本页主题: 中毒很深打印 \| 加为IE收藏 \| 复制链接 \| 收藏主题 \| 上一主题 \| 下一主题

武大的狼

级别: 初级会员

精华: 0
发帖: 308
威望: 267 点
风云币: 4940 元
专家分: 0 分
在线时间:84(小时)
注册时间:2007-01-12
最后登录:2008-03-16

小中大引用推荐编辑只看复制

中毒很深

管理提醒：

本帖被 powerday 执行锁定操作(2007-04-17)

打开桌面上图标，因为没办法剪图象，就说下，比如打开桌面上QQ，就出现应用程序或DLL C：\program files\tencent\qq\basicCtrldll.dll为无效的WINDOWS映象。请再检测一遍你的安装盘。
打开EXE文件出现NSIS Error然后就是一堆英文，怎么办？

[ 此贴被武大的狼在2007-04-17 10:48重新编辑 ]

本帖最近评分记录：

风云币:+2(powerday) 恭喜你问题得到解决！

坚持，激情，奋斗…勇往直前！

顶端 Posted: 2007-04-15 15:41 | [楼主]

郑宇鸣

I'm a vegetable bird

级别: F.Y.C成员

精华: 0
发帖: 3986
威望: 451 点
风云币: 1103 元
专家分: 226 分
论坛群: 管理团队
在线时间:1053(小时)
注册时间:2007-01-07
最后登录:2008-04-28

When you give of yourself, you receive more than you give.

顶端 Posted: 2007-04-15 15:47 | 1 楼

武大的狼

级别: 初级会员

精华: 0
发帖: 308
威望: 267 点
风云币: 4940 元
专家分: 0 分
在线时间:84(小时)
注册时间:2007-01-12
最后登录:2008-03-16

小中大引用推荐编辑只看复制

2007-04-15,14:11:04

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\Ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KavStart><"C:\kav2005\KAVStart.exe" -startup> [Kingsoft Corporation]
<CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<azcfg><%systemroot%\system32\Rundll32.exe %systemroot%\system32\azcfg.dll,DllUnregisterServer> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Corporation]
<{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\cnshook.dll> [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Corporation]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Corporation]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Corporation]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Corporation]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\ssstars.scr> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<0w9g6><; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\c0nime.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Alcmtr><; ALCMTR.EXE> [(Verified)Realtek Semiconductor Corp.]
<Anti-Spy Tools><; D:\bhcc\ast\AST.exe -min> [DSW Lab]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<blin><; "C:\Documents and Settings\Administrator\blin\blin.exe" -background> [(Verified)BLin Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<CnsM.dll><; Rundll32.exe C:\PROGRA~1\3721\CnsM.dll,Rundll32> [N/A]
<CnsMin><; Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
<EnergyCut><; C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe> [N/A]
<EnergyUtility><; C:\Program Files\Lenovo\EnergyCut\utilty.exe> [TODO: <Company name>]
<High Definition Audio Property Page Shortcut><; CHDAudPropShortcut.exe> [(Verified)Windows (R) Server 2003 DDK provider]
<iDuba Personal FireWall><; > [N/A]
<igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe> [N/A]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<KavPFW><; "C:\kav2005\KPFW32.EXE"> [Kingsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Kavrun><; > [N/A]
<miniqqlive><; "C:\Program Files\Tencent\QQLive\MiniQQLive.exe"> [Tencent]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Power2GoExpress><; ???> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [Cyberlink Corp.]
<RTHDCPL><; RTHDCPL.EXE> [(Verified)Realtek Semiconductor Corp.]
<shualai><; C:\WINDOWS\shualai.exe /i> [N/A]
<SkyTel><; SkyTel.EXE> [(Verified)Realtek Semiconductor Corp.]
<SmartAudio><; C:\Program Files\CONEXANT\SmartAudio\SmartAudio.exe -c> [Conexant]
<SMSERIAL><; C:\WINDOWS\sm56hlpr.exe> [(Verified)Motorola Inc.]
<StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]
<SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Synaptics, Inc.]

==================================
启动文件夹
N/A

==================================
服务
[18A30C0A / 18A30C0A]
<C:\WINDOWS\system32\18A30C0A.EXE -d><Microsoft Corporation>
[ASP.NET State Service / aspnet_state]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Windows buis RunThem / buis]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\wmak\gwnx.dll>< >
[error monitor / EmonSrv]
<C:\WINDOWS\system32\lfrmewrk.exe><N/A>
[General Updater/AutoUpdater Service / GUA]
<"C:\Program Files\lenovo\GUA\GUA.exe"><lenovo>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IGRS / IGRS]
<C:\Program Files\Lenovo\IGRS\IGRS.exe><联想集团有限公司>
[IGRSFILE / IGRSFILE]
<C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe><Lenovo Group Limited>
[IgrsMonitor / IgrsMonitor]
<C:\WINDOWS\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\IgrsMonitor.dll><联想集团有限公司>
[Intelligent Network Config / IncSvc]
<C:\WINDOWS\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\IncSvc.dll><联想集团有限公司>
[Kerberos Key Distribution Centers / kkdc]
<C:\WINDOWS\lsass.exe -netsvcs><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc]
<"C:\kav2005\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc]
<C:\kav2005\KWatch.EXE><Kingsoft Corporation>
[MicroGrid DirectRouter / MicroGrid.DirectRouter]
<C:\WINDOWS\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\router.dll><联想集团有限公司>
[Remote / Remote]
<C:\WINDOWS\system32\kaspersky.exe><N/A>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd]
<"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
[Network Security / Templates]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\xpmyz.dll><Microsoft Corporation>
[WinWMService / WinWMService]
<C:\WINDOWS\system32\RAVWM.EXE><N/A>

==================================
驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC]
<system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[CnsMinKP / CnsMinKP]
<\SystemRoot\system32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[FrzSys / FrzSys]
<C:\WINDOWS\SYSTEM32\DRIVERS\FrzSys.SYS><PowerShadow>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService]
<system32\drivers\CHDAud.sys><Conexant Systems Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HSFHWAZL / HSFHWAZL]
<system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV]
<system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[ialm / ialm]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[KNetWch / KNetWch]
<\??\C:\kav2005\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3]
<\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[mdmxsdk / mdmxsdk]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[NetGroup Packet Filter Driver / NPF]
<system32\drivers\npf.sys><N/A>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Padus ASPI Shell / pfc]
<system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[sjsck / sjsck]
<\SystemRoot\\SystemRoot\System32\drivers\sjsck.sys><N/A>
[smserial / smserial]
<system32\DRIVERS\smserial.sys><Motorola Inc.>
[Synaptics TouchPad Driver / SynTP]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[tifm21 / tifm21]
<system32\drivers\tifm21.sys><Texas Instruments>
[Conexant Setup API / UIUSys]
<system32\DRIVERS\UIUSYS.SYS><Conexant Systems, Inc>
[usb8028x / usb8028x]
<system32\drivers\usb8028x.sys><Windows System Internal>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51]
<system32\DRIVERS\w39n51.sys><Intel? Corporation>
[winachsf / winachsf]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>

==================================
浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[CBrowseStakeout Class]
{55302805-482E-470E-8A57-6795A1487F90} <C:\kav2005\KAVAFish.DLL, Kingsoft Corporation>
[CPPIE Class]
{C6844939-C324-41E0-84D0-D42F8DA5EBAD} <C:\WINDOWS\system32\hbcmd.dll, TODO: <公司名>>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, 北京三七二一科技有限公司>
[Yahoo 3.5G电邮]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
{59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
{5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
{6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[情景聊天]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
{FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Menu Class]
{27D784D7-9217-4227-B43B-E06E4781E0CB} <C:\WINDOWS\system32\AlxTB1.dll, N/A>
[CBrowseStakeout Class]
{55302805-482E-470E-8A57-6795A1487F90} <C:\kav2005\KAVAFish.DLL, Kingsoft Corporation>
[BrowserProxy4 Class]
{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3} <C:\WINDOWS\system32\AlxTB1.dll, N/A>
[AutoLive]
{7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, >
[IETimeBehaviorFactory Class]
{A4639D29-774E-11D3-A490-00C04F6843FB} <C:\PROGRA~1\COMMON~1\MICROS~1\MSORUN\MSORUN.DLL, Microsoft Corporation>
[IEAnimBehaviorFactory Class]
{A4639D2F-774E-11D3-A490-00C04F6843FB} <C:\PROGRA~1\COMMON~1\MICROS~1\MSORUN\MSORUN.DLL, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[CPPIE Class]
{C6844939-C324-41E0-84D0-D42F8DA5EBAD} <C:\WINDOWS\system32\hbcmd.dll, TODO: <公司名>>
[CnsHook Class]
{D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[VqqSpeedDlProxy Class]
{F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, N/A>
[金山毒霸反钓鱼...]
<C:\kav2005\KAF\ShowSet.htm, N/A>

==================================
正在运行的进程
[PID: 160][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 208][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 232][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 276][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 288][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 440][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 500][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, N/A]
[PID: 560][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004][C:\WINDOWS\system32\igfxsrvc.exe] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4543]
[PID: 1172][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 5]
[C:\WINDOWS\DOWNLO~1\CnsMinIO.dll] [北京三七二一科技有限公司, 2, 5, 0, 3]
[C:\WINDOWS\DOWNLO~1\cnsio.dll] [北京三七二一科技有限公司, 2, 5, 0, 2]
[C:\WINDOWS\DOWNLO~1\CnsMinEx.dll] [国风因特软件(北京)有限公司, 2, 5, 0, 2]
[PID: 1228][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 5]
[PID: 1768][G:\Dr.Web\drweb32w.exe] [Doctor Web, Ltd., 4, 33, 2, 10067]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 5]
[G:\Dr.Web\dwebllio.dll] [Doctor Web Ltd., 4, 32, 0, 0]
[PID: 1868][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 5]
[C:\WINDOWS\DOWNLO~1\cnshook.dll] [北京三七二一科技有限公司, 2.5.0.3]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543]
[C:\kav2005\KAVEXT.DLL] [Kingsoft Corporation, 2005, 8, 5, 16]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[PID: 1688][G:\我的软件\木马杀客\mmsk.exe] [N/A, N/A]
[G:\我的软件\木马杀客\krnln.fnr] [, 1, 0, 0, 1]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 5]
[G:\我的软件\木马杀客\iext.fne] [, 1, 0, 0, 1]
[G:\我的软件\木马杀客\HtmlView.fne] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, N/A]
[G:\我的软件\木马杀客\TrayIcon.fne] [, 1, 0, 0, 1]
[G:\我的软件\木马杀客\iext2.fne] [, 1, 0, 0, 1]
[G:\我的软件\木马杀客\HYExtLib.fne] [N/A, N/A]
[G:\我的软件\木马杀客\xplib.fne] [N/A, N/A]
[G:\我的软件\木马杀客\shell.fne] [N/A, N/A]
[G:\我的软件\木马杀客\eAPI.fne] [, 1, 0, 0, 1]
[G:\我的软件\木马杀客\EThread.fne] [N/A, N/A]
[G:\我的软件\木马杀客\dp1.fne] [N/A, N/A]
[PID: 1744][C:\Program Files\WinRAR\WinRAR.exe] [N/A, N/A]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 5]
[C:\WINDOWS\DOWNLO~1\cnshook.dll] [北京三七二一科技有限公司, 2.5.0.3]
[PID: 1800][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.609\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 5]
[C:\WINDOWS\system32\TcpIpDog0.dll] [N/A, N/A]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
MSAFD Tcpip [UDP/IP]
C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
MSAFD Tcpip [RAW/IP]
C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
RSVP UDP Service Provider
C:\WINDOWS\system32\TcpIpDogR0.dll(N/A, N/A)
RSVP TCP Service Provider
C:\WINDOWS\system32\TcpIpDogR0.dll(N/A, N/A)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 popwin.9983.com
219.129.239.223 www.npjxjy.com
219.129.239.223 quxiuu.com
219.129.239.223 www.23b.cn
219.129.239.223 www.baidulink.com
219.129.239.223 www.ookkw.com
219.129.239.223 www.97725.com
219.129.239.223 www.54699.com
219.129.239.223 www.wu7x.cn
219.129.239.223 d.qbbd.com
219.129.239.223 w.qbbd.com
219.129.239.223 web.77276.com
219.129.239.223 www.77276.com
219.129.239.223 www.npjxjy.com
219.129.239.223 www.baidulink.com
219.129.239.223 www.ookkw.com
219.129.239.223 www.wu7x.cn
219.129.239.223 www.wwwlm.net
219.129.239.223 dm1.yiall.com
219.129.239.223 www.my6688.cn
219.129.239.223 www.union123.com
219.129.239.223 www.ktan.cn
219.129.239.223 www.2t2t.cn
219.129.239.223 www.cq530.com
219.129.239.223 www.365tc.com
219.129.239.223 ad.qucha.net
219.129.239.223 www.tan8.cn
219.129.239.223 www.itjj.net
219.129.239.223 www.start188.com
219.129.239.223 www.at58.cn
219.129.239.223 union.yxad.com
219.129.239.223 www.iptan.com
219.129.239.223 www.ip2008.net
219.129.239.223 www.yqif.com
219.129.239.223 www.2t2t.cn
219.129.239.223 www.688ip.com
219.129.239.223 www.17tc.com
219.129.239.223 www1.6tan.com
219.129.239.223 www2.6tan.com
219.129.239.223 www.6tan.com
219.129.239.223 www.zztan.com
219.129.239.223 www.5tanip.com
219.129.239.223 www.16tc.com
219.129.239.223 www.163se.net
219.129.239.223 www.168080.com
219.129.239.223 www.baidu8.org
219.129.239.223 www.qqwei.com
219.129.239.223 10.166.cn
219.129.239.223 9.166.cn
219.129.239.223 8.166.cn
219.129.239.223 7.166.cn
219.129.239.223 6.166.cn
219.129.239.223 5.166.cn
219.129.239.223 4.166.cn
219.129.239.223 3.166.cn
219.129.239.223 2.166.cn
219.129.239.223 1.166.cn
219.129.239.223 0.166.cn
219.129.239.223 pro.89178.com
219.129.239.223 www.89178.com
219.129.239.223 666.89178.com
219.129.239.223 888.89178.com
219.129.239.223 999.89178.com
219.129.239.223 net888.89178.com
219.129.239.223 net888.89178.com
219.129.239.223 89178.com
219.129.239.223 www.166.cn
219.129.239.223 www.so1.cn
219.129.239.223 new.jixie123.cn
219.129.239.223 www.x.com.cn
219.129.239.223 qz.magforum.net
219.129.239.223 cnnew.zcom.com
219.129.239.223 flash.btbbt.com
219.129.239.223 www.joyo.com
219.129.239.223 www.nze21.com
219.129.239.223 www.437799.com
219.129.239.223 www.168080.com
219.129.239.223 new2.jixie123.cn
219.129.239.223 info.souvv.cn
219.129.239.223 www.18dmm.com
219.129.239.223 www.souxse.cn
219.129.239.223 x.vvcyin.com
219.129.239.223 dm1.yiall.com
219.129.239.223 www.168080.com
219.129.239.223 www.nze21.com
219.129.239.223 www.puma163.com
219.129.239.223 www.138505.com

==================================

坚持，激情，奋斗…勇往直前！

顶端 Posted: 2007-04-15 15:49 | 2 楼

武大的狼

级别: 初级会员

精华: 0
发帖: 308
威望: 267 点
风云币: 4940 元
专家分: 0 分
在线时间:84(小时)
注册时间:2007-01-12
最后登录:2008-03-16