【求助】win32.adware.bho.av.149030 bbs.ikaka.com

爱我的人飞走了 - 2007-8-31 20:01:00

病毒名如题，路径如下：c:\windows\bind.exe 用金山毒霸2007杀不尽。日志附后。请朋友们来帮一下。谢谢！
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<360Safetray><E:\360安全卫士\360safe\safemon\360Tray.exe /start> [奇虎网]
<KavStart><"C:\kav2007\KAVStart.exe" -startup> [Kingsoft Corporation]
<JdsEnglishSpirit><D:\脚斗士\flyenglishspirit.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\Userinit.exe> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><> [N/A]
<{D7B21266-AA85-44b8-B516-3B1A69827400}><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [N/A]

==================================
启动文件夹
[Windows Update SP11]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Update SP11.lnk --> C:\Program Files\Common Files\xp11update.exe [N/A]><H>
[Windows Update SP11]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Update SP11.lnk --> C:\Program Files\Common Files\xp11update.exe [N/A]><H>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
<C:\Windows\system32\drivers\CDAC11BA.EXE><Macrovision>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
<C:\kav2007\KWatch.EXE><Kingsoft Corporation>
[XAudioService / XAudioService][Running/Auto Start]
<C:\Windows\system32\DRIVERS\xaudio.exe><Conexant Systems, Inc.>

==================================
驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
<system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdide / amdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\amdide.sys><Microsoft Corporation>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Running/Manual Start]
<system32\DRIVERS\b57nd60x.sys><Broadcom Corporation>
[Broadcom Extensible 802.11 网络适配器驱动程序 / BCM43XV][Stopped/Manual Start]
<system32\DRIVERS\bcmwl6.sys><Broadcom Corporation>
[Broadcom 802.11 网络适配器驱动程序 / BCM43XX][Running/Manual Start]
<system32\DRIVERS\bcmwl6.sys><Broadcom Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Stopped/Manual Start]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[blbdrive / blbdrive][Stopped/Disabled]
<\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[CdaC15BA / CdaC15BA][Running/Auto Start]
<\??\C:\Windows\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
<system32\DRIVERS\DKbFltr.sys><Dritek System Inc.>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
<system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]

[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506)

爱我的人飞走了 - 2007-8-31 20:02:00

<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
<system32\drivers\CHDART.sys><Conexant Systems Inc.>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[HSFHWAZL / HSFHWAZL][Stopped/Manual Start]
<system32\DRIVERS\VSTAZL3.SYS><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSX_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
<system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[IGALIVE / IGALIVE][Running/Auto Start]
<\??\C:\Program Files\IGALIVE\IGALIVE.sys><N/A>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[KWatch3 / KWatch3][Running/System Start]
<\??\C:\Windows\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvlddmkm / nvlddmkm][Running/Manual Start]
<system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[nvraid / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[R300 / R300][Stopped/Manual Start]
<system32\DRIVERS\atikmdag.sys><ATI Technologies Inc.>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[USB PC Camera (SNPSTD3) / SNPSTD3][Running/Manual Start]
<system32\DRIVERS\snpstd3.sys><Sonix Co. Ltd.>
[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[tifm21 / tifm21][Running/Manual Start]
<system32\drivers\tifm21.sys><Texas Instruments>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
<system32\DRIVERS\UIUSYS.SYS><N/A>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSX_CNXT.sys><Conexant Systems, Inc.>
[XAudio / XAudio][Running/Auto Start]
<system32\DRIVERS\xaudio.sys><Conexant Systems, Inc.>

爱我的人飞走了 - 2007-8-31 20:03:00

浏览器加载项
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[CBrowseStakeout Class]
{55302805-482E-470E-8A57-6795A1487F90} <C:\kav2007\KAVAFish.DLL, Kingsoft Corporation>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Fade]
{16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\Windows\system32\Dxtmsft.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_007.dll, Thunder Networking Technologies,LTD>
[CBrowseStakeout Class]
{55302805-482E-470E-8A57-6795A1487F90} <C:\kav2007\KAVAFish.DLL, Kingsoft Corporation>
[CJfchk Object]
{632C6705-17AB-4407-9281-F60D0A7726BE} <G:\ppfilm\JfCheck.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, N/A>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin11.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <E:\360安全卫士\360safe\live.dll, 360safe.com>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[XML DOM 文档 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\Windows\System32\msnetobj.dll, Microsoft Corporation>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <%CommonProgramFiles%\System\msadc\msadco.dll, N/A>
[QQPlayerSvr Proxy Control]
{CD108273-D434-43E6-AA90-1469F97EB398} <E:\QQ\QQPlayerProxy.dll, Tencent>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\Windows\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>

爱我的人飞走了 - 2007-8-31 20:03:00

正在运行的进程
[PID: 364 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 488 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 536 / SYSTEM][C:\Windows\system32\wininit.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 548 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 580 / SYSTEM][C:\Windows\system32\services.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 596 / SYSTEM][C:\Windows\system32\lsass.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 604 / SYSTEM][C:\Windows\system32\lsm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 672 / SYSTEM][C:\Windows\system32\winlogon.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 788 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 844 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 876 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96B44056-7550-468A-AE0D-EE6CE38E226F}\mpengine.dll] [Microsoft Corporation, 1.1.2803.0]
[PID: 964 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1020 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1060 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1176 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1244 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1424 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1668 / lenovo][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.10.9754]
[PID: 1712 / SYSTEM][C:\kav2007\KWatch.EXE] [Kingsoft Corporation, 2007, 8, 13, 78]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\kav2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2007\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\kav2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\kav2007\KAEUnpack.DAT] [Kingsoft Corp., 2007, 8, 10, 129]
[C:\kav2007\KAVQuara.DLL] [Kingsoft Corporation, 2007, 6, 15, 4]
[PID: 1724 / lenovo][C:\Windows\system32\Dwm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9754]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[PID: 1832 / SYSTEM][C:\Windows\System32\spoolsv.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1856 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1876 / lenovo][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.0.0.86]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.10.9754]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.10.9754]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]

爱我的人飞走了 - 2007-8-31 20:03:00

[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[PID: 296 / lenovo][E:\360安全卫士\360safe\safemon\360tray.exe] [奇虎网, 3, 5, 2, 1001]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[E:\360安全卫士\360safe\safemon\SafeKrnl.dll] [奇虎网, 3, 5, 0, 1001]
[E:\360安全卫士\360safe\AntiAdwa.dll] [360Safe.com, 3, 5, 1, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\360安全卫士\360safe\live.dll] [360safe.com, 1, 0, 1, 1017]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[PID: 1568 / lenovo][C:\kav2007\KAVStart.EXE] [Kingsoft Corporation, 2007, 4, 2, 267]
[C:\Windows\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2007\SvcTimer.DLL] [Kingsoft Corporation, 2006.12.22.84]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\PopSprt3.dll] [Kingsoft Corporation, 2007, 1, 16, 45]
[C:\kav2007\KAVPassp.dll] [Kingsoft Corporation, 2006, 9, 7, 270]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1372 / SYSTEM][C:\Windows\system32\drivers\CDAC11BA.EXE] [Macrovision, 4.20.020]
[PID: 1016 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1196 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 12 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 840 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2112 / lenovo][C:\kav2007\KMailMon.EXE] [Kingsoft Corporation, 2007, 2, 25, 948]
[C:\kav2007\KAntiSpm.dll] [Kingsoft Corporation, 2007, 2, 25, 129]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2007\KAECall2.DLL] [Kingsoft Corporation, 2004, 12, 28, 7]
[C:\kav2007\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\kav2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\kav2007\KAEUnpack.DAT] [Kingsoft Corp., 2007, 8, 10, 129]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KAConfig.DLL] [Kingsoft Corporation, 2007, 1, 11, 41]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2168 / SYSTEM][C:\Windows\system32\DRIVERS\xaudio.exe] [Conexant Systems, Inc., 1.00.00]
[PID: 2560 / SYSTEM][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3820 / lenovo][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 4068 / lenovo][E:\QQ\QQ.exe] [TENCENT, 7,0,365,1701]
[E:\QQ\QQBaseClassInDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQHelperDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\BasicCtrlDll.dll] [TENCENT, 7,0,365,1701]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[E:\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\QQ\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
[E:\QQ\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
[E:\QQ\QQAPI.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[E:\QQ\LoginCtrl.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\LoginCtrlRes.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQRes.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQMainFrame.dll] [N/A, ]
[E:\QQ\gdiplus.dll] [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\QQ\CQQApplication.dll] [N/A, ]
[E:\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[E:\QQ\NewSkin.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\HostingMgr.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\CameraDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\MailSummary.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQKnowledgeSearch.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQAllInOne.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\SCCore.dll] [TENCENT, 1, 6, 0, 2]
[E:\QQ\QQSpace.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\vbscript.dll] [Microsoft Corporation, 5.6.0.7426]
[E:\QQ\QQGroupMng.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQSysMsgMng.dll] [N/A, ]
[E:\QQ\UserDefinedHead.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQPlugin.dll] [N/A, ]
[E:\QQ\QQConfigPlugin.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQAvatar.dll] [N/A, ]
[E:\QQ\QQCustomFace.dll] [N/A, ]
[E:\QQ\QRingMng.dll] [N/A, ]
[E:\QQ\QQPet.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\LongConnection.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\ImageOle.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQLiveQMng.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQMagicFace.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQSceneMng.dll] [N/A, ]
[E:\QQ\PhoneAPI.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[E:\QQ\GroupConnection.dll] [TENCENT, 7,0,365,1701]

爱我的人飞走了 - 2007-8-31 20:04:00

[E:\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 320]
[E:\QQ\BQQApplication.dll] [N/A, ]
[E:\QQ\CommercesMng.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[C:\Windows\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[E:\QQ\AddrSearch.dll] [腾讯科技（深圳）有限公司, 2, 1, 9, 95]
[E:\QQ\QQFileTransfer.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\VqqModule.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\VqqAllInOne.dll] [Tencent, 1, 6, 0, 2]
[E:\QQ\InPlus.dll] [Tencent, 1, 6, 0, 2]
[E:\QQ\tencent-proto1.dll] [tencent, 1, 6, 0, 2]
[E:\QQ\tencent-comlib.dll] [tencent, 1, 6, 0, 2]
[E:\QQ\tencent-proto2.dll] [tencent, 1, 6, 0, 2]
[C:\kav2007\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[E:\QQ\QQZip.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQMsgFriendMng.dll] [N/A, ]
[C:\Windows\system32\FREEIME.IME] [极点五笔工作室, 6.00.950]
[PID: 924 / lenovo][E:\QQ\TIMPlatform.exe] [TENCENT, 7,0,365,1701]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 2244 / lenovo][E:\QQ\QQ.exe] [TENCENT, 7,0,365,1701]
[E:\QQ\QQBaseClassInDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQHelperDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\BasicCtrlDll.dll] [TENCENT, 7,0,365,1701]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[E:\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\QQ\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
[E:\QQ\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
[E:\QQ\QQAPI.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[E:\QQ\LoginCtrl.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\LoginCtrlRes.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQRes.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQMainFrame.dll] [N/A, ]
[E:\QQ\gdiplus.dll] [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\QQ\CQQApplication.dll] [N/A, ]
[E:\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[E:\QQ\NewSkin.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\HostingMgr.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\CameraDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\MailSummary.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQKnowledgeSearch.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQAllInOne.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\SCCore.dll] [TENCENT, 1, 6, 0, 2]
[E:\QQ\QQSpace.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\vbscript.dll] [Microsoft Corporation, 5.6.0.7426]
[E:\QQ\QQGroupMng.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQSysMsgMng.dll] [N/A, ]
[E:\QQ\UserDefinedHead.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQPlugin.dll] [N/A, ]
[E:\QQ\QQConfigPlugin.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQAvatar.dll] [N/A, ]
[E:\QQ\QQCustomFace.dll] [N/A, ]
[E:\QQ\QRingMng.dll] [N/A, ]
[E:\QQ\QQPet.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\LongConnection.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\PhoneAPI.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[E:\QQ\BQQApplication.dll] [N/A, ]
[E:\QQ\CommercesMng.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[E:\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 320]
[E:\QQ\QQSceneMng.dll] [N/A, ]
[E:\QQ\AddrSearch.dll] [腾讯科技（深圳）有限公司, 2, 1, 9, 95]
[E:\QQ\ImageOle.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQLiveQMng.dll] [TENCENT, 7,0,365,1701]
[C:\Windows\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[C:\Windows\system32\FREEIME.IME] [极点五笔工作室, 6.00.950]
[E:\QQ\QQMagicFace.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\GroupConnection.dll] [TENCENT, 7,0,365,1701]
[PID: 3644 / lenovo][C:\Windows\MSAgent\agentsvr.exe] [Microsoft Corporation, 5.2.3790.1241]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 3956 / LOCAL SERVICE][C:\Windows\system32\WUDFHost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3772 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2780 / lenovo][C:\Users\lenovo\AppData\Local\Temp\Rar$EX00.667\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Users\lenovo\AppData\Local\Temp\Rar$EX00.667\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

爱我的人飞走了 - 2007-8-31 20:04:00

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [AutoCADScriptFile]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP Error. [winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS Error. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
进程特权扫描
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

有毒必问 - 2007-8-31 20:11:00

先在安全模式下
删除
C:\Program Files\Common Files\xp11update.exe
\SystemRoot\system32\drivers\blbdrive.sys
C:\Windows\system32\drivers\CDAC15BA.SYS
system32\DRIVERS\nwlnkflt.sys
system32\DRIVERS\nwlnkfwd.sys
C:\Windows\system32\wininit.exe

在全盘杀毒试试

爱我的人飞走了 - 2007-8-31 20:26:00

在安全模式下杀毒吗？

爱我的人飞走了 - 2007-8-31 21:09:00

安全模式下只找到这C:\Windows\system32\drivers\CDAC15BA.SYS一项，是VISTA系统。全盘杀毒正在做。

爱我的人飞走了 - 2007-8-31 21:18:00

再次杀毒还是一样有啊。

爱我的人飞走了 - 2007-9-1 12:13:00

问题还没解决，再次顶上来。顺便问一下，vista系统在安全模式下怎么找隐藏文件。

有毒必问 - 2007-9-1 13:36:00

VISTA系统没有用过，但在WINRAR里直接可以找

你QQ是多少？

爱我的人飞走了 - 2007-9-1 14:18:00

刚才不在，久等了。QQ：402852176

爱我的人飞走了 - 2007-9-1 15:18:00

有请高手们来看看，急切盼望中。。。。。

爱我的人飞走了 - 2007-9-1 15:43:00

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<360Safetray><E:\360安全卫士\360safe\safemon\360Tray.exe /start> [奇虎网]
<KavStart><"C:\kav2007\KAVStart.exe" -startup> [Kingsoft Corporation]
<JdsEnglishSpirit><D:\脚斗士\flyenglishspirit.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\Userinit.exe> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><> [N/A]
<{D7B21266-AA85-44b8-B516-3B1A69827400}><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [N/A]

==================================
启动文件夹
[Windows Update SP11]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Update SP11.lnk --> C:\Program Files\Common Files\xp11update.exe [N/A]><H>
[Windows Update SP11]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Update SP11.lnk --> C:\Program Files\Common Files\xp11update.exe [N/A]><H>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
<C:\Windows\system32\drivers\CDAC11BA.EXE><Macrovision>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
<C:\kav2007\KWatch.EXE><Kingsoft Corporation>
[XAudioService / XAudioService][Running/Auto Start]
<C:\Windows\system32\DRIVERS\xaudio.exe><Conexant Systems, Inc.>

爱我的人飞走了 - 2007-9-1 15:43:00

驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
<system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdide / amdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\amdide.sys><Microsoft Corporation>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Running/Manual Start]
<system32\DRIVERS\b57nd60x.sys><Broadcom Corporation>
[Broadcom Extensible 802.11 网络适配器驱动程序 / BCM43XV][Stopped/Manual Start]
<system32\DRIVERS\bcmwl6.sys><Broadcom Corporation>
[Broadcom 802.11 网络适配器驱动程序 / BCM43XX][Running/Manual Start]
<system32\DRIVERS\bcmwl6.sys><Broadcom Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Stopped/Manual Start]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[blbdrive / blbdrive][Stopped/Disabled]
<\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[CdaC15BA / CdaC15BA][Stopped/Auto Start]
<\??\C:\Windows\system32\drivers\CDAC15BA.SYS><N/A>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
<system32\DRIVERS\DKbFltr.sys><Dritek System Inc.>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
<system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
<system32\drivers\CHDART.sys><Conexant Systems Inc.>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[HSFHWAZL / HSFHWAZL][Stopped/Manual Start]
<system32\DRIVERS\VSTAZL3.SYS><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSX_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
<system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[IGALIVE / IGALIVE][Running/Auto Start]
<\??\C:\Program Files\IGALIVE\IGALIVE.sys><N/A>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[KWatch3 / KWatch3][Running/System Start]
<\??\C:\Windows\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>

爱我的人飞走了 - 2007-9-1 15:44:00

[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvlddmkm / nvlddmkm][Running/Manual Start]
<system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[nvraid / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[R300 / R300][Stopped/Manual Start]
<system32\DRIVERS\atikmdag.sys><ATI Technologies Inc.>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[USB PC Camera (SNPSTD3) / SNPSTD3][Running/Manual Start]
<system32\DRIVERS\snpstd3.sys><Sonix Co. Ltd.>
[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[tifm21 / tifm21][Running/Manual Start]
<system32\drivers\tifm21.sys><Texas Instruments>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
<system32\DRIVERS\UIUSYS.SYS><N/A>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSX_CNXT.sys><Conexant Systems, Inc.>
[XAudio / XAudio][Running/Auto Start]
<system32\DRIVERS\xaudio.sys><Conexant Systems, Inc.>

爱我的人飞走了 - 2007-9-1 15:44:00

正在运行的进程
[PID: 364 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 428 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 476 / SYSTEM][C:\Windows\system32\wininit.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 488 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 520 / SYSTEM][C:\Windows\system32\services.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 536 / SYSTEM][C:\Windows\system32\lsass.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 544 / SYSTEM][C:\Windows\system32\lsm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 640 / SYSTEM][C:\Windows\system32\winlogon.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 724 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 780 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 816 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 904 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 976 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1000 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1132 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)]
[PID: 1176 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1384 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1628 / SYSTEM][C:\kav2007\KWatch.EXE] [Kingsoft Corporation, 2007, 8, 13, 78]
[C:\kav2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2007\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\kav2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\kav2007\KAEUnpack.DAT] [Kingsoft Corp., 2007, 8, 10, 129]
[C:\kav2007\KAVQuara.DLL] [Kingsoft Corporation, 2007, 6, 15, 4]
[PID: 1692 / SYSTEM][C:\Windows\System32\spoolsv.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1716 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1724 / lenovo][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.10.9754]
[PID: 1732 / lenovo][C:\Windows\system32\Dwm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9754]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[PID: 1800 / lenovo][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.0.0.86]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[E:\新浪UC\UC\UCIdleHook.dll] [北京新浪信息技术有限公司, 1, 0, 1, 0]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
[PID: 1996 / lenovo][E:\360安全卫士\360safe\safemon\360tray.exe] [奇虎网, 3, 5, 2, 1001]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[E:\360安全卫士\360safe\safemon\SafeKrnl.dll] [奇虎网, 3, 5, 0, 1001]
[E:\360安全卫士\360safe\AntiAdwa.dll] [360Safe.com, 3, 5, 1, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 2044 / lenovo][C:\kav2007\KAVStart.EXE] [Kingsoft Corporation, 2007, 4, 2, 267]
[C:\Windows\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2007\SvcTimer.DLL] [Kingsoft Corporation, 2006.12.22.84]
[C:\kav2007\PopSprt3.dll] [Kingsoft Corporation, 2007, 1, 16, 45]
[C:\kav2007\KAVPassp.dll] [Kingsoft Corporation, 2006, 9, 7, 270]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[PID: 1256 / SYSTEM][C:\Windows\system32\drivers\CDAC11BA.EXE] [Macrovision, 4.20.020]
[PID: 1956 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1336 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 936 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 968 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1120 / SYSTEM][C:\Windows\system32\DRIVERS\xaudio.exe] [Conexant Systems, Inc., 1.00.00]
[PID: 2188 / lenovo][C:\kav2007\KMailMon.EXE] [Kingsoft Corporation, 2007, 2, 25, 948]
[C:\kav2007\KAntiSpm.dll] [Kingsoft Corporation, 2007, 2, 25, 129]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2007\KAECall2.DLL] [Kingsoft Corporation, 2004, 12, 28, 7]
[C:\kav2007\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\kav2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\kav2007\KAEUnpack.DAT] [Kingsoft Corp., 2007, 8, 10, 129]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KAConfig.DLL] [Kingsoft Corporation, 2007, 1, 11, 41]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[PID: 2388 / SYSTEM][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1892 / lenovo][E:\QQ\QQ.exe] [TENCENT, 7,0,365,1701]
[E:\QQ\QQBaseClassInDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQHelperDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\BasicCtrlDll.dll] [TENCENT, 7,0,365,1701]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\QQ\QQAPI.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[E:\QQ\LoginCtrl.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\LoginCtrlRes.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQRes.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQMainFrame.dll] [N/A, ]
[E:\QQ\CQQApplication.dll] [N/A, ]
[E:\QQ\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[E:\QQ\NewSkin.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\HostingMgr.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\CameraDll.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\MailSummary.dll] [TENCENT, 7,0,365,1701]

爱我的人飞走了 - 2007-9-1 15:45:00

[E:\QQ\QQKnowledgeSearch.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQAllInOne.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\SCCore.dll] [TENCENT, 1, 6, 0, 2]
[E:\QQ\QQSpace.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQGroupMng.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\UserDefinedHead.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQPlugin.dll] [N/A, ]
[E:\QQ\QQConfigPlugin.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQAvatar.dll] [N/A, ]
[E:\QQ\QQCustomFace.dll] [N/A, ]
[E:\QQ\QRingMng.dll] [N/A, ]
[E:\QQ\LongConnection.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\QQPet.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\PhoneAPI.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[E:\QQ\QQSysMsgMng.dll] [N/A, ]
[E:\QQ\BQQApplication.dll] [N/A, ]
[E:\QQ\CommercesMng.dll] [TENCENT, 7,0,365,1701]
[E:\QQ\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[E:\QQ\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 320]
[E:\QQ\QQSceneMng.dll] [N/A, ]
[E:\QQ\AddrSearch.dll] [腾讯科技（深圳）有限公司, 2, 1, 9, 95]
[E:\新浪UC\UC\UCIdleHook.dll] [北京新浪信息技术有限公司, 1, 0, 1, 0]
[PID: 3928 / lenovo][E:\QQ\TIMPlatform.exe] [TENCENT, 7,0,365,1701]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 3604 / lenovo][C:\Windows\system32\conime.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3472 / lenovo][E:\新浪UC\UC\uc.exe] [北京新浪信息技术有限公司, 5.1.0.970]
[E:\新浪UC\UC\vcl60.bpl] [Borland Software Corporation, 6.0.6.240]
[E:\新浪UC\UC\rtl60.bpl] [Borland Software Corporation, 6.0.6.243]
[E:\新浪UC\UC\vclx60.bpl] [Borland Software Corporation, 6.0.6.163]
[E:\新浪UC\UC\vclie60.bpl] [Borland Software Corporation, 6.0.6.163]
[E:\新浪UC\UC\bcbie60.bpl] [N/A, ]
[E:\新浪UC\UC\BORLNDMM.DLL] [Borland Software Corporation, 6.0.10.157]
[E:\新浪UC\UC\CC3260MT.DLL] [Borland Corporation, 0.0.0.0 (informal build)]
[E:\新浪UC\UC\ucavatar.bpl] [Beijing Sina Information Technology Co.,Ltd, 1.1.0.0]
[E:\新浪UC\UC\ucchatroom.bpl] [北京新浪信息技术有限公司, 1.3.0.0]
[E:\新浪UC\UC\LANGUAGERES.DLL] [北京新浪信息技术有限公司, 1.1.0.0]
[E:\新浪UC\UC\ucdcontrol.bpl] [北京新浪信息技术有限公司, 1.3.0.0]
[E:\新浪UC\UC\uchm.bpl] [Beijing Sina Information Technology Co.,Ltd, 1.3.0.0]
[E:\新浪UC\UC\ucui.bpl] [北京新浪信息技术有限公司, 1.3.0.0]
[E:\新浪UC\UC\ucskin.bpl] [北京新浪信息技术有限公司, 1.2.0.0]
[E:\新浪UC\UC\ucudpmessager.dll] [Beijing Sina Information Technology Co.,Ltd
, 1.1.0.0]
[E:\新浪UC\UC\STLPMT45.DLL] [N/A, ]
[E:\新浪UC\UC\ucapi.dll] [北京新浪信息技术有限公司, 1.1.0.0]
[E:\新浪UC\UC\ucres.dll] [北京新浪信息技术有限公司, 1.3.0.0]
[E:\新浪UC\UC\ucdatamanager.dll] [Beijing Sina Information Technology Co.,Ltd, 1.2.0.0]
[E:\新浪UC\UC\ucmargin.dll] [北京新浪信息技术有限公司, 1.1.0.0]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\新浪UC\UC\RICHED20.DLL] [Microsoft Corporation, 5.30.23.1205]
[E:\新浪UC\UC\riched32.dll] [Microsoft Corporation, 5.00.2134.1]
[E:\新浪UC\UC\UCIdleHook.dll] [北京新浪信息技术有限公司, 1, 0, 1, 0]
[E:\新浪UC\UC\UCHttpDl.dll] [北京新浪信息技术有限公司, 1, 1, 9, 0]
[E:\新浪UC\UC\HelpEx.dll] [北京新浪信息技术有限公司, 1.0.0.0]
[E:\新浪UC\UC\UCEmtMgr.dll] [北京新浪信息技术有限公司, 1.2.0.0]
[E:\新浪UC\UC\UCBugCatch.dll] [北京新浪信息技术有限公司, 1, 2, 8, 0]
[E:\新浪UC\UC\UCSocket.DLL] [北京新浪信息技术有限公司, 1, 1, 21, 0]
[E:\新浪UC\UC\UTNTyper.dll] [北京新浪信息技术有限公司, 1, 0, 0, 0]
[E:\新浪UC\UC\UCDDP.dll] [Beijing Sina Information Technology Co.,Ltd, 1.1.0.0]
[C:\kav2007\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[E:\新浪UC\UC\ActiveX\AvatarDisplay.dll] [N/A, ]
[C:\Windows\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9754]
[E:\虚拟视频\MvBox\VCam.ax] [N/A, ]
[PID: 3648 / lenovo][E:\新浪UC\UC\UCChatRoom.exe] [北京新浪信息技术有限公司, 1.1.0.0]
[E:\新浪UC\UC\vcl60.bpl] [Borland Software Corporation, 6.0.6.240]
[E:\新浪UC\UC\rtl60.bpl] [Borland Software Corporation, 6.0.6.243]
[E:\新浪UC\UC\vclie60.bpl] [Borland Software Corporation, 6.0.6.163]
[E:\新浪UC\UC\bcbie60.bpl] [N/A, ]
[E:\新浪UC\UC\BORLNDMM.DLL] [Borland Software Corporation, 6.0.10.157]
[E:\新浪UC\UC\CC3260MT.DLL] [Borland Corporation, 0.0.0.0 (informal build)]
[E:\新浪UC\UC\LANGUAGERES.DLL] [北京新浪信息技术有限公司, 1.1.0.0]
[E:\新浪UC\UC\UCUDPMESSAGER.DLL] [Beijing Sina Information Technology Co.,Ltd
, 1.1.0.0]
[E:\新浪UC\UC\STLPMT45.DLL] [N/A, ]
[E:\新浪UC\UC\UCTCPMESSAGER.DLL] [Beijing Sina Information Technology Co.,Ltd, 1.1.0.0]
[E:\新浪UC\UC\UCAPI.DLL] [北京新浪信息技术有限公司, 1.1.0.0]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\新浪UC\UC\RICHED20.DLL] [Microsoft Corporation, 5.30.23.1205]
[E:\新浪UC\UC\UCSocket.DLL] [北京新浪信息技术有限公司, 1, 1, 21, 0]
[C:\kav2007\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9754]
[E:\新浪UC\UC\UCIdleHook.dll] [北京新浪信息技术有限公司, 1, 0, 1, 0]
[C:\Windows\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[E:\新浪UC\UC\UCAudioChat.dll] [Beijing Sina Information Technology Co.,Ltd, 2006, 3, 7, 2]
[E:\新浪UC\UC\UcMediaPlayer.DLL] [北京新浪信息技术有限公司, 1, 1, 0, 0]
[E:\新浪UC\UC\UCVideo.DLL] [北京新浪信息技术有限公司, 4, 5, 2, 0]
[E:\新浪UC\UC\UCMediaSaver.dll] [北京新浪信息技术有限公司, 1, 1, 1, 0]
[E:\新浪UC\UC\UCTransfer.dll] [北京新浪信息技术有限公司, 1, 0, 0, 2]

爱我的人飞走了 - 2007-9-1 15:45:00

[E:\新浪UC\UC\UCVCodec3.dll] [Beijing Sina Information Technology Co.,Ltd, 2, 1, 0, 0]
[C:\Windows\system32\vsnpstd3.dll] [ , 1, 1, 5, 10]
[E:\新浪UC\UC\UCACodec.dll] [Beijing Sina Information Technology Co.,Ltd , 1.2.0]
[PID: 3188 / lenovo][C:\Windows\MSAgent\agentsvr.exe] [Microsoft Corporation, 5.2.3790.1241]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[E:\新浪UC\UC\UCIdleHook.dll] [北京新浪信息技术有限公司, 1, 0, 1, 0]
[PID: 3920 / lenovo][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[PID: 808 / lenovo][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[C:\kav2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\360安全卫士\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
[C:\kav2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Windows\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[E:\新浪UC\UC\UCIdleHook.dll] [北京新浪信息技术有限公司, 1, 0, 1, 0]
[PID: 492 / lenovo][C:\Users\lenovo\AppData\Local\Temp\Rar$EX00.200\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\Users\lenovo\AppData\Local\Temp\Rar$EX00.200\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

瑞星卡卡安全论坛