瑞星卡卡安全论坛
北京泥人 - 2006-11-22 15:58:00
我打开浏览器,老是不定期的提示我
已检测到: 广告程序 not-a-virus:AdWare.Win32.BHO.bq URL: http://bd2.jacai.com/test3.exe/data0002
日志如下:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Java\j2re1.4.2_12\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\tools\ipmsg\ipmsg.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\EditPlus 2\editplus.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\lotus\notes\NLNOTES.EXE
C:\Program Files\lotus\notes\ntaskldr.EXE
D:\bt\ha_hijackthis_1991\HijackThis.exe
O1 - Hosts: 61.141.31.11 www.kzdh.com
O1 - Hosts: 61.141.31.11 www.7255.com
O1 - Hosts: 61.141.31.11 www.7322.com
O1 - Hosts: 61.141.31.11 www.7939.com
O1 - Hosts: 61.141.31.11 www.piaoxue.com
O1 - Hosts: 61.141.31.11 www.feixu.net
O1 - Hosts: 61.141.31.11 www.6781.com
O1 - Hosts: 61.141.31.11 www.7b.com.cn
O1 - Hosts: 61.141.31.11 7b.com.cn
O1 - Hosts: 61.141.31.11 www.918188.com
O1 - Hosts: 61.141.31.11 hao.allxue.com
O1 - Hosts: 61.141.31.11 good.allxue.com
O1 - Hosts: 61.141.31.11 baby.allxue.com
O1 - Hosts: 61.141.31.11 www.allxue.com
O1 - Hosts: 61.141.31.11 about.lank.la
O1 - Hosts: 61.141.31.11 www.x114x.com
O1 - Hosts: 61.141.31.11 www.37ss.com
O1 - Hosts: 61.141.31.11 www.7k.cc
O1 - Hosts: 61.141.31.11 www.73ss.com
O1 - Hosts: 125.91.14.230 www.hao123.com
O1 - Hosts: 61.141.31.11 www.81915.com
O1 - Hosts: 61.141.31.11 222.88.90.22
O1 - Hosts: 61.141.31.11 www.9991.com
O1 - Hosts: 61.141.31.11 www.my123.com
O1 - Hosts: 61.141.31.11 www.haokan123.com
O1 - Hosts: 61.141.31.11 www.5566.net
O1 - Hosts: 61.141.31.11 www.gjj.cc
O1 - Hosts: 61.141.31.11 www.2345.com
O1 - Hosts: 61.141.31.11 dl.hao318.com
O1 - Hosts: 61.141.31.11 www.123wa.com
O1 - Hosts: 61.141.31.11 www.ku886.com
O1 - Hosts: 61.141.31.11 www.5icrack.com
O1 - Hosts: 61.141.31.11 www.jjol.cn
O3 - Toolbar: CyberArticle Express - {769A6A36-ED24-4376-BC7C-80225BF35698} - C:\Program Files\CyberArticle\CAExp.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_12\bin\jusched.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: 蓝牙控制盘.lnk = ?
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 保存: 完整网页... - C:\Program Files\CyberArticle\script\Save.htm
O8 - Extra context menu item: 保存: 更多保存内容... - C:\Program Files\CyberArticle\script\SaveAuto.htm
O8 - Extra context menu item: 发送到 Bluetooth(&B) - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_12\bin\npjpi142_12.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_12\bin\npjpi142_12.dll
O9 - Extra button: Web反病毒保护 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: 更新 ThinkPad 软件 - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/cn/zh/
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{786721C7-A892-4263-BFE3-4A1B3F939710}: NameServer = 10.204.4.88
O20 - AppInit_DLLs: APIHookDll.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IPS 核心服务 (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
红夜鬼1 - 2006-11-22 16:17:00
运行Hijackthis,把下面的选中打上钩,修复
O1 - Hosts: 61.141.31.11 www.kzdh.com
O1 - Hosts: 61.141.31.11 www.7255.com
O1 - Hosts: 61.141.31.11 www.7322.com
O1 - Hosts: 61.141.31.11 www.7939.com
O1 - Hosts: 61.141.31.11 www.piaoxue.com
O1 - Hosts: 61.141.31.11 www.feixu.net
O1 - Hosts: 61.141.31.11 www.6781.com
O1 - Hosts: 61.141.31.11 www.7b.com.cn
O1 - Hosts: 61.141.31.11 7b.com.cn
O1 - Hosts: 61.141.31.11 www.918188.com
O1 - Hosts: 61.141.31.11 hao.allxue.com
O1 - Hosts: 61.141.31.11 good.allxue.com
O1 - Hosts: 61.141.31.11 baby.allxue.com
O1 - Hosts: 61.141.31.11 www.allxue.com
O1 - Hosts: 61.141.31.11 about.lank.la
O1 - Hosts: 61.141.31.11 www.x114x.com
O1 - Hosts: 61.141.31.11 www.37ss.com
O1 - Hosts: 61.141.31.11 www.7k.cc
O1 - Hosts: 61.141.31.11 www.73ss.com
O1 - Hosts: 125.91.14.230 www.hao123.com
O1 - Hosts: 61.141.31.11 www.81915.com
O1 - Hosts: 61.141.31.11 222.88.90.22
O1 - Hosts: 61.141.31.11 www.9991.com
O1 - Hosts: 61.141.31.11 www.my123.com
O1 - Hosts: 61.141.31.11 www.haokan123.com
O1 - Hosts: 61.141.31.11 www.5566.net
O1 - Hosts: 61.141.31.11 www.gjj.cc
O1 - Hosts: 61.141.31.11 www.2345.com
O1 - Hosts: 61.141.31.11 dl.hao318.com
O1 - Hosts: 61.141.31.11 www.123wa.com
O1 - Hosts: 61.141.31.11 www.ku886.com
O1 - Hosts: 61.141.31.11 www.5icrack.com
O1 - Hosts: 61.141.31.11 www.jjol.cn
北京泥人 - 2006-11-22 18:11:00
修复了,但是没用,还是防毒软件还是隔一段时间提示。
红夜鬼1 - 2006-11-22 18:15:00
请下载SREng2(最新版) ,使用“智能扫描”,按下“扫描”按钮进行扫描,
扫描完成后按下“保存报告”按钮保存报告日志文件(SREng.LOG),把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完,分次粘完,请不要修改。
下载地址
http://www.kztechs.com/sreng/sreng2.zip
北京泥人 - 2006-11-22 18:26:00
2006-11-22,18:15:01
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<TPKMAPHELPER><C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper> [Lenovo]
<TpShocks><TpShocks.exe> [Lenovo, Ltd. and IBM Corporation.]
<TP4EX><tp4ex.exe> [Lenovo Group Limited]
<igfxtray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Intel Corporation]
<igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Intel Corporation]
<igfxpers><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Intel Corporation]
<EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe> [Lenovo Group Limited]
<TPHOTKEY><C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe> [N/A]
<SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe> [(Verified)Analog Devices, Inc.]
<SoundMAX><C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.]
<suScheduler><C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER> [N/A]
<LPManager><C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe> [Lenovo Group Limited]
<AMSG><C:\Program Files\ThinkVantage\AMSG\Amsg.exe> [LENOVO]
<PDService.exe><"C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"> [Utimaco Safeware AG]
<DiskeeperSystray><"C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"> [Diskeeper Corporation]
<ACTray><C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe> [Lenovo]
<ACWLIcon><C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe> [Lenovo]
<PWRMGRTR><rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor> [Lenovo Group Limited]
<IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE> [(Verified)Microsoft Corporation]
<MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)N/A]
<kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"> [Kaspersky Lab]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<SunJavaUpdateSched><C:\Program Files\Java\j2re1.4.2_12\bin\jusched.exe> [N/A]
<StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><APIHookDll.dll> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll> [Anti-Malware Development a.s.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify]
<WinlogonNotify: ACNotify><ACNotify.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
<WinlogonNotify: psfus><psqlpwd.dll> [UPEK Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]
<WinlogonNotify: tpfnf2><notifyf2.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
<WinlogonNotify: tphotkey><tphklock.dll> [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\北京奥运.scr> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<cssauth><; "C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent> [N/A]
北京泥人 - 2006-11-22 18:27:00
==================================
启动文件夹
[Digital Line Detect]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Digital Line Detect.lnk --> C:\PROGRA~1\DIGITA~1\DLG.exe [BVRP Software]><N>
[蓝牙控制盘]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\蓝牙控制盘.lnk --> C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe [Broadcom Corporation.]><N>
==================================
服务
[Ac Profile Manager Service / AcPrfMgrSvc]
<C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe><N/A>
[Access Connections Main Service / AcSvc]
<C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe><Lenovo>
[ASP.NET State Service / aspnet_state]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[卡巴斯基反病毒软件6.0 / AVP]
<"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[Bluetooth Service / btwdins]
<C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe><Broadcom Corporation.>
[Diskeeper / Diskeeper]
<"C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe"><Diskeeper Corporation>
[Intel(R) PROSet/Wireless Event Log / EvtEng]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ThinkPad PM Service / IBMPMSVC]
<C:\WINDOWS\system32\ibmpmsvc.exe><N/A>
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[IPS 核心服务 / IPSSVC]
<C:\WINDOWS\system32\IPSSVC.EXE><Lenovo Group Limited>
[IBM PSA Access Driver Control / PsaSrv]
<2 - 系统找不到指定的文件。
><N/A>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Intel(R) PROSet/Wireless Service / S24EventMonitor]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[ThinkPad HDD APS Logging Service / TPHDEXLGSVC]
<System32\TPHDEXLG.EXE><N/A>
[IBM KCU Service / TpKmpSVC]
<C:\WINDOWS\system32\TpKmpSVC.exe><N/A>
[TSS Core Service / TSSCoreService]
<"C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe"><IBM>
[TVT Backup Service / TVT Backup Service]
<"C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe"><>
[TVT Scheduler / TVT Scheduler]
<"C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe"><>
[ThinkVantage System Update / UCLauncherService]
<C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe><N/A>
[Windows Media Connect (WMC) / WmcCds]
<c:\program files\windows media connect\mswmccds.exe><Microsoft Corporation>
[Windows Media Connect (WMC) 帮助程序 / WmcCdsLs]
<C:\Program Files\Windows Media Connect\mswmcls.exe><Microsoft Corporation>
==================================
驱动程序
[abp480n5 / abp480n5]
<\SystemRoot\system32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
<system32\drivers\ac97intc.sys><Intel Corporation>
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService]
<system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[adpu160m / adpu160m]
<\SystemRoot\system32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[AEAudio Service / AEAudioService]
<system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.4.9.0 / AegisP]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Aha154x / Aha154x]
<\SystemRoot\system32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
<\SystemRoot\system32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
<\SystemRoot\system32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp]
<\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[ANC / ANC]
<System32\drivers\ANC.SYS><IBM Corp.>
[asc / asc]
<\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p]
<\SystemRoot\system32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550]
<\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[atmeltpm / atmeltpm]
<system32\DRIVERS\atmeltpm.sys><Atmel, Inc.>
[蓝牙总线枚举器 / BTKRNL]
<system32\DRIVERS\btkrnl.sys><Broadcom Corporation.>
[cd20xrnt / cd20xrnt]
<\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k]
<\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
<\SystemRoot\system32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[Intel(R) PRO Adapter Driver / E100B]
<system32\DRIVERS\e100b325.sys><Intel Corporation>
[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express]
<system32\DRIVERS\e1e5132.sys><Intel Corporation>
[IBM eGatherer / EGATHDRV]
<\??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS><IBM Corporation>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HSF_DPV / HSF_DPV]
<system32\DRIVERS\hsx_dpv.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL]
<system32\DRIVERS\hsxhwazl.sys><Conexant Systems, Inc.>
[ialm / ialm]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[ibmfilter / ibmfilter]
<\??\C:\WINDOWS\system32\drivers\ibmfilter.sys><IBM>
[IBMPMDRV / IBMPMDRV]
<system32\DRIVERS\ibmpmdrv.sys><Lenovo.>
[IBMTPCHK / IBMTPCHK]
<\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys><N/A>
[ini910u / ini910u]
<\SystemRoot\system32\DRIVERS\ini910u.sys><Microsoft Corporation>
[kl1 / kl1]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[mdmxsdk / mdmxsdk]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[mraid35x / mraid35x]
<\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NSC Infrared Device Driver / NSCIRDA]
<system32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[pmem / pmem]
<\??\C:\WINDOWS\System32\drivers\pmemnt.sys><Microsoft Corporation>
[PrivateDisk / PrivateDisk]
<\??\C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PrivateDiskM.sys><Utimaco Safeware AG>
[IPS 帮助器驱动程序 / PROCDD]
<system32\DRIVERS\PROCDD.SYS><Lenovo Group Limited>
[IBM PSA Access Driver / psadd]
<\??\C:\WINDOWS\system32\Drivers\psadd.sys><Lenovo>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080]
<\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
<\SystemRoot\system32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
<\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
<\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[WLAN 传输 / s24trans]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[ShockMgr / ShockMgr]
<C:\WINDOWS\SYSTEM32\DRIVERS\ShockMgr.SYS><Lenovo.>
[Shockprf / Shockprf]
<C:\WINDOWS\SYSTEM32\DRIVERS\Shockprf.SYS><Lenovo>
[SIS AGP Bus Filter / sisagp]
<\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[smi2 / smi2]
<\??\C:\Program Files\SMI2\smi2.sys><IBM Corp.>
[SMI helper driver / smihlp]
<\??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys><UPEK Inc.>
[Sparrow / Sparrow]
<\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[TC USB Kernel Driver / TcUsb]
<System32\Drivers\tcusb.sys><UPEK Inc.>
[TosIde / TosIde]
<\SystemRoot\system32\DRIVERS\toside.sys><Microsoft Corporation>
[TPHKDRV / TPHKDRV]
<C:\WINDOWS\SYSTEM32\DRIVERS\TPHKDRV.SYS><IBM Corporation>
[TPPWRIF / TPPWRIF]
<System32\drivers\Tppwrif.sys><N/A>
[TSMAPIP / TSMAPIP]
<System32\drivers\TSMAPIP.SYS><N/A>
[IBM PS/2 TrackPoint Filter Driver / TwoTrack]
<system32\DRIVERS\TwoTrack.sys><IBM Corporation>
[ultra / ultra]
<\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51]
<system32\DRIVERS\w39n51.sys><Intel? Corporation>
北京泥人 - 2006-11-22 18:31:00
浏览器加载项
[Web反病毒保护]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[@btrez.dll,-4015]
{CCA281CA-C863-46ef-9331-5C8D4460577F} <, N/A>
[更新 ThinkPad 软件]
{D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} <C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe, Lenovo Group Limited>
[CyberArticle Express]
{769A6A36-ED24-4376-BC7C-80225BF35698} <C:\Program Files\CyberArticle\CAExp.dll, Wizissoft>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Edit Class]
{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[Java Plug-in 1.4.2]
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} <C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll, IBM.>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[CyberArticle Express]
{769A6A36-ED24-4376-BC7C-80225BF35698} <C:\Program Files\CyberArticle\CAExp.dll, Wizissoft>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[保存: 完整网页...]
<C:\Program Files\CyberArticle\script\Save.htm, N/A>
[保存: 更多保存内容...]
<C:\Program Files\CyberArticle\script\SaveAuto.htm, N/A>
[发送到 Bluetooth(&B)]
<C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
北京泥人 - 2006-11-22 18:35:00
正在运行的进程
[PID: 920][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1028][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2645 (xpsp.050331-1524)]
[C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, N/A]
[C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 6.0.0.299]
[C:\WINDOWS\system32\psqlpwd.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\ThinkVantage Fingerprint Software\infra.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\ThinkVantage Fingerprint Software\bio.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\ThinkVantage Fingerprint Software\remote.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll] [UPEK Inc., 5.4.0.2659]
[C:\WINDOWS\system32\tphklock.dll] [N/A, N/A]
[C:\Program Files\ThinkVantage Fingerprint Software\crypto.dll] [UPEK Inc., 5.4.0.2659]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\notifyf2.dll] [N/A, N/A]
[PID: 1096][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1108][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\psqlpwd.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\ThinkVantage Fingerprint Software\infra.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll] [UPEK Inc., 5.4.0.2659]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\csspwntfy.dll] [Lenovo Group Limited, 6.01.0044.00]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtsp.dll] [IBM, 1,1,2,009]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\tcsrpc.dll] [IBM, 1,1,2,009]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\cssuserdatadispatcher.dll] [Lenovo Group Limited, 6.01.0044.00]
[PID: 1276][C:\WINDOWS\system32\ibmpmsvc.exe] [N/A, N/A]
[PID: 1304][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1372][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1412][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1472][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 10, 1, 0, 1]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 0, 5]
[PID: 1524][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 10, 1, 0, 33]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, N/A]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL] [N/A, N/A]
[PID: 1580][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1696][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 316][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\bthcrp.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\WidcommSdk.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation., 4.0.1.3000]
[PID: 416][C:\WINDOWS\system32\IPSSVC.EXE] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\Program Files\Lenovo\AwayTask\AwayDB.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[PID: 432][C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocMigrator.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ThinQCon.dll] [N/A, N/A]
[PID: 504][C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe] [Broadcom Corporation., 4.0.1.3000]
[PID: 532][C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe] [Diskeeper Corporation, 9.0.535.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\DkLib.dll] [Diskeeper Corporation, 9.0.535.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\Tab.dll] [Executive Software International, Inc., 1.0.34.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\GetFATExtents.dll] [Diskeeper Corporation, 9.0.535.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\2052\DkRes.dll] [Diskeeper Corporation, 9.0.535.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\DkTabProvider.dll] [Diskeeper Corporation, 9.0.535.0]
[PID: 684][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 10, 1, 0, 1]
[PID: 756][C:\WINDOWS\System32\TPHDEXLG.EXE] [Lenovo., 1.40]
[PID: 792][C:\WINDOWS\system32\TpKmpSVC.exe] [N/A, N/A]
[PID: 852][C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe] [IBM, 1,1,2,009]
[C:\WINDOWS\system32\TPMDDL.dll] [Atmel, Inc., 3.0.0.15 (x86)]
[PID: 868][C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe] [, 3,0,27,0]
[C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rr_res.dll] [, 3,0,29,0]
[C:\Program Files\IBM ThinkVantage\Rescue and Recovery\pui.dll] [International Business Machines Corporation, 1, 0, 0, 6]
[C:\Program Files\IBM ThinkVantage\Rescue and Recovery\ui.dll] [, 3,0,29,0]
[C:\Program Files\IBM ThinkVantage\Rescue and Recovery\CDRecord.dll] [N/A, N/A]
[C:\Program Files\IBM ThinkVantage\Rescue and Recovery\zlib.dll] [, 1.1.4.0]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[PID: 480][C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe] [, 3,0,9,0]
北京泥人 - 2006-11-22 18:37:00
[PID: 172][C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe] [N/A, N/A]
[C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherCommon.dll] [N/A, N/A]
[PID: 1488][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 1624][C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcHlpr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ANCA.dll] [IBM Corp., 8.3]
[C:\Program Files\ThinkPad\ConnectUtilities\ANC.dll] [IBM Corp., 8.3]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\ACGolan.DLL] [N/A, N/A]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 10, 1, 0, 46]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\DbEngine.dll] [Intel Corporation, 10, 1, 0, 13]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, N/A]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\MurocAPI.dll] [Intel Corporation, 10, 1, 0, 37]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 10, 1, 0, 1]
[PID: 2168][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2396][C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe] [N/A, N/A]
[PID: 2440][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2476][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWRMGRRT.DLL] [N/A, N/A]
[C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL] [N/A, N/A]
[C:\WINDOWS\system32\Sensor.dll] [Lenovo., 1.40]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdshell.dll] [Utimaco Safeware AG, 1.10.2.1]
[C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PDLib.dll] [Utimaco Safeware AG, 1.10.2.1]
[C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PDLib0804.dll] [Utimaco Safeware AG, 1.10.2.1]
[C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PDShell0804.dll] [Utimaco Safeware AG, 1.10.2.1]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\EditPlus 2\eppshell.dll] [N/A, N/A]
[C:\WINDOWS\system32\btncopy.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\Program Files\ewido anti-spyware 4.0\context.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\FOURIER_M1.IME] [北京紫光华宇软件股份有限公司, 4.0.0.5001]
[PID: 2776][C:\WINDOWS\system32\TpShocks.exe] [Lenovo, Ltd. and IBM Corporation., 1, 3, 4, 0]
[C:\Program Files\ThinkPad\TpShocks\MUI\0804\TpShocks.dll] [Lenovo, Ltd. and IBM Corporation., 1, 3, 3, 0]
[C:\WINDOWS\system32\Sensor.dll] [Lenovo., 1.40]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2828][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4436]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2780][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4436]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2836][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4436]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2804][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\PROGRA~1\ThinkPad\UTILIT~1\SC\EzMApRes.dll] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2884][C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\WINDOWS\system32\Oemdspif.dll] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4436]
[C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\tpfnf7.dll] [N/A, N/A]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[PID: 2920][C:\Program Files\Analog Devices\Core\smax4pnp.exe] [Analog Devices, Inc., 6, 0, 0, 20]
[C:\Program Files\Analog Devices\Core\SMWDMIF.dll] [Analog Devices, Inc., 6, 0, 4200, 014]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 2988][C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe] [Lenovo Group Limited, 1, 0, 0, 1]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\PROGRA~1\THINKV~2\PrdCtr\SC\LPRESMGR.DLL] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\TrayRes.dll] [Lenovo, 4, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3012][C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3056][C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe] [Lenovo Group Limited, 1.16]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
北京泥人 - 2006-11-22 18:38:00
[PID: 3172][C:\Program Files\ThinkVantage\AMSG\Amsg.exe] [LENOVO, 1, 0, 0, 0]
[C:\Program Files\ThinkVantage\AMSG\AHLPRUNL.dll] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\PROGRA~1\THINKV~2\AMSG\AcpPollingEngine.dll] [, 1, 0, 0, 7]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3184][C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe] [Lenovo Group Limited, 6.01.0044.00]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\cssuserdatadispatcher.dll] [Lenovo Group Limited, 6.01.0044.00]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\csswait.dll] [Lenovo Group Limited, 6.01.0044.00]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtsp.dll] [IBM, 1,1,2,009]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\tcsrpc.dll] [IBM, 1,1,2,009]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\cssdlgpwentry.dll] [Lenovo Group Limited, 6.01.0044.00]
[C:\Program Files\IBM ThinkVantage\Client Security Solution\dlganswerprompt.dll] [Lenovo Group Limited, 6.01.0044.00]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3196][C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe] [Utimaco Safeware AG, 1.10.2.1]
[C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PDLib.dll] [Utimaco Safeware AG, 1.10.2.1]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PDLib0804.dll] [Utimaco Safeware AG, 1.10.2.1]
[C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice0804.dll] [Utimaco Safeware AG, 1.10.2.1]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3252][C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\GUIHlprRes.dll] [Lenovo, 4, 0, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\TrayRes.dll] [Lenovo, 4, 0, 0, 0]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3320][C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, N/A]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\GUIHlprRes.dll] [Lenovo, 4, 0, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\IconRes.dll] [Lenovo, 4, 0, 0, 0]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3388][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWRMGRRT.DLL] [N/A, N/A]
[C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL] [N/A, N/A]
[C:\WINDOWS\system32\Sensor.dll] [Lenovo., 1.40]
[C:\WINDOWS\system32\OEMDSPIF.DLL] [Intel Corporation, 3.0.0.4436]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4436]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3528][C:\Program Files\Java\j2re1.4.2_12\bin\jusched.exe] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[PID: 3616][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3660][C:\Program Files\Digital Line Detect\DLG.exe] [BVRP Software, 1, 0, 0, 1]
[C:\Program Files\Digital Line Detect\BVRPDIAG.dll] [BVRP Software, 1.0]
[C:\WINDOWS\system32\MdmXSdk.dll] [Conexant, 1.0.2.010]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3700][C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\btosif.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\btwhidcs.DLL] [Broadcom Corporation., 4.0.1.3000]
[C:\Program Files\ThinkPad\Bluetooth Software\BtBalloon.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\btrez.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\CSH.dll] [Blue Sky Software Corporation, 2.00.039]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 3444][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE] [Microsoft Corporation, 11.0.6568]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\WINDOWS\system32\btsendto_office.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\btosif.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\btsendto.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\WidcommSdk.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\WINDOWS\system32\FOURIER_M1.IME] [北京紫光华宇软件股份有限公司, 4.0.0.5001]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\offguard.dll] [Kaspersky Lab, 6.0.0.299]
[C:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 1000][D:\tools\ipmsg\ipmsg.exe] [Azhi.net, 2.05]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 1612][C:\Program Files\Tencent\QQ\QQ.exe] [TENCENT, 0, 0, 0, 0]
[C:\Program Files\Tencent\QQ\CoralAssist.DLL] [Coral Team, 4.5.0 build 20060515]
[C:\Program Files\Tencent\QQ\CoralQQ.DLL] [Coral Team, 4.5.4 Build 20061001]
[C:\Program Files\Tencent\QQ\ipsearcher.dll] [N/A, 1.0.0.4]
[C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQHelperDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\BasicCtrlDll.dll] [Tencent, 5, 0, 200, 370]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\Program Files\Tencent\QQ\QQAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Tencent\QQ\LoginCtrl.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 6, 27, 1]
[C:\Program Files\Tencent\QQ\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQRes.dll] [tencent, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQMainFrame.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\CQQApplication.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\NewSkin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\HostingMgr.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\CameraDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\MailSummary.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQSpace.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQGroupMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\GroupLive.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\UserDefinedHead.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQPlugin.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\LongConnection.dll] [tencent, 5, 0, 200, 160]
[C:\Program Files\Tencent\QQ\QRingMng.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\PhoneAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[C:\WINDOWS\system32\vorbis.acm] [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
北京泥人 - 2006-11-22 18:38:00
[C:\WINDOWS\system32\vct3216.acm] [Voxware, Inc., 1.6.0.17]
[C:\WINDOWS\system32\vct3216.dll] [Voxware, Inc., 1.6.0.12]
[C:\WINDOWS\system32\msms001.vwp] [Voxware, Inc., 2.0.2.61]
[C:\WINDOWS\system32\mvoice.vwp] [Voxware, Inc., 2.0.0.12.01]
[C:\Program Files\Tencent\QQ\VPortal.dll] [, 1, 0, 0, 4]
[C:\Program Files\Tencent\QQ\QQAllInOne.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\SCCore.dll] [TENCENT, 2, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQCustomFace.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQAvatar.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\Program Files\Tencent\QQ\QQPet.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[C:\WINDOWS\system32\btncopy.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\Program Files\Tencent\QQ\QQSceneMng.dll] [N/A, N/A]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Tencent\QQ\QQSysMsgMng.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\BQQApplication.dll] [N/A, N/A]
[C:\WINDOWS\system32\FOURIER_M1.IME] [北京紫光华宇软件股份有限公司, 4.0.0.5001]
[C:\Program Files\Tencent\QQ\CommercesMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[C:\Program Files\Tencent\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
[C:\Program Files\Tencent\QQ\QQPhoneHelper.dll] [腾讯科技(深圳)有限公司, 2, 0, 6, 60]
[C:\Program Files\Tencent\QQ\ImageOle.dll] [TODO: <Company name>, 1.0.0.1]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Tencent\QQ\GroupConnection.dll] [Tencent, 0, 3, 3, 5]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQMagicFace.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQZip.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Tencent\QQ\ShareFiles.dll] [N/A, N/A]
[PID: 216][C:\Program Files\Tencent\QQ\TIMPlatform.exe] [tencent, 0, 3, 1, 8]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 2548][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[PID: 1708][C:\Program Files\EditPlus 2\editplus.exe] [ES-Computing, 2, 1, 2, 147]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[PID: 2644][C:\Program Files\ewido anti-spyware 4.0\ewido.exe] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\Program Files\ewido anti-spyware 4.0\engine.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[PID: 3432][C:\Program Files\lotus\notes\NLNOTES.EXE] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\nnotesws.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nnotes.dll] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\nxmlproc.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\js32.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\NLSCCSTR.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\ndgts.dll] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\LTOUIN22.dll] [Lotus Development Corporation., 2.2.0.8911]
[C:\Program Files\lotus\notes\nplugins.dll] [IBM Corp, 7.0.00.5226]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\lotus\notes\NSTRINGS.DLL] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\namhook.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nTCP.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nNETBIOS.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nstclientu.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nimuiu.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[C:\Program Files\lotus\notes\mui\zh-CN\nimuires.dll.mui] [, 3, 1, 0, 1]
[C:\Program Files\lotus\notes\nNTCP.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nlsxbe.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nDBnotes.DLL] [IBM Corp, 7.0.00.5226]
[PID: 4844][C:\Program Files\lotus\notes\ntaskldr.EXE] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nnotes.dll] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\nxmlproc.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\js32.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\NLSCCSTR.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\ndgts.dll] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\NSTRINGS.DLL] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\nhkdaemn.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nwrdaemndll.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nTCP.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nNETBIOS.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nhldaemn.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\namhook.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nNTCP.DLL] [IBM Corp, 7.0.00.5226]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 4576][D:\bt\mmsk1120\木马杀客\mmsk.exe] [木马杀客, 2,0,0,7]
[D:\bt\mmsk1120\木马杀客\krnln.fnr] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\HYExtLib.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\TrayIcon.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\iext2.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\iext.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\HtmlView.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\iext3.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\xplib.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\mmskskin.dll] [, 2, 0, 0, 6]
[D:\bt\mmsk1120\木马杀客\SkinPPWTL.dll] [http://www.skinplusplus.com, 2, 1, 0, 0]
[D:\bt\mmsk1120\木马杀客\shell.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\EThread.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\dp1.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\eAPI.fne] [, 1, 0, 0, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
北京泥人 - 2006-11-22 18:38:00
[C:\WINDOWS\system32\vct3216.acm] [Voxware, Inc., 1.6.0.17]
[C:\WINDOWS\system32\vct3216.dll] [Voxware, Inc., 1.6.0.12]
[C:\WINDOWS\system32\msms001.vwp] [Voxware, Inc., 2.0.2.61]
[C:\WINDOWS\system32\mvoice.vwp] [Voxware, Inc., 2.0.0.12.01]
[C:\Program Files\Tencent\QQ\VPortal.dll] [, 1, 0, 0, 4]
[C:\Program Files\Tencent\QQ\QQAllInOne.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\SCCore.dll] [TENCENT, 2, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQCustomFace.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQAvatar.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\Program Files\Tencent\QQ\QQPet.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[C:\WINDOWS\system32\btncopy.dll] [Broadcom Corporation., 4.0.1.3000]
[C:\Program Files\Tencent\QQ\QQSceneMng.dll] [N/A, N/A]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Tencent\QQ\QQSysMsgMng.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\BQQApplication.dll] [N/A, N/A]
[C:\WINDOWS\system32\FOURIER_M1.IME] [北京紫光华宇软件股份有限公司, 4.0.0.5001]
[C:\Program Files\Tencent\QQ\CommercesMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[C:\Program Files\Tencent\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
[C:\Program Files\Tencent\QQ\QQPhoneHelper.dll] [腾讯科技(深圳)有限公司, 2, 0, 6, 60]
[C:\Program Files\Tencent\QQ\ImageOle.dll] [TODO: <Company name>, 1.0.0.1]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Tencent\QQ\GroupConnection.dll] [Tencent, 0, 3, 3, 5]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQMagicFace.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQZip.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Tencent\QQ\ShareFiles.dll] [N/A, N/A]
[PID: 216][C:\Program Files\Tencent\QQ\TIMPlatform.exe] [tencent, 0, 3, 1, 8]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 2548][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[PID: 1708][C:\Program Files\EditPlus 2\editplus.exe] [ES-Computing, 2, 1, 2, 147]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[PID: 2644][C:\Program Files\ewido anti-spyware 4.0\ewido.exe] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\Program Files\ewido anti-spyware 4.0\engine.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[PID: 3432][C:\Program Files\lotus\notes\NLNOTES.EXE] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\nnotesws.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nnotes.dll] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\nxmlproc.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\js32.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\NLSCCSTR.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\ndgts.dll] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\LTOUIN22.dll] [Lotus Development Corporation., 2.2.0.8911]
[C:\Program Files\lotus\notes\nplugins.dll] [IBM Corp, 7.0.00.5226]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\lotus\notes\NSTRINGS.DLL] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\namhook.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nTCP.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nNETBIOS.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nstclientu.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nimuiu.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[C:\Program Files\lotus\notes\mui\zh-CN\nimuires.dll.mui] [, 3, 1, 0, 1]
[C:\Program Files\lotus\notes\nNTCP.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nlsxbe.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nDBnotes.DLL] [IBM Corp, 7.0.00.5226]
[PID: 4844][C:\Program Files\lotus\notes\ntaskldr.EXE] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nnotes.dll] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\nxmlproc.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\js32.dll] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\NLSCCSTR.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\ndgts.dll] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\NSTRINGS.DLL] [IBM Corp, 7.0.00.5229]
[C:\Program Files\lotus\notes\nhkdaemn.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nwrdaemndll.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nTCP.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nNETBIOS.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nhldaemn.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\namhook.DLL] [IBM Corp, 7.0.00.5226]
[C:\Program Files\lotus\notes\nNTCP.DLL] [IBM Corp, 7.0.00.5226]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 4576][D:\bt\mmsk1120\木马杀客\mmsk.exe] [木马杀客, 2,0,0,7]
[D:\bt\mmsk1120\木马杀客\krnln.fnr] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\HYExtLib.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\TrayIcon.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\iext2.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\iext.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\HtmlView.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\iext3.fne] [, 1, 0, 0, 1]
[D:\bt\mmsk1120\木马杀客\xplib.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\mmskskin.dll] [, 2, 0, 0, 6]
[D:\bt\mmsk1120\木马杀客\SkinPPWTL.dll] [http://www.skinplusplus.com, 2, 1, 0, 0]
[D:\bt\mmsk1120\木马杀客\shell.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\EThread.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\dp1.fne] [N/A, N/A]
[D:\bt\mmsk1120\木马杀客\eAPI.fne] [, 1, 0, 0, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
北京泥人 - 2006-11-22 18:39:00
[PID: 6012][C:\Program Files\Tencent\QQ\QQ.exe] [TENCENT, 0, 0, 0, 0]
[C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQHelperDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\BasicCtrlDll.dll] [Tencent, 5, 0, 200, 370]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Tencent\QQ\LoginCtrl.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 6, 27, 1]
[C:\Program Files\Tencent\QQ\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQRes.dll] [tencent, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQMainFrame.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\CQQApplication.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\NewSkin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\HostingMgr.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\CameraDll.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\MailSummary.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQSpace.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQGroupMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\GroupLive.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\UserDefinedHead.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQPlugin.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QRingMng.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\PhoneAPI.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[C:\Program Files\Tencent\QQ\VPortal.dll] [, 1, 0, 0, 4]
[C:\Program Files\Tencent\QQ\QQAvatar.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\Program Files\Tencent\QQ\LongConnection.dll] [tencent, 5, 0, 200, 160]
[C:\Program Files\Tencent\QQ\QQPet.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQSysMsgMng.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\QQSettingCtrl.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\BQQApplication.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\OEMApplication.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQAllInOne.dll] [N/A, N/A]
[C:\Program Files\Tencent\QQ\SCCore.dll] [TENCENT, 2, 0, 0, 1]
[C:\Program Files\Tencent\QQ\QQCustomFace.dll] [N/A, N/A]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[C:\Program Files\Tencent\QQ\QQSceneMng.dll] [N/A, N/A]
[C:\WINDOWS\system32\FOURIER_M1.IME] [北京紫光华宇软件股份有限公司, 4.0.0.5001]
[C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\Program Files\Tencent\QQ\CommercesMng.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[C:\Program Files\Tencent\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
[C:\Program Files\Tencent\QQ\QQPhoneHelper.dll] [腾讯科技(深圳)有限公司, 2, 0, 6, 60]
[C:\Program Files\Tencent\QQ\QQMagicFace.dll] [, 1, 0, 0, 1]
[C:\Program Files\Tencent\QQ\GroupConnection.dll] [Tencent, 0, 3, 3, 5]
[C:\Program Files\Tencent\QQ\ImageOle.dll] [TODO: <Company name>, 1.0.0.1]
[PID: 676][D:\tools\FlashFXP-v3.40\FlashFXP.exe] [IniCom Networks, Inc., 3.4.0.1145]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[D:\tools\FlashFXP-v3.40\libeay32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8a]
[D:\tools\FlashFXP-v3.40\ssleay32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8a]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[PID: 4856][C:\Program Files\Maxthon\Maxthon.exe] [Maxthon International Ltd., 1, 5, 8, 120]
[C:\Program Files\Maxthon\maxzlib.dll] [ , 1, 0, 0, 2]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[C:\Program Files\CyberArticle\CAExp.dll] [Wizissoft, 1.0.0.1]
[C:\Program Files\CyberArticle\CyberArticleAPI.DLL] [Wizissoft, 4.3.2005.819]
[C:\Program Files\CyberArticle\HTMLParser.DLL] [N/A, N/A]
[C:\Program Files\Maxthon\Services\RealTime\real_time.dll] [, 1, 0, 0, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll] [N/A, N/A]
[C:\WINDOWS\system32\FOURIER_M1.IME] [北京紫光华宇软件股份有限公司, 4.0.0.5001]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\WINDOWS\system32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[C:\WINDOWS\system32\ffdshow.ax] [N/A, 1.0.2.2028]
[C:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll] [Gabest, 1, 0, 1, 3]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[C:\Program Files\Ringz Studio\Storm Codec\Codecs\PmpSplt.ax] [cooleyes, 1, 0, 0, 8]
[C:\Program Files\Ringz Studio\Storm Codec\Codecs\RMSplt.ax] [Gabest, 1, 0, 1, 1]
[PID: 5132][C:\Documents and Settings\nichunhua\桌面\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 5400][D:\tools\Messenger_81beta_zh-cn.exe] [Microsoft Corporation, 8.1.0106.00_ClientV8.1]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 4588][C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\IXP000.TMP\bootstrap.exe] [Microsoft Corporation, 8.1.0106.00_ClientV8.1]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\IXP000.TMP\bootstrap.dll] [N/A, N/A]
[C:\WINDOWS\system32\PROCHLP.DLL] [Lenovo Group Limited, 1, 0, 0, 0]
[C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\11.jpg] [N/A, N/A]
[PID: 512][C:\WINDOWS\system32\msiexec.exe] [Microsoft Corporation, 3.0.3790.2180]
[PID: 4364][C:\WINDOWS\system32\MsiExec.exe] [Microsoft Corporation, 3.0.3790.2180]
北京泥人 - 2006-11-22 18:39:00
==================================
文件关联
.TXT Error. [emeditor.txt]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
61.141.31.11 www.kzdh.com
61.141.31.11 www.7255.com
61.141.31.11 www.7322.com
61.141.31.11 www.7939.com
61.141.31.11 www.piaoxue.com
61.141.31.11 www.feixu.net
61.141.31.11 www.6781.com
61.141.31.11 www.7b.com.cn
61.141.31.11 7b.com.cn
61.141.31.11 www.918188.com
61.141.31.11 hao.allxue.com
61.141.31.11 good.allxue.com
61.141.31.11 baby.allxue.com
61.141.31.11 www.allxue.com
61.141.31.11 about.lank.la
61.141.31.11 www.x114x.com
61.141.31.11 www.37ss.com
61.141.31.11 www.7k.cc
61.141.31.11 www.73ss.com
125.91.14.230 www.hao123.com
61.141.31.11 www.81915.com
61.141.31.11 222.88.90.22
61.141.31.11 www.9991.com
61.141.31.11 www.my123.com
61.141.31.11 www.haokan123.com
61.141.31.11 www.5566.net
61.141.31.11 www.gjj.cc
61.141.31.11 www.2345.com
61.141.31.11 dl.hao318.com
61.141.31.11 www.123wa.com
61.141.31.11 www.ku886.com
61.141.31.11 www.5icrack.com
61.141.31.11 www.jjol.cn
==================================
北京泥人 - 2006-11-22 18:40:00
上传完毕
红夜鬼1 - 2006-11-22 18:42:00
C:\DOCUME~1\NICHUN~1\LOCALS~1\Temp\安全模式下清空文件夹
查找HOSTS文件,用记事打开,清除里面的
只留这一项:127.0.0.1
1
© 2000 - 2026 Rising Corp. Ltd.