[PID: 1492][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3080][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3148][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2896][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1636][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2596][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2620][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3360][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 244][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2152][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3904][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3608][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2736][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 4064][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 692][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 512][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3808][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2452][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3404][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 552][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3768][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1560][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3228][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3012][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 4000][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 252][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2840][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3620][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3408][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3804][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3728][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2132][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1976][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3284][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2812][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1580][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3572][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 580][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2412][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3740][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2100][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1516][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3624][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2740][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3368][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]

[PID: 3576][F:\骑士\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 5, 4, 266]
    [G:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [G:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [F:\骑士\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
    [F:\骑士\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 12, 2, 44]
    [F:\骑士\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 12, 2, 44]
    [F:\骑士\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 8]
    [F:\骑士\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 13]
    [G:\WINDOWS\System32\Macromed\Flash\Flash8.ocx]  [Macromedia, Inc., 8,0,22,0]
    [F:\骑士\Components\DiagnoseHelper\DiagnoseHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
    [F:\骑士\Components\PortVerify\PortVerify.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [F:\骑士\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [F:\骑士\Components\DTAG\DTAG.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [F:\骑士\Program\LiveUpdate.dll]  [, 1, 0, 1, 17]
    [F:\骑士\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 15]
    [F:\骑士\Components\InMedia\iEmbed08.dll]  [　, 3, 2, 0, 63]
    [F:\骑士\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 14]
    [F:\骑士\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 2, 1, 43]
    [F:\骑士\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 6]
    [F:\骑士\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 13]
    [F:\骑士\Components\VPSHELL\VPSHELL.dll]  [, 1, 0, 0, 1]
    [F:\骑士\Components\VPSHELL\VideoPicture.dll]  [XunLei, 1, 0, 0, 1]
    [F:\骑士\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 2, 0, 1, 38]
    [F:\骑士\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [G:\PROGRA~1\3721\assist\asbar.dll]  [3721, 1, 0, 1, 1021]
    [G:\WINDOWS\System32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [G:\WINDOWS\System32\tsd32.dll]  [N/A, N/A]
    [G:\WINDOWS\System32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [G:\WINDOWS\System32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [G:\WINDOWS\System32\L3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [G:\WINDOWS\System32\DivXa32.acm]  [Hacked With Joy !, 4.1.00.3920]
    [G:\WINDOWS\System32\msdmo.dll]  [N/A, N/A]
[PID: 2092][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2080][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2156][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3836][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2300][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1632][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1948][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1832][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1148][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 892][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3472][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3692][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2696][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2920][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3840][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3100][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3432][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2960][G:\WINDOWS\System32\net.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2844][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3244][G:\WINDOWS\System32\net1.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 716][F:\骑士\SRENG2~1\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [G:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [G:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  Error. [wuaucll.exe "%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["G:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. []
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[D:\]
[AutoRun]
open=update.exe
[E:\]
[AutoRun]
open=update.exe
[F:\]
[AutoRun]
open=update.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]

我用的瑞星杀不出毒呀！！！

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CnsMin><Rundll32.exe G:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<helper.dll><G:\WINDOWS\system32\rundll32.exe G:\PROGRA~1\3721\helper.dll,Rundll32> []

3721的,可以删除~

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe wuaucll.exe> [N/A]
后面的 wuaucll.exe去掉~


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><G:\WINDOWS\DOWNLO~1\CnsHook.dll> [北京三七二一科技有限公司]

3721的,干掉~




[VNC Server / winvnc][Stopped/Auto Start]
<"G:\Program Files\ORL\VNC\WinVNC.exe" -service><N/A>

这个服务删除了~

G:\WINDOWS\Downloaded Program Files\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 2]
[G:\WINDOWS\DOWNLO~1\CnsHook.dll] [北京三七二一科技有限公司, 2, 5, 0, 2]
[G:\PROGRA~1\3721\helper.dll] [, 2, 5, 0, 1003]
[G:\PROGRA~1\3721\alrex.dll] [, 2.5.0.1002]
[G:\PROGRA~1\3721\autolive.dll] [, 2, 5, 0, 1002]
[G:\PROGRA~1\3721\alLiveEx.dll] [ , 1, 0, 3, 1006]
[G:\PROGRA~1\3721\assist\asnoad.dll] [, 1, 0, 0, 9]
[g:\progra~1\3721\assist\adfilter.dll] [ , 1, 0, 1, 6]
[G:\PROGRA~1\3721\assist\repair.dll] [北京三七二一科技有限公司, 1, 0, 4, 1001]
[G:\PROGRA~1\3721\assist\asfsks.dll] [3721.com, 2, 1, 1, 87]
[G:\PROGRA~1\3721\assist\optimum.dll] [N/A, N/A]
[G:\PROGRA~1\3721\assist\XPStyle.dll] [N/A, N/A]
[G:\PROGRA~1\3721\Shell\Assecblk.dll] [3721, 1, 0, 1, 1001]
[G:\PROGRA~1\3721\assist\asbar.dll] [3721, 1, 0, 1, 1021]
[G:\PROGRA~1\3721\assist\tbwrap.dll] [3721, 1, 0, 0, 2]
[G:\PROGRA~1\3721\assist\aswiper.dll] [3721, 1, 0, 1, 1004]
[G:\PROGRA~1\3721\assist\asiesec.dll] [yahoo, 1, 0, 0, 9]
[F:\骑士\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
[G:\WINDOWS\Downloaded Program Files\CnsMinIO.dll] [北京三七二一科技有限公司, 1, 0, 3, 6]
[G:\WINDOWS\Downloaded Program Files\cnsio.dll] [北京三七二一科技有限公司, 1, 0, 2, 7]

汗..上面那些是注入EXPLORER.EXE的,全部都干掉了~
可以用清理流氓软件的软件~~!

[PID: 1180][G:\WINDOWS\System32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]

这个先终止掉,不要删~



...........眼睛都花了...不看了~N长

你根本没有用任何杀软,你去杀毒后再发个粘上来吧~!!!!T_T

漂过……

先下瑞星和卡卡，现在免费。