瑞星卡卡安全论坛
晓华哥哥 - 2006-12-6 10:22:00
各位看看这是怎么回事?
一打开IE就首先出现,如下图所示:
附件:
4327762006126101345.jpg
晓华哥哥 - 2006-12-6 10:23:00
晓华哥哥 - 2006-12-6 10:25:00
zq77 - 2006-12-6 10:25:00
广告拦截
红夜鬼1 - 2006-12-6 12:29:00
请下载SREng2(最新版) ,使用“智能扫描”,按下“扫描”按钮进行扫描,
扫描完成后按下“保存报告”按钮保存报告日志文件(SREng.LOG),把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完,分次粘完,请不要修改。
下载地址
http://www.kztechs.com/sreng/sreng2.zip
晓华哥哥 - 2006-12-7 8:55:00
2006-12-07,08:38:47
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Synchronization Manager><mobsync.exe /logon> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<KKDelay><; D:\Program Files\Rising\AntiSpyware\RunOnce.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINNT\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<NetWork><C:\WINNT\system32\reporter.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{78BF3960-61F0-4F4E-825D-3554FA61E847}><C:\WINNT\system32\wmpkn.dll> [N/A]
==================================
启动文件夹
N/A
==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA]
<C:\WINNT\system32\drivers\CDAC11BA.EXE><Macrovision>
[Symantec Event Manager / ccEvtMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
<"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch]
<"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[GrayPigeonServer / GrayPigeonServer]
<><N/A>
[Volume Optimization / Patterns]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\ldeml.dll><Microsoft Corporation>
[Remote Access Connection Management / Remote Access Connection Management]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\Program Files\Messenger\msnhost.dll><N/A>
[Intranet Messenger / SHipING]
<C:\WINNT\SYSTEM32\RUNDLL32.EXE C:\WINNT\SYSTEM32\WBEM\NAFAQ.DLL,Export 1087><N/A>
[Symantec Network Drivers Service / SNDSrvc]
<"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec SPBBCSvc / SPBBCSvc]
<C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
<><N/A>
[VirtualHardwareProtect / VirtualHardwareProtect]
<C:\WINNT\inf\msvhpse.exe><Microsoft Corporation>
==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[CdaC15BA / CdaC15BA]
<\??\C:\WINNT\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[cefeigbh / cefeigbh]
<\SystemRoot\system32\drivers\cefeigbh.sys><N/A>
[difgcecb / difgcecb]
<\SystemRoot\system32\drivers\difgcecb.sys><N/A>
[djaehifg / djaehifg]
<\SystemRoot\system32\drivers\djaehifg.sys><N/A>
[dmboot / dmboot]
<System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
<\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
<\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[Symantec Eraser Control driver / eeCtrl]
<\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
[fcgecaag / fcgecaag]
<\SystemRoot\system32\drivers\fcgecaag.sys><N/A>
[giajicag / giajicag]
<\SystemRoot\system32\drivers\giajicag.sys><N/A>
[GMSIPCI / GMSIPCI]
<\??\H:\INSTALL\GMSIPCI.SYS><N/A>
[gwiopm / gwiopm]
<\??\F:\WOMV7.4 Build 6.711\gwiopm.sys><N/A>
[hbigeihi / hbigeihi]
<\SystemRoot\system32\drivers\hbigeihi.sys><N/A>
[hiccgcgd / hiccgcgd]
<\SystemRoot\system32\drivers\hiccgcgd.sys><N/A>
[hifdciij / hifdciij]
<\SystemRoot\system32\drivers\hifdciij.sys><N/A>
[ialm / ialm]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[iicfdeje / iicfdeje]
<\SystemRoot\system32\drivers\iicfdeje.sys><N/A>
[Network Packet Filter / IPNPF]
<\SystemRoot\system32\drivers\ipnpf.sys><Politecnico di Torino>
[lhjuod16 / lhjuod16]
<\??\C:\WINNT\system32\drivers\lhjuod16.sys><Microsoft Corporation>
[mnjt / mnjtt]
<\SystemRoot\System32\DRIVERS\mnjtt.sys><N/A>
[NAVENG / NAVENG]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061111.007\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061111.007\navex15.sys><Symantec Corporation>
[npkcrypt / npkcrypt]
<\??\D:\杂1\MP3\哈哈\aaaa\Mp3\1\npkcrypt.sys><INCA Internet Co., Ltd.>
[Motorola USB Device / P2k]
<system32\DRIVERS\P2k.sys><Motorola Inc>
[Padus ASPI Shell / pfc]
<system32\drivers\pfc.sys><Padus, Inc.>
[PnpWmkDrv / PnpWmkDrv]
<\??\C:\WINNT\system32\drivers\PnpWmkDrv.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rd / rd]
<\??\C:\WINNT\system32\drivers\rd.sys><N/A>
[RsAntiSpyware / RsAntiSpyware]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SAVRT / SAVRT]
<\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
<\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[SPBBCDrv / SPBBCDrv]
<\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[sptd / sptd]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[SymEvent / SymEvent]
<\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
<\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
<\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
晓华哥哥 - 2006-12-7 8:56:00
==================================
浏览器加载项
[Google Bar]
{12365484-96a1-6974-3269-123555124655} <C:\WINNT\system32\GoogleBar.dll, Google Inc.>
[Flashget Catch Url Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\PROGRA~1\FLASHGET\jccatch.dll, www.flashget.com>
[MallObj Class]
{3B30B48F-617D-4F73-A20F-D3D54357F103} <C:\WINNT\system32\mallgoo2.dll, 上海奥德易海科技>
[GetURL Class]
{74E6FD24-0206-4E47-997D-BA6B88C8489D} <C:\WINNT\system32\CatchURL.dll, TEC Solutions Limited.>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[BrowserProxy4]
{BCF4D74B-E6BD-4C8F-83D7-90D6439705B9} <C:\WINNT\system32\AlxTbl.dll, Alexa Internet>
[gFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <D:\Program Files\FlashGet\getflash.dll, >
[小Me地图搜索]
{06DD38D3-D187-11CF-A80D-00C04FD74AD8}? <, N/A>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}? <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\杂1\MP3\哈哈\aaaa\Mp3\1\QQ.EXE, TENCENT>
[快车]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\PROGRA~1\FLASHGET\flashget.exe, FlashGet.com>
[@msdxmLC.dll,-1@2052,电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[金山快译(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[快车(FlashGet)]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[PowerList Control]
{20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\WINNT\DOWNLO~1\POWERL~1.OCX, PPStream.com>
[IESecPlugin Class]
{20F1BA6D-D3F5-4089-A651-106A3DB5A7BA} <C:\WINNT\DOWNLO~1\SECPLU~1.DLL, >
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINNT\DOWNLO~1\INPUTC~1.DLL, >
[UpdateCert Class]
{73FFAC43-9801-49B0-9550-57F2D7816171} <C:\WINNT\DOWNLO~1\update.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[&使用快车(FlashGet)下载]
<D:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
<D:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[转换为 Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换为现有 PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[转换选定的链接为 Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[转换选定的链接为现有 PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[转换选项为 Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换选项为现有 PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[转换链接目标为 Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换链接目标为现有 PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
==================================
正在运行的进程
[PID: 212][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 236][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 256][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[C:\WINNT\system32\WinWdg32.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[PID: 288][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 300][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011]
[PID: 488][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[C:\WINNT\system32\oblknet.dll] [TEC Solutions Limited., 2, 84, 2718, 0]
[C:\WINNT\system32\ippcap.dll] [Politecnico di Torino, 3, 0, 0, 18]
[C:\WINNT\system32\IPpacket.dll] [Politecnico di Torino, 3, 0, 0, 20]
[PID: 516][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.7013]
[C:\WINNT\system32\AdobePDF.dll] [Adobe Systems Incorporated., 7.0.0.00]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Adobe\Acrobat 7.0\Distillr\AdistRes.CHS] [N/A, N/A]
[C:\WINNT\system32\KMPJLMN.DLL] [KYOCERA MITA Corporation, 0, 3, 258, 2]
[C:\WINNT\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINNT\system32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0]
[PID: 572][C:\WINNT\system32\drivers\CDAC11BA.EXE] [Macrovision, 4.20.020]
[PID: 592][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] [Symantec Corporation, 103.5.4.3]
[C:\WINNT\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] [Symantec Corporation, 103.5.4.3]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 103.5.4.3]
[PID: 608][C:\Program Files\Symantec AntiVirus\DefWatch.exe] [Symantec Corporation, 10.0.1.1000]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[PID: 628][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[c:\winnt\system32\ldeml.dll] [Microsoft Corporation, 5.1.2600.0]
[c:\program files\messenger\msnhost.dll] [N/A, N/A]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0]
[C:\WINNT\system32\winoa32.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\oblknet.dll] [TEC Solutions Limited., 2, 84, 2718, 0]
[C:\WINNT\system32\ippcap.dll] [Politecnico di Torino, 3, 0, 0, 18]
[C:\WINNT\system32\IPpacket.dll] [Politecnico di Torino, 3, 0, 0, 20]
[C:\WINNT\system32\orcsdll.dll] [TEC Solutions Limited., 2, 84, 2718, 0]
[C:\WINNT\system32\orcshook.dll] [TEC Solutions Limited., 2, 84, 2718, 0]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[PID: 680][C:\WINNT\system32\regsvc.exe] [Microsoft Corporation, 5.00.2195.6701]
[PID: 704][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[PID: 732][C:\WINNT\SYSTEM32\RUNDLL32.EXE] [Microsoft Corporation, 5.00.2134.1]
[C:\WINNT\SYSTEM32\WBEM\NAFAQ.DLL] [Microsoft Corporation, 5, 1, 2600, 2709]
[PID: 872][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[PID: 888][C:\WINNT\system32\mspmspsv.exe] [Microsoft Corporation, 7.10.00.3059]
[PID: 900][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 932][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] [Symantec Corporation, 103.5.4.3]
[C:\WINNT\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] [Symantec Corporation, 103.5.4.3]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 103.5.4.3]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\BB.DLL] [Symantec Corporation, 1,5,1,3]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 1,5,1,3]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 103.5.4.3]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 103.5.4.3]
[PID: 972][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1932][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\system32\shlcn32.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\winimhs.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhason.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\ipsmu.dll] [N/A, N/A]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\system32\wmpkn.dll] [N/A, N/A]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0]
[C:\WINNT\system32\msow32cn.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\reporter.dll] [N/A, N/A]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.chs] [Adobe Systems Inc., 7.0.5.2005092300\0]
[C:\WINNT\system32\igfxpph.dll] [Intel Corporation, 3.0.0.3943]
晓华哥哥 - 2006-12-7 8:57:00
[C:\WINNT\system32\hccutils.DLL] [Intel Corporation, 3.0.0.3943]
[C:\WINNT\system32\igfxres.dll] [Intel Corporation, 3.0.0.3943]
[C:\WINNT\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.3943]
[C:\WINNT\system32\igfxdev.dll] [Intel Corporation, 3.0.0.3943]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.5.2005092300]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\xunleibho_v8.dll] [Thunder Networking Technologies,LTD, 4, 5, 1, 33]
[C:\WINNT\system32\msidb.dll] [Microsoft Corporation, 6.2800.1100]
[C:\WINNT\system32\vb6chs.dll] [Microsoft Corporation, 6.00.8169]
[C:\WINNT\DOWNLO~1\SECPLU~1.DLL] [, 2, 0, 0, 0]
[C:\WINNT\system32\csp_soft.dll] [Creative Centry Information Technoledge Corpration., 1, 0, 0, 1]
[D:\PROGRA~1\FLASHGET\jccatch.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
[C:\WINNT\system32\msimtf.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[PID: 2080][C:\WINNT\system32\ctfmon.exe] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\MSUTB.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\mui\fallback\0804\msutb.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 2112][C:\PROGRA~1\SYMANT~1\VPTray.exe] [Symantec Corporation, 10.0.1.1000]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINNT\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.5.0.44]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\Program Files\Symantec AntiVirus\Cliscan.dll] [Symantec Corporation, 10.0.1.1000]
[C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL] [Symantec Corporation, 10.0.1.1000]
[C:\Program Files\Symantec AntiVirus\Cliproxy.dll] [Symantec Corporation, 10.0.1.1000]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 2212][D:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 2]
[D:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[PID: 2788][D:\PROGRA~1\FLASHGET\flashget.exe] [FlashGet.com, 1, 8, 0, 1001]
[D:\PROGRA~1\FLASHGET\FGBTCORE.dll] [N/A, 1, 0, 0, 23]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[PID: 2464][C:\WINNT\system32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 3328][C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE] [Microsoft Corporation, 11.0.5510]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\Program Files\Common Files\Microsoft Shared\office11\riched20.dll] [Microsoft Corporation, 5.50.30.2002]
[C:\Program Files\mobile PhoneTools\Outl97.dll] [BVRP SoftWare, 2, 0, 0, 1]
[C:\Program Files\mobile PhoneTools\OutlSync.dll] [BVRP SoftWare, 2, 1, 0, 1]
[C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Mail\Outlook\PDFMOutlook.dll] [Adobe Systems Incorporated, 7.0.5.0]
[C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.dll] [N/A, N/A]
[C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.CHS] [N/A, N/A]
[C:\WINNT\system32\msimtf.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\Program Files\Symantec AntiVirus\vpmsece3.dll] [Symantec Corporation, 10.0.1.1000]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.5.0.44]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\Program Files\Microsoft Office\OFFICE11\GdiPlus.DLL] [Microsoft Corporation, 6.0.3260.0]
[PID: 3396][D:\Program Files\Tellbaby\Tellbaby.exe] [tellbaby.com, 1.0.1.11]
[C:\WINNT\system32\rtl70.bpl] [Borland Software Corporation, 7.0.4.453]
[C:\WINNT\system32\vcl70.bpl] [Borland Software Corporation, 7.0.4.453]
[D:\Program Files\Tellbaby\libidn.dll] [N/A, N/A]
[D:\Program Files\Tellbaby\voipmodule.dll] [N/A, N/A]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[D:\Program Files\Tellbaby\msn_emoticons.dll] [N/A, N/A]
[D:\Program Files\Tellbaby\yahoo_emoticons.dll] [N/A, N/A]
[D:\Program Files\Tellbaby\cnemoticons.dll] [N/A, N/A]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
晓华哥哥 - 2006-12-7 8:57:00
[D:\Program Files\Tellbaby\libeay32.dll] [N/A, N/A]
[D:\Program Files\Tellbaby\ssleay32.dll] [N/A, N/A]
[PID: 3440][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE] [Microsoft Corporation, 11.0.5604]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\Program Files\Common Files\Microsoft Shared\office11\riched20.dll] [Microsoft Corporation, 5.50.30.2002]
[C:\WINNT\system32\VB6CHS.DLL] [Microsoft Corporation, 6.00.8169]
[C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Office\PDFMOfficeAddin.dll] [Adobe Systems Incorporated, 7.0.5.0]
[C:\WINNT\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINNT\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINNT\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Office\PDFMOfficeAddin.CHS] [Adobe Systems Incorporated, 7.0.5.0]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[C:\Program Files\Common Files\Microsoft Shared\PROOF\MSSPELL3.DLL] [Microsoft Corporation, 1.1.6215]
[C:\Program Files\Common Files\Microsoft Shared\PROOF\mslid.dll] [Microsoft Corporation, 1.0.2305]
[C:\Program Files\Common Files\Microsoft Shared\PROOF\2052\MSGR3EN.DLL] [Microsoft Corporation, 3.1.2303]
[C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.dll] [N/A, N/A]
[C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.CHS] [N/A, N/A]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL] [Microsoft Corporation, 5.2.3790.120 (srv03_qfe.031205-1652)]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\UNIDRV.DLL] [Microsoft Corporation, 5.2.3790.184 (srv03_qfe.040410-1236)]
[PID: 3524][D:\Program Files\Rising\AntiSpyware\Ras.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 2, 2]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[D:\Program Files\Rising\AntiSpyware\RasGui.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\msimtf.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[D:\Program Files\Rising\AntiSpyware\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[D:\Program Files\Rising\AntiSpyware\zip.dll] [rising, 13, 0, 0, 1]
[PID: 3636][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\system32\CHENHU4.IME] [chenhu, 5.8]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\system32\xunleibho_v8.dll] [Thunder Networking Technologies,LTD, 4, 5, 1, 33]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.5.2005092300]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINNT\system32\msidb.dll] [Microsoft Corporation, 6.2800.1100]
[C:\WINNT\system32\vb6chs.dll] [Microsoft Corporation, 6.00.8169]
[C:\WINNT\system32\GoogleBar.dll] [Google Inc., 5, 10, 13, 3813]
[C:\WINNT\DOWNLO~1\SECPLU~1.DLL] [, 2, 0, 0, 0]
[C:\WINNT\system32\csp_soft.dll] [Creative Centry Information Technoledge Corpration., 1, 0, 0, 1]
[D:\PROGRA~1\FLASHGET\jccatch.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\mallgoo2.dll] [上海奥德易海科技, 1, 0, 2, 0]
[C:\WINNT\system32\CatchURL.dll] [TEC Solutions Limited., 2, 84, 2719, 0]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
[C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll] [Adobe Systems Incorporated, 7.0.5.2005092300]
[C:\WINNT\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINNT\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.CHS] [Adobe Systems Incorporated, 7.0.0.0]
[C:\WINNT\system32\AlxTbl.dll] [ Alexa Internet, 5, 1, 2600, 2180]
[D:\Program Files\FlashGet\getflash.dll] [, 1, 0, 0, 1]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhason.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\WINNT\system32\msimtf.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[PID: 3596][C:\Downloads\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[D:\PROGRA~1\FLASHGET\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINNT\system32\MSCTF.dll] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\winimhc.dll] [TEC Solutions Limited, 2, 84, 2718, 0]
[C:\WINNT\mui\fallback\0804\msctf.dll.mui] [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
[D:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[C:\WINNT\system32\winhafn.dll] [TEC Solutions Limited., 1, 0, 8, 7]
[C:\WINNT\system32\winhashn.dll] [TEC Solutions Limited., 1, 0, 7, 19]
[C:\WINNT\system32\thooks.dll] [TEC Solutions Limited., 2, 84, 3028, 0]
[C:\Downloads\sreng2\SREng\Plugins\SRECXTMG.SRE] [Smallfrogs Studio, 1, 5, 0, 55]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 LOCALHOST
==================================
红夜鬼1 - 2006-12-7 12:50:00
运行(双击)SRENG2,点“启动项目,服务,点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Intranet Messenger
Remote Access Connection Management
,选择“删除服务”
点“设置”选择“否”
运行(双击)SRENG2,点“启动项目,服务,点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
cefeigbh
difgcecb
djaehifg
fcgecaag
giajicag
hbigeihi
hiccgcgd
hifdciij
mnjt
iicfdeje
lhjuod16
rd
sptd
,选择“删除服务”
点“设置”选择“否”
运行SREng2,使用“系统修复”--浏览器加载项--删除
[UpdateCert Class]
{73FFAC43-9801-49B0-9550-57F2D7816171} <C:\WINNT\DOWNLO~1\update.dll, >
重启按F8进入安全模式下
显示隐藏文件
删除:
C:\WINNT\DOWNLO~1\update.dll
\SystemRoot\System32\Drivers\sptd.sys
C:\WINNT\system32\drivers\rd.sys
\SystemRoot\System32\DRIVERS\mnjtt.sys
C:\WINNT\system32\drivers\lhjuod16.sys
\SystemRoot\system32\drivers\iicfdeje.sys
SystemRoot\system32\drivers\hbigeihi.sys
SystemRoot\system32\drivers\hiccgcgd.sys
\SystemRoot\system32\drivers\hifdciij.sys
\SystemRoot\system32\drivers\cefeigbh.sys
SystemRoot\system32\drivers\difgcecb.sys
\SystemRoot\system32\drivers\djaehifg.sys
SystemRoot\system32\drivers\fcgecaag.sys
\SystemRoot\system32\drivers\giajicag.sys
C:\Program Files\Messenger\msnhost.dll
C:\WINNT\SYSTEM32\WBEM\NAFAQ.DLL
晓华哥哥 - 2006-12-10 21:02:00
已经完成,OK!
感谢!
1
© 2000 - 2026 Rising Corp. Ltd.