2006-10-11,21:51:16

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件


启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [(Verified)Microsoft Corporation]
(MsnMsgr)("C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background) [Microsoft Corporation]
(Skype)("C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized) [(Verified)N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
(run)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [(Verified)Microsoft Corporation]
(PHIME2002ASync)(C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [(Verified)Microsoft Corporation]
(PHIME2002A)(C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [(Verified)Microsoft Corporation]
(NvCplDaemon)(RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup) [(Verified)NVIDIA Corporation]
(nwiz)(nwiz.exe /install) [NVIDIA Corporation]
(SoundMan)(SOUNDMAN.EXE) [(Verified)Realtek Semiconductor Corp.]
(Device Detector)(DevDetect.exe -autorun) [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [(Verified)Microsoft Corporation]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [(Verified)Microsoft Corporation]




--------------------------------------------------------------------------------



启动文件夹

[Adobe Gamma Loader]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --) C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.])(N)
[AutoCAD Startup Accelerator]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD Startup Accelerator.lnk --) C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [Autodesk, Inc])(N)
[Adobe Reader Speed Launch]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --) C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [Adobe Systems Incorporated])(N)
[Acrobat Assistant]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Acrobat Assistant.lnk --) C:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\acrotray.exe [Adobe Systems Inc.])(N)
[Rainlendar精美日历]
(C:\Documents and Settings\Wuma\「开始」菜单\程序\启动\Rainlendar精美日历.lnk --) C:\PROGRA~1\RAINLE~1\RAINLE~1.EXE [N/A])(N)
[金山词霸 2006]
(C:\Documents and Settings\Wuma\「开始」菜单\程序\启动\金山词霸 2006.lnk --) C:\PROGRA~1\Kingsoft\POWERW~1\XDICT.EXE [Kingsoft Co, Ltd.])(N)



--------------------------------------------------------------------------------

服务

[ASP.NET State Service / aspnet_state]
(C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe)(Microsoft Corporation)
[ASP.NET Work State Service / aspwstate]
(C:\WINDOWS\System32\svchost.exe -k aspwstate--)c:\windows\system32\aspwswin.dll)(Microsoft Corporation)
[Autodesk Licensing Service / Autodesk Licensing Service]
("C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe")(Autodesk)
[Office Backup Engine / Framework]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)C:\WINDOWS\system32\mssapi.dll)(Microsoft Corporation)
[Human Interface Device Access / HidServ]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A)
[McAfee Framework Service / McAfeeFramework]
(C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart)(Network Associates, Inc.)
[Network Associates McShield / McShield]
("C:\Program Files\Network Associates\VirusScan\Mcshield.exe")(Network Associates, Inc.)
[Network Associates Task Manager / McTaskManager]
("C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe")(Network Associates, Inc.)
[NetFrame Wireless Configuration / NFSWZCSVC]
(C:\WINDOWS\System32\svchost.exe -k NFSWZCSVC--)c:\windows\system32\nfswzwin32.dll)(Microsoft Corporation)
[Indexing Data / NHLscA]
(C:\WINDOWS\SYSTEM32\RUNDLL.EXE C:\WINDOWS\SYSTEM32\WBEM\SMTPCONFS.DLL,Export 1087)(Microsoft Corporation)
[NVIDIA Display Driver Service / NVSvc]
(C:\WINDOWS\system32\nvsvc32.exe)(NVIDIA Corporation)
[RsRavMon Service / RsRavMon]
("C:\Program Files\Rising\Rav\Ravmond.exe")(N/A)
[SVCHOST / SystemInspect]
(C:\Program Files\SystemInspect\SVCHAST.exe)(N/A)



--------------------------------------------------------------------------------



驱动程序

[a347bus / a347bus]
(\SystemRoot\system32\DRIVERS\a347bus.sys)()
[a347scsi / a347scsi]
(\SystemRoot\System32\Drivers\a347scsi.sys)()
[Agere Systems Soft Modem / AgereSoftModem]
(system32\DRIVERS\AGRSM.sys)(Agere Systems)
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
(system32\drivers\ALCXWDM.SYS)(Realtek Semiconductor Corp.)
[标准 IDE/ESDI 硬盘控制器 / atapi]
(\SystemRoot\system32\DRIVERS\atapi.sys)(N/A)
[Rising TDI Base Driver / BaseTDI]
(System32\DRIVERS\BaseTDI.SYS)(Beijing Rising Technology Co., Ltd.)
[EMSCR / EMSCR]
(system32\DRIVERS\EMS7SK.sys)(ENE Technology Inc.)
[ESDCR / ESDCR]
(system32\DRIVERS\ESD7SK.sys)(ENE Technology Inc.)
[HOOKAPI / HOOKAPI]
(\??\C:\PROGRAM FILES\RISING\RAV\HookApi.Sys)(N/A)
[HookCont / HookCont]
(\??\C:\Program Files\Rising\Rav\HOOKCONT.sys)(N/A)
[HookSys / HookSys]
(\??\C:\Program Files\Rising\Rav\HookSys.sys)(N/A)
[NaiAvFilter1 / NaiAvFilter1]
(system32\drivers\naiavf5x.sys)(McAfee Inc.)
[NaiAvTdi1 / NaiAvTdi1]
(system32\drivers\mvstdi5x.sys)(Network Associates, Inc.)
[npkcrypt / npkcrypt]
(\??\C:\Program Files\Tencent\qq\npkcrypt.sys)(INCA Internet Co., Ltd.)
[nv / nv]
(system32\DRIVERS\nv4_mini.sys)(NVIDIA Corporation)
[nwlnksipx / nwlnksipx]
(\??\C:\WINDOWS\system32\drivers\nwlnksipx.sys)(Microsoft Corporation)
[ProcServ / ProcServ]
(\??\C:\WINDOWS\system32\drivers\ProcServ.sys)(N/A)
[Direct Parallel Link Driver / Ptilink]
(system32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
(system32\DRIVERS\RTL8139.SYS)(Realtek Semiconductor Corporation)
[Secdrv / Secdrv]
(system32\DRIVERS\secdrv.sys)(N/A)
[Vtion-V1802E CDMA Modem driver / SocketDIOSerial]
(system32\DRIVERS\sio9502k.sys)(Socket Communications, Inc.)
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51]
(system32\DRIVERS\w29n51.sys)(Intel? Corporation)



--------------------------------------------------------------------------------

浏览器加载项

[netup]
{0A44CDEC-87D0-4D4D-BF97-DE9AFB9B104A} (C:\WINDOWS\system32\netiup.dll, )
[SYM]
{36BF6929-DCBC-4CCD-A620-C5E3BBA77B95} (C:\WINDOWS\system32\usersrd.dll, )
[雅虎WIDGET]
{6354ABE6-05F1-49ed-B850-E423120EC338} (http://cn.widget.yahoo.com/index.htm?source=Cns, N/A)
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} (C:\Program Files\Tencent\qq\QQ.EXE, TENCENT)
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft)
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} (C:\Program Files\Tencent\qq\QQIEHelper.dll, N/A)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft)
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A)
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll, N/A)
[netup]
{0A44CDEC-87D0-4D4D-BF97-DE9AFB9B104A} (C:\WINDOWS\system32\netiup.dll, )
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} (C:\Program Files\Common Files\CPUSH\cpush.dll, N/A)
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} (C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation)
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} (%SystemRoot%\system32\mshtml.dll, N/A)
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} (C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation)
[SYM]
{36BF6929-DCBC-4CCD-A620-C5E3BBA77B95} (C:\WINDOWS\system32\usersrd.dll, )
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A)
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} (C:\Program Files\Tencent\qq\QQIEHelper.dll, N/A)
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A)
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} (C:\PROGRA~1\FLASHGET\jccatch.dll, N/A)
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} (C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation)
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484F-8273-0445EE161910} (C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A)
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} (%SystemRoot%\system32\shdocvw.dll, N/A)
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} (C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation)
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[AUDIO__WAV Moniker Class]
{CD3AFA7B-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft)
[]
{FFFFFFFF-74CC-4B7C-B5F1-45913F368388} (C:\PROGRA~1\SYSTEM~1\SYSTEM~1.DLL, N/A)
[使用网际快车下载]
(C:\PROGRA~1\FLASHGET\jc_link.htm, N/A)
[使用网际快车下载全部链接]
(C:\PROGRA~1\FLASHGET\jc_all.htm, N/A)
[导出到 Microsoft Excel(&x)]
(res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A)



--------------------------------------------------------------------------------

正在运行的进程

[PID: 676][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 744][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 768][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 824][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 964][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1072][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1136][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1308][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1692][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\AdobePDF.dll] [Adobe Systems Incorporated., 6.0.000]
[C:\Program Files\Adobe\Acrobat 6.0\Distillr\AdistRes.CHS] [N/A, N/A]
[PID: 196][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.33]
[PID: 216][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\nailog.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\naXML.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\0409\UpdRes.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [Network Associates, Inc., 3.5.0.412]
[PID: 228][C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe] [Network Associates, Inc., 2.0.275.0]
[PID: 252][C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe] [ACD Systems, Ltd., 3,1,40,0]
[PID: 380][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 388][C:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 7.5.0324]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[PID: 396][C:\Program Files\Skype\Phone\Skype.exe] [N/A, N/A]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[PID: 500][C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe] [Adobe Systems Inc., 6.0.1.2003102300]
[C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.chs] [Adobe Systems Inc., 6.0.0.0]
[PID: 512][C:\Program Files\Rainlendar\Rainlendar.exe] [N/A, N/A]
[C:\Program Files\Rainlendar\Rainlendar.dll] [, 0, 19, 3, 0]
[PID: 536][C:\Program Files\Kingsoft\PowerWord 2006\XDICT.EXE] [Kingsoft Co, Ltd., 9, 0, 0, 0]
[C:\Program Files\Kingsoft\PowerWord 2006\AccountActivate.dll] [N/A, N/A]
[C:\Program Files\Kingsoft\PowerWord 2006\DicMngr.dll] [Kingsoft, 2, 0, 0, 0]
[C:\Program Files\Kingsoft\PowerWord 2006\doshow.dll] [N/A, N/A]
[C:\Program Files\Kingsoft\PowerWord 2006\ITextOut.dll] [Kingsoft, 1, 1, 0, 0]
[C:\Program Files\Kingsoft\PowerWord 2006\KPic10.dll] [N/A, N/A]
[C:\Program Files\Kingsoft\PowerWord 2006\ijl11.dll] [Intel Corporation, 1.1.2]
[C:\Program Files\Kingsoft\PowerWord 2006\NormGrab.DLL] [Kingsoft Co, Ltd., 6, 0, 0, 0]
[C:\Program Files\Kingsoft\PowerWord 2006\toTTSEngine50.dll] [Kingsoft Corporation, 1, 0, 0, 1]
[C:\Program Files\Kingsoft\PowerWord 2006\xfile.dll] [N/A, N/A]
[C:\Program Files\Kingsoft\PowerWord 2006\DBCore10.dll] [Kingsoft Corp., 1, 0, 0, 0]
[C:\Program Files\Kingsoft\PowerWord 2006\XdictGrb.dll] [Kingsoft Co, Ltd., 9, 0, 0, 0]
[C:\Program Files\Kingsoft\PowerWord 2006\KAVPassport.DLL] [Kingsoft Corporation, 2005, 4, 7, 25]
[PID: 992][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1628][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1844][C:\WINDOWS\SYSTEM32\RUNDLL.EXE] [Microsoft Corporation, 5.00.2134.1]
[PID: 1304][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.7300]
[PID: 2880][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.2.54.0]
[C:\WINDOWS\system32\netiup.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\usersrd.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\SystemInput.dll] [N/A, N/A]
[PID: 2944][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3312][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1944][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.2.54.0]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.2.54.0]
[C:\WINDOWS\system32\usersrd.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\mp3infp.dll] [win32lab.com, 2.44.3.0]
[C:\WINDOWS\system32\KB27861012.log] [N/A, N/A]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 6.0.0.2003110300\0]
[C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.chs] [Adobe Systems Inc., 6.0.0.2003110300\0]
[C:\Program Files\Network Associates\VirusScan\shext.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\ShExtRes.dll] [Network Associates, Inc., 8.0.0.912]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.7300]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.7300]
[C:\WINDOWS\system32\nvshell.dll] [NVIDIA Corporation, 6.14.10.10042]
[PID: 864][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.2.54.0]
[C:\WINDOWS\system32\netiup.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\usersrd.dll] [, 1, 0, 0, 1]
[C:\Program Files\Network Associates\VirusScan\scriptproxy.dll] [Network Associates, Inc., 8.0.0.992]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.325]
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll] [McAfee, Inc., 4.4.00]
[PID: 796][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 3240][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.2.54.0]
[C:\WINDOWS\system32\netiup.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\usersrd.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\mp3infp.dll] [win32lab.com, 2.44.3.0]
[C:\Program Files\Network Associates\VirusScan\scriptproxy.dll] [Network Associates, Inc., 8.0.0.992]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.325]
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll] [McAfee, Inc., 4.4.00]
[PID: 31240][c:\windows\system32\wbem\winlogon.exe] [Microsoft, 1.0.0.0]
[PID: 127180][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.2.54.0]
[C:\WINDOWS\system32\netiup.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\usersrd.dll] [, 1, 0, 0, 1]
[C:\Program Files\Network Associates\VirusScan\scriptproxy.dll] [Network Associates, Inc., 8.0.0.992]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.325]
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll] [McAfee, Inc., 4.4.00]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.2.54.0]
[C:\WINDOWS\system32\mp3infp.dll] [win32lab.com, 2.44.3.0]
[PID: 226248][D:\Software\SRE\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]



--------------------------------------------------------------------------------



文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]



--------------------------------------------------------------------------------



Winsock 提供者

N/A



--------------------------------------------------------------------------------



Autorun.inf

N/A



--------------------------------------------------------------------------------

自动弹出的窗口大部分是以下:
1. http://www.9istyle.com/pop.html
2. http://u.sh.xoyo.com/union/sh/style_458.html?uid=23282&sid=0
3. http://www.fjbm.net

请教高手该怎么办?!!!!
谢谢!!!!!!!

最早我用的是 Rising2005,正版的.后来公司强制统一装了McAfee,根本就检测不到病毒.窗口老是弹,下了超级兔子,卸了不少插件,不过还是没用,刚卸完等下又有了.
后来下了木马客星,检测到有Trojan,杀了.但是窗口还是照弹.

快要晕死了.