示知病毒求助：www.stachina.org/2k.txt bbs.ikaka.com

raozhonghai86 - 2007-2-8 16:48:00

扫描记录如下:
2007-02-02,13:47:24
System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File

Boot Items

Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(ctfmon.exe) [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(RavTask)("C:\Program Files\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(EXPLORER.EXE) [(Verified)Microsoft Corporation]
(Userinit)(userinit.exe,) [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINNT\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
(WinlogonNotify: NavLogon)(C:\WINNT\system32\NavLogon.dll) [N/A]

raozhonghai86 - 2007-2-8 16:50:00

Startup Folders
N/A

Services
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
(C:\WINNT\system32\drivers\CDAC11BA.EXE)(Macrovision)
[DefWatch / DefWatch][Stopped/Auto Start]
(C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe)(Symantec Corporation)
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
(C:\WINNT\System32\dmadmin.exe /com)(VERITAS Software Corp.)
[McAfee Framework Service / McAfeeFramework][Running/Auto Start]
(C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart)(Network Associates, Inc.)
[Symantec AntiVirus ノめ狠 / Norton AntiVirus Server][Stopped/Auto Start]
(C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe)(Symantec Corporation)
[Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Manual Start]
(C:\WINNT\system32\HPZipm12.exe)(N/A)
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
(C:\WINNT\system32\svchost -k rpcss--)%SystemRoot%\System32\Yswjrsjz.d1l)(N/A)
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
("C:\Program Files\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[RsRavMon Service / RsRavMon][Running/Auto Start]
("C:\Program Files\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[Remote Administrator Service / r_server][Running/Auto Start]
("C:\WINNT\system32\r_server.exe" /service)()
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
(C:\WINNT\system32\rundll32.exe windhcp.ocx,start)(Microsoft Corporation)
[Windows Management NetWork Service Extensions / Windows Management NetWork Service Extensions][Stopped/Auto Start]
(NetManager.exe -exe_start)(N/A)
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
(C:\WINNT\System32\svchost.exe -k netsvcs--)C:\WINNT\system32\mspmsnsv.dll)(Microsoft Corporation)

raozhonghai86 - 2007-2-8 16:52:00

操作系统为繁体中文
Drivers
[ADProt / ADProt][Stopped/System Start]
(system32\drivers\ADProt.sys)(N/A)
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
(system32\drivers\ALCXWDM.SYS)(Realtek Semiconductor Corp.)
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
(System32\DRIVERS\BaseTDI.SYS)(Beijing Rising Technology Co., Ltd.)
[CdaC15BA / CdaC15BA][Running/Auto Start]
(\??\C:\WINNT\system32\drivers\CDAC15BA.SYS)(Macrovision Europe Ltd)
[dmboot / dmboot][Stopped/Disabled]
(System32\drivers\dmboot.sys)(VERITAS Software Corp.)
[呸胯合盒恨瞶臱笆祘Α / dmio][Running/Boot Start]
(\SystemRoot\System32\drivers\dmio.sys)(VERITAS Software Corp.)
[dmload / dmload][Running/Boot Start]
(\SystemRoot\System32\drivers\dmload.sys)(VERITAS Software Corp.)
[EntDrv50 / EntDrv50][Stopped/Manual Start]
(\??\C:\WINNT\system32\drivers\EntDrv50.sys)(N/A)
[ExpScaner / ExpScaner][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\ExpScan.sys)()
[D-Link DFE-530TX PCI Fast Ethernet Adapter Driver / FETNDIS][Stopped/Manual Start]
(system32\DRIVERS\dlkfet5b.sys)(D-Link)
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
(\??\F:\INSTALL\GMSIPCI.SYS)(N/A)
[hardlock / hardlock][Running/Auto Start]
(\??\C:\WINNT\system32\drivers\hardlock.sys)(Aladdin Knowledge Systems)
[Haspnt / Haspnt][Running/Auto Start]
(\??\C:\WINNT\system32\drivers\Haspnt.sys)(Aladdin Knowledge Systems)
[HookCont / HookCont][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HOOKCONT.sys)(Rising)
[HookReg / HookReg][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HookReg.sys)()
[HookSys / HookSys][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HookSys.sys)(Rising)
[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]
(system32\DRIVERS\HPZid412.sys)(N/A)
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]
(system32\DRIVERS\HPZipr12.sys)(N/A)
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]
(system32\DRIVERS\HPZius12.sys)(N/A)
[ialm / ialm][Running/Manual Start]
(system32\DRIVERS\ialmnt5.sys)(Intel Corporation)
[IdeBusDr / IdeBusDr][Running/Boot Start]
(\SystemRoot\system32\DRIVERS\IdeBusDr.sys)(Intel Corporation)
[Intel(R) Ultra ATA Controller / IdeChnDr][Running/Boot Start]
(\SystemRoot\system32\DRIVERS\IdeChnDr.sys)(Intel Corporation)
[InstQA / InstQA][Stopped/Manual Start]
(\SystemRoot\system32\drivers\InstQA.sys)(N/A)
[MEMSCAN / MEMSCAN][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\MEMSCAN.sys)(风琍?ンΤそ)
[NAVAP / NAVAP][Stopped/Manual Start]
(\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP.sys)(Symantec Corporation)
[NAVAPEL / NAVAPEL][Running/Auto Start]
(\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS)(Symantec Corporation)
[NAVENG / NAVENG][Stopped/Manual Start]
(\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20051130.006\NAVENG.sys)(Symantec Corporation)
[NAVEX15 / NAVEX15][Stopped/Manual Start]
(\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20051130.006\NAVEX15.sys)(Symantec Corporation)
[Ndis291 / Ndis291][Running/Boot Start]
(\SystemRoot\system32\Drivers\ms291.sys)(Copyright (C) 3721 Corporation.)
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
(system32\DRIVERS\npf.sys)(CACE Technologies)
[npkcrypt / npkcrypt][Running/Auto Start]
(\??\C:\Program Files\TENCENT\QQ\npkcrypt.sys)(INCA Internet Co., Ltd.)
[钡キ︽硈钡梆硈挡臱笆祘Α / Ptilink][Running/Manual Start]
(system32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[RsFwDrv / RsFwDrv][Stopped/System Start]
(2 - ╰参тぃ﹚郎
)(N/A)
[RsNTGDI / RsNTGDI][Running/Boot Start]
(\SystemRoot\system32\Drivers\RsNTGdi.sys)(Beijing Rising Technology Co., Ltd.)
[RSPPSYS / RSPPSYS][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\RSPPSYS.sys)(Rising)
[Realtek RTL8139/810x Family Fast Etnernet NIC NT Driver / rtl8139][Running/Manual Start]
(system32\DRIVERS\R8139n5.SYS)(Realtek Semiconductor Corporation)
[Sentinel / Sentinel][Running/Auto Start]
(\SystemRoot\System32\Drivers\SENTINEL.SYS)(N/A)
[SymEvent / SymEvent][Stopped/Manual Start]
(\??\C:\Program Files\Symantec\SYMEVENT.SYS)(Symantec Corporation)
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
(system32\DRIVERS\WSTCODEC.SYS)(Microsoft Corporation)
[Yswjrsjz / Yswjrsjz][Stopped/Manual Start]
(\??\C:\WINNT\system32\drivers\Yswjrsjz.sys)(N/A)
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/System Start]
(system32\drivers\ialmsbw.sys)(Intel Corporation)
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
(system32\drivers\ialmkchw.sys)(Intel Corporation)

raozhonghai86 - 2007-2-8 16:53:00

Browser Add-ons
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} (C:\WINNT\system32\xunleibho_v6.dll, )
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated)
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China)
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, N/A)
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!)
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, )
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} (C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft)
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484f-8273-0445EE161910} (C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A)
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} (C:\Program Files\TENCENT\QQ\QQ.EXE, N/A)
[@msdxmLC.dll,-1@1028,Μ诀[&R]]
{8E718888-423F-11D2-876E-00A0C9082467} (C:\WINNT\system32\msdxm.ocx, Microsoft Corporation)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft)
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A)
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!)
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} (C:\WINNT\system32\wuweb.dll, Microsoft Corporation)
[VqqSpeedDlProxy Class]
{9ADACAA6-533E-4383-AFA7-F0A66650B6D8} (C:\WINNT\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited)
[MsnMessengerSetupDownloadControl Class]
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (C:\WINNT\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINNT\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.)
[?QQ蔍?祑?]
(C:\Program Files\TENCENT\QQ\AddToNetDisk.htm, N/A)
[肚QQ呼隔祑盒]
(C:\Program Files\TENCENT\QQ\AddToNetDisk.htm, N/A)
[蹲 Microsoft Excel(&X)]
(res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A)
[穝糤QQ﹚竡狾]
(C:\Program Files\TENCENT\QQ\AddPanel.htm, N/A)
[穝糤QQ薄]
(C:\Program Files\TENCENT\QQ\AddEmotion.htm, N/A)
[添加到QQ表情]
(C:\Program Files\TENCENT\QQ\AddEmotion.htm, N/A)
[添加到QQ自定义面板]
(C:\Program Files\TENCENT\QQ\AddPanel.htm, N/A)
[睰QQ﹚?狾]
(C:\Program Files\TENCENT\QQ\AddPanel.htm, N/A)
[睰QQ﹚竡狾]
(C:\Program Files\TENCENT\QQ\AddPanel.htm, N/A)
[睰QQ薄]
(C:\Program Files\TENCENT\QQ\AddEmotion.htm, N/A)
[ノQQ MMS肚癳赣瓜]
(C:\Program Files\TENCENT\QQ\SendMMS.htm, N/A)
[ノQQ眒獺?癳??]
(C:\Program Files\TENCENT\QQ\SendMMS.htm, N/A)
[ノQQ眒獺祇癳赣瓜]
(C:\Program Files\TENCENT\QQ\SendMMS.htm, N/A)
[用QQ彩信发送该图片]
(C:\Program Files\TENCENT\QQ\SendMMS.htm, N/A)

raozhonghai86 - 2007-2-8 16:53:00

Running Processes
[PID: 148][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 172][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 192][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6898]
[C:\WINNT\system32\NavLogon.dll] [N/A, N/A]
[PID: 220][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.6700]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 232][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.6902]
[PID: 400][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[c:\winnt\system32\yswjrsjz.d1l] [N/A, N/A]
[PID: 416][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106]
[C:\WINNT\system32\Yswjrsjz.d1l] [N/A, N/A]
[PID: 480][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 556][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.6659]
[C:\WINNT\system32\AdobePDF.dll] [Adobe Systems Incorporated., 6.0.000]
[C:\Program Files\Adobe\Acrobat 6.0\Distillr\AdistRes.CHS] [N/A, N/A]
[C:\WINNT\system32\spool\PRTPROCS\W32X86\IMFPrint.DLL] [Zenographics, Inc., 5, 54, 330, 0]
[C:\WINNT\system32\Imf32.dll] [Zenographics, Inc., 5, 60, 1204, 0]
[C:\WINNT\system32\ZTAG32.dll] [Zenographics, Inc., 5, 60, 1210, 0]
[C:\WINNT\system32\ZSPOOL.dll] [Zenographics, Inc., 5, 51, 709, 0]
[C:\WINNT\system32\spool\PRTPROCS\W32X86\vprproc.dll] [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[PID: 608][C:\WINNT\system32\drivers\CDAC11BA.EXE] [Macrovision, 4.20.020]
[PID: 648][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 672][C:\WINNT\system32\hidserv.exe] [Microsoft Corporation, 5.00.2195.6655]
[PID: 700][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\nailog.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\naXML.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\applib.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\0404\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\Logging.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\InternetManager.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\naInet.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\UserSpace.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\Management.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\cmalib.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\Scheduler.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\Agent.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\naSPIPE.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\ListenServer.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\TCSubSys.dll] [Network Associates, Inc., 3.5.0.412]
[PID: 836][C:\WINNT\system32\regsvc.exe] [Microsoft Corporation, 5.00.2195.6701]
[PID: 840][C:\WINNT\system32\r_server.exe] [, 2, 2, 0, 0]
[PID: 968][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[PID: 308][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1120][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[C:\WINNT\system32\igfxpph.dll] [Intel Corporation, 3,0,0,1918]
[C:\WINNT\system32\hccutils.DLL] [Intel Corporation, 3,0,0,1918]
[C:\WINNT\system32\igfxres.dll] [Intel Corporation, 3,0,0,1918]
[C:\WINNT\system32\igfxsrvc.dll] [Intel Corporation, 3,0,0,1918]
[C:\WINNT\system32\igfxdev.dll] [Intel Corporation, 3,0,0,1918]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll] [Symantec Corporation, 8.00.00.9374]
[C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300]
[C:\WINNT\system32\igfxress.dll] [Intel Corporation, 3,0,0,1918]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINNT\system32\ALSNDMGR.CPL] [Realtek Semiconductor Corp., 1.5.63]
[C:\WINNT\system32\igfxcpl.cpl] [Intel Corporation, 3,0,0,1918]
[C:\WINNT\system32\plotman.cpl] [Autodesk, Inc., 8.0.16.86]
[C:\WINNT\system32\styleman.cpl] [Autodesk, Inc., 8.0.16.86]
[C:\WINNT\system32\xunleibho_v6.dll] [, 4, 4, 0, 31]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 1, 1, 3, 1035]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [Yahoo!, 2, 1, 8, 1048]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [, 1, 2, 7, 1006]
[C:\PROGRA~1\FlashGet\jccatch.dll] [Amaze Soft, 1, 1, 4, 0]
[PID: 1200][C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe] [Network Associates, Inc., 3.5.0.412]
[C:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll] [Network Associates, Inc., 3.5.0.474]
[C:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]
[C:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll] [Network Associates, Inc., 3.5.0.474]
[C:\PROGRA~1\NETWOR~1\COMMON~1\0404\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]
[PID: 1288][C:\WINNT\system32\ctfmon.exe] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[PID: 912][C:\WINNT\system32\conime.exe] [Microsoft Corporation, 5.00.2195.6655]
[PID: 1004][C:\Documents and Settings\zyd.SZCY\\sreng2\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\Documents and Settings\zyd.SZCY\\sreng2\Plugins\SRECXTMG.SRE] [Smallfrogs Studio, 1, 5, 0, 55]

瑞星卡卡安全论坛