帮忙看下日志 bbs.ikaka.com

陈年的咖啡 - 2006-12-12 15:15:00

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<PROMon.exe><PROMon.exe> [Intel Corporation]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<ThunderMini><d:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe> [N/A]
<McAfeeUpdaterUI><"D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey> [Network Associates, Inc.]
<RfwMain><"D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [N/A]
<SoundMam><C:\WINDOWS\system32\SVOHOST.exe> [N/A]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A]
<stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe> [Tencent]
<Bittorrent><C:\WINDOWS\bittorrent.exe> [N/A]
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> [N/A]
<Torjan Program><C:\WINDOWS\WINLOGON.EXE> [China]
<Desktop><C:\WINDOWS\system32\rundll32.exe "C:\WINDOWS\system32\NTService32.dll" ,Run> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe 1> [N/A]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{B876D045-E0B1-4E79-9359-0B1BF00813EA}><C:\WINDOWS\system32\filter.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WebSecurity><C:\WINDOWS\system32\PvSec.dll> []

==================================
启动文件夹
N/A

陈年的咖啡 - 2006-12-12 15:19:00

服务
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Spectrum24 Events Monitor / IPRIP]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\acss.dll><LINKMEDIA Tech>
[McAfee Framework Service / McAfeeFramework]
<"D:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart><Network Associates, Inc.>
[Media Seriel Number Service / Media Seriel Number Service]
<C:\WINDOWS\system32\moviemk.exe><N/A>
[Intel(R) NMS / NMSSvc]
<C:\WINDOWS\system32\NMSSvc.exe><Intel Corporation>
[WindowsNt Workstation / NTWorkStan]
<C:\WINDOWS\System32\svchost.exe -k NTWorkStan-->c:\windows\system32\ntworkstan.dll><Microsoft Corporation>
[NetMeeting Remote Desktop Agent / Nwsapagent]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Nwsapagent.dll><LINKMEDIA Tech>
[Rising Proxy Service / RfwProxySrv]
<d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<d:\program files\rising\rfw\rfwsrv.exe><N/A>
[Remote Procedure Call System(RPCS) / RpcS]
<C:\WINDOWS\system32\RpcS.exe><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter]
<"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[VisionService / VisionService]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\vision\VISVER.DLL,Service><Microsoft Corporation>
[Windows NT Service32 / Windows NT Service32]
<"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\NTService32.dll",Start><Microsoft Corporation>
[WindowsNt Network Engine / wnttech]
<C:\WINDOWS\System32\svchost.exe -k wnttech-->c:\windows\system32\wnttech.dll><Microsoft Corporation>

==================================

陈年的咖啡 - 2006-12-12 15:20:00

驱动程序
[00002f86 / 00002f86]
<\SystemRoot\system32\drivers\00002f86.SYS><N/A>
[ADProt / ADProt]
<\SystemRoot\system32\drivers\ADProt.sys><腾讯科技（深圳）有限公司>
[aeaudio / aeaudio]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k]
<system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[biwjzez / biwjzez]
<\SystemRoot\system32\drivers\biwjzez.sys><>
[cdnprot / cdnprot]
<\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[cdntran / cdntran]
<system32\drivers\cdntran.sys><CNNIC>
[EagleNT / EagleNT]
<\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
<\??\D:\Program Files\Rising\Rav\ExpScan.sys><>
[fihhbbed / fihhbbed]
<\??\C:\WINDOWS\system32\drivers\fihhbbed.sys><中国互联网络信息中心(CNNIC)>
[gaffggfc / gaffggfc]
<\??\C:\WINDOWS\system32\drivers\gaffggfc.sys><中国互联网络信息中心(CNNIC)>
[hgidjcfj / hgidjcfj]
<\??\C:\WINDOWS\system32\drivers\hgidjcfj.sys><中国互联网络信息中心(CNNIC)>
[HookCont / HookCont]
<\??\D:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
<\??\D:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\D:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
<\??\D:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[LanPort / LanPort]
<\??\C:\WINDOWS\system32\drivers\LanPort.sys><N/A>
[MEMSCAN / MEMSCAN]
<\??\D:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
<\??\d:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[parcls / parcls]
<\??\C:\WINDOWS\system32\drivers\parcls.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv]
<\??\D:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[S3SAVAGE4M / S3SAVAGE4M]
<system32\DRIVERS\s3sav4m.sys><S3 Incorporated>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>

陈年的咖啡 - 2006-12-12 15:20:00

浏览器加载项
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\WINDOWS\system32\deskipn.dll, >
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush1.dll, N/A>
[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 新萌科技(上海)有限公司>
[SafeMe Internet Explorer Helper]
{3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[MallObj Class]
{3B30B48F-617D-4F73-A20F-D3D54357F103} <C:\WINDOWS\system32\mallgoo2.dll, 上海奥德易海科技>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[Vision]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, N/A>
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL, 超级兔子>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[MMSAssistMenu]
{6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, N/A>
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL, 超级兔子>
[SWebOffice.Star_MyOffice]
{80B883E0-421A-4EE9-BDDA-3EE33DEF9DC4} <C:\WINDOWS\Downloaded Program Files\Star_MyOffice.ocx, cn>
[Macromedia Flash Factory Object]
{D27CDB70-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
[Microsoft Common Dialog Control, version 6.0]
{F9043C85-F6F2-101A-A3C9-08002B2F49FB} <C:\WINDOWS\Downloaded Program Files\COMDLG32.OCX, Microsoft Corporation>
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\WINDOWS\system32\deskipn.dll, >
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush1.dll, N/A>
[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 新萌科技(上海)有限公司>
[SafeMe Internet Explorer Helper]
{3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[MallObj Class]
{3B30B48F-617D-4F73-A20F-D3D54357F103} <C:\WINDOWS\system32\mallgoo2.dll, 上海奥德易海科技>
[CellWeb5 Control]
{3F166327-8030-4881-8BD2-EA25350E574A} <C:\WINDOWS\system32\cellweb5.ocx, Cell Software, Inc.>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Vision]
{6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, N/A>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, N/A>
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL, 超级兔子>
[&使用迷你迅雷下载]
<d:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm, N/A>
[>>彩信发送<<]
<res://C:\PROGRA~1\vision\vision.dll/mms.htm, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[访问通用网址]
<C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>

陈年的咖啡 - 2006-12-12 15:23:00

浏览器加载项
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\WINDOWS\system32\deskipn.dll, >
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush1.dll, N/A>
[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 新萌科技(上海)有限公司>
[SafeMe Internet Explorer Helper]
{3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[MallObj Class]
{3B30B48F-617D-4F73-A20F-D3D54357F103} <C:\WINDOWS\system32\mallgoo2.dll, 上海奥德易海科技>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[Vision]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, N/A>
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL, 超级兔子>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[MMSAssistMenu]
{6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>

陈年的咖啡 - 2006-12-12 15:23:00

[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, N/A>
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL, 超级兔子>
[SWebOffice.Star_MyOffice]
{80B883E0-421A-4EE9-BDDA-3EE33DEF9DC4} <C:\WINDOWS\Downloaded Program Files\Star_MyOffice.ocx, cn>
[Macromedia Flash Factory Object]
{D27CDB70-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
[Microsoft Common Dialog Control, version 6.0]
{F9043C85-F6F2-101A-A3C9-08002B2F49FB} <C:\WINDOWS\Downloaded Program Files\COMDLG32.OCX, Microsoft Corporation>
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\WINDOWS\system32\deskipn.dll, >
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush1.dll, N/A>
[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 新萌科技(上海)有限公司>
[SafeMe Internet Explorer Helper]
{3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[MallObj Class]
{3B30B48F-617D-4F73-A20F-D3D54357F103} <C:\WINDOWS\system32\mallgoo2.dll, 上海奥德易海科技>
[CellWeb5 Control]
{3F166327-8030-4881-8BD2-EA25350E574A} <C:\WINDOWS\system32\cellweb5.ocx, Cell Software, Inc.>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Vision]
{6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, N/A>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, N/A>
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL, 超级兔子>
[&使用迷你迅雷下载]
<d:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm, N/A>
[>>彩信发送<<]
<res://C:\PROGRA~1\vision\vision.dll/mms.htm, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[访问通用网址]
<C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>

==================================

陈年的咖啡 - 2006-12-12 15:24:00

正在运行的进程
[PID: 592][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 684][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 728][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 740][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[PID: 960][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[PID: 1048][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\acss.dll] [LINKMEDIA Tech, 1, 5, 0, 4]
[c:\windows\system32\nwsapagent.dll] [LINKMEDIA Tech, 1, 5, 0, 4]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[PID: 1144][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1184][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[PID: 1432][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\HPBMMON.DLL] [Hewlett-Packard, 10.00.16]
[C:\WINDOWS\system32\hpdomon.dll] [Hewlett-Packard, 03.42.00]
[C:\WINDOWS\system32\HPBHealr.dll] [N/A, N/A]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp041.dll] [Hewlett-Packard Corporation, 60.041.41.00]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[PID: 1584][C:\WINDOWS\Explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\filter.dll] [Microsoft Corporation, 5.1.1800.2813]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\Downloaded Program Files\894925\ExDLL.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\WebPageParser.dll] [N/A, N/A]
[C:\WINDOWS\system32\Charset.dll] [N/A, N/A]
[C:\WINDOWS\system32\CreateDomTree.dll] [N/A, N/A]
[C:\WINDOWS\Downloaded Program Files\894925\fshook.dll] [, 1, 0, 0, 1]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\WINDOWS\system32\PvSec.dll] [, 5, 1, 100, 2500]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[c:\windows\system32\advwhes.dll] [N/A, N/A]
[C:\WINDOWS\system32\macromed\flash\flash.ocx] [Macromedia, Inc., 7,0,19,0]
[D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\PROGRA~1\vision\alvsn.dll] [N/A, 1, 0, 0, 4]
[C:\WINDOWS\downlo~1\Hydlvj.dll] [Tencent, 4, 3, 8, 80]
[C:\PROGRA~1\vision\vision.dll] [, 1, 2, 0, 7]
[C:\WINDOWS\system32\ssup.dll] [TENCENT, 4, 3, 8, 80]
[PID: 1712][C:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

陈年的咖啡 - 2006-12-12 15:24:00

[C:\WINDOWS\system32\tpnet.dll] [, 5.1.1800.2813]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[PID: 1776][C:\WINDOWS\system32\PROMon.exe] [Intel Corporation, 5.3.42.1]
[C:\WINDOWS\system32\NMSAPI.DLL] [Intel Corporation, 2.2.9.0]
[C:\WINDOWS\system32\NMSSvcPS.DLL] [Intel Corporation, 2.2.9.0]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[PID: 1804][C:\WINDOWS\WINLOGON.EXE] [China, 0.00.0180]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[PID: 1836][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[PID: 1964][C:\WINDOWS\system32\SVOHOST.exe] [N/A, N/A]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[PID: 2024][C:\Program Files\CNNIC\Cdn\cdnup.exe] [, 2, 4, 0, 6]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdntdns.dll] [CNNIC, 2, 2, 0, 3]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[PID: 268][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[PID: 992][D:\Program Files\Network Associates\Common Framework\FrameworkService.exe] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\nailog.dll] [Network Associates, Inc., 3.5.0.536]
[D:\Program Files\Network Associates\Common Framework\naXML.dll] [Network Associates, Inc., 3.5.0.536]
[D:\Program Files\Network Associates\Common Framework\naCmnLib.dll] [Network Associates, Inc., 3.5.0.536]
[D:\Program Files\Network Associates\Common Framework\applib.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\Logging.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\InternetManager.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\naInet.dll] [Network Associates, Inc., 3.5.0.536]
[D:\Program Files\Network Associates\Common Framework\UserSpace.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory20060825134341.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\Management.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\cmalib.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\naPolicyManager.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\Scheduler.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\Agent.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\naSPIPE.dll] [Network Associates, Inc., 3.5.0.456]

陈年的咖啡 - 2006-12-12 15:24:00

[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[D:\Program Files\Network Associates\Common Framework\ListenServer.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\TCSubSys.dll] [Network Associates, Inc., 3.5.0.456]
[PID: 1296][C:\WINDOWS\system32\moviemk.exe] [N/A, N/A]
[PID: 1472][C:\WINDOWS\system32\NMSSvc.exe] [Intel Corporation, 2.2.9.0]
[C:\WINDOWS\system32\NMSSvcPS.DLL] [Intel Corporation, 2.2.9.0]
[PID: 1504][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[PID: 920][D:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe] [Network Associates, Inc., 3.5.0.456]
[D:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll] [Network Associates, Inc., 3.5.0.536]
[D:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll] [Network Associates, Inc., 3.5.0.536]
[D:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll] [Network Associates, Inc., 3.5.0.536]
[D:\PROGRA~1\NETWOR~1\COMMON~1\0409\AgentRes.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\AgentPlugin.dll] [Network Associates, Inc., 3.5.0.456]
[D:\Program Files\Network Associates\Common Framework\NAGSHR32.DLL] [Network Associates, Inc., 3.5.0.536]
[D:\Program Files\Network Associates\Common Framework\PCRPlug.dll] [Network Associates, Inc., 3.5.0.456]
[PID: 2084][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\vision\VISVER.DLL] [, 1, 2, 0, 7]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[PID: 2172][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2588][c:\windows\system32\wbem\lsass.exe] [Microsoft, 1.0.0.0]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[PID: 2728][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\sdmAgent20.dll] [LINKMEDIA Tech, 1, 5, 0, 7]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[PID: 3016][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[PID: 3428][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[C:\WINDOWS\downlo~1\Hydlvj.dll] [Tencent, 4, 3, 8, 80]
[C:\WINDOWS\system32\deskipn.dll] [, 1, 0, 0, 1]
[C:\Program Files\Common Files\CPUSH\cpush1.dll] [N/A, 1.0.1.10]
[C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll] [CNNIC, 1.0.0.6]
[C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll] [新萌科技(上海)有限公司, 2, 0, 8, 0]
[C:\WINDOWS\system32\SafeHelper12.dll] [LINKMEDIA Tech, 2, 0, 0, 3]
[C:\WINDOWS\system32\mallgoo2.dll] [上海奥德易海科技, 1, 0, 2, 0]
[C:\Program Files\Tencent\QQ\QQIEHelper.dll] [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
[C:\PROGRA~1\vision\vision.dll] [, 1, 2, 0, 7]
[C:\PROGRA~1\vision\alvsn.dll] [N/A, 1, 0, 0, 4]
[C:\WINDOWS\system32\ssup.dll] [TENCENT, 4, 3, 8, 80]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[D:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[C:\WINDOWS\system32\macromed\flash\flash.ocx] [Macromedia, Inc., 7,0,19,0]
[PID: 2000][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 1824][d:\Program Files\Thunder Network\ThunderMini\program\ThunderMini.exe] [Thunder Networking Technologies,LTD, 2, 0, 0, 29]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[d:\Program Files\Thunder Network\ThunderMini\program\download_interface.dll] [N/A, N/A]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]
[d:\Program Files\Thunder Network\ThunderMini\program\UpdateDownload.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 6]
[d:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbedShell.dll] [　, 1, 0, 0, 6]
[d:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbed.dll] [　, 2, 1, 0, 30]
[PID: 168][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2296][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[PID: 780][E:\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\downlo~1\Nmpaqz.dll] [Tencent, 4, 3, 8, 80]
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] [CNNIC, 2, 0, 0, 2]
[C:\Program Files\CNNIC\Cdn\cdndet.dll] [CNNIC, 2, 5, 0, 0]
[C:\WINDOWS\system32\winscok.dll] [N/A, N/A]
[C:\WINDOWS\system32\cdnns.dll] [CNNIC, 2, 0, 0, 0]
[C:\WINDOWS\system32\WSD_SOCK32.dll] [N/A, N/A]

==================================

陈年的咖啡 - 2006-12-12 15:25:00

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE Error. [winfiles]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
C:\WINDOWS\system32\WSD_SOCK32.dll(N/A, N/A)
MT-TcpFilter
C:\WINDOWS\system32\WSD_SOCK32.dll(N/A, N/A)

==================================
Autorun.inf
[D:\]
[autorun]
OPEN=D:\pagefile.pif
[E:\]
[AutoRun]
open=sxs.exe
shellexecute=sxs.exe
shell\Auto\command=sxs.exe
[F:\]
[AutoRun]
open=sxs.exe
shellexecute=sxs.exe
shell\Auto\command=sxs.exe

==================================
HOSTS 文件
127.0.0.1 localhost

==================================

红夜鬼1 - 2006-12-12 19:50:00

运行SREng2,使用“启动项目”－－注册表－－删除
C:\WINDOWS\system32\SVOHOST.exe

运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
00002f86
biwjzez
cdnprot
fihhbbed
gaffggfc
hgidjcfj
，选择“删除服务”
点“设置”选择“否”

运行SREng2,使用“系统修复”－－浏览器加载项－－删除
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\WINDOWS\system32\deskipn.dll, >

重启按F８进入安全模式下
显示隐藏文件
删除：
C:\WINDOWS\system32\deskipn.dll
C:\WINDOWS\system32\drivers\hgidjcfj.sys
C:\WINDOWS\system32\drivers\gaffggfc.sys
C:\WINDOWS\system32\drivers\fihhbbed.sys
SystemRoot\system32\drivers\cdnprot.sys
\SystemRoot\system32\drivers\biwjzez.sys
\SystemRoot\system32\drivers\00002f86.SYS
C:\WINDOWS\system32\SVOHOST.exe注意是个数字0不是字母o

右键打开,不要双击,删除每个盘的根目录隐藏文件
Autorun.inf
pagefile.pif

瑞星卡卡安全论坛