风云小站 » 『 求助专区 』 » 请高手帮帮忙,看看这到底是什么病毒。帮忙找个专杀
本页主题: 请高手帮帮忙,看看这到底是什么病毒。帮忙找个专杀 打印 | 加为IE收藏 | 复制链接 | 收藏主题 | 上一主题 | 下一主题

hujian
级别: 资深会员


精华: 0
发帖: 220
威望: 1163 点
风云币: 4085 元
专家分: 0 分
在线时间:274(小时)
注册时间:2007-02-21
最后登录:2021-11-10
引用 推荐 编辑 只看 复制

 请高手帮帮忙,看看这到底是什么病毒。帮忙找个专杀

管理提醒:
本帖被 无名的小兵 执行锁定操作(2007-07-12)
我的机子中了这个病毒
NOD32报的是  Win32Agent.NAV 蠕虫
可杀了两天了,怎么感染的更多了居然有几十万个。
可诺顿报的是  w32.rajump
可我下了一个w32.rajump专杀却说没有w32.rajump病毒
诺顿居然不能修复,也不能隔离/NOD32也不能删除。
都没有办法了
请高手帮帮忙。


在这里要谢谢magic1
[ 此贴被hujian在2007-07-12 01:16重新编辑 ]
本帖最近评分记录:
  • 风云币:+2(无名的小兵) 恭喜您的问题得到解决, ..
    • 顶端 Posted: 2007-07-10 12:10 | [楼 主]
    cloud
    小克
    助人为乐奖
    级别: 黑铁会员


    精华: 0
    发帖: 4319
    威望: 3078 点
    风云币: 2632 元
    专家分: 2 分
    在线时间:1655(小时)
    注册时间:2007-01-12
    最后登录:2008-04-30
    引用 推荐 编辑 只看 复制

     

    用AVG应该能解决

    翦翦紫陌 cloud

    顶端 Posted: 2007-07-10 12:14 | 1 楼
    52038
    等我飞出来~。。。。。
    级别: 荣誉会员


    精华: 2
    发帖: 3389
    威望: 1855 点
    风云币: 2084 元
    专家分: 0 分
    论坛群: ☆黄鱼党☆
    在线时间:657(小时)
    注册时间:2006-07-18
    最后登录:2008-04-27
    引用 推荐 编辑 只看 复制

     

    下一个 绿色的江民看下
    可以更新的
    相关地址
    https://www.fyhome.us/read.php?tid=68927&keyword=%D2%C6%B6%AF
    记得来到大学第一次洗澡只用了一毛钱

    顶端 Posted: 2007-07-10 12:24 | 2 楼
    zxcp1314
    级别: 中级会员


    精华: 0
    发帖: 67
    威望: 566 点
    风云币: 2054 元
    专家分: 0 分
    在线时间:5(小时)
    注册时间:2007-01-13
    最后登录:2008-03-20
    引用 推荐 编辑 只看 复制

     

    进安全模式试试
    黑夜给了我黑色的眼睛,我却用它来带博士伦!
    顶端 Posted: 2007-07-10 12:51 | 3 楼
    magic1
    蚊香
    级别: F.Y.C成员


    精华: 0
    发帖: 2168
    威望: 667 点
    风云币: 3219 元
    专家分: 81 分
    在线时间:319(小时)
    注册时间:2007-01-12
    最后登录:2008-04-30
    引用 推荐 编辑 只看 复制

     

    关闭系统还原  清空临时文件后 点击这里下载SREng  扫描一个log贴上来,扫描时请尽量关闭其他手动打开的程序

    选择"智能扫描"功能,把保存的log贴上来
    1、解压缩sreng2.zip 
    2、运行SREng2.exe
    3. 如果下载后不能运行请删除已下载的,然后重新下载.下载后首先不要运行先将下载的SREng.exe重命名为SREng.com(SREng.scr\SREng.bat\SREng.pif)或者abc.exe运行.
    4、智能扫描=》扫描=》保存报告
    5、把日志SREngLOG.log中的报告完整***粘贴上来,[全选(Ctrl+a) >>***(Ctrl+c) >>粘贴(Ctrl+v)] 上来,不要修改
    WwW.XPi386.Com.CN
    顶端 Posted: 2007-07-10 14:41 | 4 楼
    rongzhijie7
    一直是新手
    助人为乐奖
    级别: 风云精英


    精华: 0
    发帖: 4800
    威望: 2557 点
    风云币: 152009 元
    专家分: 0 分
    在线时间:313(小时)
    注册时间:2006-08-20
    最后登录:2008-04-29
    引用 推荐 编辑 只看 复制

     

    在安全模式下用AVG试试吧楼主


    欢迎光临我的BLOG[真NB·中国]——http://realnb.cn
    顶端 Posted: 2007-07-10 17:19 | 5 楼
    hujian
    级别: 资深会员


    精华: 0
    发帖: 220
    威望: 1163 点
    风云币: 4085 元
    专家分: 0 分
    在线时间:274(小时)
    注册时间:2007-02-21
    最后登录:2021-11-10
    引用 推荐 编辑 只看 复制

     

    [CODE]

    2007-07-10,19:31:29

    System Repair Engineer 2.5.16.900
    Smallfrogs (http://www.KZTechs.com)

    Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

    以下内容被选中:
        所有的启动项目(包括注册表、启动文件夹、服务等)
        浏览器加载项
        正在运行的进程(包括进程模块信息)
        文件关联
        Winsock 提供者
        Autorun.inf
        HOSTS 文件
        进程特权扫描


    启动项目
    注册表
    [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
        <load><>  [N/A]
        <run><>  [N/A]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
        <BeatTrojan><D:\Program Files\木马清除***2007\BeatTrojanMon.exe>  [北京盛世京天科技]
        <NvCplDaemon><RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
        <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
        <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
        <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
        <Anti-Spy Tools><D:\Program Files\ast\AST.exe -min>  [DSW Lab]
        <!AVG Anti-Spyware><"D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [(Verified)GRISOFT LTD]
        <nod32kui><"d:\Program Files\Eset\nod32kui.exe" /WAITSERVICE>  [Eset ]
        <360Safetray><d:\Program Files\360safe\safemon\360Tray.exe /start>  [奇虎网]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
        <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
        <Userinit><C:\windows\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
        <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
        <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
        <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
        <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
        <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
        <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
        <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
        <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
        <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
        <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]

    ==================================
    启动文件夹
    N/A

    ==================================
    服务
    [Application Management / AppMgmt][Stopped/Manual Start]
      <C:\windows\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
    [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
      <D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.>
    [Bluetooth Service / btwdins][Running/Auto Start]
      <C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe><Broadcom Corporation.>
    [Symantec Event Manager / ccEvtMgr][Running/Auto Start]
      <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
    [Symantec Password Validation / ccPwdSvc][Stopped/Manual Start]
      <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
    [Symantec Settings Manager / ccSetMgr][Running/Auto Start]
      <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
    [CyberLink Background Capture Service (CBCS) / CLCapSvc][Running/Auto Start]
      <"C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLCapSvc.exe"><>
    [CyberLink Task Scheduler (CTS) / CLSched][Running/Auto Start]
      <"C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLSched.exe"><>
    [CyberLink Media Library Service / CyberLink Media Library Service][Running/Auto Start]
      <"C:\Program Files\Lenovo\ShuttleCenter\Kernel\CLML_NTService\CLMLServer.exe"><Cyberlink>
    [Human Interface Device Access / HidServ][Stopped/Disabled]
      <C:\windows\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
    [IGRS / IGRS][Running/Auto Start]
      <C:\Program Files\Lenovo\IGRS\IGRS.exe><联想集团有限公司>
    [IGRSFILE / IGRSFILE][Running/Auto Start]
      <C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe><Lenovo Group Limited>
    [IgrsFileShare / IgrsFileShare][Running/Auto Start]
      <"C:\Program Files\Lenovo\IGRS EasyShare\FileShare.exe"><联想集团有限公司>
    [IgrsMonitor / IgrsMonitor][Running/Auto Start]
      <C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\IgrsMonitor.dll><联想集团有限公司>
    [Intelligent Network Config / IncSvc][Running/Auto Start]
      <C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\IncSvc.dll><联想集团有限公司>
    [LiveUpdate / LiveUpdate][Stopped/Manual Start]
      <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation>
    [MicroGrid DirectRouter / MicroGrid.DirectRouter][Running/Auto Start]
      <C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\router.dll><联想集团有限公司>
    [Norton AntiVirus Auto-Protect Service / navapsvc][Running/Auto Start]
      <"C:\Program Files\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
    [NOD32 Kernel Service / NOD32krn][Running/Disabled]
      <"C:\Program Files\Eset\nod32krn.exe"><Eset>
    [Norton AntiVirus Firewall Monitor Service / NPFMntor][Running/Auto Start]
      <"C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"><Symantec Corporation>
    [NVIDIA Display Driver Service / NVSvc][Stopped/Auto Start]
      <C:\windows\system32\nvsvc32.exe><NVIDIA Corporation>
    [Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
      <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
    [Rising Personal Firewall Service / RfwService][Running/Auto Start]
      <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
    [Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
      <"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"><>
    [SAVScan / SAVScan][Running/Auto Start]
      <"C:\Program Files\Norton AntiVirus\SAVScan.exe"><Symantec Corporation>
    [ScriptBlocking Service / SBService][Stopped/Auto Start]
      <C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
    [Symantec Network Drivers Service / SNDSrvc][Running/Auto Start]
      <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
    [Symantec SPBBCSvc / SPBBCSvc][Running/Auto Start]
      <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
    [Symantec Core LC / Symantec Core LC][Running/Auto Start]
      <C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe><Symantec Corporation>
    [自动 LiveUpdate 调度程序 / 自动 LiveUpdate 调度程序][Running/Auto Start]
      <"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation>

    ==================================
    驱动程序
    [Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
      <system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
    [Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
      <system32\DRIVERS\AGRSM.sys><Agere Systems>
    [AntiyNF / AntiyNF][Running/Auto Start]
      <system32\drivers\AntiyNF.sys><N/A>
    [Apaidi / Apaidi][Running/Auto Start]
      <\??\C:\WINDOWS\system32\drivers\Apaidi.sys><N/A>
    [Alps Pointing-device Filter Driver / ApfiltrService][Running/Manual Start]
      <system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
    [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
      <\??\D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
    [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
      <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
    [Rising TDI Base Driver / BaseTDI][Running/Auto Start]
      <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
    [蓝牙音频设备 / btaudio][Running/Manual Start]
      <system32\drivers\btaudio.sys><Broadcom Corporation.>
    [蓝牙虚拟通信驱动程序 / BTDriver][Stopped/Manual Start]
      <system32\DRIVERS\btport.sys><Broadcom Corporation.>
    [蓝牙总线枚举器 / BTKRNL][Running/Manual Start]
      <system32\DRIVERS\btkrnl.sys><Broadcom Corporation.>
    [蓝牙局域网接入服务器 / BTWDNDIS][Stopped/Manual Start]
      <system32\DRIVERS\btwdndis.sys><Broadcom Corporation.>
    [蓝牙调制解调器 / btwmodem][Stopped/Manual Start]
      <system32\DRIVERS\btwmodem.sys><Broadcom Corporation.>
    [Dritek HotKey Keyboard Filter Driver / DKbFltr][Running/Manual Start]
      <System32\Drivers\DKbFltr.sys><Dritek System Inc.>
    [Dritek General Port I/O / DritekPortIO][Running/Auto Start]
      <\??\C:\PROGRA~1\EzButton\DPortIO.sys><Dritek System Inc.>
    [EagleNT / EagleNT][Stopped/Manual Start]
      <\??\C:\windows\system32\drivers\EagleNT.sys><N/A>
    [gwiopm / gwiopm][Stopped/Manual Start]
      <\??\D:\Program Files\优化***\gwiopm.sys><N/A>
    [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
      <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
    [HookUrl / HookUrl][Running/Auto Start]
      <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
    [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
      <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
    [mProcRs / mProcRs][Running/Auto Start]
      <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
    [NAVENG / NAVENG][Running/Manual Start]
      <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070704.024\NAVENG.Sys><Symantec Corporation>
    [NAVEX15 / NAVEX15][Running/Manual Start]
      <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070704.024\NavEx15.Sys><Symantec Corporation>
    [用于 Windows XP 32 Bit 版的英特尔(R) PRO/无线 3945ABG 适配器驱动程序 / NETw3x32][Stopped/Manual Start]
      <system32\DRIVERS\NETw3x32.sys><Intel? Corporation>
    [nod32drv / nod32drv][Running/Disabled]
      <\SystemRoot\system32\drivers\nod32drv.sys><N/A>
    [npkcrypt / npkcrypt][Stopped/Manual Start]
      <\??\C:\windows\system32\npkcrypt.sys><N/A>
    [npkycryp / npkycryp][Stopped/Manual Start]
      <\??\C:\windows\system32\npkycryp.sys><N/A>
    [nv / nv][Running/Manual Start]
      <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
    [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
      <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
    [rimmptsk / rimmptsk][Running/Manual Start]
      <system32\DRIVERS\rimmptsk.sys><REDC>
    [rimsptsk / rimsptsk][Running/Manual Start]
      <system32\DRIVERS\rimsptsk.sys><REDC>
    [Ricoh xD-Picture Card Driver / rismxdp][Running/Manual Start]
      <system32\DRIVERS\rixdptsk.sys><REDC>
    [RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
      <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
    [RsFwDrv / RsFwDrv][Running/Auto Start]
      <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
    [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Stopped/Manual Start]
      <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
    [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
      <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
    [SAVRT / SAVRT][Running/System Start]
      <\??\C:\Program Files\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
    [SAVRTPEL / SAVRTPEL][Running/System Start]
      <\??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
    [Secdrv / Secdrv][Stopped/Manual Start]
      <system32\DRIVERS\secdrv.sys><N/A>
    [SERIALOX / SERIALOX][Running/Manual Start]
      <system32\DRIVERS\SERIALOX.sys><OEM>
    [SPBBCDrv / SPBBCDrv][Running/System Start]
      <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
    [SYMDNS / SYMDNS][Running/Manual Start]
      <\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation>
    [SymEvent / SymEvent][Running/Manual Start]
      <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
    [SYMFW / SYMFW][Running/Manual Start]
      <\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation>
    [SYMIDS / SYMIDS][Running/Manual Start]
      <\SystemRoot\System32\Drivers\SYMIDS.SYS><Symantec Corporation>
    [SYMIDSCO / SYMIDSCO][Running/Manual Start]
      <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20070628.004\symidsco.sys><Symantec Corporation>
    [symlcbrd / symlcbrd][Running/Auto Start]
      <\??\C:\WINDOWS\system32\drivers\symlcbrd.sys><Symantec Corporation>
    [SYMNDIS / SYMNDIS][Running/Manual Start]
      <\SystemRoot\System32\Drivers\SYMNDIS.SYS><Symantec Corporation>
    [SYMREDRV / SYMREDRV][Running/Manual Start]
      <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
    [SYMTDI / SYMTDI][Running/System Start]
      <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
    [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
      <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
    [AMON / AMON][Stopped/Auto Start]
      <\SystemRoot\system32\drivers\amon.sys><Eset>

    ==================================
    浏览器加载项
    [ThunderAtOnce Class]
      {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
    [Thunder Browser Helper]
      {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
    [NavigatMon Class]
      {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <d:\Program Files\360safe\safemon\safemon.dll, >
    [Norton AntiVirus]
      {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
    [金山快译(&K)]
      {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Common Files\Kingsoft\Extract\AddIns\IEBand.dll, 金山软件股份有限公司>
    [卡卡上网安全助手]
      {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\windows\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
    [Shockwave Flash Object]
      {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
    [金山毒霸在线产品升级]
      {E847C78C-C210-4195-8799-FBF3BF89797D} <C:\windows\system32\kingsoft\KOS\KOSInit.ocx, 金山软件股份有限公司>
    [Thunder Browser Helper]
      {0055C088-8582-441B-A0BF-17B458C2A3A8} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
    [IDMIEHlprObj Class]
      {0055C089-8582-441B-A0BF-17B458C2A3A8} <C:\Program Files\Internet Download Manager\IDMIECC.dll, N/A>
    [ThunderAtOnce Class]
      {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
    [闪联任意通]
      {0C9B3AB9-DEDF-11D8-A2D4-0050FC464B19} <C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll, 联想集团有限公司>
    [Windows Media Player]
      {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
    [PhotoDraw Class]
      {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <D:\Program Files\Tencent\QQ\Qzone\QQPhotoDraw.dll, N/A>
    [HTML Document]
      {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
    [DHTML Edit Control Safe for Scripting for IE5]
      {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
    [HtmlDlgSafeHelper Class]
      {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
    [Tabular Data Control]
      {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
    [Norton AntiVirus]
      {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
    [XML Document]
      {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
    [Thunder Agent Class]
      {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
    [HHCtrl Object]
      {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
    [Shell Name Space]
      {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
    [WUWebControl Class]
      {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
    [Windows Media Player]
      {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [金山快译(&K)]
      {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\Program Files\Common Files\Kingsoft\Extract\AddIns\IEBand.dll, 金山软件股份有限公司>
    [Active Desktop Mover]
      {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
    [360SafeLive]
      {87515F61-A66C-4319-A0E0-D416CB8059E3} <d:\Program Files\360safe\live.dll, 360safe.com>
    [Microsoft Web 浏览器]
      {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
    [Thunder Browser Helper]
      {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
    [Microsoft Scriptlet Component]
      {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
    [SearchAssistantOC]
      {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
    [NavigatMon Class]
      {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <d:\Program Files\360safe\safemon\safemon.dll, >
    [RDS.DataSpace]
      {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
    [CNavExtBho Class]
      {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
    [AUDIO__MID Moniker Class]
      {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__MP3 Moniker Class]
      {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__MPEGURL Moniker Class]
      {CD3AFA78-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__WAV Moniker Class]
      {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__X_MS_WMA Moniker Class]
      {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__X_MS_ASF Moniker Class]
      {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__X_MS_WMV Moniker Class]
      {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [RealPlayer G2 Control]
      {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
    [Shockwave Flash Object]
      {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
    [卡卡上网安全助手]
      {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\windows\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
    [金山毒霸在线产品升级]
      {E847C78C-C210-4195-8799-FBF3BF89797D} <C:\windows\system32\kingsoft\KOS\KOSInit.ocx, 金山软件股份有限公司>
    [使用迅雷下载]
      <D:\Program Files\Thunder\Program\geturl.htm, N/A>
    [使用迅雷下载全部链接]
      <D:\Program Files\Thunder\Program\getallurl.htm, N/A>

    ==================================
    正在运行的进程
    [PID: 380 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 428 / SYSTEM][\??\C:\windows\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 456 / SYSTEM][\??\C:\windows\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 500 / SYSTEM][C:\windows\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 512 / SYSTEM][C:\windows\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 660 / SYSTEM][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 720 / NETWORK SERVICE][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 760 / SYSTEM][C:\windows\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 812 / NETWORK SERVICE][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
        [C:\windows\system32\imon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_imon.dll]  [N/A, ]
    [PID: 844 / LOCAL SERVICE][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 868 / SYSTEM][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 35]
        [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
        [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
        [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
        [c:\program files\rising\rfw\psapi.dll]  [Microsoft Corporation, 4.00]
        [c:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
        [c:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
        [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [PID: 1464 / SYSTEM][C:\windows\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
        [C:\windows\system32\bthcrp.dll]  [Broadcom Corporation., 5.1.0.1700]
        [C:\windows\system32\WidcommSdk.dll]  [Broadcom Corporation., 5.1.0.1700]
        [C:\windows\system32\wbtapi.dll]  [Broadcom Corporation., 5.1.0.1700]
    [PID: 1572 / SYSTEM][C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe]  [Broadcom Corporation., 5.1.0.1700]
    [PID: 1584 / SYSTEM][C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLCapSvc.exe]  [, 4.05.2228]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLCapEngine.dll]  [, 4.05.2228]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\PCMRRec4.dll]  [CyberLink Corp., 4.01.2615]
        [C:\windows\system32\msdmo.dll]  [, ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLSQLDBRec4.dll]  [, 4.01.1405]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLCapSvcps.dll]  [N/A, ]
    [PID: 1608 / SYSTEM][C:\Program Files\Lenovo\ShuttleCenter\Kernel\CLML_NTService\CLMLServer.exe]  [Cyberlink, 2, 1, 0, 1815]
    [PID: 1640 / SYSTEM][C:\Program Files\Lenovo\ShuttleCenter\Kernel\CLML_NTService\CLMLService.exe]  [Cyberlink, 2, 1, 0, 1815]
        [C:\windows\system32\msdmo.dll]  [, ]
    [PID: 1644 / SYSTEM][C:\Program Files\Lenovo\IGRS\IGRS.exe]  [联想集团有限公司, 1.0.1.217]
        [C:\Program Files\Lenovo\IGRS\framework.dll]  [联想集团有限公司, 1.0.1.217]
        [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
        [C:\Program Files\Lenovo\IGRS\ReliablePlugin.dll]  [联想集团有限公司, 1.0.1.217]
        [C:\Program Files\Lenovo\IGRS\CorePlugin.dll]  [联想集团有限公司, 1.0.1.217]
        [C:\Program Files\Lenovo\IGRS\SocketPlugin.dll]  [联想集团有限公司, 1.0.1.217]
        [C:\Program Files\Lenovo\IGRS\BTComPlugin.dll]  [联想集团有限公司, 1.0.1.217]
        [C:\Program Files\Lenovo\IGRS\SerialPortMonitor.dll]  [lenovo, 1, 0, 1, 19]
        [C:\Program Files\Lenovo\IGRS\ProxyPlugin.dll]  [联想集团有限公司, 1.0.1.217]
        [C:\Program Files\Lenovo\IGRS\SvcHostPlugin.dll]  [联想集团有限公司, 1.0.1.217]
    [PID: 1668 / SYSTEM][C:\windows\System32\IgrsSvcs.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
        [c:\program files\lenovo\igrs\ext\incsvc.dll]  [联想集团有限公司, 1, 0, 1, 14]
        [C:\windows\system32\wmcdrv.dll]  [Lenovo Group Limited, 3, 1, 0, 13]
        [c:\program files\lenovo\igrs\ext\igrsmonitor.dll]  [联想集团有限公司, 1, 2, 1, 21]
        [C:\windows\system32\IgrsApi.dll]  [Lenovo Group Limited, 1.0.1.195]
        [c:\program files\lenovo\igrs\ext\router.dll]  [联想集团有限公司, 1, 5, 0, 17]
    [PID: 2012 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe]  [, 1.1.0808  ]
    [PID: 2156 / SYSTEM][C:\windows\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 2484 / SYSTEM][C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLSched.exe]  [, 4.05.2228]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLCapSvcps.dll]  [N/A, ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLSchMgr.dll]  [, 4.05.2228]
    [PID: 2512 / SYSTEM][C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe]  [Lenovo Group Limited, 1, 0, 0, 4]
        [C:\windows\system32\IgrsApi.dll]  [Lenovo Group Limited, 1.0.1.195]
        [C:\Program Files\lenovo\IGRS Profiles\File Profile\Util.dll]  [, 1, 0, 1, 1]
        [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
        [C:\Program Files\lenovo\IGRS Profiles\File Profile\FrameWork.dll]  [Lenovo, 1, 0, 1, 1]
        [C:\Program Files\lenovo\IGRS Profiles\File Profile\FileProfileModule.dll]  [Lenovo Group Limited, 2, 0, 2, 35]
        [C:\Program Files\lenovo\IGRS Profiles\File Profile\BFileDialog.dll]  [Lenovo Group Limited, 2, 0, 1, 32]
        [C:\windows\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
        [C:\windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [PID: 2580 / SYSTEM][C:\Program Files\Lenovo\IGRS EasyShare\FileShare.exe]  [联想集团有限公司, 1, 0, 2, 24]
        [C:\Program Files\Lenovo\IGRS EasyShare\IGRSAVSDK.dll]  [联想集团有限公司, 1, 0, 1, 50204]
        [C:\windows\system32\IgrsApi.dll]  [Lenovo Group Limited, 1.0.1.195]
        [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
        [C:\Program Files\Lenovo\IGRS EasyShare\QuickDB.dll]  [N/A, ]
    [PID: 2776 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 3068 / LOCAL SERVICE][C:\windows\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 2252 / Owner][D:\Program Files\木马清除***2007\BeatTrojanMon.exe]  [北京盛世京天科技, 3, 2, 3, 2]
        [D:\Program Files\木马清除***2007\BtHelpTwo.dll]  [北京盛世京天科技, 3, 2, 3, 2]
        [D:\Program Files\木马清除***2007\EgHelperOne.dll]  [北京天望科技, 3, 0, 9, 2]
        [D:\Program Files\木马清除***2007\BtHelpFour.dll]  [北京盛世京天科技, 3, 2, 3, 2]
        [D:\Program Files\木马清除***2007\BtHelpOne.dll]  [北京盛世京天科技, 3, 2, 3, 2]
        [D:\Program Files\木马清除***2007\psapi.dll]  [Microsoft Corporation, 5.00.2134.1]
        [D:\Program Files\木马清除***2007\BtHelpThree.dll]  [北京盛世京天科技, 3, 2, 3, 2]
        [D:\Program Files\木马清除***2007\SystemGuardDelete.dll]  [北京天望科技, 3, 0, 9, 2]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
    [PID: 3296 / Owner][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 4.0.0.15]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
    [PID: 3560 / Owner][D:\Program Files\ast\AST.exe]  [DSW Lab, 1.8.5.4]
        [D:\Program Files\ast\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
        [D:\Program Files\ast\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
        [D:\Program Files\ast\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
        [D:\Program Files\ast\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [D:\Program Files\ast\AutoRun.dll]  [ DSW Lab, 2.2]
        [D:\Program Files\ast\Common.dll]  [, 1.4.0.0]
        [D:\Program Files\ast\FileAnalyser.dll]  [DSW Lab, 1.0.1.7]
        [D:\Program Files\ast\KillModule.dll]  [DSW Lab, 1.2.0.0]
        [D:\Program Files\ast\ManagerProcess.dll]  [DSW Lab, 1.3.4.1]
        [D:\Program Files\ast\ManagerService.dll]  [DSW Lab, 1.0.6.0]
        [D:\Program Files\ast\Monitor.dll]  [DSW Lab, 1.7.8.5]
        [D:\Program Files\ast\PortAssociate.dll]  [DSW Lab, 1.0.3.0]
        [D:\Program Files\ast\SSDT.dll]  [DSW Lab, 1.0.2.1]
        [D:\Program Files\ast\TIERepair.dll]  [, 1.2.2.0]
        [D:\Program Files\ast\aScanCom.dll]  [DSW Lab, 2.1.1.4]
        [D:\Program Files\ast\unarc.dll]  [DSW Lab, 1.2.5]
        [D:\Program Files\ast\zDiagnosticTool.dll]  [DSW Lab, 1.2.1.0]
        [D:\Program Files\ast\EngineSDK.dll]  [DSW Lab, 2.3.1.2]
        [D:\Program Files\ast\tRubbishClear.dll]  [DSW Lab, 1.5.2.1]
        [D:\Program Files\ast\tSecurityOptimize.dll]  [DSW Lab, 1.1.0.4]
        [C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll]  [联想集团有限公司, 1, 0, 2, 65]
        [D:\Program Files\ast\SKEngine.dll]  [DSW Lab, 1.6.5.7]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [d:\Program Files\360safe\safemon\safemon.dll]  [, 3, 5, 0, 1001]
    [PID: 2920 / Owner][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
        [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
        [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
        [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
        [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
        [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
    [PID: 168 / Owner][D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe]  [GRISOFT s.r.o., 7, 5, 1, 43]
        [D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll]  [GRISOFT s.r.o., 4, 2, 0, 19]
        [C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll]  [联想集团有限公司, 1, 0, 2, 65]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
    [PID: 1232 / Owner][C:\windows\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll]  [联想集团有限公司, 1, 0, 2, 65]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [C:\windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
        [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
        [C:\Program Files\Common Files\Symantec Shared\ccL30.dll]  [Symantec Corporation, 103.0.7.2]
        [C:\WINDOWS\system32\btncopy.dll]  [Broadcom Corporation., 5.1.0.1700]
        [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
        [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 11.0.16.2]
        [C:\windows\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
        [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
        [C:\WINDOWS\system32\mpg2splt.ax]  [, ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\PCMBM2Splter.ax]  [CyberLink Corp., 2.2.1919  ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\Burner\ppM1Splter.ax]  [CyberLink Corp., 2.2.1919  ]
        [C:\Program Files\CyberLink\Power2Go\P2Gm1spliter.ax]  [CyberLink Corp., 2.3.1309  ]
        [C:\Program Files\CyberLink\Power2Go\MSVCP60.dll]  [Microsoft Corporation, 6.00.8168.0]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\PCMBM1Splter.ax]  [CyberLink Corp., 2.2.1919  ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\Burner\ppM2Splter.ax]  [CyberLink Corp., 2.2.1919  ]
        [C:\Program Files\CyberLink\Power2Go\P2Gm2spliter.ax]  [CyberLink Corp., 2.3.1309  ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\PCMRM2Splter.ax]  [CyberLink Corp., 2.2.2114  ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\EditMovie\MDTLM2Splter.ax]  [CyberLink Corp., 2.2.2213  ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\Burner\ppTLM2Splter.ax]  [CyberLink Corp., 2.2.2104  ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\EditMovie\MDTLM1Splter.ax]  [CyberLink Corp., 2.2.2213  ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\Burner\ppTLM1Splter.ax]  [CyberLink Corp., 2.2.2104  ]
        [d:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
        [C:\Program Files\CyberLink\PowerDVD\NavFilter\CLDemuxer.ax]  [CyberLink Corp., 1.0.3726        ]
        [d:\Program Files\Ringz Studio\Storm Codec\Codecs\PmpSplt.ax]  [cooleyes, 1, 0, 0, 8]
        [C:\Program Files\KMPlayer\AviSplitter.ax]  [Gabest, 1, 0, 0, 7]
        [C:\Program Files\KMPlayer\RadGtSplitter.ax]  [Gabest, 1, 0, 0, 0]
        [d:\Program Files\Ringz Studio\Storm Codec\Codecs\VgmSplt.ax]  [DS USA, Inc, 1, 0, 11, 19]
        [C:\Program Files\KMPlayer\MP4Splitter.ax]  [Gabest, 1, 0, 0, 2]
        [C:\WINDOWS\system32\RealMediaSplitter.ax]  [Gabest, 1, 0, 1, 1]
        [d:\Program Files\Ringz Studio\Storm Codec\Codecs\TTASplt.ax]  [-, 1, 0, 0, 203]
        [C:\Program Files\KMPlayer\FLVSplitter.ax]  [Gabest, 1, 0, 0, 1]
        [C:\Program Files\CyberLink\PowerDVD\NavFilter\clm4splt.ax]  [CyberLink Corp., 1.0.2803  ]
        [C:\Program Files\Lenovo\ShuttleCenter\Kernel\Movie\CLDemuxer.ax]  [CyberLink Corp., 1.0.2728        ]
        [d:\Program Files\Ringz Studio\Storm Codec\Codecs\SHNTrans.ax]  [N/A, ]
        [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8485]
        [C:\windows\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8485]
        [C:\WINDOWS\system32\nvshell.dll]  [, ]
        [d:\Program Files\Eset\nodshex.dll]  [N/A, ]
        [D:\Program Files\Tencent\QQ\qdshm.dll]  [, 1, 0, 101, 20]
        [D:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
        [D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll]  [GRISOFT s.r.o., 7, 5, 1, 36]
        [d:\Program Files\360safe\safemon\safemon.dll]  [, 3, 5, 0, 1001]
        [D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [PID: 208 / Owner][C:\windows\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [d:\Program Files\360safe\safemon\safemon.dll]  [, 3, 5, 0, 1001]
    [PID: 2632 / SYSTEM][C:\Program Files\Eset\nod32krn.exe]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\nod32krr.dll]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\ps_amon.dll]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\ps_dmon.dll]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\pr_dmon.dll]  [N/A, ]
        [C:\Program Files\Eset\ps_emon.dll]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\pr_emon.dll]  [N/A, ]
        [C:\Program Files\Eset\ps_nod32.dll]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\ps_upd.dll]  [Eset , 2, 70, 32 ]
        [C:\Program Files\Eset\pr_upd.dll]  [N/A, ]
        [C:\windows\system32\imon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_imon.dll]  [N/A, ]
    [PID: 2344 / Owner][C:\Program Files\CDMA无线上网卡\wireless.exe]  [, 1, 0, 0, 1]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [PID: 3744 / Owner][D:\Program Files\ESET\nod32kui.exe]  [Eset , 2, 70, 32 ]
        [D:\Program Files\ESET\nod32rui.dll]  [N/A, ]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [d:\Program Files\Eset\pu_amon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pu_dmon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_dmon.dll]  [N/A, ]
        [d:\Program Files\Eset\pu_emon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_emon.dll]  [N/A, ]
        [d:\Program Files\Eset\pu_imon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_imon.dll]  [N/A, ]
        [d:\Program Files\Eset\pu_nod32.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pu_upd.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_upd.dll]  [N/A, ]
        [d:\Program Files\360safe\safemon\safemon.dll]  [, 3, 5, 0, 1001]
    [PID: 616 / Owner][D:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 6, 8, 327]
        [D:\Program Files\Thunder\Program\ThunderEx.dll]  [, 1, 1, 5, 10]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [D:\Program Files\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 26]
        [D:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 16, 2, 108]
        [D:\Program Files\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
        [D:\Program Files\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 16, 2, 108]
        [C:\windows\system32\imon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_imon.dll]  [N/A, ]
        [D:\Program Files\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
        [D:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 0, 18]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [D:\Program Files\Thunder\Program\iTargetAD.dll]  [N/A, ]
        [D:\Program Files\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 36]
        [D:\Program Files\Thunder\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 3, 18]
        [D:\Program Files\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 4, 15]
        [D:\Program Files\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 2, 60]
        [D:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
        [C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll]  [联想集团有限公司, 1, 0, 2, 65]
        [D:\Program Files\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
        [D:\Program Files\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
        [D:\Program Files\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 9]
        [D:\Program Files\Thunder\Plugins\TingTing\TingTing.dll]  [Thunder Networking Technologies,LTD, 1, 2, 2, 13]
        [D:\Program Files\Thunder\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
        [D:\Program Files\Thunder\Plugins\GouGouTop\GouGouTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
        [D:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 20]
        [D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
        [D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
        [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 11.0.16.2]
        [C:\windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
        [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
        [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 11.0.16.2]
        [C:\Program Files\Common Files\Symantec Shared\ccL30.dll]  [Symantec Corporation, 103.0.7.2]
        [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.0.7.2]
    [PID: 3276 / Owner][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [C:\windows\system32\KakaTool.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.4]
        [C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll]  [联想集团有限公司, 1, 0, 2, 65]
        [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 11.0.16.2]
        [C:\windows\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
        [C:\windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
        [C:\windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
        [C:\Program Files\Common Files\Symantec Shared\ccL30.dll]  [Symantec Corporation, 103.0.7.2]
        [C:\Program Files\Common Files\Kingsoft\Extract\AddIns\IEBand.dll]  [金山软件股份有限公司, 6, 0, 0, 0]
        [C:\Program Files\Common Files\Kingsoft\Extract\KSVoice.dll]  [N/A, ]
        [C:\Program Files\Common Files\Kingsoft\Extract\KSEngine.dll]  [金山软件有限公司, 2, 0, 1, 0]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [C:\Program Files\Kingsoft\Powerword 2007\DictionaryManager.dll]  [Kingsoft Co, Ltd., 1, 0, 0, 1]
        [D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
        [D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
        [C:\windows\system32\imon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_imon.dll]  [N/A, ]
        [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 11.0.16.2]
        [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 11.0.16.2]
        [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.0.7.2]
        [d:\Program Files\360safe\safemon\safemon.dll]  [, 3, 5, 0, 1001]
    [PID: 3996 / Owner][d:\Program Files\360safe\safemon\360Tray.exe]  [奇虎网, 3, 5, 2, 1001]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [d:\Program Files\360safe\safemon\safemon.dll]  [, 3, 5, 0, 1001]
        [d:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 3, 5, 0, 1001]
        [d:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 3, 5, 1, 1001]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [PID: 1264 / Owner][C:\Documents and Settings\Owner\桌面\新建文件夹\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
        [d:\Program Files\360safe\safemon\safemon.dll]  [, 3, 5, 0, 1001]
        [D:\Program Files\ast\AST.dll]  [DSW Lab, 1.0.0.2]
        [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
        [C:\Documents and Settings\Owner\桌面\新建文件夹\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
        [C:\windows\system32\imon.dll]  [Eset , 2, 70, 32 ]
        [d:\Program Files\Eset\pr_imon.dll]  [N/A, ]

    ==================================
    文件关联
    .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
    .EXE  OK. ["%1" %*]
    .COM  OK. ["%1" %*]
    .PIF  OK. ["%1" %*]
    .REG  OK. [regedit.exe "%1"]
    .BAT  OK. ["%1" %*]
    .SCR  OK. ["%1" /S]
    .CHM  OK. ["C:\windows\hh.exe" %1]
    .HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
    .INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
    .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
    .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
    .JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
    .LNK  OK. [{00021401-0000-0000-C000-000000000046}]

    ==================================
    Winsock 提供者
    NOD32 protected [MSAFD Tcpip [TCP/IP]]
        C:\windows\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
    NOD32 protected [MSAFD Tcpip [UDP/IP]]
        C:\windows\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
    NOD32 protected [MSAFD Tcpip [RAW/IP]]
        C:\windows\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
    NOD32 protected [RSVP UDP Service Provider]
        C:\windows\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
    NOD32 protected [RSVP TCP Service Provider]
        C:\windows\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
    NOD32
        C:\windows\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)

    ==================================
    Autorun.inf
    N/A

    ==================================
    HOSTS 文件
    127.0.0.1      localhost
    127.0.0.1    89382.cn
    127.0.0.1    97725.com
    127.0.0.1    43242.com
    127.0.0.1    gualeifafksajof.43242.com
    127.0.0.1    jiaofei123.140.tofor.com
    127.0.0.1    ben666888.www1.910idc.com
    127.0.0.1    pchorne.com
    127.0.0.1    www.ctv163.com
    127.0.0.1    www.aiaiso.com
    127.0.0.1    cool.47555.com
    127.0.0.1    guajfskajiw.43242.com
    127.0.0.1    www.3448.com
    127.0.0.1    pkdown.3322.org
    127.0.0.1    ddos2.sz45.com
    127.0.0.1    www.113678.com
    127.0.0.1    www.1861.sh
    127.0.0.1    www.x44.cn
    127.0.0.1    www.799789.com
    127.0.0.1    www.zhengdian.com
    127.0.0.1    www.9000music.com
    127.0.0.1    girlchinese.com
    127.0.0.1    www.yibinren.com
    127.0.0.1    www.mtv51.com
    127.0.0.1    www.163[1].com
    127.0.0.1    www.37021.com
    127.0.0.1    www.cnqb.net
    127.0.0.1    www.qq3344.com
    127.0.0.1    www.qq3344.net
    127.0.0.1    youlove.3322.net
    127.0.0.1    www.58589.com
    127.0.0.1    tty.yyun.net
    127.0.0.1    www.ftlink.net
    127.0.0.1    home.kimo.com.tw
    127.0.0.1    www.pixpox.com
    127.0.0.1    www.k163.com
    127.0.0.1    www.dj3344.com
    127.0.0.1    www.yysky.net
    127.0.0.1    61.145.117.212
    127.0.0.1    ResponseMedia-ad.flycast.com
    127.0.0.1    Suissa-ad.flycast.com
    127.0.0.1    UGO.eu-adcenter.net
    127.0.0.1    VNU.eu-adcenter.net
    127.0.0.1    a32.g.a.yimg.com
    127.0.0.1    ad-adex3.flycast.com
    127.0.0.1    ad.adsmart.net
    127.0.0.1    ad.ca.doubleclick.net
    127.0.0.1    ad.de.doubleclick.net
    127.0.0.1    ad.doubleclick.net
    127.0.0.1    ad.fr.doubleclick.net
    127.0.0.1    ad.jp.doubleclick.net
    127.0.0.1    ad.linkexchange.com
    127.0.0.1    ad.linksynergy.com
    127.0.0.1    ad.nl.doubleclick.net
    127.0.0.1    ad.no.doubleclick.net
    127.0.0.1    ad.preferences.com
    127.0.0.1    ad.sma.punto.net
    127.0.0.1    ad.uk.doubleclick.net
    127.0.0.1    ad.webprovider.com
    127.0.0.1    ad08.focalink.com
    127.0.0.1    adcontroller.unicast.com
    127.0.0.1    adcreatives.imaginemedia.com
    127.0.0.1    adforce.ads.imgis.com
    127.0.0.1    adforce.imgis.com
    127.0.0.1    adfu.blockstackers.com
    127.0.0.1    adimage.blm.net
    127.0.0.1    adimages.earthweb.com
    127.0.0.1    adimg.egroups.com
    127.0.0.1    admedia.xoom.com
    127.0.0.1    adpick.switchboard.com
    127.0.0.1    adremote.pathfinder.com
    127.0.0.1    ads.admaximize.com
    127.0.0.1    ads.bfast.com
    127.0.0.1    ads.clickhouse.com
    127.0.0.1    ads.enliven.com
    127.0.0.1    ads.fairfax.com.au
    127.0.0.1    ads.fool.com
    127.0.0.1    ads.freshmeat.net
    127.0.0.1    ads.hollywood.com
    127.0.0.1    ads.i33.com
    127.0.0.1    ads.infi.net
    127.0.0.1    ads.jwtt3.com
    127.0.0.1    ads.link4ads.com
    127.0.0.1    ads.lycos.com
    127.0.0.1    ads.madison.com
    127.0.0.1    ads.mediaodyssey.com
    127.0.0.1    ads.msn.com
    127.0.0.1    ads.ninemsn.com.au
    127.0.0.1    ads.seattletimes.com
    127.0.0.1    ads.smartclicks.com
    127.0.0.1    ads.smartclicks.net
    127.0.0.1    ads.sptimes.com
    127.0.0.1    ads.tripod.com
    127.0.0.1    ads.web.aol.com
    127.0.0.1    ads.x10.com
    127.0.0.1    ads.xtra.co.nz
    127.0.0.1    ads.zdnet.com
    127.0.0.1    ads01.focalink.com
    127.0.0.1    ads02.focalink.com
    127.0.0.1    ads03.focalink.com
    127.0.0.1    ads04.focalink.com
    127.0.0.1    ads05.focalink.com
    127.0.0.1    ads06.focalink.com
    127.0.0.1    ads08.focalink.com
    127.0.0.1    ads09.focalink.com
    127.0.0.1    ads1.activeagent.at
    127.0.0.1    ads10.focalink.com
    127.0.0.1    ads11.focalink.com
    127.0.0.1    ads12.focalink.com
    127.0.0.1    ads14.focalink.com
    127.0.0.1    ads16.focalink.com
    127.0.0.1    ads17.focalink.com
    127.0.0.1    ads18.focalink.com
    127.0.0.1    ads19.focalink.com
    127.0.0.1    ads2.zdnet.com
    127.0.0.1    ads20.focalink.com
    127.0.0.1    ads21.focalink.com
    127.0.0.1    ads22.focalink.com
    127.0.0.1    ads23.focalink.com
    127.0.0.1    ads24.focalink.com
    127.0.0.1    ads25.focalink.com
    127.0.0.1    ads3.zdnet.com
    127.0.0.1    ads5.gamecity.net
    127.0.0.1    adserv.iafrica.com
    127.0.0.1    adserv.quality-channel.de
    127.0.0.1    adserver.dbusiness.com
    127.0.0.1    adserver.garden.com
    127.0.0.1    adserver.janes.com
    127.0.0.1    adserver.merc.com
    127.0.0.1    adserver.monster.com
    127.0.0.1    adserver.track-star.com
    127.0.0.1    adserver1.ogilvy-interactive.de
    127.0.0.1    adtegrity.spinbox.net
    127.0.0.1    antfarm-ad.flycast.com
    127.0.0.1    au.ads.link4ads.com
    127.0.0.1    banner.media-system.de
    127.0.0.1    banner.orb.net
    127.0.0.1    banner.relcom.ru
    127.0.0.1    banners.easydns.com
    127.0.0.1    banners.looksmart.com
    127.0.0.1    banners.wunderground.com
    127.0.0.1    barnesandnoble.bfast.com
    127.0.0.1    beseenad.looksmart.com
    127.0.0.1    bizad.nikkeibp.co.jp
    127.0.0.1    bn.bfast.com
    127.0.0.1    c3.xxxcounter.com
    127.0.0.1    califia.imaginemedia.com
    127.0.0.1    cds.mediaplex.com
    127.0.0.1    click.avenuea.com
    127.0.0.1    click.go2net.com
    127.0.0.1    click.linksynergy.com
    127.0.0.1    cookies.cmpnet.com
    127.0.0.1    cornflakes.pathfinder.com
    127.0.0.1    counter.hitbox.com
    127.0.0.1    crux.songline.com
    127.0.0.1    erie.smartage.com
    127.0.0.1    etad.telegraph.co.uk
    127.0.0.1    fp.valueclick.com
    127.0.0.1    gadgeteer.pdamart.com
    127.0.0.1    gm.preferences.com
    127.0.0.1    gp.dejanews.com
    127.0.0.1    hg1.hitbox.com
    127.0.0.1    image.click2net.com
    127.0.0.1    image.eimg.com
    127.0.0.1    images2.nytimes.com
    127.0.0.1    jobkeys.ngadcenter.net
    127.0.0.1    kansas.valueclick.com
    127.0.0.1    leader.linkexchange.com
    127.0.0.1    liquidad.narrowcastmedia.com
    127.0.0.1    ln.doubleclick.net
    127.0.0.1    m.doubleclick.net
    127.0.0.1    macaddictads.snv.futurenet.com
    127.0.0.1    maximumpcads.imaginemedia.com
    127.0.0.1    media.preferences.com
    127.0.0.1    mercury.rmuk.co.uk
    127.0.0.1    mojofarm.sjc.mediaplex.com
    127.0.0.1    nbc.adbureau.net
    127.0.0.1    newads.cmpnet.com
    127.0.0.1    ng3.ads.warnerbros.com
    127.0.0.1    ngads.smartage.com
    127.0.0.1    nsads.hotwired.com
    127.0.0.1    ntbanner.digitalriver.com
    127.0.0.1    ph-ad05.focalink.com
    127.0.0.1    ph-ad07.focalink.com
    127.0.0.1    ph-ad16.focalink.com
    127.0.0.1    ph-ad17.focalink.com
    127.0.0.1    ph-ad18.focalink.com
    127.0.0.1    realads.realmedia.com
    127.0.0.1    redherring.ngadcenter.net
    127.0.0.1    redirect.click2net.com
    127.0.0.1    regio.adlink.de
    127.0.0.1    retaildirect.realmedia.com
    127.0.0.1    s2.focalink.com
    127.0.0.1    sh4sure-images.adbureau.net
    127.0.0.1    spin.spinbox.net
    127.0.0.1    static.admaximize.com
    127.0.0.1    stats.superstats.com
    127.0.0.1    sview.avenuea.com
    127.0.0.1    thinknyc.eu-adcenter.net
    127.0.0.1    tracker.clicktrade.com
    127.0.0.1    tsms-ad.tsms.com
    127.0.0.1    v0.extreme-dm.com
    127.0.0.1    v1.extreme-dm.com
    127.0.0.1    van.ads.link4ads.com
    127.0.0.1    view.accendo.com
    127.0.0.1    w113.hitbox.com
    127.0.0.1    w25.hitbox.com
    127.0.0.1    web2.deja.com
    127.0.0.1    webads.bizservers.com
    127.0.0.1    www.PostMasterBannerNet.com
    127.0.0.1    www.ad-up.com
    127.0.0.1    www.admex.com
    127.0.0.1    www.alladvantage.com
    127.0.0.1    www.burstnet.com
    127.0.0.1    www.commission-junction.com
    127.0.0.1    www.eads.com
    127.0.0.1    www.freestats.com
    127.0.0.1    www.imaginemedia.com
    127.0.0.1    www.excitecity.com
    127.0.0.1    www.0xing.com
    127.0.0.1    sba.3322.net
    127.0.0.1    www.zgxl.net
    127.0.0.1    www.qqpic.com
    127.0.0.1    webspacecn.com
    127.0.0.1    www.yeapple.com
    127.0.0.1    manage.link8.com
    127.0.0.1    www.web888.org
    127.0.0.1    www.432.cn
    127.0.0.1    www.kan123.com
    127.0.0.1    www.3tom.com
    127.0.0.1    www.sotop.com
    127.0.0.1    www3.7789.com
    127.0.0.1    www.66036.com
    127.0.0.1    www1.66036.com
    127.0.0.1    www2.66036.com
    127.0.0.1    www3.66036.com
    127.0.0.1    www4.66036.com
    127.0.0.1    www5.66036.com
    127.0.0.1    www6.66036.com
    127.0.0.1    www7.66036.com
    127.0.0.1    www8.66036.com
    127.0.0.1    www9.66036.com
    127.0.0.1    www10.66036.com
    127.0.0.1    tj4.7789.com
    127.0.0.1    tj5.7789.com
    127.0.0.1    tj6.7789.com
    127.0.0.1    tj7.7789.com
    127.0.0.1    www.7789.com
    127.0.0.1    count.zhao123.com
    127.0.0.1    count1.zhao123.com
    127.0.0.1    count2.zhao123.com
    127.0.0.1    count3.zhao123.com
    127.0.0.1    count4.zhaocount.com
    127.0.0.1    count5.zhaocount.com
    127.0.0.1    count6.zhaocount.com
    127.0.0.1    count7.zhaocount.com
    127.0.0.1    count8.zhaocount.com
    127.0.0.1    count9.zhaocount.com
    127.0.0.1    count10.zhaocount.com
    127.0.0.1    count11.zhaocount.com
    127.0.0.1    tj1.mytongji.com
    127.0.0.1    count1.99count.com
    127.0.0.1    www.99count.com
    127.0.0.1    bar.baidu.com
    127.0.0.1    www2.7789.com
    127.0.0.1    www.guang.org
    127.0.0.1    www.dlmovie.com
    127.0.0.1    www.91look.com
    127.0.0.1    www.kan51.com
    127.0.0.1    www.mewo.com
    127.0.0.1    coolsite21.com
    127.0.0.1    www.t3j4.com
    127.0.0.1    www.yun8.com
    127.0.0.1    film.yun8.com
    127.0.0.1    www.wo123.com
    127.0.0.1    www.da123.com
    127.0.0.1    www.huole.com
    127.0.0.1    www.1ya.cn
    127.0.0.1    www.sleazydream.com
    127.0.0.1    www.easypic2.com
    127.0.0.1    serv.sexushost.com
    127.0.0.1    www.xfreehosting.com
    127.0.0.1    www.888txt.com
    127.0.0.1    asiafriendfinder.com
    127.0.0.1    www3.cool168.com
    127.0.0.1    www2.cool168.com
    127.0.0.1    www1.cool168.com
    127.0.0.1    www.happy8.cn
    127.0.0.1    www.topsex2k.com
    127.0.0.1    topxxx.sexushost.com
    127.0.0.1    www.cool168.com
    127.0.0.1    www.s6.cn
    127.0.0.1    popme.163.com
    127.0.0.1    adclient.163.com
    127.0.0.1    fadama.com
    127.0.0.1    www.114.com.cn
    127.0.0.1    chat.263.net
    127.0.0.1    loveliao.net
    127.0.0.1    www.woliao.net
    127.0.0.1    www.woliao.com
    127.0.0.1    www.kuro.com.cn
    127.0.0.1    www.qq163.com
    127.0.0.1    www.wangzhiku.com
    127.0.0.1    hothack.home.chinaren.com
    127.0.0.1    www.777888.com
    127.0.0.1    www.5dsoft.com
    127.0.0.1    www.wokoo.net
    127.0.0.1    movie.sx.zj.cn
    127.0.0.1    xyxy68.8u8.net
    127.0.0.1    www.youmiss.com
    127.0.0.1    www.cctv8.net
    127.0.0.1    www.kuliao.com
    127.0.0.1    www.yyqy.com
    127.0.0.1    www.sunvod.com
    127.0.0.1    www.t168.com
    127.0.0.1    www.coolcdrom.com
    127.0.0.1    www.girl008.com
    127.0.0.1    xajh.15888.net
    127.0.0.1    www.51bug.com
    127.0.0.1    www.wplune.com
    127.0.0.1    www.777888.net
    127.0.0.1    pollen.my001.net
    127.0.0.1    www.yule21.com
    127.0.0.1    www.fish3000.com
    127.0.0.1    www.666e.com
    127.0.0.1    qm.8ok.com
    127.0.0.1    www.guosir.ccoo.com
    127.0.0.1    www.163mm.com
    127.0.0.1    www.cnooo.com
    127.0.0.1    www.es158.com
    127.0.0.1    www.aisa-girl.net
    127.0.0.1    www.boliwu.com
    127.0.0.1    www.89005.com
    127.0.0.1    www.cctv1.net
    127.0.0.1    www.play.cn.gs
    127.0.0.1    newyouth.3322.net
    127.0.0.1    chinabdkx.363.net
    127.0.0.1    www.zknew.com
    127.0.0.1    www.dhchao.com
    127.0.0.1    www.top666.net
    127.0.0.1    www.amoisonic.com
    127.0.0.1    www.markguide.com
    127.0.0.1    www.xyxc.ccoo.com
    127.0.0.1    www.flyingwalk.com
    127.0.0.1    www.yezine.net
    127.0.0.1    www.mmgirls.com
    127.0.0.1    www.wa***.net
    127.0.0.1    www.net5w.com
    127.0.0.1    www.fbstu.com
    127.0.0.1    www.qlwl.com
    127.0.0.1    www.yinshang.com
    127.0.0.1    www.ncunet.com
    127.0.0.1    www.555666.net
    127.0.0.1    www.fm1058.cc
    127.0.0.1    meim.y365.com
    127.0.0.1    www.qq520.net
    127.0.0.1    jjkafei.longcity.net
    127.0.0.1    chow.yesky.net
    127.0.0.1    oicq.hk.st
    127.0.0.1    www.my288.com
    127.0.0.1    www.laws-online.net
    127.0.0.1    www.hj168.net
    127.0.0.1    16888.6to23.com
    127.0.0.1    www.love520.net
    127.0.0.1    www.qq520.com
    127.0.0.1    www.ezhgc.com
    127.0.0.1    www.eastedu.com.cn
    127.0.0.1    www.435000.com
    127.0.0.1    sdik.8ok.net
    127.0.0.1    feiying.coolwww.net
    127.0.0.1    zhongxuesheng.myrice.com
    127.0.0.1    www.yes9999.com   
    127.0.0.1    www.nnptt.com
    127.0.0.1    vod.hengshui.com
    127.0.0.1    tv.megajoy.com
    127.0.0.1    www.h444.net
    127.0.0.1    update.myxq.com
    127.0.0.1    www.qq168.net  
    127.0.0.1    www.777888.com  
    127.0.0.1    www.5dsoft.com  
    127.0.0.1    movie.sx.zj.cn   
    127.0.0.1    www.yeapple.com  
    127.0.0.1    winzheng.126.com
    127.0.0.1    www.boliwo.com
    127.0.0.1    www.pk.com
    127.0.0.1    www.unionsky.cn
    127.0.0.1    www.allyes.com
    127.0.0.1    www.xxx.com
    127.0.0.1    204.177.92.68
    127.0.0.1    www.fassia.net        
    127.0.0.1    www.jinpin.net        
    127.0.0.1    www.happy666.net
    127.0.0.1    www.myxq.com
    127.0.0.1    dvd.qq92.com
    127.0.0.1    www.16yi.com
    127.0.0.1    www.ye77.com
    127.0.0.1    www.7sese.com
    127.0.0.1    www.1yin.net
    127.0.0.1    www.77ttt.com
    127.0.0.1    www.7mao.com
    127.0.0.1    www.mydj2005.com
    127.0.0.1    www.vv78.com
    127.0.0.1    www.v119.com
    127.0.0.1    100.332233.com
    127.0.0.1    www.cashbackbuddy.com
    127.0.0.1    www.10uu.com
    127.0.0.1    fly950.nease.net

    ==================================
    进程特权扫描
    特殊特权被允许: SeLoadDriverPrivilege [PID = 1572, C:\PROGRAM FILES\LENOVO\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE]
    特殊特权被允许: SeLoadDriverPrivilege [PID = 1584, C:\PROGRAM FILES\LENOVO\SHUTTLECENTER\KERNEL\TV\CLCAPSVC.EXE]
    特殊特权被允许: SeDebugPrivilege [PID = 3560, D:\PROGRAM FILES\AST\AST.EXE]
    特殊特权被允许: SeLoadDriverPrivilege [PID = 3560, D:\PROGRAM FILES\AST\AST.EXE]
    特殊特权被允许: SeLoadDriverPrivilege [PID = 2344, C:\PROGRAM FILES\CDMA无线上网卡\WIRELESS.EXE]
    特殊特权被允许: SeLoadDriverPrivilege [PID = 3744, D:\PROGRAM FILES\ESET\NOD32KUI.EXE]
    特殊特权被允许: SeLoadDriverPrivilege [PID = 616, D:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]
    特殊特权被允许: SeDebugPrivilege [PID = 3996, D:\PROGRAM FILES\360SAFE\SAFEMON\360TRAY.EXE]
    特殊特权被允许: SeLoadDriverPrivilege [PID = 3996, D:\PROGRAM FILES\360SAFE\SAFEMON\360TRAY.EXE]

    ==================================
    API HOOK
    N/A

    ==================================
    隐藏进程
    N/A

    ==================================


    [/CODE]

    这个吗?
    [ 此贴被hujian在2007-07-10 19:35重新编辑 ]
    顶端 Posted: 2007-07-10 19:29 | 6 楼
    hujian
    级别: 资深会员


    精华: 0
    发帖: 220
    威望: 1163 点
    风云币: 4085 元
    专家分: 0 分
    在线时间:274(小时)
    注册时间:2007-02-21
    最后登录:2021-11-10
    引用 推荐 编辑 只看 复制

     

    绿色的江民我试过了没用

    VAG进安全模式我不会啊
    请说详细一点
    最好有过程
    顶端 Posted: 2007-07-10 21:10 | 7 楼
    magic1
    蚊香
    级别: F.Y.C成员


    精华: 0
    发帖: 2168
    威望: 667 点
    风云币: 3219 元
    专家分: 81 分
    在线时间:319(小时)
    注册时间:2007-01-12
    最后登录:2008-04-30
    引用 推荐 编辑 只看 复制

     

    从日志看没有问题了

    病毒体已被删除,,,只是被感染了很多exe.....估计也很难修复的了..

    尝试用Anit-Virus Tools修复,注意升级到最新下载地址http://www.chenoe.com/AntiVirus/
    如暂无法修复,请等几天升级后再尝试
    WwW.XPi386.Com.CN
    顶端 Posted: 2007-07-10 22:26 | 8 楼
    帖子浏览记录 版块浏览记录
    风云小站 » 『 求助专区 』
    感谢,曾经的版主
    Total 0.048933(s) query 6, Time now is:11-05 18:45, Gzip enabled 渝ICP备20004412号-1

    Powered by PHPWind v6.3.2 Certificate Code © 2003-07 PHPWind.com Corporation     Skin by Chen Bo