服务名称        是否运行              描述
RemoteRegistry [已停止] [说明:这个服务可能被利用远程操作注册表]
Windows Time  [运行中] [说明:这个服务可能被黑客利用来启动木马]
Telnet        [已停止] [说明:这个服务可能被黑客登录到您计算机]
Messenger      [运行中] [说明:这个服务常被广告商用来发垃圾广告]
Server        [运行中] [说明:如果你的电脑不用局域网中,可以关闭]


-----------------------计算机网络端口----------------------
协议      端口号              端口类型
TCP        135        微软DCE RPC end-point mapper服务
TCP        445        Microsoft-DS
TCP      1124        未知类型
TCP      1130        未知类型
TCP      1210        未知类型
TCP      1238        未知类型
TCP      1239        未知类型
TCP      1242        未知类型
TCP      1244        未知类型
TCP      1255        未知类型
TCP      1256        未知类型
TCP      1257        未知类型
TCP      1258        未知类型
TCP      1259        未知类型
TCP      1260        未知类型
TCP      1267        未知类型
TCP      1268        未知类型
TCP      1269        未知类型
TCP      1270        未知类型
TCP      1271        未知类型
TCP      1028        未知类型
TCP        139        微软Netbios Name服务(用于文件及打印机共享)
TCP        445        公共Internet文件系统(CIFS)
TCP        500        Internet密钥交换
TCP      1032        Akosch4
TCP      1039        未知类型
TCP      1040        未知类型
TCP      1041        未知类型
TCP      4500        sae-urn
TCP        123        未知类型
TCP      1900        未知类型
TCP        123        未知类型
TCP      1049        未知类型
TCP      1077        未知类型
TCP      1209        未知类型
TCP      1900        未知类型
TCP        123        未知类型
TCP        137        未知类型
TCP        138        未知类型
TCP      1900        未知类型


--------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\csrss.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:3]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:4]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:5]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:6]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:7]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:8]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:9]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:10]
[名称:C:\WINDOWS\Explorer.EXE]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:11]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:12]
[名称:C:\WINDOWS\system32\Rundll32.exe]
[类型:运行进程]
[内容:未知]

[编号:13]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:14]
[名称:C:\WINDOWS\system32\rundll32.exe]
[类型:运行进程]
[内容:未知]

[编号:15]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]
[类型:运行进程]
[内容:  YLive Copyright ? 2005]

[编号:16]
[名称:C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]
[类型:运行进程]
[内容:Yahoo! AssistSetting Copyright cn.yahoo.com 2004]

[编号:17]
[名称:C:\WINDOWS\SOUNDMAN.EXE]
[类型:运行进程]
[内容:Avance Sound Manager Copyright (c) 2001-2002 Avance Logic, Inc.]

[编号:18]
[名称:C:\Program Files\Common Files\Real\Update_OB\realsched.exe]
[类型:运行进程]
[内容:RealPlayer (32-bit)  Copyright ? RealNetworks, Inc. 1995-2004]

[编号:19]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:20]
[名称:C:\Program Files\MSN Messenger\msnmsgr.exe]
[类型:运行进程]
[内容:MSN Messenger Copyright (c) Microsoft Corporation 1997-2004]

[编号:21]
[名称:C:\WINDOWS\System32\alg.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:22]
[名称:C:\WINDOWS\system32\rundll32.exe]
[类型:运行进程]
[内容:未知]

[编号:23]
[名称:C:\Program Files\完美卸载V2006\MainCon.exe]
[类型:运行进程]
[内容:MainCon 应用程序 版权所有 (C) 2004]

[编号:24]
[名称:C:\WINDOWS\system32\wuauclt.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:25]
[名称:C:\Program Files\完美卸载V2006\TrCleaner.exe]
[类型:运行进程]
[内容:TrCleaner 应用程序 版权所有 (C) 2004]

[编号:26]
[名称:C:\Program Files\完美卸载V2006\WmSysPro.exe]
[类型:运行进程]
[内容:系统保护+网络防火墙 版权所有 (C)剑锋工作室]

[编号:27]
[名称:C:\Program Files\完美卸载V2006\syssec.exe]
[类型:运行进程]
[内容:完美卸载V2006-ChinaHijackThis 版权所有 (C) 2006]

[编号:28]
[分隔符:---------------------------------------------------------------------]

[编号:29]
[名称:C:\WINDOWS\DOWNLO~1\CnsMin.dll]
[类型:已加载DLL]
[内容:3721 CnsMin 版权所有 (C) 2001 - 2005]

[编号:30]
[名称:C:\PROGRA~1\MMSASS~1\Mmsass~1.dll]
[类型:已加载DLL]
[内容:Vision Copyright 2006]

[编号:31]
[名称:C:\PROGRA~1\3721\helper.dll]
[类型:已加载DLL]
[内容:Helper Module Copyright 2004]

[编号:32]
[名称:C:\PROGRA~1\3721\alrex.dll]
[类型:已加载DLL]
[内容:alrex Module Copyright 2006]

[编号:33]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]
[类型:已加载DLL]
[内容:Helper Module Copyright 2004]

[编号:34]
[名称:C:\WINDOWS\DOWNLO~1\CnsHook.dll]
[类型:已加载DLL]
[内容:3721 CNS Module 版权所有 (C) 2001 - 2004]

[编号:35]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ywiper.dll]
[类型:已加载DLL]
[内容: Wiper 动态链接库 版权所有 (C) 2005]

[编号:36]
[名称:C:\Program Files\WinRAR\rarext.dll]
[类型:已加载DLL]
[内容:未知]

[编号:37]
[名称:C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]
[类型:已加载DLL]
[内容:3721 CnsMinIO 版权所有 (C) 2001 - 2004]

[编号:38]
[名称:C:\WINDOWS\DOWNLO~1\cnsio.dll]
[类型:已加载DLL]
[内容:3721 CnsIO 版权所有 (C) 2001 - 2004]

[编号:39]
[名称:C:\PROGRA~1\3721\autolive.dll]
[类型:已加载DLL]
[内容:AutoLive Module Copyright 2004]

[编号:40]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]
[类型:已加载DLL]
[内容:YAlive Module Copyright 2005]

[编号:41]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]
[类型:已加载DLL]
[内容:  LiveEx Copyright ? 2005]

[编号:42]
[名称:C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll]
[类型:已加载DLL]
[内容:yassecblk module ]

[编号:43]
[名称:C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll]
[类型:已加载DLL]
[内容:Yahoo MenuInfo Copyright Yahoo!]

[编号:44]
[名称:C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll]
[类型:已加载DLL]
[内容:Yahoo IEAngel Copyright Yahoo! 2004]

[编号:45]
[名称:C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll]
[类型:已加载DLL]
[内容:yAsMenu module ]

[编号:46]
[名称:C:\Program Files\MSN Messenger\RICHED20.dll]
[类型:已加载DLL]
[内容:Jiangmin KV Copyright (C) 2004]

[编号:47]
[名称:C:\WINDOWS\system32\msdmo.dll]
[类型:已加载DLL]
[内容:(null) (null)]

[编号:48]
[名称:C:\Progra~1\IE-BAR\Cast\dmipn.dll]
[类型:已加载DLL]
[内容:Desktop Media 版权所有 (C) 2005 - 2006]

[编号:49]
[名称:C:\Progra~1\IE-BAR\Cast\dmshell.dll]
[类型:已加载DLL]
[内容:Desktop Media 版权所有 (C) 2005 - 2006]

[编号:50]
[名称:C:\Progra~1\IE-BAR\Cast\215~1.0\dmplayer.dll]
[类型:已加载DLL]
[内容:Desktop Media 版权所有 (C) 2005 - 2006]

[编号:51]
[名称:C:\Program Files\完美卸载V2006\ScanEngine.dll]
[类型:已加载DLL]
[内容:ScanEngine 完美病毒引擎文件 版权所有 (C) 2005]

[编号:52]
[名称:C:\WINDOWS\system32\Protect.sys]
[类型:已加载DLL]
[内容:未知]

[编号:53]
[分隔符:---------------------------------------------------------------------]

[编号:54]
[名称:IMJPMIG8.1]
[类型:开机启动]
[内容:"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32]

[编号:55]
[名称:PHIME2002ASync]
[类型:开机启动]
[内容:C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC]

[编号:56]
[名称:PHIME2002A]
[类型:开机启动]
[内容:C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName]

[编号:57]
[名称:IgfxTray]
[类型:开机启动]
[内容:rem C:\WINDOWS\System32\igfxtray.exe]

[编号:58]
[名称:HotKeysCmds]
[类型:开机启动]
[内容:rem C:\WINDOWS\System32\hkcmd.exe]

[编号:59]
[名称:BigDogPath]
[类型:开机启动]
[内容:rem C:\WINDOWS\VM_STI.EXE USB PC Camera 301P]

[编号:60]
[名称:helper.dll]
[类型:开机启动]
[内容:C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32]

[编号:61]
[名称:YLive.exe]
[类型:开机启动]
[内容:C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]

[编号:62]
[名称:yassistse]
[类型:开机启动]
[内容:"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"]

[编号:63]
[名称:CnsMin]
[类型:开机启动]
[内容:Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32]

[编号:64]
[名称:SoundMan]
[类型:开机启动]
[内容:SOUNDMAN.EXE]

[编号:65]
[名称:Windows木马防火墙]
[类型:开机启动]
[内容:C:\Program Files\ftc\Trojanwall.exe]

[编号:66]
[名称:stup.exe]
[类型:开机启动]
[内容:C:\PROGRA~1\TENCENT\Adplus\stup.exe]

[编号:67]
[名称:PowerOnScan]
[类型:开机启动]
[内容:C:\Program Files\完美卸载V2006\CleanTips.exe]

[编号:68]
[名称:TkBellExe]
[类型:开机启动]
[内容:"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot]

[编号:69]
[分隔符:---------------------------------------------------------------------]

[编号:70]
[名称:AFD 网络支持环境]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\afd.sys]

[编号:71]
[名称:Service for Avance AC97 Audio (WDM)]
[类型:服务:Windows (R) WDM driver for Avance AC'97 Audio Copyright (c) Avance Logic, Inc.1998-2002]
[内容:C:\WINDOWS\system32\drivers\alcxwdm.sys]

[编号:72]
[名称:Apaidi]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\apaidi.sys]

[编号:73]
[名称:CnsMinKP]
[类型:服务:KMD Copyright (c) 3721 Corporation.]
[内容:C:\WINDOWS\system32\drivers\cnsminkp.sys]

[编号:74]
[名称:DCOM 服务器进程启动器]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:75]
[名称:NETGEAR FA330/FA312/FA311 Fast Ethernet Adapter Driver]
[类型:服务:NETGEAR FA312 Fast Ethernet NDIS 5.0 Miniport Driver Copyright (C) NETGEAR Corp. 1998, 1999]
[内容:C:\WINDOWS\system32\drivers\fa312nd5.sys]

[编号:76]
[名称:gwiopm]
[类型:服务:未知]
[内容:c:\program files\wom\gwiopm.sys]

[编号:77]
[名称:KWATCH]
[类型:服务:未知]
[内容:c:\kav2003\kwatch.sys]

[编号:78]
[名称:New0]
[类型:服务:未知]
[内容:c:\windows\system32\new.sys]

[编号:79]
[名称:npkcrypt]
[类型:服务:nProtect KeyCrypt Driver Copyright (C) INCA Internet. 2000-2005]
[内容:c:\program files\tencent\qq\npkcrypt.sys]

[编号:80]
[名称:npkycryp]
[类型:服务:未知]
[内容:c:\program files\tencent\qq\npkycryp.sys]

[编号:81]
[名称:PProtect]
[类型:服务:未知]
[内容:c:\progra~1\kv2006\pprotect.sys]

[编号:82]
[名称:R2A]
[类型:服务:未知]
[内容:c:\windows\system32a2.sys]

[编号:83]
[名称:Remote Procedure Call (RPC)]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:84]
[名称:Secdrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\secdrv.sys]

[编号:85]
[名称:System Restore Filter Driver]
[类型:服务:未知]
[内容:\SystemRoot\System32\DRIVERS\sr.sys]

[编号:86]
[名称:SSProt]
[类型:服务:SSProt 腾讯科技（深圳）有限公司]
[内容:C:\WINDOWS\system32\drivers\ssprot.sys]

[编号:87]
[名称:Terminal Services]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:88]
[名称:VGA 显示控制器。]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\vga.sys]

[编号:89]
[名称:WmNdisDrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\wmndisdrv.sys]

[编号:90]
[名称:WmRegProDrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\wmregprodrv.sys]

[编号:91]
[名称:Windows 套接字 2 .0 Non-IFS 服务提供程序支持环境]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\ws2ifsl.sys]

[编号:92]
[名称:USB PC Camera 301P]
[类型:服务:VM., 2002. VM., 2002.]
[内容:C:\WINDOWS\system32\drivers\usbvm31b.sys]

[编号:93]
[名称:Intel(R) Graphics Platform (SoftBIOS) Driver]
[类型:服务:Intel Graphics Accelerator Drivers for Windows NT(R) Copyright (c) 1998-2003 Intel Corporation.]
[内容:C:\WINDOWS\system32\drivers\ialmsbw.sys]

[编号:94]
[名称:Intel(R) Graphics Chipset (KCH) Driver]
[类型:服务:Intel Graphics Accelerator Drivers for Windows NT(R) Copyright (c) 1998-2003 Intel Corporation.]
[内容:C:\WINDOWS\system32\drivers\ialmkchw.sys]

[编号:95]
[分隔符:---------------------------------------------------------------------]

[编号:96]
[名称:Start Page]
[类型:IE主页-当前用户]
[内容:]

[编号:97]
[名称:Search Page]
[类型:IE搜索-当前用户]
[内容:http://www.yahoo.com.cn]

[编号:98]
[名称:Start Page]
[类型:IE主页-所有用户]
[内容:about:blank]

[编号:99]
[名称:Search Page]
[类型:IE搜索-所有用户]
[内容:http://www.yahoo.com.cn]

[编号:100]
[名称:Default_Page_URL]
[类型:默认IE主页-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome]

[编号:101]
[名称:Default_Search_URL]
[类型:默认IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:102]
[分隔符:---------------------------------------------------------------------]

[编号:103]
[名称:AntiFish Class]
[类型:IE 嵌入对象]
[内容:C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll]

[编号:104]
[名称:雅虎助手]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]

[编号:105]
[名称:QQBrowserHelperObject Class]
[类型:IE 嵌入对象]
[内容:C:\Program Files\Tencent\qq\QQIEHelper.dll]

[编号:106]
[名称:DragSearch BHO]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]

[编号:107]
[名称:MMSAssist BHO]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\MMSASS~1\Mmsass~1.dll]

[编号:108]
[名称:CpapView Class]
[类型:IE 嵌入对象]
[内容:C:\WINDOWS\system32\cacb.dll]

[编号:109]
[名称:BandIE Class]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\baidu\bar\baidubar.dll]

[编号:110]
[名称:win32core Class]
[类型:IE 嵌入对象]
[内容:C:\WINDOWS\system32\win32help02.dll]

[编号:111]
[名称:IEhlprObj Class]
[类型:IE 嵌入对象]
[内容:C:\WINDOWS\stdie.dll]

[编号:112]
[名称:IeCatch2 Class]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\FLASHGET\JCCATCH.DLL]

[编号:113]
[名称:CnsHook Class]
[类型:IE 嵌入对象]
[内容:C:\WINDOWS\DOWNLO~1\CnsHook.dll]

[编号:114]
[名称:internet explorer helper]
[类型:IE 嵌入对象]
[内容:C:\WINDOWS\system32\mshelper.dll]

[编号:115]
[分隔符:---------------------------------------------------------------------]

[编号:116]
[名称:{367E0A21-8601-4986-9C9A-153BF5ACA118}]
[类型:IE 扩展按钮]
[内容:2 路径:2]

[编号:117]
[名称:{507F9113-CD77-4866-BA92-0E86DA3D0B97}]
[类型:IE 扩展按钮]
[内容:Yahoo 1G电邮 路径:http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail]

[编号:118]
[名称:{59BC54A2-56B3-44a0-93E5-432D58746E26}]
[类型:IE 扩展按钮]
[内容:寻宝乐趣多 路径:http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao]

[编号:119]
[名称:{5D73EE86-05F1-49ed-B850-E423120EC338}]
[类型:IE 扩展按钮]
[内容:雅虎助手 路径:http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist]

[编号:120]
[名称:{6671A433-5C3D-463d-A7CF-5587F9B7E191}]
[类型:IE 扩展按钮]
[内容:http 路径:http]

[编号:121]
[名称:{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}]
[类型:IE 扩展按钮]
[内容:http 路径:http]

[编号:122]
[名称:{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}]
[类型:IE 扩展按钮]
[内容:情景聊天 路径:http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/]

[编号:123]
[名称:{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71}]
[类型:IE 扩展按钮]
[内容:http 路径:http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair]

[编号:124]
[名称:{FD00D911-7529-4084-9946-A29F1BDF4FE5}]
[类型:IE 扩展按钮]
[内容:http 路径:http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean]

[编号:125]
[分隔符:---------------------------------------------------------------------]

[编号:126]
[名称:  >> 彩信发送 <<]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:127]
[名称:>>彩信发送<<]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:128]
[名称:上传到QQ网络硬盘]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:129]
[名称:使用网际快车下载]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:130]
[名称:使用网际快车下载全部链接]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:131]
[名称:添加到QQ自定义面板]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:132]
[名称:添加到QQ表情]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:133]
[名称:用QQ彩信发送该图片]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:134]
[名称:百度--MP3搜索]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:135]
[名称:百度--图片搜索]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:136]
[名称:百度--新闻搜索]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:137]
[名称:百度--歌词搜索]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:138]
[名称:百度--网页搜索]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:139]
[名称:百度--词典搜索]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:140]
[名称:百度--贴吧搜索]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:141]
[名称:雅虎搜索]
[类型:IE 右键按钮]
[内容: 路径:nsbu]

[编号:142]
[分隔符:---------------------------------------------------------------------]

[编号:143]
[名称:{233A9694-667E-11D1-9DFB-006097D50408}]
[类型:Outlook Express Address Book <IE控件>]
[内容:%ProgramFiles%\Outlook Express\msoe.dll]

[编号:144]
[名称:{2d2e24cb-0cd5-458f-86ea-3e6fa22c8e64}]
[类型:VMR Allocator Presenter 9 <IE控件>]
[内容:%SystemRoot%\system32\quartz.dll]

[编号:145]
[名称:{51b4abf3-748f-4e3b-a276-c828330e926a}]
[类型:Video Mixing Renderer 9 <IE控件>]
[内容:%SystemRoot%\system32\quartz.dll]

[编号:146]
[名称:{e4979309-7a32-495e-8a92-7b014aad4961}]
[类型:VMR ImageSync 9 <IE控件>]
[内容:%SystemRoot%\system32\quartz.dll]

[编号:147]
[分隔符:---------------------------------------------------------------------]

[编号:148]
[名称:PostBootReminder]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:149]
[名称:CDBurn]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:150]
[名称:WebCheck]
[类型:正常嵌入对象]
[内容:%SystemRoot%\System32\webcheck.dll]

[编号:151]
[名称:SysTray]
[类型:正常嵌入对象]
[内容:C:\WINDOWS\System32\stobject.dll]

[编号:152]
[名称:stdup]
[类型:正常嵌入对象]
[内容:C:\WINDOWS\SYSTEM32\stdup.dll]

[编号:153]
[名称:Vision]
[类型:正常嵌入对象]
[内容:C:\PROGRA~1\MMSASS~1\Mmsass~1.dll]

[编号:154]
[分隔符:---------------------------------------------------------------------]

[编号:155]
[名称:]
[类型:EXE关联]
[内容:"%1" %*]

[编号:156]
[名称:]
[类型:TXT关联]
[内容:%SystemRoot%\system32\NOTEPAD.EXE %1]

[编号:157]
[名称:]
[类型:vbs关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:158]
[名称:]
[类型:Js关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:159]
[名称:]
[类型:htmlfile关联]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:160]
[名称:]
[类型:HTTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:161]
[名称:]
[类型:FTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" %1]

[编号:162]
[分隔符:---------------------------------------------------------------------]

[编号:163]
[名称:c:\windows\system32\sbe.dll]
[类型:第三方 COM/ActiveX组件]
[内容:PSFactoryBuffer---发布公司:(null) (null)]

[编号:164]
[名称:c:\windows\system32\admwprox.dll]
[类型:第三方 COM/ActiveX组件]
[内容:PSFactoryBuffer---发布公司:未知]

[编号:165]
[名称:c:\windows\system32\deskpan.dll]
[类型:第三方 COM/ActiveX组件]
[内容:显示摇曳 CPL 扩展---发布公司:未知]

[编号:166]
[名称:c:\windows\system32\dmipn.dll]
[类型:第三方 COM/ActiveX组件]
[内容:IE-BAR Client Monitor---发布公司:未知]

[编号:167]
[名称:c:\windows\system32\admwprox.dll]
[类型:第三方 COM/ActiveX组件]
[内容:PSFactoryBuffer---发布公司:未知]

[编号:168]
[名称:c:\windows\system32\admwprox.dll]
[类型:第三方 COM/ActiveX组件]
[内容:PSFactoryBuffer---发布公司:未知]

[编号:169]
[名称:c:\windows\system32\admwprox.dll]
[类型:第三方 COM/ActiveX组件]
[内容:PSFactoryBuffer---发布公司:未知]

[编号:170]
[名称:c:\windows\system32\admwprox.dll]
[类型:第三方 COM/ActiveX组件]
[内容:PSFactoryBuffer---发布公司:未知]

【回复“baishibaishi”的帖子】
http://forum.ikaka.com/topic.asp?board=28&artid=6979213
(1楼附件)
下载HIJACKTHIS
导出全部日志

完美杀毒伴侣 查毒报告
---------------------
查毒日期:2006年5月24日11时18分
查毒结果:
文件:          C:\WINDOWS\system32\socul.dll,病毒名称:Adware.05123022.Trojan