请‘红夜鬼1’帮忙 bbs.ikaka.com

santory - 2006-12-8 22:39:00

我是window2000系统，点击我的电脑，或者浏览器，都会自动弹出“http://t.sjzl88.com/ad2.htm”。

看过您对于XP系统的解决方法，请帮忙指导我一下，谢谢。

红夜鬼1 - 2006-12-8 23:57:00

请下载SREng2（最新版），使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://www.kztechs.com/sreng/sreng2.zip

santory - 2006-12-9 13:21:00

2006-12-09,13:08:07

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Internat.exe><internat.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Synchronization Manager><mobsync.exe /logon> [(Verified)Microsoft Corporation]
<NvCplDaemon><RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<NvMediaCenter><RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<SoundMan><SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp.]
<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation]
<vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe> [(Verified)Symantec Corporation]
<helper.dll><C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32> []
<Desktop><"C:\WINNT\system32\rundll32.exe" "C:\WINNT\system32\NTService32.dll",Run> []
<System><C:\Program Files\Common Files\System\Update.exe> [N/A]
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> [CNNIC]
<CnsMin><Rundll32.exe C:\WINNT\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe> [(Verified)Yahoo! China]
<yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [(Verified)Yahoo! China]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINNT\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll> [(Verified)Yahoo! China]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINNT\DOWNLO~1\CnsHook.dll> [北京三七二一科技有限公司]
<{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<NetWork><C:\WINNT\system32\reporter.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
<WinlogonNotify: NavLogon><C:\WINNT\System32\NavLogon.dll> [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{78BF3960-61F0-4F4E-825D-3554FA61E847}><C:\WINNT\system32\wmpknl.dll> [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><(无)> [N/A]

santory - 2006-12-9 13:21:00

==================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[Symantec Event Manager / ccEvtMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
<"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch]
<"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[File Replication / File Replication]
<C:\WINNT\system32\ntfis.exe><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINNT\System32\nvsvc32.exe><NVIDIA Corporation>
[Portable Equipment Service / Patterns]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\sxydhl46.dll><Microsoft Corporation>
[Remote Access Connection Management / Remote Access Connection Management]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\Program Files\Messenger\msnhost.dll><N/A>
[SavRoam / SavRoam]
<"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Distributed Application Client / SHipING]
<C:\WINNT\SYSTEM32\RUNDLL32.EXE C:\WINNT\SYSTEM32\WBEM\MDLIMZ00.DLL,Export 1087><N/A>
[Symantec Network Drivers Service / SNDSrvc]
<"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
<"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[Windows NT Service32 / Windows NT Service32]
<"C:\WINNT\system32\rundll32.exe" "C:\WINNT\system32\NTService32.dll",Start><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>
[WindowsNt Network Engine / wnttech]
<C:\WINNT\System32\svchost.exe -k wnttech-->c:\winnt\system32\wnttech.dll><Microsoft Corporation>

==================================
驱动程序
[a0 / a0]
<2 - 系统找不到指定的文件。
><N/A>
[Service for WDM 3D Audio Driver / ALCXSENS]
<system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[cdnprot / cdnprot]
<\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[Cdr4_2K / Cdr4_2K]
<C:\WINNT\SYSTEM32\DRIVERS\Cdr4_2K.SYS><Roxio>
[Cdralw2k / Cdralw2k]
<C:\WINNT\SYSTEM32\DRIVERS\Cdralw2k.SYS><Roxio>
[cjplps42 / cjplps42]
<\??\C:\WINNT\system32\drivers\cjplps42.sys><Microsoft Corporation>
[CnsMinKP / CnsMinKP]
<\SystemRoot\system32\drivers\CnsMinKP.sys><N/A>
[dmboot / dmboot]
<System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
<\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
<\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[hdfs / hdfs]
<\??\C:\WINNT\system32\drivers\hdfs.sys><N/A>
[jaccbhff / jaccbhff]
<\SystemRoot\system32\drivers\jaccbhff.sys><N/A>
[kmsinput / kmsinput]
<\??\C:\WINNT\system32\drivers\kmsinput.sys><N/A>
[malfkf / malfkf]
<2 - 系统找不到指定的文件。
><N/A>
[md / md]
<\??\C:\WINNT\system32\drivers\md.sys><N/A>
[mkshta93 / mkshta93]
<\??\C:\WINNT\system32\drivers\mkshta93.sys><Microsoft Corporation>
[NAVENG / NAVENG]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061122.019\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061122.019\navex15.sys><Symantec Corporation>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rd / rd]
<\??\C:\WINNT\system32\drivers\rd.sys><N/A>
[Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver / RTL8023]
<System32\DRIVERS\Rtlnic5.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SAVRT / SAVRT]
<\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
<\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[SymEvent / SymEvent]
<\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
<\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
<\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[tmldlkdr / tmldlkdr]
<2 - 系统找不到指定的文件。
><N/A>
[World Standard Teletext Codec / WSTCODEC]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[yaskp / yaskp]
<\SystemRoot\system32\drivers\yaskp.sys><Copyright (C) yahoo Corporation.>
[VIMICRO USB PC Camera / ZSMC302]
<System32\Drivers\usbVM31b.sys><VM>
[ZSTDP / ZSTDP]
<system32\DRIVERS\ZSTDP.sys><Windows (R) 2000 DDK provider>
[amdk5 / amdk5]
<\??\C:\WINNT\system32\drivers\amdk5.sys><N/A>

santory - 2006-12-9 13:24:00

==================================
浏览器加载项
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\WINNT\system32\deskipn.dll, >
[BHO.clsInetSpeak]
{0CD5C894-57C5-44BB-9D73-84AE18E2D938} <C:\WINNT\system32\msidb.dll, Microsoft Corporation>
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush0.dll, N/A>
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, Yahoo! China>
[]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 新萌科技(上海)有限公司>
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll, yahoo! china>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[DragSearch]
{62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ydragsearch.dll, yahoo! china>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[WinSC Class]
{9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINNT\system32\SCIntruder32.dll, N/A>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINNT\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
{6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[金山词霸]
{9A687CA6-D585-4947-9ED9-BE96071F5CD9} <C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll, 金山软件股份有限公司>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[CaiFuCOM Class]
{C1F0024B-8278-4999-B7E6-2718426D9FE6} <C:\Program Files\财富通\caifu.dll, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll, yahoo! china>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\System32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\Assistant\yalive.dll, yahoo! china>
[AutoLive]
{7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, >
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China>
[!搜一搜]
<res://C:\WINNT\DOWNLO~1\CnsMinEx.dll/1003, N/A>
[!搜一搜(&S)]
<res://C:\Program Files\yisou\yisou.dll/232, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用BitComet下载(&B)]
<res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[使用BitComet下载全部链接]
<res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[使用网际快车下载]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[添加到雅虎订阅(&Y)]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[访问通用网址]
<C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll/203, N/A>

santory - 2006-12-9 13:27:00

==================================
正在运行的进程
[PID: 144][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 172][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 192][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[C:\WINNT\System32\NavLogon.dll] [Symantec Corporation, 9.0.2.1000]
[PID: 220][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 232][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011]
[PID: 412][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 436][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.7059]
[PID: 464][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] [Symantec Corporation, 2.2.1.004]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 2.2.1.004]
[PID: 476][C:\Program Files\Symantec AntiVirus\DefWatch.exe] [Symantec Corporation, 9.0.2.1000]
[PID: 496][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[c:\program files\messenger\msnhost.dll] [N/A, N/A]
[PID: 536][C:\WINNT\system32\ntfis.exe] [Microsoft Corporation, 5, 2, 3790, 1830]
[PID: 584][C:\WINNT\System32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.5664]
[PID: 664][C:\WINNT\system32\regsvc.exe] [Microsoft Corporation, 5.00.2195.6701]
[PID: 684][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972]
[PID: 732][C:\WINNT\SYSTEM32\RUNDLL32.EXE] [Microsoft Corporation, 5.00.2134.1]
[PID: 796][C:\WINNT\system32\stisvc.exe] [Microsoft Corporation, 5.00.2195.6656]
[C:\WINNT\system32\VM31bSTI.dll] [VM, 4.2.510.21]
[PID: 820][C:\Program Files\Symantec AntiVirus\Rtvscan.exe] [Symantec Corporation, 9.0.2.1000]
[C:\WINNT\system32\CBA.DLL] [Intel? Corporation, 6.12.0.126 E]
[C:\WINNT\system32\MsgSys.dll] [Intel? Corporation, 6.12.0.126 E]
[C:\WINNT\system32\NTS.dll] [Intel? Corporation, 6.12.0.126 E]
[C:\WINNT\system32\PDS.DLL] [Intel? Corporation, 6.12.0.126 E]
[C:\Program Files\Symantec AntiVirus\NAVLU.dll] [Symantec Corporation, 9.0.2.1000]
[C:\Program Files\Symantec AntiVirus\I2ldvp3.dll] [Symantec Corporation, 9.0.2.1000]
[C:\Program Files\Symantec AntiVirus\ecmldr32.DLL] [Symantec Corp., 1.1.0.3]
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.3.0.28]
[C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] [Symantec Corporation, 9.0.2.1000]
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061122.019\ecmsvr32.dll] [Symantec Corporation, 61.3.0.18]
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061122.019\NAVEX32a.DLL] [Symantec Corporation, 20061.3.0.12]
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061122.019\NAVENG32.DLL] [Symantec Corporation, 20061.3.0.12]
[C:\Program Files\Symantec AntiVirus\IMail.dll] [Symantec Corporation, 9.0.2.1000]
[C:\Program Files\Symantec AntiVirus\NotesExt.dll] [Symantec Corporation, 9.0.2.1000]
[C:\Program Files\Symantec AntiVirus\vpmsece2.dll] [Symantec Corporation, 9.0.2.1000]
[C:\Program Files\Symantec AntiVirus\DecSDK.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2ID.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2ZIP.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2SS.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2GZIP.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2CAB.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2LHA.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2ARJ.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2TNEF.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2LZ.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2AMG.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2TAR.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2RTF.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec AntiVirus\Dec2Text.dll] [Symantec Corporation, 3.02.12.09]
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL] [Symantec Corporation, 2.0.39.0]
[C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll] [Symantec Corporation, 9.0.2.1000]
[PID: 860][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[PID: 876][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 884][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 896][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 920][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] [Symantec Corporation, 2.2.1.004]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 2.2.1.004]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 2.2.1.004]
[PID: 1068][c:\winnt\system32\wbem\lsass.exe] [Microsoft, 1.0.0.0]

santory - 2006-12-9 13:28:00

[PID: 616][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[C:\WINNT\Downloaded Program Files\943700\ExDLL.dll] [, 1, 0, 0, 1]
[C:\WINNT\system32\WebPageParser.dll] [N/A, N/A]
[C:\WINNT\system32\Charset.dll] [N/A, N/A]
[C:\WINNT\system32\CreateDomTree.dll] [N/A, N/A]
[C:\WINNT\Downloaded Program Files\943700\fshook.dll] [, 1, 0, 0, 1]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\WINNT\system32\reporter.dll] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\System32\nvshell.dll] [NVIDIA Corporation, 6.14.10.5664]
[C:\PROGRA~1\3721\alrex.dll] [, 1, 0, 1, 1001]
[c:\winnt\system32\advwhes.dll] [N/A, N/A]
[C:\WINNT\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 1, 0, 4, 2]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 2, 1103]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\PROGRA~1\3721\autolive.dll] [, 1, 1, 8, 1327]
[C:\PROGRA~1\3721\alLiveEx.dll] [ , 1, 0, 3, 1006]
[C:\PROGRA~1\baidu\bar\baidubar.dll] [Baidu.com, Inc., 2, 0, 2, 121]
[C:\PROGRA~1\FlashGet\jccatch.dll] [Amaze Soft, 1, 1, 4, 0]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[C:\WINNT\system32\upengine.dll] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ywiper.dll] [Yahoo! China, 3, 0, 2, 1002]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll] [Symantec Corporation, 9.0.2.1000]
[C:\WINNT\DOWNLO~1\CnsMinIO.dll] [北京三七二一科技有限公司, 1, 0, 3, 7]
[C:\WINNT\DOWNLO~1\cnsio.dll] [北京三七二一科技有限公司, 1, 0, 2, 8]
[C:\Program Files\Media Player Classic\codecs\OGGDS.DLL] [, 0, 9, 9, 5]
[C:\Program Files\Media Player Classic\codecs\vorbis.dll] [N/A, N/A]
[C:\Program Files\Media Player Classic\codecs\ogg.dll] [N/A, N/A]
[C:\Program Files\Media Player Classic\codecs\vorbisenc.dll] [N/A, N/A]
[C:\WINNT\system32\msdmo.dll] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll] [Yahoo! China, 3, 0, 5, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ydragsearch.dll] [yahoo! china, 3, 0, 2, 1002]
[C:\WINNT\system32\SCIntruder32.dll] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll] [Yahoo! China, 3, 1, 2, 1017]
[PID: 1496][C:\Program Files\CNNIC\Cdn\cdnup.exe] [CNNIC, 2, 5, 0, 6]
[C:\Program Files\CNNIC\Cdn\cdnuplib.dll] [CNNIC, 2, 5, 0, 5]
[C:\Program Files\CNNIC\Cdn\cdnprh.dll] [CNNIC, 2, 4, 0, 3]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[PID: 1572][C:\WINNT\system32\Rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\WINNT\DOWNLO~1\CnsMinIO.dll] [北京三七二一科技有限公司, 1, 0, 3, 7]
[C:\WINNT\DOWNLO~1\cnsio.dll] [北京三七二一科技有限公司, 1, 0, 2, 8]
[C:\WINNT\DOWNLO~1\CnsMinEx.dll] [国风因特软件(北京)有限公司, 1, 0, 3, 5]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[PID: 1548][C:\WINNT\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.24]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[PID: 1592][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 2.2.1.004]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 2.2.1.004]
[C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL] [Symantec Corporation, 2.0.39.0]
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL] [Symantec Corporation, 2.0.39.0]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 2.2.1.004]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 2.2.1.004]
[C:\WINNT\system32\SYMREDIR.dll] [Symantec Corporation, 5.3.5.3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\Program Files\Symantec AntiVirus\SavEmail.dll] [Symantec Corporation, 9.0.2.1000]
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 2.2.1.004]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 2.2.1.004]
[PID: 1636][C:\PROGRA~1\SYMANT~1\VPTray.exe] [Symantec Corporation, 9.0.2.1000]
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.3.0.28]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\Program Files\Symantec AntiVirus\Cliproxy.dll] [Symantec Corporation, 9.0.2.1000]
[C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL] [Symantec Corporation, 9.0.2.1000]
[C:\Program Files\Symantec AntiVirus\Cliscan.dll] [Symantec Corporation, 9.0.2.1000]
[C:\WINNT\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 1, 0, 4, 2]
[PID: 1644][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\PROGRA~1\3721\autolive.dll] [, 1, 1, 8, 1327]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\notifier.dll] [, 1, 0, 0, 5]
[C:\PROGRA~1\3721\alLiveEx.dll] [ , 1, 0, 3, 1006]
[PID: 1620][C:\Program Files\Common Files\System\Update.exe] [N/A, N/A]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[PID: 1676][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 2, 1103]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll] [yahoo! china, 3, 0, 2, 1002]

santory - 2006-12-9 13:28:00

[PID: 1648][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe] [Yahoo! China, 3, 0, 4, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll] [Yahoo! China, 3, 0, 1, 1002]
[C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll] [Yahoo! China, 3, 1, 3, 1017]
[C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll] [Yahoo! China, 3, 0, 2, 1002]
[C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll] [Yahoo! China, 3, 0, 1, 1001]
[PID: 1656][C:\WINNT\system32\internat.exe] [Microsoft Corporation, 5.00.2920.0000]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[PID: 1500][C:\WINNT\system32\conime.exe] [Microsoft Corporation, 5.00.2195.6655]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[PID: 940][c:\winnt\imapi.exe] [Microsoft Corporation, 1.0.0.1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[PID: 1972][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\PROGRA~1\3721\scrblock.dll] [3721, 1, 0, 1, 1000]
[C:\PROGRA~1\3721\alrex.dll] [, 1, 0, 1, 1001]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\WINNT\DOWNLO~1\CnsHint.dll] [3721, 1, 0, 1, 2]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\Program Files\CNNIC\Cdn\cdnuplib.dll] [CNNIC, 2, 5, 0, 5]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [yahoo! china, 3, 5, 2, 1103]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [Yahoo! China, 3, 0, 2, 1011]
[C:\PROGRA~1\3721\autolive.dll] [, 1, 1, 8, 1327]
[C:\PROGRA~1\3721\alLiveEx.dll] [ , 1, 0, 3, 1006]
[C:\WINNT\DOWNLO~1\cnsplus.dll] [3721, 1, 0, 0, 2]
[C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll] [yahoo! china, 3, 2, 5, 1081]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysearch.dll] [Yahoo! China, 3, 1, 2, 1012]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasnoad.dll] [yahoo! china, 3, 0, 3, 1005]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsNetProto.dll] [Yahoo! China, 3, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll] [Yahoo! China, 3, 0, 5, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll] [Yahoo! China, 3, 0, 3, 1004]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yaswiper.dll] [Yahoo! China, 3, 0, 3, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasiesec.dll] [Yahoo! China, 3, 0, 4, 1004]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YSETTI~1.DLL] [yahoo! china, 3, 0, 9, 1016]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ymailp.dll] [Yahoo! China, 3, 0, 3, 1009]
[C:\WINNT\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 1, 0, 4, 2]
[C:\WINNT\system32\deskipn.dll] [, 1, 0, 0, 1]
[C:\Program Files\Common Files\CPUSH\cpush0.dll] [N/A, 1.0.1.9]
[C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll] [新萌科技(上海)有限公司, 2, 0, 6, 0]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll] [yahoo! china, 3, 0, 4, 1006]
[C:\Program Files\Tencent\QQ\QQIEHelper.dll] [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ydragsearch.dll] [yahoo! china, 3, 0, 2, 1002]
[C:\PROGRA~1\baidu\bar\baidubar.dll] [Baidu.com, Inc., 2, 0, 2, 121]
[C:\WINNT\system32\SCIntruder32.dll] [N/A, N/A]
[C:\PROGRA~1\FlashGet\jccatch.dll] [Amaze Soft, 1, 1, 4, 0]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll] [Yahoo! China, 3, 1, 2, 1017]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yeheocx.dll] [Yahoo! China, 9, 0, 4, 1015]
[PID: 1844][C:\Program Files\FlashGet\flashget.exe] [Amaze Soft, 1, 6, 5, 0]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[C:\WINNT\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[PID: 1232][C:\Program Files\WinRAR\WinRAR.exe] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]
[PID: 2028][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.531\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [Yahoo! China, 3, 0, 5, 1023]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll] [Yahoo! China, 3, 1, 7, 1023]
[C:\PROGRA~1\3721\helper.dll] [, 1, 1, 1, 1327]
[C:\WINNT\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 1, 5, 0, 9]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 1, 0, 3]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================

红夜鬼1 - 2006-12-9 13:33:00

运行SREng2,使用“启动项目”－－注册表－－删除
C:\Program Files\Common Files\System\Update.exe

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Portable Equipment Service
Remote Access Connection Management
Distributed Application Client
Portable Media Serial Number Service
WindowsNt Network Engine
，选择“删除服务”
点“设置”选择“否”
重启按F８进入安全模式下
显示隐藏文件
删除：
c:\winnt\system32\wnttech.dl
C:\WINNT\system32\mspmsnsv.dll
C:\WINNT\SYSTEM32\WBEM\MDLIMZ00.DLL
C:\Program Files\Messenger\msnhost.dll
C:\WINNT\system32\sxydhl46.dll
C:\Program Files\Common Files\System\Update.exe

推荐使用360安全卫士清理一下流氓

.360下载地址:
http://www.360safe.com/
http://www.xdowns.com/soft/8/9/2006/Soft_31554.html
使用后删除360安全卫士

九月飞鹰 - 2006-12-9 13:40:00

学习辛苦

santory - 2006-12-9 14:07:00

谢谢你，红夜鬼1，我按照你说的，已经搞定那个问题。

但是为什么还有其它的网页会在我上网的时候自动弹出来？

瑞星卡卡安全论坛