 14:05:00

my123
http://download.rising.com.cn/zsgj/My123Killer.exe
7939
http://download.rising.com.cn/zsgj/DgentKiller.exe
然后用你扫描的软件修复一下看看

madlynn - 2006-11-18 19:01:00

下了个WINDOWS清理助手啥的...
汗...好象弄巧成拙了..

那俩软件查不出什么来啊..
HOSTS 文件
125.91.14.230 www.kzdh.com
125.91.14.230 www.7255.com
125.91.14.230 www.7322.com
125.91.14.230 www.7939.com
125.91.14.230 www.piaoxue.com
125.91.14.230 www.feixu.net
125.91.14.230 www.6781.com
125.91.14.230 www.7b.com.cn
125.91.14.230 7b.com.cn
125.91.14.230 www.918188.com
125.91.14.230 hao.allxue.com
125.91.14.230 good.allxue.com
125.91.14.230 baby.allxue.com
125.91.14.230 www.allxue.com
125.91.14.230 about.lank.la
125.91.14.230 www.x114x.com
125.91.14.230 www.37ss.com
125.91.14.230 www.7k.cc
125.91.14.230 www.73ss.com
125.91.14.230 www.hao123.com
125.91.14.230 www.81915.com
125.91.14.230 222.88.90.22
125.91.14.230 www.9991.com
125.91.14.230 www.my123.com
125.91.14.230 www.haokan123.com
125.91.14.230 www.5566.net
125.91.14.230 www.gjj.cc
125.91.14.230 www.2345.com
125.91.14.230 dl.hao318.com
125.91.14.230 www.123wa.com
..这个是不是被重定向了..

开主页时会提示的说..

瑞星卡卡安全论坛