广告广告
  加入我的最爱 设为首页 风格修改
首页 首尾
 手机版   订阅   地图  繁体 
您是第 4907 个阅读者
 
发表文章 发表投票 回覆文章
  可列印版   加为IE收藏   收藏主题   上一主题 | 下一主题   
arratw
数位造型
个人文章 个人相簿 个人日记 个人地图
路人甲
级别: 路人甲 该用户目前不上站
推文 x0 鲜花 x1
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片
推文 x0
[病毒蠕虫] 请问可以帮我看看中毒多深吗

复制程式

2007-06-30,01:38:54

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <CJIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync>  [(Verified)Microsoft Corporation]
    <PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync>  [(Verified)Microsoft Corporation]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Publisher]
    <nwiz><nwiz.exe /install>  []
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Publisher]
    <MSNShell><C:\Program Files\msnshell\msnshell.exe autorun>  [N/A]
    <REGSHAVE><C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN>  [FUJI PHOTO FILM CO., LTD.]
    <CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  [(Verified)"INTER CHINA NETWORK SOFTWARE (BEIJING) CO., LTD."]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
    <MSNDreyePlugin><D:\Program Files\Inventec\Dreye\DreyeMT\msnplugin.exe /h>  []
    <SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
    <helper.dll><C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe">  [(Verified)"Apple Computer, Inc."]
    <mnsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mnso.exe>  [N/A]
    <fzg><C:\WINDOWS\Config\svhost32.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{3EA18648-FAF6-490D-9C92-8FD729028A58}><>  [N/A]
    <{56F9679E-7826-4C84-81F3-532071A8BCC5}><C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll>  [Microsoft Corporation]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\cnshook.dll>  [(Verified)"INTER CHINA NETWORK SOFTWARE (BEIJING) CO., LTD."]
    <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <iKeyWorks><; C:\PROGRA~1\Win2\Keyboard\Ikeymain.exe>  [A4Tech Co.,Ltd.]
    <iTunesHelper><; "C:\Program Files\iTunes\iTunesHelper.exe">  [(Verified)"Apple Computer, Inc."]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [(Verified)Microsoft Corporation]
    <updateMgr><; "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1>  [N/A]

==================================
Startup Folders
N/A

==================================
Services
[ArcGIS License Manager / ArcGIS License Manager][Running/Auto Start]
  <C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe><N/A>
[Kaspersky Anti-Virus 6.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[BlueSoleil Hid Service / BlueSoleil Hid Service][Running/Auto Start]
  <C:\Program Files\IVT Corporation\IVT BlueSoleil\BTNtService.exe><N/A>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[iPod Service / iPod Service][Running/Manual Start]
  <"C:\Program Files\iPod\bin\iPodService.exe"><Apple Computer, Inc.>
[Microsoft Security Manager Center / MscnMgr][Running/Auto Start]
  <C:\WINDOWS\system32\wbem\svchost.exe><Microsoft Corporation>
[Nakido / Nakido][Running/Auto Start]
  <C:\Program Files\Nakido\nakido.exe><Nakido>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[PDEngine / PDEngine][Stopped/Manual Start]
  <"C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
  <"C:\Program Files\Raxco\PerfectDisk\PDSched.exe"><Raxco Software, Inc.>
[SolidPDFConverterReadSpool / ScReadSpool][Running/Auto Start]
  <C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe><VoyagerSoft, LLC>
[Windows Time / W32Time][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Windows\System32\WXPTime.dll><N/A>

==================================
Drivers
[a347bus / a347bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\a347bus.sys><>
[a347scsi / a347scsi][Running/Boot Start]
  <\SystemRoot\System32\Drivers\a347scsi.sys><>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Bluetooth Audio Service / BlueletAudio][Running/Manual Start]
  <system32\DRIVERS\blueletaudio.sys><IVT Corporation>
[Bluetooth PAN Network Adapter / BT][Stopped/Manual Start]
  <system32\DRIVERS\btnetdrv.sys><IVT Corporation>
[Bluetooth USB For Bluetooth Service / Btcsrusb][Stopped/Manual Start]
  <System32\Drivers\btcusb.sys><IVT Corporation>
[Bluetooth HID Enumerator / BTHidEnum][Running/Manual Start]
  <system32\DRIVERS\vbtenum.sys><N/A>
[Bluetooth HID Manager Service / BTHidMgr][Running/Boot Start]
  <\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation>
[CnsMinKP / CnsMinKP][Running/Boot Start]
  <\SystemRoot\system32\drivers\CnsMinKP.sys><??因特?件(北京)有限公司>
[CnsStd / CnsStd][Running/Auto Start]
  <\SystemRoot\System32\drivers\CnsStd.sys><北京三七二一科技有限公司>
[dump_wmimmc / dump_wmimmc][Stopped/Manual Start]
  <2 - 系统找不到指定的档案。
><N/A>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
  <System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[KLIF / KLIF][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[mbmbpco / mbmbpco][Running/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\mbmbpco.sys><N/A>
[StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
  <\SystemRoot\System32\drivers\prodrv06.sys><StarForce Technologies, Inc.>
[StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\prohlp02.sys><StarForce Technologies, Inc.>
[StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
  <\SystemRoot\System32\drivers\prosync1.sys><StarForce Technologies, Inc.>
[直接平行连接埠连结驱动程式 / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[Sentinel / Sentinel][Running/Auto Start]
  <\SystemRoot\System32\Drivers\SENTINEL.SYS><Rainbow Technologies, Inc.>
[StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp01.sys><StarForce Technologies, Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Virtual Serial port driver / VComm][Running/Manual Start]
  <system32\DRIVERS\VComm.sys><IVT Corporation>
[Bluetooth VComm Manager Service / VcommMgr][Running/Manual Start]
  <System32\Drivers\VcommMgr.sys><IVT Corporation>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[世界标准电传转码器 / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[XDva007 / XDva007][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\XDva007.sys><N/A>
[XDva008 / XDva008][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\XDva008.sys><N/A>
[XTrapD12 / XTrapD12][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\XTrapD12.sys><N/A>
[aevjn / aevjn][Running/]
  <2 - 系统找不到指定的档案。
><N/A>
[R2A / R2A][Stopped/Disabled]
  <\??\C:\WINDOWS\system32a2.sys><N/A>

==================================
Browser Add-ons
[Octh Class]
  {000123B4-9B42-4900-B3F7-F4B073EFC214} <C:\Program Files\Orbitdownloader\orbitcth.dll, Orbitdownloader.com>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Solid Converter PDF]
  {259F616C-A300-44F5-B04A-ED001A26C85C} <C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll, VoyagerSoft, LLC>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[dsWebAllowBHO Class]
  {2F85D76C-0569-466F-A488-493E6BD0E955} <C:\Program Files\Windows Desktop Search\dsWebAllow.dll, Microsoft Corporation>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, ??因特?件(北京)有限公司>
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <C:\DOCUME~1\ADMINI~1\桌面\超级魔~1.95\magicset\HAOKAN~2.DLL, N/A>
[Yahoo 1G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <[url]http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail[/url], N/A>
[寻宝乐趣多]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <[url]http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138[/url],140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <[url]http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist[/url], N/A>
[]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <[url]http://cn.widget.yahoo.com/index.htm?source=Cns[/url], N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <[url]http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg[/url], N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <[url]http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair[/url], N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <[url]http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean[/url], N/A>
[ALiBaBar]
  {0A1375E1-56C2-11D6-8E45-8933A0FB5235} <C:\PROGRA~1\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[Dr.eye WebPage Translation]
  {92B255FE-94E2-4BCA-958D-3926CE38913F} <D:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll, >
[Solid Converter PDF]
  {259F616C-A300-44F5-B04A-ED001A26C85C} <C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll, VoyagerSoft, LLC>
[Windows Live Toolbar]
  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <C:\DOCUME~1\ADMINI~1\桌面\超级魔~1.95\magicset\HAOKAN~2.DLL, N/A>
[Octh Class]
  {000123B4-9B42-4900-B3F7-F4B073EFC214} <C:\Program Files\Orbitdownloader\orbitcth.dll, Orbitdownloader.com>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Solid Converter PDF]
  {259F616C-A300-44F5-B04A-ED001A26C85C} <C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll, VoyagerSoft, LLC>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[dsWebAllowBHO Class]
  {2F85D76C-0569-466F-A488-493E6BD0E955} <C:\Program Files\Windows Desktop Search\dsWebAllow.dll, Microsoft Corporation>
[Windows Desktop Search Combo Control]
  {4E430174-1673-4FF3-BF28-A3B37F6573E7} <C:\Program Files\Windows Desktop Search\wdsShell.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, ??因特?件(北京)有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <C:\DOCUME~1\ADMINI~1\桌面\超级魔~1.95\magicset\HAOKAN~2.DLL, N/A>
[&Download by Orbit]
  <res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201, N/A>
[&Grab video by Orbit]
  <res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204, N/A>
[Do&wnload selected by Orbit]
  <res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203, N/A>
[Down&load all by Orbit]
  <res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202, N/A>
[Foxy 下载]
  <res://C:\Program Files\Foxy\Foxy.exe/download.htm, N/A>
[Foxy 搜寻]
  <res://C:\Program Files\Foxy\Foxy.exe/search.htm, N/A>
[使用 FlashGet 下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[全部使用 FlashGet 下载]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[汇出至 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 636][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 708][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1432][c:\windows\installer\services.exe]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ymfmn4.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
[PID: 1468][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 1.0.6.411]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\3721\alrex.dll]  [, 2.5.0.1002]
    [C:\WINDOWS\DOWNLO~1\cnshook.dll]  [??因特?件(北京)有限公司, 2.5.1.6]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mnso1.dll]  [N/A, ]
    [C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll]  [Microsoft Corporation, 02.06.5000.5378 (winmain(wmbla).060313-1257)]
    [C:\Program Files\Common Files\ESRI\esriShellExt.dll]  [ESRI , 9.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8195]
    [C:\WINDOWS\system32\NVRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.8195]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL]  [Adobe Systems, Incorporated, 7.0]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 3, 1007]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll]  [VoyagerSoft, LLC, 3.1.430.0]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [C:\Program Files\Windows Desktop Search\MSNLQP.dll]  [Microsoft Corporation, 02.06.5000.5378 (winmain(wmbla).060313-1257)]
    [C:\Program Files\Windows Desktop Search\tquery.dll]  [Microsoft Corporation, 02.06.5000.5378 (winmain(wmbla).060313-1257)]
    [C:\Program Files\Windows Desktop Search\msstrc.dll]  [Microsoft Corporation, 02.06.5000.5378 (winmain(wmbla).060313-1257)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.1.411]
    [C:\WINDOWS\system32\dfshim.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Documents and Settings\Administrator\Application Data\Foxy\LinkMaker.dll]  [, 1, 1, 1, 0]
[PID: 1852][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 45]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
[PID: 1860][C:\Program Files\msnshell\msnshell.exe]  [, 3.1.0.531]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
[PID: 1884][C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\AVPGS.PPL]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avpgui.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\basegui.ppl]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.1.411]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\qb.ppl]  [Kaspersky Lab, 6.0.1.411]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mnso1.dll]  [N/A, ]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\report.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prutil.ppl]  [Kaspersky Lab, 6.0.1.411]
[PID: 1892][D:\Program Files\Inventec\Dreye\DreyeMT\msnplugin.exe]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
[PID: 1900][C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.10.6]
    [C:\Program Files\Java\jre1.6.0_01\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
[PID: 1908][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 3, 1007]
    [C:\PROGRA~1\3721\notifier.dll]  [, 2.5.0.1002]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID: 1924][C:\Program Files\iTunes\iTunesHelper.exe]  [Apple Computer, Inc., 7.0.2.16]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\Program Files\iTunes\iTunesHelper.Resources\zh_TW.lproj\iTunesHelperLocalized.DLL]  [Apple Computer, Inc., 7.0.2.1]
    [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL]  [Apple Computer, Inc., 7.0.2.16]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
[PID: 3192][C:\WINDOWS\system32\CTFMON.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
[PID: 264][C:\Program Files\KKman\KKMAN.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mnso1.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 1.0.6.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.1.411]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9841.0]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx]  [Adobe Systems, Inc., 9,0,45,0]
    [C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 10.1r11]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\ffdshow.ax]  [, 1, 0, 0, 1]
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 0, 9]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\Orbitdownloader\download.dll]  [Orbitdownloader.com, 2, 0, 0, 1]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mnso1.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 1.0.6.411]
    [C:\Program Files\Orbitdownloader\winfile.dll]  [orbitdownloader.com, 1, 0, 0, 1]
    [C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll]  [Microsoft Corporation, 02.06.5000.5378 (winmain(wmbla).060313-1257)]
    [C:\WINDOWS\DOWNLO~1\cnshook.dll]  [??因特?件(北京)有限公司, 2.5.1.6]
[PID: 1212][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\3721\alrex.dll]  [, 2.5.0.1002]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 1.0.6.411]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 3, 1007]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.7.2006011200]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll]  [VoyagerSoft, LLC, 3.1.430.0]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mnso1.dll]  [N/A, ]
    [C:\Program Files\Common Files\ESRI\esriShellExt.dll]  [ESRI , 9.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8195]
    [C:\WINDOWS\system32\NVRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.8195]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  [??因特?件(北京)有限公司, 2.5.0.5]
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  [??因特?件(北京)有限公司, 2.5.0.4]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Documents and Settings\Administrator\Application Data\Foxy\LinkMaker.dll]  [, 1, 1, 1, 0]
    [C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll]  [Microsoft Corporation, 02.06.5000.5378 (winmain(wmbla).060313-1257)]
[PID: 3364][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mnso1.dll]  [N/A, ]
[PID: 3992][C:\Downloads\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [??因特?件(北京)有限公司, 2.5.1.0]
    [C:\Program Files\msnshell\msnshell.dll]  [MagicShell, 3.1.0.531]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [D:\Program Files\Inventec\Dreye\DreyeMT\msnhook.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdll.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mnso1.dll]  [N/A, ]
    [C:\Downloads\sreng2\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 1.0.6.411]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
API HOOK
RVA Error:  LoadLibraryA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF5528B25)
RVA Error:  LoadLibraryExA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF5528D67)
RVA Error:  LoadLibraryExW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF5528F0B)
RVA Error:  LoadLibraryW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF5528C49)
RVA Error:  GetProcAddress (Dangerous Level: High,  Hooked by Module: Dest Addr: 0xF5528E8F)

==================================
Hidden Process
N/A

==================================





献花 x0 回到顶端 [楼 主] From:台湾 | Posted:2007-07-01 02:50 |
rien
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x3 鲜花 x34
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

SREng log只适合分析木马等恶意程式,很多病毒是看不出来的,因此中毒多深只能用防毒软体来分析


人生最重要的是拥有追随自己内心与直觉的勇气,千万不能被教条所局限,因为盲从教条只是活在别人的思考结果中,就是浪费生命。
献花 x0 回到顶端 [1 楼] From:台湾和信超媒体宽带网 | Posted:2007-07-01 08:29 |
jjdean
个人头像
个人文章 个人相簿 个人日记 个人地图
初露锋芒
级别: 初露锋芒 该用户目前不上站
推文 x0 鲜花 x6
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

还好啦!!3721和一个svhost32.exe删掉就会好多了..
不过这两个小朋友用防毒程式应该删不掉吧!!


Garmin 自立救济版【测速照相点】维护...
http://www.mobile01.com/topicdetail.php?f=228&t=522009&last=6240482
献花 x0 回到顶端 [2 楼] From:台湾固网公司 | Posted:2007-07-03 21:39 |

首页  发表文章 发表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.064397 second(s),query:16 Gzip disabled
本站由 瀛睿律师事务所 担任常年法律顾问 | 免责声明 | 本网站已依台湾网站内容分级规定处理 | 连络我们 | 访客留言