Logfile of Kaka v Scan Module v2. 0. 0. 1
Scan saved at 17:21:33, on 2003-07-26
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.yahoo.com.cn/?source=toolbar_yassist_button&pid=416169_1006
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.265.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,default_page_url=C:\WINDOWS\Web\index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.yahoo.com.cn
O2 - BHO: MSURL Class - {6CDD9D1F-7501-4B0F-90CD-5ADA4F15E6E8} - C:\WINDOWS\system32\MSURLPAR.dll
O2 - BHO: Thunder Browser Helper - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: 卡卡上网安全助手 - {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} - C:\WINDOWS\system32\kakatool.dll (file missing)
O3 - Toolbar: 快捷工具条3.1.5 - {BE830FD4-E393-417F-9F4B-CC70ABB3384C} - C:\WINDOWS\system32\IETool.dll (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll (file missing)
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [t2i] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iexplorer.exe
O4 - HKCU\..\Run: [ysjjlbx] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\c0nime.exe
O4 - HKCU\..\Run: [Shell] "C:\WINDOWS\system32\Rundll32.exe" "C:\WINDOWS\system32\shell32.dll",Control_RunDLL "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dat1.tmp"
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [RAV012F] C:\WINDOWS\system32\RAV012F.exe
O4 - HKLM\..\Run: [TIMHost] C:\WINDOWS\TIMHost.exe
O4 - HKLM\..\Run: [WinForm] C:\WINDOWS\WinForm.exe
O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exe
O4 - HKLM\..\Run: [RAV008C] C:\WINDOWS\system32\RAV008C.exe
O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe
O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exe
O4 - HKLM\..\Run: [RAV00A0] C:\WINDOWS\system32\RAV00A0.exe
O4 - HKLM\..\RunOnce: [GrpConv] grpconv.exe -o
O4 - Startup: desktop.ini =
O4 - Global Startup: desktop.ini =
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\msipfilter.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\msipfilter.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O16 - DPF: {CA234A53-E68D-44D5-A07C-481C051D0C7A} (KVFileUpdate Class) - http://online1.jiangmin.com/kvbaidukillonline/OLDown.cab
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system

下载瑞星听诊器，按照网页要求将“瑞星听诊信息.htm”发送到http://up.rising.com.cn/webmail/othernew.htm
瑞星听诊器下载地址
http://it.rising.com.cn/Channels/Service/2006-07/1153115164d21020.shtml