1   1  /  1  页   跳转

求助!!!

收藏
shi_yuan
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2004-09-03
  • 来自:
发表于: 2006-07-25 16:31 | 只看楼主 短消息 资料
字号: 1楼

求助!!!

诸位!
我的电脑每次打开网页都会出现一些奇怪的链接:
http://218.12.196.235/aqr.php?id=j021
http://www.56.com/reg/index5.html
http://www.aeeboo.com/ad/ad3/ad.html
……
……
不知该如何清理,望诸位高手多多指教!!
谢谢!
最后编辑2006-07-26 08:45:34
分享到:
gototop
 
闪电风暴
头像
特邀体验者
  • 帖子:5462
  • 注册: 2005-01-12
  • 来自:0GiNr
发表于: 2006-07-25 17:04 | 短消息 资料
字号: 2楼

扫描HijackThis和SRENG日志上来
gototop
 
shi_yuan
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2004-09-03
  • 来自:
发表于: 2006-07-26 08:37 | 只看楼主 短消息 资料
字号: 3楼

以下是HijackThis的扫描日志
Logfile of HijackThis v1.99.1
Scan saved at 8:28:33, on 2006-7-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\MSNShell\BIN\MSNShell.exe
D:\Program Files\Symantec AntiVirus\DefWatch.exe
D:\Program Files\Socks2HTTP 0.92a\socks2http.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Symantec AntiVirus\SavRoam.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\Program Files\Symantec AntiVirus\Rtvscan.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Tencent\qq\QQ.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Tencent\qq\TMDlls\TIMPlatform.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\WinRAR\WinRAR.exe
D:\DOCUME~1\shi\LOCALS~1\Temp\Rar$EX00.719\HijackThis.exe

R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDDTInitObj Class - {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - D:\PROGRA~1\Sina\ddt\ddtinit.dll
O2 - BHO: (no name) - {15DDE989-CD45-4561-BF99-D22C0D5C2B74}? - (no file)
O2 - BHO: KillObj Class - {66C28884-4E5D-494B-80C9-CAA27528FD6D} - D:\PROGRA~1\Sina\ddt\ddtkillw.ocx (file missing)
O2 - BHO: (no name) - {66C28884-4E5D-494B-80C9-CAA27528FD6D}? - (no file)
O3 - Toolbar: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - D:\PROGRA~1\Sina\ddt\DDTONG~1.DLL
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - D:\WINDOWS\system32\kakatool.dll
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSNShell] D:\Program Files\MSNShell\BIN\MSNShell.exe autorun
O4 - Startup: Socks2HTTP 0.92a汉化版.lnk = D:\Program Files\Socks2HTTP 0.92a\socks2http.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - D:\PROGRA~1\Sina\ddt\DDTONG~1.DLL
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - D:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - D:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - D:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WinkldUP - Unknown owner - D:\DOCUME~1\shi\LOCALS~1\Temp\wz\wz.exe (file missing)
O23 - Service: WintUPp - Unknown owner - D:\DOCUME~1\shi\LOCALS~1\Temp\wt\wt.exe (file missing)
多谢多谢!!
gototop
 
shi_yuan
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2004-09-03
  • 来自:
发表于: 2006-07-26 08:50 | 只看楼主 短消息 资料
字号: 4楼

以下是SRENG扫描日志-1:
2006-07-26,08:38:18

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <MSNShell><D:\Program Files\MSNShell\BIN\MSNShell.exe autorun>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <QtRun><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <Power><rundll32.exe D:\DOCUME~1\shi\LOCALS~1\Temp\f3\pnxpwf.dll,Start>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><D:\WINDOWS\777BOE~1.SCR>  [ScreenTime Media]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <91cast><; >  []
    <Acrobat Assistant 7.0><; "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe">  [Adobe Systems Inc.]
    <bgoomain.exe><; D:\PROGRA~1\baigoo\bgoomain.exe>  []
    <ClocX><; D:\Program Files\ClocX\ClocX.exe>  [BonSoft]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Foxmail><; D:\foxmail\Foxmail.exe -min>  [Boda Network Technology Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <helper.dll><; D:\WINDOWS\system32\rundll32.exe D:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <HotKeysCmds><; D:\WINDOWS\system32\hkcmd.exe>  [Intel Corporation]
    <ielockcount><; D:\Program Files\CNNIC\Cdn\cdnup.exe>  []
    <IgfxTray><; D:\WINDOWS\system32\igfxtray.exe>  [Intel Corporation]
    <IMJPMIG8.1><; "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <IMSCMig><; D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <KernelFaultCheck><; >  []
    <MicrosoftRedirectionProgram><; D:\WINDOWS\svchost.exe>  []
    <mscfs><; >  []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MsnMsgr><; "D:\Program Files\MSN Messenger\msnmsgr.exe" /background>  [Microsoft Corporation]
    <MSNShell><; D:\Program Files\MSNShell\BIN\MSNShell.exe autorun>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NMGameX_AutoRun><; D:\WINDOWS\system32\Rundll32.exe nmgamex.dll,LiveProcess /aa>  [NMGameX]
    <PHIME2002A><; D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <PHIME2002ASync><; D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <QtRun><; D:\Program Files\CNNIC\Cdn\cdnup.exe>  []
    <res><; D:\WINDOWS\system32\res.exe>  []
    <Runieadkill><; D:\Program Files\CNNIC\Cdn\cdnup.exe>  []
    <RunieMonitor><; D:\Program Files\CNNIC\Cdn\cdnup.exe>  []
    <SoundMAX><; "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <SoundMAXPnP><; D:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc.]
    <spoolsv><; D:\WINDOWS\system32\spoolsv\spoolsv.exe -printer>  []
    <StarUpdater><; >  []
    <supdate2.dll><; RUNDLL32.EXE D:\WINDOWS\system32\supdate2.dll,Run>  []
    <TkBellExe><; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <vcdplayx><; "D:\WINDOWS\vcdplayx.exe">  [Far Stone Technology Inc.]
    <Windir><; D:\WINDOWS\system32\Windir.exe>  []
    <XDeskWeather><; D:\Program Files\鱼鱼软件\桌面天气秀\XDeskWeather.exe>  []

==================================
启动文件夹
[Socks2HTTP 0.92a汉化版]
  <D:\Documents and Settings\shi\「开始」菜单\程序\启动\Socks2HTTP 0.92a汉化版.lnk><N>

==================================
服务
[Symantec AntiVirus Definition Watcher / DefWatch]
  <"D:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[NT Data Provider / MouTALS]
  <D:\WINDOWS\SYSTEM32\RUNDLL32.EXE D:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL,Export 1087><N/A>
[SavRoam / SavRoam]
  <"D:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[Symantec AntiVirus / Symantec AntiVirus]
  <"D:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[WinkldUP / WinkldUP]
  <D:\DOCUME~1\shi\LOCALS~1\Temp\wz\wz.exe -R><N/A>
[WintUPp / WintUPp]
  <D:\DOCUME~1\shi\LOCALS~1\Temp\wt\wt.exe -R><N/A>

==================================
浏览器加载项
[IDDTInitObj Class]
  {15DDE989-CD45-4561-BF99-D22C0D5C2B74} <D:\PROGRA~1\Sina\ddt\ddtinit.dll, 北京新浪信息技术有限公司>
[KillObj Class]
  {66C28884-4E5D-494B-80C9-CAA27528FD6D} <D:\PROGRA~1\Sina\ddt\ddtkillw.ocx, N/A>
[新浪点点通]
  {F60C7D81-8471-4D40-AAFE-56D318F34C2D} <D:\PROGRA~1\Sina\ddt\DDTONG~1.DLL, 北京新浪信息技术有限公司>
[新浪点点通]
  {F60C7D81-8471-4D40-AAFE-56D318F34C2D} <D:\PROGRA~1\Sina\ddt\DDTONG~1.DLL, 北京新浪信息技术有限公司>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <D:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Microsoft Office Template and Media Control]
  {02BCC737-B171-4746-94C9-0D8A0B2C0089} <D:\PROGRA~1\MICROS~2\OFFICE11\IEAWSDC.DLL, N/A>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <D:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[CPub Object]
  {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} <D:\Program Files\P4P\sodaie.dll, N/A>
[wmpdrm]
  {0E674588-66B7-4E19-9D0E-2053B800F69F} <D:\WINDOWS\system32\wmpdrm.dll, N/A>
[实用搜索]
  {15ADF205-4C54-4CFE-AC88-1EA0BA6D06A0} <, N/A>
[IDDTInitObj Class]
  {15DDE989-CD45-4561-BF99-D22C0D5C2B74} <D:\PROGRA~1\Sina\ddt\ddtinit.dll, 北京新浪信息技术有限公司>
[MyIEHelper Class]
  {16A770A0-0E87-4278-B748-2460D64A8386} <D:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_8157.dll, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <D:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[QuickBtn]
  {1A199C20-DE2B-4838-AE3F-B5257ECE2B7E} <D:\Program Files\CoolWebsite\QuickLink.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <D:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <D:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <D:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Microsoft Office Control]
  {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <D:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, Microsoft Corporation>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Router Layer]
  {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} <D:\WINDOWS\System32\aclayer.dll, N/A>
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <D:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[KillObj Class]
  {66C28884-4E5D-494B-80C9-CAA27528FD6D} <D:\PROGRA~1\Sina\ddt\ddtkillw.ocx, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <D:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[CBHelper Object]
  {8A4280AD-9B37-4922-A51D-73F3C3A32AF7} <D:\WINDOWS\system32\msibm\cfsbho.dll, N/A>
[Encarta &Researcher]
  {9455301C-CF6B-11D3-A266-00C04F689C50} <D:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL, Microsoft Corporation>
[]
  {974AD624-EA50-4831-A6C0-3040F6665396} <D:\PROGRA~1\Sina\ddt\rssband.dll, 北京新浪信息技术有限公司>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <D:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[AcroIEToolbarHelper Class]
  {AE7CD045-E861-484F-8273-0445EE161910} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
gototop
 
shi_yuan
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2004-09-03
  • 来自:
发表于: 2006-07-26 08:52 | 只看楼主 短消息 资料
字号: 5楼

SRENG日志-2:
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <D:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[OWSClientMiscApis Class]
  {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <D:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[OWSBrowserUI Class]
  {BDEADE43-C265-11D0-BCED-00A0C90AB50F} <D:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[OWSDiscussionServers Class]
  {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} <D:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\macromed\flash\Flash.ocx, Macromedia, Inc.>
[Infofo 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <D:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[新浪点点通阅读器]
  {F0646DC8-58CD-4C64-8F6B-525043914685} <D:\PROGRA~1\Sina\ddt\rssband.dll, 北京新浪信息技术有限公司>
[新浪点点通]
  {F60C7D81-8471-4D40-AAFE-56D318F34C2D} <D:\PROGRA~1\Sina\ddt\DDTONG~1.DLL, 北京新浪信息技术有限公司>
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent\qq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 432][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 488][\??\D:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 512][\??\D:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 556][D:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 568][D:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 712][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 760][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 828][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 892][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1008][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1212][D:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\WINDOWS\system32\AdobePDF.dll]  <Adobe Systems Incorporated.><7.0.0.00>
    [D:\Program Files\Adobe\Acrobat 7.0\Distillr\AdistRes.CHS]  <N/A><N/A>
    [D:\WINDOWS\system32\HPBMMON.DLL]  <Hewlett-Packard><10.00.16>
    [D:\WINDOWS\system32\hpdomon.dll]  <Hewlett-Packard><03.42.00>
    [D:\WINDOWS\system32\HPBHealr.dll]  <N/A><N/A>
    [D:\WINDOWS\system32\HPTcpMon.dll]  <Hewlett Packard><2.50.01.006>
    [D:\WINDOWS\system32\HPZJSN01.dll]  <Hewlett Packard Company><1, 0, 0, 3>
    [D:\WINDOWS\system32\hpzjfw01.dll]  <Hewlett-Packard><4.02.009.0>
    [D:\WINDOWS\system32\HPTcpMUI.dll]  <Microsoft Corporation><2.50.01.006>
    [D:\WINDOWS\system32\hptcpmib.dll]  <Hewlett Packard><2.50.01.006>
    [D:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint.DLL]  <Zenographics, Inc.><5, 54, 330, 0>
    [D:\WINDOWS\system32\Imf32.dll]  <Zenographics, Inc.><5, 60, 1204, 0>
    [D:\WINDOWS\system32\ZTAG32.dll]  <Zenographics, Inc.><5, 60, 1210, 0>
    [D:\WINDOWS\system32\ZSPOOL.dll]  <Zenographics, Inc.><5, 51, 709, 0>
[PID: 1336][D:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\DOCUME~1\shi\LOCALS~1\Temp\f3\pnxpwf.dll]  <><1, 0, 0, 0>
    [D:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.chs]  <Adobe Systems Inc.><7.0.0.2004121400\0>
    [D:\DOCUME~1\shi\LOCALS~1\Temp\f3\ex\mcl.dll]  <N/A><N/A>
    [D:\DOCUME~1\shi\LOCALS~1\Temp\f3\ex\kerdpm.dll]  <N/A><N/A>
    [D:\DOCUME~1\shi\LOCALS~1\Temp\f3\ex\Pac.dll]  <><1, 0, 0, 1>
    [D:\DOCUME~1\shi\LOCALS~1\Temp\f3\ex\Dhcom.dll]  <><1, 0, 0, 1>
    [D:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\qdshm.dll]  <><1, 0, 1, 2>
    [D:\WINDOWS\system32\vdshell.dll]  <FarStone Technology Inc.><7, 1, 0, 0>
    [D:\WINDOWS\system32\FsLoadLibrary.dll]  <><1, 0, 0, 1>
    [D:\WINDOWS\system32\VDShellrc.dll]  <FarStone Technology Inc.><1, 5, 0, 0>
    [D:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  <Symantec Corporation><9.0.1.1000>
    [D:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll]  <Adobe Systems Inc.><7.0.0.2004121400\0>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 1360][D:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1512][D:\Program Files\MSNShell\BIN\MSNShell.exe]  <N/A><N/A>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 1584][D:\Program Files\Symantec AntiVirus\DefWatch.exe]  <Symantec Corporation><9.0.1.1000>
[PID: 1644][D:\Program Files\Socks2HTTP 0.92a\socks2http.exe]  <TotalRC.net><0, 9, 2, 0>
    [D:\Program Files\Socks2HTTP 0.92a\S2HLIB.dll]  <Totalrc><0, 9, 2, 0>
    [D:\Program Files\Socks2HTTP 0.92a\WSHOOK.dll]  <N/A><N/A>
    [D:\Program Files\Socks2HTTP 0.92a\guiutil.dll]  <><0, 9, 2, 0>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 1752][D:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\WINDOWS\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [D:\PROGRA~1\Sina\ddt\ddtinit.dll]  <北京新浪信息技术有限公司><1, 2, 1, 7>
    [D:\PROGRA~1\Sina\ddt\DDTUpdate.dll]  <北京新浪信息技术有限公司><1, 2, 1, 1>
    [D:\PROGRA~1\Sina\ddt\DDTONG~1.DLL]  <北京新浪信息技术有限公司><1, 2, 1, 5>
    [D:\PROGRA~1\Sina\ddt\DDTcomm.dll]  <北京新浪信息技术有限公司><1, 1, 0, 3>
    [D:\PROGRA~1\Sina\ddt\ddtwea.ocx]  <北京新浪信息技术有限公司><1, 1, 0, 7>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 112][D:\Program Files\Symantec AntiVirus\SavRoam.exe]  <symantec><1.5.0.0>
    [D:\Program Files\Common Files\Symantec Shared\SSC\Transman.dll]  <Symantec Corporation><9.0.1.1000>
    [D:\WINDOWS\system32\CBA.DLL]  <Intel? Corporation><6.12.0.126 E>
    [D:\WINDOWS\system32\MsgSys.dll]  <Intel? Corporation><6.12.0.126 E>
    [D:\WINDOWS\system32\NTS.dll]  <Intel? Corporation><6.12.0.126 E>
    [D:\WINDOWS\system32\PDS.DLL]  <Intel? Corporation><6.12.0.126 E>
[PID: 360][D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 420][D:\Program Files\Symantec AntiVirus\Rtvscan.exe]  <Symantec Corporation><9.0.1.1000>
gototop
 
shi_yuan
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2004-09-03
  • 来自:
发表于: 2006-07-26 08:53 | 只看楼主 短消息 资料
字号: 6楼

SRENG日志-3
    [D:\WINDOWS\system32\CBA.DLL]  <Intel? Corporation><6.12.0.126 E>
    [D:\WINDOWS\system32\MsgSys.dll]  <Intel? Corporation><6.12.0.126 E>
    [D:\WINDOWS\system32\NTS.dll]  <Intel? Corporation><6.12.0.126 E>
    [D:\WINDOWS\system32\PDS.DLL]  <Intel? Corporation><6.12.0.126 E>
    [D:\Program Files\Symantec AntiVirus\NAVLU.dll]  <Symantec Corporation><9.0.1.1000>
    [D:\Program Files\Symantec AntiVirus\I2ldvp3.dll]  <Symantec Corporation><9.0.1.1000>
    [D:\Program Files\Symantec AntiVirus\ecmldr32.DLL]  <Symantec Corp.><1.1.0.3>
    [D:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  <Symantec Corporation><9.3.0.28>
    [D:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  <Symantec Corporation><9.0.1.1000>
    [D:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll]  <Symantec Corporation><9.0.1.1000>
    [D:\Program Files\Symantec AntiVirus\DecSDK.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2ID.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2ZIP.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2SS.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2GZIP.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2CAB.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2LHA.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2ARJ.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2TNEF.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2LZ.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2AMG.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2TAR.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2RTF.dll]  <Symantec Corporation><3.02.12.09>
    [D:\Program Files\Symantec AntiVirus\Dec2Text.dll]  <Symantec Corporation><3.02.12.09>
    [D:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060724.048\ecmsvr32.dll]  <Symantec Corporation><61.1.0.11>
    [D:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060724.048\NAVEX32a.DLL]  <Symantec Corporation><20061.1.0.14>
    [D:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060724.048\NAVENG32.DLL]  <Symantec Corporation><20061.1.0.14>
[PID: 476][D:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1656][D:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2068][D:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\WINDOWS\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [D:\PROGRA~1\Sina\ddt\DDTONG~1.DLL]  <北京新浪信息技术有限公司><1, 2, 1, 5>
    [D:\PROGRA~1\Sina\ddt\ddtinit.dll]  <北京新浪信息技术有限公司><1, 2, 1, 7>
    [D:\PROGRA~1\Sina\ddt\DDTUpdate.dll]  <北京新浪信息技术有限公司><1, 2, 1, 1>
    [D:\PROGRA~1\Sina\ddt\ddtwea.ocx]  <北京新浪信息技术有限公司><1, 1, 0, 7>
    [D:\PROGRA~1\Sina\ddt\DDTcomm.dll]  <北京新浪信息技术有限公司><1, 1, 0, 3>
    [D:\WINDOWS\system32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,14,0>
    [D:\WINDOWS\system32\Macromed\Common\SwSupport.dll]  <Macromedia, Inc.><8.5.1r102>
[PID: 2196][D:\Program Files\Tencent\qq\QQ.exe]  <TENCENT><0, 0, 0, 0>
    [D:\Program Files\Tencent\qq\QQBaseClassInDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\QQHelperDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\BasicCtrlDll.dll]  <Tencent><5, 0, 200, 14>
    [D:\Program Files\Tencent\qq\QQAPI.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\TMDlls\TIMProxy.dll]  <tencent><0, 3, 2, 4>
    [D:\Program Files\Tencent\qq\LoginCtrl.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\npkcntc.dll]  <INCA Internet Co., Ltd.><2005, 9, 1, 1>
    [D:\Program Files\Tencent\qq\npkpdb.dll]  <INCA Internet Co., Ltd.><2003, 10, 1, 1>
    [D:\Program Files\Tencent\qq\QQRes.dll]  <tencent><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\QQMainFrame.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\CQQApplication.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\NewSkin.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\HostingMgr.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\CameraDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\MailSummary.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\QQSpace.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\QQAllInOne.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\SCCore.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\QQMMSender.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\QQSettingCtrl.dll]  <><1, 0, 0, 1>
    [D:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\QQGroupMng.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\LongConnection.dll]  <tencent><0, 3, 3, 8>
    [D:\Program Files\Tencent\qq\QQPlugin.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\ShareFiles.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\QQZip.dll]  <tencent><0, 3, 2, 4>
    [D:\Program Files\Tencent\qq\QQSysMsgMng.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\QQConfigPlugin.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\UserDefinedHead.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\QRingMng.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\PhoneAPI.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\DialerAllinOne.dll]  <tencent><1, 4, 0, 0>
    [D:\Program Files\Tencent\qq\QQAvatar.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\FlashAvatarDll.dll]  <><1, 4, 0, 1>
    [D:\Program Files\Tencent\qq\QQPet.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\BQQApplication.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\CommercesMng.dll]  <><1, 0, 0, 1>
    [D:\Program Files\Tencent\qq\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
    [D:\Program Files\Tencent\qq\QQAddr.dll]  <深圳市腾讯计算机系统有限公司><5, 0, 101, 141>
    [D:\Program Files\Tencent\qq\QQPhoneHelper.dll]  <腾讯科技(深圳)有限公司><1, 1, 1, 30>
    [D:\Program Files\Tencent\qq\QQSceneMng.dll]  <N/A><N/A>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 2356][D:\Program Files\Messenger\msmsgs.exe]  <Microsoft Corporation><4.7.3000>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 2564][D:\Program Files\MSN Messenger\msnmsgr.exe]  <Microsoft Corporation><7.5.0324>
    [D:\Program Files\MSNShell\BIN\ShellDll02.dll]  <MSNShell Team><4.2.25.7>
    [D:\Program Files\MSNShell\BIN\Skin\SkinPlusPlusDLL.dll]  <><1, 0, 0, 1>
    [D:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
[PID: 2708][D:\Program Files\Tencent\qq\TMDlls\TIMPlatform.exe]  <tencent><0, 3, 1, 8>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
    [D:\Program Files\Tencent\qq\TMDlls\TIMProxy.dll]  <tencent><0, 3, 2, 4>
[PID: 1720][D:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\WINDOWS\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [D:\PROGRA~1\Sina\ddt\DDTONG~1.DLL]  <北京新浪信息技术有限公司><1, 2, 1, 5>
    [D:\PROGRA~1\Sina\ddt\ddtinit.dll]  <北京新浪信息技术有限公司><1, 2, 1, 7>
    [D:\PROGRA~1\Sina\ddt\DDTUpdate.dll]  <北京新浪信息技术有限公司><1, 2, 1, 1>
    [D:\PROGRA~1\Sina\ddt\ddtwea.ocx]  <北京新浪信息技术有限公司><1, 1, 0, 7>
    [D:\PROGRA~1\Sina\ddt\DDTcomm.dll]  <北京新浪信息技术有限公司><1, 1, 0, 3>
    [D:\WINDOWS\system32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,14,0>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 204][D:\WINDOWS\notepad.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 4084][D:\foxmail\Foxmail.exe]  <Boda Network Technology Inc.><5.0>
    [D:\foxmail\FoxAntiSpam.dll]  <N/A><N/A>
    [D:\foxmail\3rdParty\punylib.dll]  <CNNIC><1, 0, 0, 3>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 2648][D:\Program Files\WinRAR\WinRAR.exe]  <N/A><N/A>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>
[PID: 976][D:\DOCUME~1\shi\LOCALS~1\Temp\Rar$EX00.844\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [D:\Program Files\MSNShell\BIN\ShellDll.dll]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [D:\WINDOWS\hh.exe %1]
.HLP  Error. [D:\WINDOWS\winhlp32.exe %1]
.INI  Error. [D:\WINDOWS\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  Error. [wscript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT