瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】被4199.5009.cn劫持了,怎么也杀不掉,附上sreng报告!

1   1  /  1  页   跳转

【求助】被4199.5009.cn劫持了,怎么也杀不掉,附上sreng报告!

收藏
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 20:01 | 显示全部 短消息 资料
字号: 1楼

【求助】被4199.5009.cn劫持了,怎么也杀不掉,附上sreng报告!

狗日的流氓软件,不知道什么时候被劫持了,求大哥帮忙啊!用了卡卡助手、专杀工具、兔子都解决不了。

下面是sreng报告:
2006-12-06,00:29:04

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <H/PC Connection Agent><"C:\Program Files\Microsoft ActiveSync\wcescomm.exe">  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <AGRSMMSG><; AGRSMMSG.exe>  [(Verified)Agere Systems]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Alps Electric Co., Ltd.]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <KAVPersonal50><C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize>  [Kaspersky Lab]
    <DU Meter><C:\Program Files\DU Meter\DUMeter.exe>  [Hagel Technologies]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe">  [N/A]
    <QuickTime Task><"C:\Program Files\Ringz Studio\Storm Codec\qttask.exe" -atboottime>  [Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,,"C:\Program Files\strongly\SVOHOST.EXE" un userinit.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <5QBoba><; C:\Program Files\5Q Soft\5QBoba\5QBobaStarter.exe>  [N/A]
    <A><; C:\WINDOWS\system32\rundll32.exe q.dll s>  [N/A]
    <Acrobat Assistant 7.0><; "D:\adobe acrobat\Distillr\Acrotray.exe">  [Adobe Systems Inc.]
    <BluetoothAuthenticationAgent><; rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <H/PC Connection Agent><; "C:\Program Files\Microsoft ActiveSync\wcescomm.exe">  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <HDInspector.exe><; C:\Program Files\Hard Drive Inspector\HDInspector.exe>  [Altrixsoft]
    <HotKeysCmds><; C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <IESAddr><; C:\Program Files\5Q Soft\5QBoba\5QBobaStarter.exe>  [N/A]
    <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Mysee Alert><; "C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray>  [Beijing Gaov Inc.]
    <NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <pbmini><; C:\Program Files\5Q Soft\5QBoba\5QBobaStarter.exe>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PCSuiteTrayApplication><; C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup>  [Nokia]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PcSync><; C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog>  [Time Information Services Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <QuickTime Task><; "C:\Program Files\Ringz Studio\Storm Codec\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe">  [Cyberlink Corp.]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <Super Rabbit SRRestore><; C:\PROGRA~1\SUPERR~1\MAGICSET\SRRest.exe /autosave>  [Super Rabbit Soft]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <UUCall.exe><; C:\Program Files\UUCall2005\UUCall.exe>  [N/A]
    <WangWang><; "C:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE">  [淘宝(中国)软件有限公司]
最后编辑2006-12-06 22:22:16
分享到:
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 20:02 | 显示全部 短消息 资料
字号: 2楼

==================================
启动文件夹
N/A

==================================
服务
[BlueSoleil Hid Service / BlueSoleil Hid Service]
  <C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe><N/A>
[Security Machine Manager / BUZOR]
  <C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\SBFAS.DLL,Export 1087><N/A>
[HDD Information Service / HDDSvc]
  <C:\WINDOWS\system32\HDDSvc.exe><AltrixSoft (http://www.altrixsoft.com/)>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[kavsvc / kavsvc]
  <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe><Kaspersky Lab>
[Mysee2_Runtime / Mysee2_Runtime]
  <C:\WINDOWS\System32\svchost.exe -k mysee2-->C:\Program Files\GAOV\Mysee2\runtime.dll><N/A>
[Windows NetWork Management / NvCore]
  <C:\WINDOWS\system32\Rundll.exe><N/A>
[PACSPTISVR / PACSPTISVR]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[ServiceLayer / ServiceLayer]
  <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>
[Sony SPTI Service / SPTISRV]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[StarWind iSCSI Service / StarWindService]
  <C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>

==================================
驱动程序
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Agere Systems Soft Modem / AgereSoftModem]
  <system32\DRIVERS\AGRSM.sys><Agere Systems>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><N/A>
[Alps Pointing-device Filter Driver / ApfiltrService]
  <system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
[Bluetooth Audio Service / BlueletAudio]
  <system32\DRIVERS\blueletaudio.sys><IVT Corporation>
[Bluetooth SCO Audio Service / BlueletSCOAudio]
  <system32\DRIVERS\BlueletSCOAudio.sys><IVT Corporation>
[Bluetooth PAN Network Adapter / BT]
  <system32\DRIVERS\btnetdrv.sys><IVT Corporation>
[Bluetooth, WDM Video Capture / BTCAP]
  <system32\DRIVERS\BTCap.sys><MOTECH>
[Bluetooth USB For Bluetooth Service / Btcsrusb]
  <System32\Drivers\btcusb.sys><IVT Corporation>
[Bluetooth HID Enumerator / BTHidEnum]
  <system32\DRIVERS\vbtenum.sys><N/A>
[Bluetooth HID Manager Service / BTHidMgr]
  <\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation>
[Bluetooth Network Filter / BTNetFilter]
  <\??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys><N/A>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[imagedrv / imagedrv]
  <\SystemRoot\System32\Drivers\imagedrv.sys><Ahead Software AG>
[imagesrv / imagesrv]
  <\SystemRoot\system32\DRIVERS\imagesrv.sys><Ahead Software AG>
[Klif / Klif]
  <System32\drivers\klif.sys><Kaspersky Labs>
[Klmc / Klmc]
  <System32\drivers\klmc.sys><Kaspersky Lab>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[Net MD / NETMDUSB]
  <System32\Drivers\NETMDUSB.sys><Sony Corporation>
[Nokia USB Generic / Nokia USB Generic]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem]
  <system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent]
  <system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Port / Nokia USB Port]
  <system32\drivers\nmwcdcj.sys><Nokia>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp]
  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[senfilt / senfilt]
  <system32\drivers\senfilt.sys><Sensaura>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sptd / sptd]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Superk53 / Superk53]
  <\SystemRoot\System32\drivers\superk53.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[tifm21 / tifm21]
  <system32\drivers\tifm21.sys><Texas Instruments>
[udsctayk / udsctayk]
  <\SystemRoot\system32\drivers\udsctayk.sys><N/A>
[vaxscsi / vaxscsi]
  <\SystemRoot\System32\Drivers\vaxscsi.sys><N/A>
[Virtual Serial port driver / VComm]
  <system32\DRIVERS\VComm.sys><IVT Corporation>
[Bluetooth VComm Manager Service / VcommMgr]
  <System32\Drivers\VcommMgr.sys><IVT Corporation>
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 20:02 | 显示全部 短消息 资料
字号: 3楼

==================================
浏览器加载项
[AcroIEToolbarHelper Class]
  {AE7CD045-E861-484f-8273-0445EE161910} <D:\adobe acrobat\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Create Mobile Favorite]
  {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <C:\PROGRA~1\MICROS~3\INetRepl.dll, Microsoft Corporation>
[Create Mobile Favorite]
  {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <C:\PROGRA~1\MICROS~3\INetRepl.dll, Microsoft Corporation>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\adobe acrobat\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Miorosoft Office]
  {7BEBDE34-060C-40E1-ABDD-ED9B0866B2C6} <C:\Program Files\Miorosoft Office\tbu00650\Miorosoft Office.dll, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[XDownload Class]
  {165D83D3-359C-4783-9BF0-6FA6DC42A3F1} <C:\WINDOWS\system32\SSDownload.dll, 北京世纪超星>
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\PROGRA~1\PPStream\POWERL~1.OCX, PPStream.com>
[SSReaderPlug Control]
  {3359C0B1-2363-40B3-AFCA-1ABC799AC486} <C:\WINDOWS\system32\SSREAD~1.OCX, CX>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[Blueskyvoice Control]
  {991481A7-4669-4E15-8C24-100404E1F5CB} <C:\WINDOWS\DOWNLO~1\BLUESK~1.OCX, 蓝天工作室(http://www.bluesky.cn)>
[MofileConatct Control]
  {B1BAA0F2-3317-48E2-A56A-F6D8F96C5E68} <C:\WINDOWS\DOWNLO~1\MoCon.ocx, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[VqqSpeedDlProxy Class]
  {F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, Tencent>
[QuickTime Object]
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\Ringz Studio\Storm Codec\QTPlugin.ocx, Apple Computer, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\adobe acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\adobe acrobat\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A>
[CMCBooter Object]
  {53AF6E02-F18F-4228-AC13-3E79773FBE50} <C:\WINDOWS\system32\Booter.ocx, N/A>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\WINDOWS\POWERP~1.DLL, PPStream Inc.>
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\system32\NetSign.dll, Infosec Technologies Co., Ltd.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CCtInf Class]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[CMCLoader Object]
  {779769CA-82F1-4973-BBA7-515E6C7BFD0E} <C:\Program Files\GAOV\Mysee2\myclive.dll, N/A>
[Miorosoft Office]
  {7BEBDE34-060C-40E1-ABDD-ED9B0866B2C6} <C:\Program Files\Miorosoft Office\tbu00650\Miorosoft Office.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, N/A>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[AcroIEToolbarHelper Class]
  {AE7CD045-E861-484F-8273-0445EE161910} <D:\adobe acrobat\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Messenger Class]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <, N/A>
[XBTP02060 Class]
  {E66D09C9-B25B-465E-9E7A-6020E60FB363} <C:\PROGRA~1\MIOROS~1\tbu00650\MIOROS~1.DLL, N/A>
[VAG]
  {F091DAC4-7032-463D-BEEC-CECFCEA94F4C} <C:\WINDOWS\system32\wagmet.dll, N/A>
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[转换为 Adobe PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换为现有 PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[转换选定的链接为 Adobe PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[转换选定的链接为现有 PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[转换选项为 Adobe PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换选项为现有 PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[转换链接目标为 Adobe PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换链接目标为现有 PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 20:03 | 显示全部 短消息 资料
字号: 4楼

==================================
正在运行的进程
[PID: 960][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1008][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1040][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1088][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1100][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1260][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1304][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1464][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1644][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1748][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 324][C:\Program Files\strongly\SVOHOST.EXE]  [, 3000.0.0.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 404][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\mp3infp.dll]  [win32lab.com, 2.52.12.0]
    [D:\adobe acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [D:\adobe acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\Program Files\Resco\Pocket Encryption\RExpCtxU.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 544][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AdobePDF.dll]  [Adobe Systems Incorporated., 7.0.0.00]
    [D:\adobe acrobat\Distillr\AdistRes.CHS]  [N/A, N/A]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[PID: 1232][C:\Program Files\Apoint2K\Apoint.exe]  [Alps Electric Co., Ltd., 5.5.1.196]
    [C:\Program Files\Apoint2K\ApResCS.dll]  [Alps Electric Co., Ltd., 5.5.1.11]
    [C:\WINDOWS\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.4]
    [C:\Program Files\Apoint2K\Apoint.DLL]  [Alps Electric Co., Ltd., 5.5.2.246]
    [C:\Program Files\Apoint2K\EzAuto.dll]  [Alps Electric Co., Ltd., 4.5.1.83]
    [C:\Program Files\Apoint2K\EzLaunch.DLL]  [Alps Electric Co., Ltd., 5.5.1.63]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1140][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1440][C:\Program Files\Apoint2K\Apntex.exe]  [Alps Electric Co., Ltd., 5.5.1.21]
    [C:\WINDOWS\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.4]
    [C:\Program Files\Apoint2K\Apoint.DLL]  [Alps Electric Co., Ltd., 5.5.2.246]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1460][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1136][C:\Program Files\Unlocker\UnlockerAssistant.exe]  [N/A, N/A]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1908][C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe]  [N/A, N/A]
[PID: 1932][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1952][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1972][C:\Program Files\Microsoft ActiveSync\wcescomm.exe]  [Microsoft Corporation, 4.2.4855.0]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 356][C:\PROGRA~1\MICROS~3\rapimgr.exe]  [Microsoft Corporation, 4.2.4855.0]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1592][C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe]  [Rocket Division Software, 2.6.1 Build 0x20050401]
[PID: 228][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 4080][C:\Program Files\Windows 流氓软件清理大师\clean.exe]  [ANetfox, 2.80]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\PROGRA~1\SUPERR~1\MagicSet\shlobj71.ocx]  [Sky Software (http://www.ssware.com), 7, 1, 0, 0]
    [C:\Program Files\Super Rabbit\MagicSet\vbalIml6.ocx]  [vbAccelerator, 2.00.0001]
    [C:\Program Files\Super Rabbit\MagicSet\vbalExpBar6.ocx]  [vbAccelerator, 1.00.0009]
    [C:\Program Files\Super Rabbit\MagicSet\SSubTmr6.dll]  [vbAccelerator, 1.01.0003]
    [C:\PROGRA~1\SUPERR~1\MagicSet\fldrvw71.ocx]  [Sky Software (http://www.ssware.com), 7, 1, 0, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 3744][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [D:\adobe acrobat\Acrobat\AcroIEFavClient.dll]  [Adobe Systems Incorporated, 7.0.0.0]
    [D:\adobe acrobat\Acrobat\AcroIEFavClient.CHS]  [Adobe Systems Incorporated, 7.0.0.0]
    [C:\WINDOWS\system32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 2, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpscrch.dll]  [Kaspersky Lab, 1.0.142.342]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\concl.dll]  [Kaspersky Lab, 1.0.142.3]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  [Kaspersky Lab, 5.0.0.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ipc.dll]  [Kaspersky Lab, 5.0.142.0]
[PID: 2344][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll]  [Nokia, 6, 81, 46, 1]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll]  [Nokia, 6, 81, 68, 0]
    [C:\WINDOWS\system32\ConnAPI.DLL]  [Nokia., 6, 81, 62, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr]  [Nokia, 6, 81, 29, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 6, 81, 11, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1924][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.140\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 20:03 | 显示全部 短消息 资料
字号: 5楼

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
61.152.90.56    www.hao123.com
61.152.90.56    hao123.com
61.152.90.56    www.7b.com.cn
61.152.90.56    www.7939.com
61.152.90.56    www.360safe.com
61.152.90.56    360safe.com
61.152.90.56    update.360safe.com
61.152.90.56    dl.360safe.com
61.152.90.56    bbs.360safe.com
61.152.90.56    www.btbaicai.com
61.152.90.56    btbaicai.com
61.152.90.56    www.pctutu.com
61.152.90.56    www.7322.com
61.152.90.56    www.5566.net
61.152.90.56    www.9991.com
61.152.90.56    9991.com
61.152.90.56    forum.ikaka.com
61.152.90.56    www.ikaka.com
61.152.90.56    update.ikaka.com
61.152.90.56    www.piaoxue.com
61.152.90.56    forum.jiangmin.com
61.152.90.56    update.jiangmin.com
61.152.90.56    post.baidu.com
61.152.90.56    zhidao.baidu.com
61.152.90.56    baidu.com
61.152.90.56    update.rising.com.cn
61.152.90.56    online.rising.com.cn
61.152.90.56    dl.pconline.com.cn
61.152.90.56    space.uwants.com
61.152.90.56    www.pcav.cn
61.152.90.56    mopery.hits.io
61.152.90.56    www.goodmv.cn
61.152.90.56    www.5566.net
61.152.90.56    www.piaoxue.com
61.152.90.56    www.luosoft.com
61.152.90.56    luosoft.com
61.152.90.56    www.7255.com
61.152.90.56    dl.pconline.com.cn
61.152.90.56    www.spjoy.com
61.152.90.56    c01.caishow.com
61.152.90.56    c02.caishow.com
61.152.90.56    c03.caishow.com
61.152.90.56    c04.caishow.com
61.152.90.56    www.caishow.com
61.152.90.56    union.caishow.com
61.152.90.56    ad01.a8.com
61.152.90.56    ad02.a8.com
61.152.90.56    sg.a8.com
61.152.90.56    www.adanywhere.cn
61.152.90.56    ip.adanywhere.cn
61.152.90.56    ip1.adanywhere.cn
61.152.90.56    ip2.adanywhere.cn
61.152.90.56    www.bannerbox.cn
61.152.90.56    www.caiqiyue.com
61.152.90.56    www.2t2t.cn
61.152.90.56    3.a.kal.cn
61.152.90.56    ip.alexaanywhere.com
61.152.90.56    go.ipcenter.cn
61.152.90.56    www.2yin.cn
61.152.90.56    wwww.systeel.com.cn
61.152.90.56    go.baibaoxiang.cn
61.152.90.56    www.gao58.com
61.152.90.56    www.2tu.cn
61.152.90.56    www.91tu.cn
61.152.90.56    www.haotop.com
61.152.90.56    news01.virussky.com
61.152.90.56    news02.virussky.com
61.152.90.56    news03.virussky.com
61.152.90.56    news04.virussky.com
61.152.90.56    news40.virussky.com
61.152.90.56    news41.virussky.com
61.152.90.56    news42.virussky.com
61.152.90.56    www.an85.com
61.152.90.56    an85.com
61.152.90.56    www.ycdy.com
61.152.90.56    ycdy.com
61.152.90.56    down.virussky.com
61.152.90.56    update.virussky.com
61.152.90.56    www.maipao.com
61.152.90.56    www.sina-baidu.com
61.152.90.56    www.maohehe.com
61.152.90.56    www.1717kan.cn
61.152.90.56    www.feixue.net
61.152.90.56    www.xingkongitv.com
61.152.90.56    about-blank.cc
61.152.90.56    www.xfkz.com
61.152.90.56    xfkz.com
61.152.90.56    www.365tan.com
61.152.90.56    cg.9e3.com
61.152.90.56    www.qqplayer.net
61.152.90.56    www.sosok.com
61.152.90.56    img.zhangxiu.com
61.152.90.56    www.okeaa.com
61.152.90.56    www.winopen.cn
61.152.90.56    dnl-eu1.kaspersky-labs.com
61.152.90.56    dnl-eu2.kaspersky-labs.com
61.152.90.56    dnl-eu3.kaspersky-labs.com
61.152.90.56    dnl-eu4.kaspersky-labs.com
61.152.90.56    dnl-eu5.kaspersky-labs.com
61.152.90.56    dnl-us1.kaspersky-labs.com
61.152.90.56    dnl-us2.kaspersky-labs.com
61.152.90.56    dnl-us3.kaspersky-labs.com
61.152.90.56    dnl-us4.kaspersky-labs.com
61.152.90.56    dnl-us5.kaspersky-labs.com
61.152.90.56    dnl-ru1.kaspersky-labs.com
61.152.90.56    dnl-ru2.kaspersky-labs.com
61.152.90.56    dnl-ru3.kaspersky-labs.com
61.152.90.56    dnl-ru4.kaspersky-labs.com
61.152.90.56    dnl-ru5.kaspersky-labs.com
61.152.90.56    dnl-jp1.kaspersky-labs.com
61.152.90.56    dnl-jp2.kaspersky-labs.com
61.152.90.56    dnl-jp3.kaspersky-labs.com
61.152.90.56    dnl-jp4.kaspersky-labs.com
61.152.90.56    dnl-jp5.kaspersky-labs.com
61.152.90.56    dnl-kr1.kaspersky-labs.com
61.152.90.56    dnl-kr2.kaspersky-labs.com
61.152.90.56    dnl-kr3.kaspersky-labs.com
61.152.90.56    dnl-kr4.kaspersky-labs.com
61.152.90.56    dnl-kr5.kaspersky-labs.com
61.152.90.56    ishare.sina.com.cn
61.152.90.56    www.my123.com
61.152.90.56    www.58.com
61.152.90.56    www.zhaomeimei.cn
61.152.90.56    banzou6.wo99.com
61.152.90.56    dv.ku6.com
61.152.90.56    www.33943.com
61.152.90.56    zhongbaoscissors.cn
61.152.90.56    www.3w663.com
61.152.90.56    www.wg668.com
61.152.90.56    www.zewq.com
61.152.90.56    www.google.com
61.152.90.56    google.com
61.152.90.56    www.google.cn
61.152.90.56    www.sogou.com
61.152.90.56    www.yahoo.com.cn
61.152.90.56    cn.yahoo.com
61.152.90.56    wod.shancunn.com
61.152.90.56    love911.com.cn
61.152.90.56    www.588wy.com
61.152.90.56    news.ruihang.net
61.152.90.56    8.62oo.com
61.152.90.56    www.588wy.com
61.152.90.56    www.369.com
61.152.90.56    www.qq2525.com
61.152.90.56    www.netv3g.com

==================================
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 20:59 | 显示全部 短消息 资料
字号: 6楼

红夜鬼1大哥,我按照你的教导操作了一遍,现在能浏览一些原来被流氓软件屏蔽的网站了,但是主页还是不能修改,仍然还是4199.5009.cn,网站的标题是“网址之家——实用网址,搜索大全,尽在www.feixue.net”,我又重新扫描了一个sreng2报告,麻烦你再帮忙看一下刚才的是不是有遗漏,万分感谢!
2006-12-06,20:43:57

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <H/PC Connection Agent><; "C:\Program Files\Microsoft ActiveSync\wcescomm.exe">  [Microsoft Corporation]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
    <PcSync><; C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog>  [Time Information Services Ltd.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <AGRSMMSG><; AGRSMMSG.exe>  [(Verified)Agere Systems]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Alps Electric Co., Ltd.]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <KAVPersonal50><C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize>  [Kaspersky Lab]
    <DU Meter><C:\Program Files\DU Meter\DUMeter.exe>  [Hagel Technologies]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe">  [N/A]
    <QuickTime Task><; "C:\Program Files\Ringz Studio\Storm Codec\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <5QBoba><; C:\Program Files\5Q Soft\5QBoba\5QBobaStarter.exe>  [N/A]
    <Acrobat Assistant 7.0><; "D:\adobe acrobat\Distillr\Acrotray.exe">  [Adobe Systems Inc.]
    <BluetoothAuthenticationAgent><; rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent>  [(Verified)Microsoft Corporation]
    <HDInspector.exe><; C:\Program Files\Hard Drive Inspector\HDInspector.exe>  [Altrixsoft]
    <HotKeysCmds><; C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
    <Mysee Alert><; "C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray>  [N/A]
    <NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <PCSuiteTrayApplication><; C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup>  [Nokia]
    <RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe">  [Cyberlink Corp.]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <Super Rabbit SRRestore><; C:\PROGRA~1\SUPERR~1\MAGICSET\SRRest.exe /autosave>  [Super Rabbit Soft]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <UUCall.exe><; C:\Program Files\UUCall2005\UUCall.exe>  [N/A]
    <WangWang><; "C:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE">  [淘宝(中国)软件有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 21:00 | 显示全部 短消息 资料
字号: 7楼

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[BlueSoleil Hid Service / BlueSoleil Hid Service]
  <C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe><N/A>
[HDD Information Service / HDDSvc]
  <C:\WINDOWS\system32\HDDSvc.exe><AltrixSoft (http://www.altrixsoft.com/)>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[kavsvc / kavsvc]
  <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe><Kaspersky Lab>
[PACSPTISVR / PACSPTISVR]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[ServiceLayer / ServiceLayer]
  <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>
[Sony SPTI Service / SPTISRV]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[StarWind iSCSI Service / StarWindService]
  <C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>

==================================
驱动程序
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Agere Systems Soft Modem / AgereSoftModem]
  <system32\DRIVERS\AGRSM.sys><Agere Systems>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><N/A>
[Alps Pointing-device Filter Driver / ApfiltrService]
  <system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
[Bluetooth Audio Service / BlueletAudio]
  <system32\DRIVERS\blueletaudio.sys><IVT Corporation>
[Bluetooth SCO Audio Service / BlueletSCOAudio]
  <system32\DRIVERS\BlueletSCOAudio.sys><IVT Corporation>
[Bluetooth PAN Network Adapter / BT]
  <system32\DRIVERS\btnetdrv.sys><IVT Corporation>
[Bluetooth, WDM Video Capture / BTCAP]
  <system32\DRIVERS\BTCap.sys><MOTECH>
[Bluetooth USB For Bluetooth Service / Btcsrusb]
  <System32\Drivers\btcusb.sys><IVT Corporation>
[Bluetooth HID Enumerator / BTHidEnum]
  <system32\DRIVERS\vbtenum.sys><N/A>
[Bluetooth HID Manager Service / BTHidMgr]
  <\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation>
[Bluetooth Network Filter / BTNetFilter]
  <\??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys><N/A>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[imagedrv / imagedrv]
  <\SystemRoot\System32\Drivers\imagedrv.sys><Ahead Software AG>
[imagesrv / imagesrv]
  <\SystemRoot\system32\DRIVERS\imagesrv.sys><Ahead Software AG>
[Klif / Klif]
  <System32\drivers\klif.sys><Kaspersky Labs>
[Klmc / Klmc]
  <System32\drivers\klmc.sys><Kaspersky Lab>
[Net MD / NETMDUSB]
  <System32\Drivers\NETMDUSB.sys><Sony Corporation>
[Nokia USB Generic / Nokia USB Generic]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem]
  <system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent]
  <system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Port / Nokia USB Port]
  <system32\drivers\nmwcdcj.sys><Nokia>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp]
  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[senfilt / senfilt]
  <system32\drivers\senfilt.sys><Sensaura>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Superk53 / Superk53]
  <\SystemRoot\System32\drivers\superk53.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[tifm21 / tifm21]
  <system32\drivers\tifm21.sys><Texas Instruments>
[Virtual Serial port driver / VComm]
  <system32\DRIVERS\VComm.sys><IVT Corporation>
[Bluetooth VComm Manager Service / VcommMgr]
  <System32\Drivers\VcommMgr.sys><IVT Corporation>
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 21:00 | 显示全部 短消息 资料
字号: 8楼

==================================
浏览器加载项
[AcroIEToolbarHelper Class]
  {AE7CD045-E861-484f-8273-0445EE161910} <D:\adobe acrobat\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\adobe acrobat\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Miorosoft Office]
  {7BEBDE34-060C-40E1-ABDD-ED9B0866B2C6} <C:\Program Files\Miorosoft Office\tbu00650\Miorosoft Office.dll, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[XDownload Class]
  {165D83D3-359C-4783-9BF0-6FA6DC42A3F1} <C:\WINDOWS\system32\SSDownload.dll, 北京世纪超星>
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\PROGRA~1\PPStream\POWERL~1.OCX, PPStream.com>
[SSReaderPlug Control]
  {3359C0B1-2363-40B3-AFCA-1ABC799AC486} <C:\WINDOWS\system32\SSREAD~1.OCX, CX>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[Blueskyvoice Control]
  {991481A7-4669-4E15-8C24-100404E1F5CB} <C:\WINDOWS\DOWNLO~1\BLUESK~1.OCX, 蓝天工作室(http://www.bluesky.cn)>
[MofileConatct Control]
  {B1BAA0F2-3317-48E2-A56A-F6D8F96C5E68} <C:\WINDOWS\DOWNLO~1\MoCon.ocx, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[QuickTime Object]
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\Ringz Studio\Storm Codec\QTPlugin.ocx, Apple Computer, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\adobe acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\adobe acrobat\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A>
[CMCBooter Object]
  {53AF6E02-F18F-4228-AC13-3E79773FBE50} <C:\WINDOWS\system32\Booter.ocx, N/A>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\WINDOWS\POWERP~1.DLL, PPStream Inc.>
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\system32\NetSign.dll, Infosec Technologies Co., Ltd.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CCtInf Class]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[CMCLoader Object]
  {779769CA-82F1-4973-BBA7-515E6C7BFD0E} <C:\Program Files\GAOV\Mysee2\myclive.dll, N/A>
[Miorosoft Office]
  {7BEBDE34-060C-40E1-ABDD-ED9B0866B2C6} <C:\Program Files\Miorosoft Office\tbu00650\Miorosoft Office.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, N/A>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[AcroIEToolbarHelper Class]
  {AE7CD045-E861-484F-8273-0445EE161910} <D:\adobe acrobat\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Messenger Class]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <, N/A>
[XBTP02060 Class]
  {E66D09C9-B25B-465E-9E7A-6020E60FB363} <C:\PROGRA~1\MIOROS~1\tbu00650\MIOROS~1.DLL, N/A>
[VAG]
  {F091DAC4-7032-463D-BEEC-CECFCEA94F4C} <C:\WINDOWS\system32\wagmet.dll, N/A>
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[转换为 Adobe PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换为现有 PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[转换选定的链接为 Adobe PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[转换选定的链接为现有 PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[转换选项为 Adobe PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换选项为现有 PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[转换链接目标为 Adobe PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换链接目标为现有 PDF]
  <res://D:\adobe acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 21:02 | 显示全部 短消息 资料
字号: 9楼

==================================
正在运行的进程
[PID: 880][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 960][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 984][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1028][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1040][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1192][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1240][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1400][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1580][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1680][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 244][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Resco\Pocket Encryption\RExpCtxU.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Unlocker\UnlockerCOM.dll]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\mp3infp.dll]  [win32lab.com, 2.52.12.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll]  [Kaspersky Lab, 5.0.142.1]
    [D:\adobe acrobat\Acrobat Elements\ContextMenu.dll]  [Adobe Systems Inc., 7.0.0.2004121400\0]
    [D:\adobe acrobat\Acrobat Elements\ContextMenu.chs]  [Adobe Systems Inc., 7.0.0.2004121400\0]
    [D:\adobe acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [D:\adobe acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 460][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AdobePDF.dll]  [Adobe Systems Incorporated., 7.0.0.00]
    [D:\adobe acrobat\Distillr\AdistRes.CHS]  [N/A, N/A]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[PID: 1276][C:\Program Files\Apoint2K\Apoint.exe]  [Alps Electric Co., Ltd., 5.5.1.196]
    [C:\Program Files\Apoint2K\ApResCS.dll]  [Alps Electric Co., Ltd., 5.5.1.11]
    [C:\WINDOWS\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.4]
    [C:\Program Files\Apoint2K\Apoint.DLL]  [Alps Electric Co., Ltd., 5.5.2.246]
    [C:\Program Files\Apoint2K\EzAuto.dll]  [Alps Electric Co., Ltd., 4.5.1.83]
    [C:\Program Files\Apoint2K\EzLaunch.DLL]  [Alps Electric Co., Ltd., 5.5.1.63]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1284][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1312][C:\Program Files\DU Meter\DUMeter.exe]  [Hagel Technologies, 3.07 Build 192]
    [C:\Program Files\DU Meter\DUData.dll]  [Hagel Technologies, 3.07 Build 192]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1336][C:\Program Files\Apoint2K\Apntex.exe]  [Alps Electric Co., Ltd., 5.5.1.21]
    [C:\WINDOWS\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.4]
    [C:\Program Files\Apoint2K\Apoint.DLL]  [Alps Electric Co., Ltd., 5.5.2.246]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1356][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1380][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 2]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1672][C:\Program Files\Unlocker\UnlockerAssistant.exe]  [N/A, N/A]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1764][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
[PID: 1808][C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe]  [N/A, N/A]
[PID: 1088][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 360][C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe]  [Rocket Division Software, 2.6.1 Build 0x20050401]
[PID: 384][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\Program Files\Tencent\QQ\VPortal.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技(深圳)有限公司, 2, 1, 1, 11]
[PID: 2000][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 760][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 1148][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2208][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [D:\adobe acrobat\Acrobat\AcroIEFavClient.dll]  [Adobe Systems Incorporated, 7.0.0.0]
    [D:\adobe acrobat\Acrobat\AcroIEFavClient.CHS]  [Adobe Systems Incorporated, 7.0.0.0]
    [C:\WINDOWS\system32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 2, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpscrch.dll]  [Kaspersky Lab, 1.0.142.342]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\concl.dll]  [Kaspersky Lab, 1.0.142.3]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  [Kaspersky Lab, 5.0.0.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ipc.dll]  [Kaspersky Lab, 5.0.142.0]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 1460][C:\Documents and Settings\Administrator\桌面\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 3]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
gototop
 
hoo000
头像
初生襁褓狮
  • 帖子:10
  • 注册: 2006-12-06
  • 来自:
发表于: 2006-12-06 22:31 | 显示全部 短消息 资料
字号: 10楼

问题已经解决了,谢谢鬼哥

请教一下,应该怎么防范这些鸟东西啊?
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT