自动弹出广告，卡卡3.0无效！（已附SREng日志） bbs.ikaka.com

treo - 2006-11-21 14:43:00

只要打开特定的网站（如淘宝、携程）就会自动弹出广告（绝对不是网站自身的广告，还带有病毒），卡卡3.0和超级兔子均无效，下面是SREng的日志

2006-11-21,14:55:29

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File

Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Synaptics, Inc.]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Synaptics, Inc.]
<TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe> [N/A]
<BMMLREF><C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE> [N/A]
<QCWLICON><C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE> [N/A]
<TPKMAPMN><C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe> [N/A]
<AGRSMMSG><AGRSMMSG.exe> [(Verified)Agere Systems]
<MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)N/A]
<IMSCMIG40W><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log> [Microsoft Corporation]
<{0228e555-4f9c-4e35-a3ec-b109a192b4c2}><C:\Program Files\Google\Gmail Notifier\gnotify.exe> [Google Inc.]
<StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]
<CertificateRegistration><SafeSignCertReg.exe> [A.E.T. Europe B.V.]
<SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe> [Sun Microsystems, Inc.]
<TVT Scheduler Proxy><C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe> [Lenovo Group Limited]
<kis><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]

==================================
Startup Folders
[Microsoft Office]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>

==================================
Services
[Ati HotKey Poller / Ati HotKey Poller]
<C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[Kaspersky Internet Security 6.0 / AVP]
<"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IBM PM Service / IBMPMSVC]
<C:\WINDOWS\system32\ibmpmsvc.exe><N/A>
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"><Macrovision Corporation>
[IBM PSA Access Driver Control / PsaSrv]
<C:\WINDOWS\system32\PsaSrv.exe><N/A>
[QCONSVC / QCONSVC]
<System32\QCONSVC.EXE><N/A>
[RegSrvc / RegSrvc]
<C:\WINDOWS\system32\RegSrvc.exe><Intel Corporation>
[Spectrum24 Event Monitor / S24EventMonitor]
<C:\WINDOWS\system32\S24EvMon.exe><Intel Corporation>
[Microsoft Update Service / SoSCAR]
<><N/A>
[System Update / SUService]
<"C:\Program Files\Lenovo\System Update\SUService.exe"><>
[TVT Scheduler / TVT Scheduler]
<"C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe"><Lenovo Group Limited>

==================================
Drivers
[abp480n5 / abp480n5]
<\SystemRoot\System32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
<system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m]
<\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[aeaudio / aeaudio]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Agere Systems Soft Modem / AgereSoftModem]
<System32\DRIVERS\AGRSM.sys><Agere Systems>
[Aha154x / Aha154x]
<\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
<\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
<\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde]
<\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp]
<\SystemRoot\System32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc]
<\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p]
<\SystemRoot\System32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550]
<\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[ati2mtag / ati2mtag]
<System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[cd20xrnt / cd20xrnt]
<\SystemRoot\System32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k]
<\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
<\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[Intel(R) PRO/1000 Adapter Driver / E1000]
<System32\DRIVERS\e1000325.sys><Intel Corporation>
[Intel(R) PRO Adapter Driver / E100B]
<System32\DRIVERS\e100b325.sys><Intel Corporation>
[usb Card Device / ft2kEnum]
<system32\DRIVERS\ic2kenum.sys><OEM Corporation>
[USB Chip Holder Service / GDBaseSmc]
<system32\DRIVERS\Chip_smc.sys><OEM>
[Intel GV3 Processor Driver / gv3]
<System32\DRIVERS\gv3.sys><Microsoft Corporation>
[IBMPMDRV / IBMPMDRV]
<System32\DRIVERS\ibmpmdrv.sys><IBM Corp.>
[IBMTPCHK / IBMTPCHK]
<System32\drivers\IBMBLDID.SYS><N/A>
[ini910u / ini910u]
<\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[kl1 / kl1]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[LT Modem Driver / ltmodem5]
<System32\DRIVERS\ltmdmnt.sys><LT>
[mraid35x / mraid35x]
<\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NSC Infrared Device Driver / NSCIRDA]
<System32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[OX16C95x Serial port driver / oxser]
<system32\DRIVERS\oxser.sys><OEM>
[Pcdr Helper Driver / PCDRDRV]
<\??\C:\PROGRA~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys><N/A>
[PcdrNt / PcdrNt]
<\SystemRoot\System32\drivers\PcdrNt.sys><N/A>
[IBM PSA Access Driver / psadd]
<\??\C:\WINDOWS\system32\Drivers\psadd.sys><Lenovo>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
<\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
<\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
<\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
<\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[SmartCard Reader Device / Reader_Device]
<system32\DRIVERS\usbic2k.sys><OEM>
[RIM Virtual Serial Port / RimSerPort]
<system32\DRIVERS\RimSerial.sys><Research in Motion Ltd>
[RIM Handheld / RimUsb]
<System32\Drivers\RimUsb.sys><Research In Motion Limited>
[RsAntiSpyware / RsAntiSpyware]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[无线地区网络传输 / s24trans]
<System32\DRIVERS\s24trans.sys><Intel Corporation>
[S3SSavage / S3SSavage]
<System32\DRIVERS\s3ssavm.sys><S3 Graphics, Inc.>
[Secdrv / Secdrv]
<System32\DRIVERS\secdrv.sys><N/A>
[SIS AGP Bus Filter / sisagp]
<\SystemRoot\System32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Smapint / Smapint]
<System32\drivers\Smapint.sys><Microsoft Corporation>
[smwdm / smwdm]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
<system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Sparrow / Sparrow]
<\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810]
<\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
<\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi]
<\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
<\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP]
<System32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TCP/IP Protocol Driver / Tcpip]
<System32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TDSMAPI / TDSMAPI]
<System32\drivers\TDSMAPI.SYS><N/A>
[usb token Device Driver / token]
<system32\DRIVERS\eps2kt1.sys><>
[TosIde / TosIde]
<\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[TPHKDRV / TPHKDRV]
<C:\WINDOWS\SYSTEM32\DRIVERS\TPHKDRV.SYS><IBM Corporation>
[TPPWR / TPPWR]
<System32\drivers\Tppwr.sys><IBM Corp.>
[IBM PS/2 TrackPoint Filter Driver / TwoTrack]
<System32\DRIVERS\TwoTrack.sys><IBM Corporation>
[ultra / ultra]
<\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>

treo - 2006-11-21 15:21:00

==================================
Browser Add-ons
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\Program Files\FlashGet\jccatch.dll, N/A>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[PowerPlr Control]
{2354A44B-3CEB-4829-9940-545B03103538} <C:\PROGRA~1\Powerise\REAL2A~1\PowerPlr.ocx, Powerise Digital>
[Office Update Installation Engine]
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[IMCv1 Control]
{6924091F-CD97-41E1-B1D4-D9079409D413} <C:\PROGRA~1\LtUcx\1003\c0.dll, N/A>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[IASRunner Class]
{76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} <C:\WINDOWS\DOWNLO~1\ACPIR.dll, >
[Java Plug-in]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Iesign Control]
{F3E92562-1B4D-4BFA-B2D4-E9BCABE3B6A3} <C:\WINDOWS\DOWNLO~1\iesign.ocx, csii>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[InfosecCertInstall Class]
{0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\WINDOWS\system32\certInStall.dll, >
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\WINDOWS\system32\dllcache\vgx.dll, Microsoft Corporation>
[CEnroll Class]
{127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\System32\xenroll.dll, Microsoft Corporation>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[PowerPlr Control]
{2354A44B-3CEB-4829-9940-545B03103538} <C:\PROGRA~1\Powerise\REAL2A~1\PowerPlr.ocx, Powerise Digital>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\Program Files\FlashGet\jccatch.dll, N/A>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[CSetLET Class]
{C35D7AE1-0865-4A30-BF07-29FA29324155} <C:\WINDOWS\system32\GDSetLET.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[Add to Kaspersky Anti-Banner]
<C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm, N/A>

==================================
Running Processes
[PID: 780][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 888][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 920][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\aetcsss1.dll] [A.E.T. Europe B.V., 2.0.0.23]
[C:\WINDOWS\system32\aetdlss1.dll] [A.E.T. Europe B.V., 2.0.0.15]
[C:\WINDOWS\system32\aetpkss1.dll] [A.E.T. Europe B.V., 2.0.0.21]
[PID: 964][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 976][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1140][C:\WINDOWS\system32\ibmpmsvc.exe] [N/A, N/A]
[PID: 1184][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1268][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1472][C:\WINDOWS\system32\S24EvMon.exe] [Intel Corporation , 7, 1, 4, 6]
[PID: 1536][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.0.299]
[PID: 1612][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1668][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2012][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\hpzlnt04.dll] [HP, 2,80,0,0]
[PID: 144][C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 436][C:\WINDOWS\System32\Ati2evxx.exe] [N/A, N/A]
[PID: 1628][C:\WINDOWS\system32\RegSrvc.exe] [Intel Corporation, 7, 1, 4, 6]
[PID: 1856][C:\Program Files\Lenovo\System Update\SUService.exe] [ , 0.0.0.0]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\598e32c4fb578d48a8d332867f96091d\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4330094f4ae3644888c49f407f346f6c\System.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\Program Files\Lenovo\System Update\TvsuServiceCommon.dll] [ , 0.0.0.0]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll] [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)]
[PID: 208][C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe] [Lenovo Group Limited, 3,10,7,0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[PID: 744][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\shellex.dll] [Kaspersky Lab, 6.0.0.299]
[PID: 876][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 1896][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.2.3.10 24Jun03]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 1904][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 7.2.3.10 24Jun03]
[C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 1912][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe] [N/A, N/A]
[C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll] [N/A, N/A]

treo - 2006-11-21 15:21:00

[C:\WINDOWS\system32\Oemdspif.dll] [ATI Technologies, Inc., 4.12.0007]
[PID: 1712][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe] [N/A, N/A]
[PID: 232][C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\QCON.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\MerlinC201.dll] [Novatel Wireless Inc., 1, 0, 0, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.0.299]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[C:\WINDOWS\system32\SbrngAPI.dll] [Intel Corporation, 7, 1, 4, 6]
[C:\WINDOWS\system32\PfMgrApi.dll] [Intel Corporation, 7, 1, 4, 6]
[C:\WINDOWS\system32\PsRegApi.dll] [Intel Corporation, 7, 1, 4, 6]
[C:\WINDOWS\system32\C1XStngs.dll] [, 7, 1, 4, 6]
[C:\WINDOWS\system32\WConfig.DLL] [Intel Corporation, 7, 1, 4, 6]
[C:\WINDOWS\system32\WiFiAdap.DLL] [Intel Corporation, 7, 1, 4, 6]
[C:\WINDOWS\system32\LsaWrapi.dll] [N/A, N/A]
[C:\WINDOWS\system32\S24MUDLL.dll] [Intel Corporation, 7, 1, 4, 6]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 244][C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe] [N/A, N/A]
[C:\Program Files\ThinkPad\Utilities\TpKmapHk.dll] [N/A, N/A]
[PID: 284][C:\WINDOWS\AGRSMMSG.exe] [Agere Systems, 2.1.20 2.1.20 10/18/2002 10:07:17]
[PID: 520][C:\Program Files\Google\Gmail Notifier\gnotify.exe] [Google Inc., 1.0.25.0]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.0.299]
[PID: 536][C:\WINDOWS\system32\SafeSignCertReg.exe] [A.E.T. Europe B.V., 2.0.0.2]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 584][C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe] [Sun Microsystems, Inc., 5.0.60.5]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 716][C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe] [Lenovo Group Limited, 3,10,7,0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[PID: 316][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[PID: 1716][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3032][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1: 2006101023]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.3]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1: 2006101023]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.3]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.3]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.3 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.3 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.3 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.3 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1: 2006101023]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1: 2006101023]
[C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1: 2006101023]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.3 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.62]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1: 2006101023]
[C:\Program Files\Java\jre1.5.0_06\bin\NPOJI610.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\jpioji.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\jpinscp.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\jpishare.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\PROGRA~1\Java\JRE15~1.0_0\bin\client\jvm.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\PROGRA~1\Java\JRE15~1.0_0\bin\hpi.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\PROGRA~1\Java\JRE15~1.0_0\bin\verify.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\PROGRA~1\Java\JRE15~1.0_0\bin\java.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\PROGRA~1\Java\JRE15~1.0_0\bin\zip.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\awt.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\fontmanager.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\deploy.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\RegUtils.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\net.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Java\jre1.5.0_06\bin\nio.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\WINDOWS\system32\IMSC40W.IME] [Microsoft Corporation, 6.0.0.2524]
[C:\Documents and Settings\treo\Application Data\Mozilla\Firefox\Profiles\4wpn4oqo.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll] [ , 1, 0, 9, 1]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1: 2006101023]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky internet security 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky internet security 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky internet security 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky internet security 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky internet security 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\WINDOWS\system32\aliedit\AliEdit.dll] [www.alipay.com, 1.0.0.7]
[C:\WINDOWS\system32\aliedit\msvcr71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\aliedit\msvcp71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\aliedit\pta.dll] [, 2, 4, 2, 471]
[C:\Program Files\Common Files\Microsoft Shared\IME\IMSC40W\MSCAND20.DLL] [Microsoft Corporation, 9.0.4913.0]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[PID: 2428][E:\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.2.3.10 24Jun03]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.0.299]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================

瑞星卡卡安全论坛