MailSkinner.rtk怎么杀？

显示全部楼层 · 发表于 2007-9-27 18:13:50

avg和kis7查不出来，spybot报告有但删不掉。手动删除相应键值开机后又恢复了，请问如何解决？

--- Search result list ---
MailSkinner.rtk: [SBI $68FD185E] Root class (注册表键, fixing failed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OutlookAddin.Addin
MailSkinner.rtk: [SBI $68FD185E] Root class (注册表键, fixing failed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OutlookAddin.Addin.1
MailSkinner.rtk: [SBI $68FD185E] Class ID (注册表键, fixing failed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C704648D-6030-47E9-ADBA-1E13B6A784AE}
MailSkinner.rtk: [SBI $68FD185E] Root class (注册表键, fixed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OutlookAddin.Addin.1
MailSkinner.rtk: [SBI $68FD185E] Class ID (注册表键, fixed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C704648D-6030-47E9-ADBA-1E13B6A784AE}
MailSkinner.rtk: [SBI $68FD185E] Root class (注册表键, fixed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OutlookAddin.Addin
MailSkinner.rtk: [SBI $6DA3251B] 设置 (注册表键, fixed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\OutlookAddin.Addin

--- Spybot - Search & Destroy version: 1.5  (build: 20070830) ---
2007-08-31 blindman.exe (1.0.0.6)
2007-08-31 SDMain.exe (1.0.0.4)
2007-08-31 SDUpdate.exe (1.0.6.4)
2007-08-31 SDWinSec.exe (1.0.0.8)
2007-08-31 SpybotSD.exe (1.5.1.15)
2007-08-31 TeaTimer.exe (1.5.0.9)
2007-09-26 unins000.exe (51.46.0.0)
2007-08-31 Update.exe (1.4.0.5)
2007-08-31 advcheck.dll (1.5.3.0)
2007-04-02 aports.dll (2.1.0.0)
2007-04-02 DelZip179.dll (1.79.5.3)
2007-08-31 SDHelper.dll (1.5.0.8)
2007-08-31 Tools.dll (2.1.2.0)
2007-09-26 Includes\Cookies.sbi (*)
2007-07-25 Includes\Dialer.sbi (*)
2007-09-26 Includes\DialerC.sbi (*)
2007-08-29 Includes\Hijackers.sbi (*)
2007-09-26 Includes\HijackersC.sbi (*)
2007-07-25 Includes\Keyloggers.sbi (*)
2007-09-26 Includes\KeyloggersC.sbi (*)
2007-09-12 Includes\Malware.sbi (*)
2007-09-26 Includes\MalwareC.sbi (*)
2007-09-05 Includes\PUPS.sbi (*)
2007-09-26 Includes\PUPSC.sbi (*)
2007-09-26 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-09-26 Includes\SecurityC.sbi (*)
2007-09-12 Includes\Spybots.sbi (*)
2007-09-26 Includes\SpybotsC.sbi (*)
2007-08-21 Includes\Tracks.uti
2007-09-12 Includes\Trojans.sbi (*)
2007-09-26 Includes\TrojansC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll

显示全部楼层 · 发表于 2007-9-27 18:16:46

Logfile of HijackThis v1.97.2
Scan saved at 18:15:50, on 2007-9-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\360safe\safemon\360tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\EmEditor\EMEDITOR.EXE
D:\Program Files\Maxthon2\Maxthon.exe
D:\greensoft\PrcMgr\PrcMgr\PrcMgr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
D:\Program Files\Internet Download Manager\IDMan.exe
D:\greensoft\RegistryWorkshop-v3.01\RegWorkshop.exe
D:\greensoft\HijackThis.exe

O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - d:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360safe\safemon\safemon.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "d:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [360Safetray] C:\Program Files\360safe\safemon\360tray.exe /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Startup: ntuser.pol
O4 - Startup: NTUSER.DAT_TU_12212.LOG
O4 - Startup: NTUSER.DAT_BAK_12212
O4 - Startup: Recent.000
O4 - Startup: dxva_sig.txt
O4 - Startup: NTUSER.DAT.rctemp.LOG
O4 - Startup: NTUSER.DAT.rcbak
O4 - Startup: NTUSER.DAT
O4 - Global Startup: ntuser.dat
O4 - Global Startup: ntuser.dat.LOG
O8 - Extra context menu item: &使用快车(FlashGet)下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - D:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Web&2Pic Pro - D:\greensoft\ha_web2picpro121\dll\web2pic_url.htm
O8 - Extra context menu item: 使用迅雷下载 - d:\Program Files\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - d:\Program Files\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 设为 Messenger Live 头像 - \SetMSNDP.htm
O9 - Extra button: Web Anti-Virus statistics (HKLM)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration (HKLM)
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/wind ... e.cab?1174189161609
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com ... rrent/ultrashim.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB78DD48-62D1-4442-873C-BB6E9787B41A}: NameServer = 202.102.134.68 202.102.128.68

显示全部楼层 · 发表于 2007-9-27 18:34:48

http://zhidao.baidu.com/question/32154685.html
看看这个能行不？只能帮你这么多了。不好意思～

显示全部楼层 · 发表于 2007-9-27 18:40:02

你用hj扫日志我不说什么，但是你居然还用1.97的版本扫还真是久远啊。。。
扫个sreng日志上来：

下载执行System Repair Engineer (SREng)

按「智能扫描」，再按「扫描」
最后，按「保存报告」，保存到桌面
将 SREngLOG.log 中内容完整的复制粘贴到论坛上来(快捷提示：ctrl+a全选，ctrl+c复制,ctrl+v粘贴)，不要做任何修改。
如出现无法运行，请重命名或修改扩展名，如abc.exe/abc.com/abc.bat/abc.scr等

显示全部楼层 · 发表于 2007-9-27 18:45:34

[CODE]

2007-09-27,18:34:15

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Publisher]
<amd_dc_opt><C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe>  [AMD]
<!AVG Anti-Spyware><"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [(Verified)GRISOFT LTD]
<AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe">  [(Verified)Kaspersky Lab]
<Adobe Reader Speed Launcher><"d:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe">  [(Verified)"Adobe Systems, Incorporated"]
<360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [奇虎网]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
<UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
<IFEO[taskmgr.exe]><D:\greensoft\PrcMgr\PrcMgr\PrcMgr.exe>  [www.jpexe.com]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\DREAMA~1.SCR>  []

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.>
[Kaspersky Internet Security 7.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab>
[Help and Support / helpsvc][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Stopped/Disabled]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag][Stopped/Manual Start]
  <C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
  <"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><>

==================================
驱动程序
[1189015 / 1189015][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\1189000.sys><N/A>
[AMD Processor Driver / AmdK8][Running/System Start]
  <System32\drivers\amdk8.sys><Advanced Micro Devices>
[AMD Low Level Device Driver / AmdLLD][Running/Manual Start]
  <system32\DRIVERS\AmdLLD.sys><AMD, Inc.>
[AVG Anti-Rootkit / AVG Anti-Rootkit][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\avgarkt.sys><GRISOFT, s.r.o.>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
[Avg Anti-Rootkit Clean Driver / AvgArCln][Running/System Start]
  <System32\DRIVERS\AvgArCln.sys><GRISOFT, s.r.o.>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[ghostsec / ghostsec][Running/Auto Start]
  <\??\C:\Program Files\GhostSecuritySuite\ghostsec.sys><Ghost Security>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[NetChina Packet Capture Service / NCIPHOOK][Running/Manual Start]
  <system32\DRIVERS\nciphook.sys><NetChina Corporation>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><NetGroup - Politecnico di Torino>
[NTGDT / NTGDT][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\NTGDT.SYS><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[pgfilter / pgfilter][Stopped/Manual Start]
  <\??\C:\Program Files\PeerGuardian\pgfilter.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[vmfilter303 / vmfilter303][Stopped/Manual Start]
  <system32\drivers\vmfilter303.sys><Vimicro Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[XScanPF / XScanPF][Stopped/Manual Start]
  <\??\D:\greensoft\X-Scan-v3.3-cn\dat\xpf.sys><N/A>
[ANC USB PC Camera (Vimicro301 Neptune) / ZSMC303][Stopped/Manual Start]
  <System32\Drivers\usbVM303.sys><Vimicro Corporation>

==================================
浏览器加载项
[Thunder Browser Helper]
  {0055C088-8582-441B-A0BF-17B458C2A3A8} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[IDMIEHlprObj Class]
  {0055C089-8582-441B-A0BF-17B458C2A3A8} <D:\Program Files\Internet Download Manager\IDMIECC.dll, Tonec Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Spybot-S&D IE Protection]
  {53707962-6F74-2D53-2644-206D7942484F} <D:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
[Web Anti-Virus statistics]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll, Kaspersky Lab>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\Program Files\FlashGet\FlashGet.exe, FlashGet.com>
[Spybot-S&D IE Protection]
  {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <D:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <C:\WINDOWS\system32\macromed\download\Download.dll, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[Spybot-S&D IE Protection]
  {53707962-6F74-2D53-2644-206D7942484F} <D:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360safe.com>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
[FGAutoLive]
  {F90D830D-C175-4bbe-82C7-FF94669A4C42} <D:\Program Files\FlashGet\fgupdate.dll, www.flashget.com>
[&V使用Vagaa哇嘎下载]
  <DA724-162B-11D3-8B9B-AA70B4B0B524}, N/A>
[&使用快车(FlashGet)下载]
  <D:\Program Files\FlashGet\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <D:\Program Files\FlashGet\jc_all.htm, N/A>
[Add to Anti-Banner]
  <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm, N/A>
[Download All Links with IDM]
  <D:\Program Files\Internet Download Manager\IEGetAll.htm, N/A>
[Download FLV video content with IDM]
  <D:\Program Files\Internet Download Manager\IEGetVL.htm, N/A>
[Download with IDM]
  <D:\Program Files\Internet Download Manager\IEExt.htm, N/A>
[Web&2Pic Pro]
  <D:\greensoft\ha_web2picpro121\dll\web2pic_url.htm, N/A>
[使用迅雷下载]
  <D:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Program Files\Thunder\Program\getallurl.htm, N/A>
[在RSS Bandit订阅]
  <, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[设为 Messenger Live 头像]
  <\SetMSNDP.htm, N/A>

==================================

显示全部楼层 · 发表于 2007-9-27 18:46:01

正在运行的进程
[PID: 1624][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1848][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1968][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2044][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 160][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 404][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 472][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
[C:\WINDOWS\system32\idmmbc.dll]  [Tonec Inc., 5, 11, 0, 4]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 704][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
[C:\WINDOWS\system32\idmmbc.dll]  [Tonec Inc., 5, 11, 0, 4]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 820][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
[C:\WINDOWS\system32\idmmbc.dll]  [Tonec Inc., 5, 11, 0, 4]
[PID: 1904][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 272][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.1.51.0]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, Inc., 17.1.51.0]
[C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll]  [Autodesk, 17.1.51.0]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.1.0.0]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 8.0.0.0]
[C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
[C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9371]
[C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9371]
[C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
[C:\WINDOWS\system32\nvshell.dll]  [, ]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.125]
[d:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.7]
[d:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 8.0.0.2006102200]
[D:\PROGRA~1\SPYBOT~1\SDHelper.dll]  [Safer Networking Limited, 1, 5, 0, 8]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\dfshim.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\Program Files\Common Files\Autodesk Shared\dwf Common\DWFShellExtensionRes.dll]  [Autodesk, Inc., 1.1.0.341]
[D:\PROGRA~1\OOSOFT~1\DEFRAG~1\oodsh.dll]  [O&O Software GmbH, 10.0.2.3255]
[D:\PROGRA~1\OOSOFT~1\DEFRAG~1\OODSHRS.DLL]  [O&O Software GmbH, 10.0.12.1627]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ShellEx.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\contmenu.dll]  [N/A, ]
[C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll]  [TuneUp Software GmbH, 2.0.0.4]
[C:\Program Files\PowerISO\PWRISOSH.DLL]  [PowerISO Computing, Inc., 3, 4, 0, 0]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll]  [GRISOFT s.r.o., 7, 5, 1, 36]
[C:\Program Files\7-Zip\7-zip.dll]  [N/A, ]
[C:\Program Files\Windows Live\Messenger\fsshext.8.5.1288.0816.dll]  [Microsoft Corporation, 8.5.1288.0816]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 2008][C:\Program Files\360safe\safemon\360tray.exe]  [奇虎网, 3, 6, 3, 1001]
[C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
[C:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 3, 6, 0, 1001]
[C:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 3, 6, 3, 1001]
[C:\Program Files\360safe\live.dll]  [360safe.com, 1, 0, 1, 1021]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
[C:\WINDOWS\system32\idmmbc.dll]  [Tonec Inc., 5, 11, 0, 4]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1048][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
[PID: 3268][D:\Program Files\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 0, 3, 4643]
[D:\Program Files\Maxthon2\MxExt.dll]  [N/A, ]
[D:\Program Files\Maxthon2\mxpp.dll]  [Maxthon, 1, 0, 0, 61]
[D:\Program Files\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 119]
[D:\Program Files\Maxthon2\MxProxy2.dll]  [, 1, 0, 0, 3531]
[D:\Program Files\Maxthon2\IMxWebBoost.dll]  [Maxthon, 1, 0, 0, 67]
[D:\Program Files\Maxthon2\mxdb.dll]  [N/A, ]
[D:\Program Files\Maxthon2\mxsafe.dll]  [Maxthon, 1, 0, 0, 477]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
[C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
[C:\WINDOWS\system32\idmmbc.dll]  [Tonec Inc., 5, 11, 0, 4]
[D:\Program Files\Internet Download Manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
[D:\Program Files\Maxthon2\MxFav.dll]  [Maxthon, 1, 0, 0, 220]
[D:\Program Files\Maxthon2\maxzlib.dll]  [, 1.2.3]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
[D:\Program Files\Maxthon2\mxtool.dll]  [, 1, 0, 0, 1]
[D:\Program Files\Maxthon2\mxfeedU.dll]  [, 1, 0, 45, 82]
[C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.1.51.0]
[C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.8164]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\GOOGLEPINYIN.IME]  [Google Inc., ]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[PID: 2140][D:\greensoft\PrcMgr\PrcMgr\PrcMgr.exe]  [www.jpexe.com, 4.00.0001]
[C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
[C:\WINDOWS\system32\VB6CHS.DLL]  [Microsoft Corporation, 6.00.8988]
[C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\MSCOREE.DLL]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\system32\comctl32.ocx]  [Microsoft Corporation, 6.00.8105]
[C:\WINDOWS\system32\MSCOMCTL.OCX]  [Microsoft Corporation, 6.01.9545]
[C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.1.51.0]
[PID: 2500][D:\Program Files\Internet Download Manager\IEMonitor.exe]  [Tonec Inc., 3, 0, 0, 1]
[C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
[D:\Program Files\Internet Download Manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 848][D:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.2.371]
[D:\Program Files\Thunder\Program\ThunderEx.dll]  [, 1, 1, 7, 13]
[C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
[D:\Program Files\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 2, 2, 33]
[D:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 18, 2, 151]
[D:\Program Files\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
[D:\Program Files\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 18, 2, 151]
[C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
[C:\WINDOWS\system32\idmmbc.dll]  [Tonec Inc., 5, 11, 0, 4]
[D:\Program Files\Thunder\Program\streammedialib.dll]  [, 1, 1, 2, 55]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
[D:\Program Files\Thunder\Program\iTargetAD.dll]  [N/A, ]
[D:\Program Files\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
[D:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 3, 21]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.1.51.0]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS Error. ["D:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
NOD32 protected [MSAFD Tcpip [TCP/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
IDM_LP
C:\WINDOWS\system32\idmmbc.dll(Tonec Inc., Internet Download Manager LSP dll)
IDM_LAYERED_MSAFD Tcpip [TCP/IP]
C:\WINDOWS\system32\idmmbc.dll(Tonec Inc., Internet Download Manager LSP dll)
IDM_LAYERED_MSAFD Tcpip [UDP/IP]
C:\WINDOWS\system32\idmmbc.dll(Tonec Inc., Internet Download Manager LSP dll)
IDM_LAYERED_MSAFD Tcpip [RAW/IP]
C:\WINDOWS\system32\idmmbc.dll(Tonec Inc., Internet Download Manager LSP dll)
IDM_LAYERED_RSVP UDP Service Provider
C:\WINDOWS\system32\idmmbc.dll(Tonec Inc., Internet Download Manager LSP dll)
IDM_LAYERED_RSVP TCP Service Provider
C:\WINDOWS\system32\idmmbc.dll(Tonec Inc., Internet Download Manager LSP dll)

==================================

显示全部楼层 · 发表于 2007-9-27 18:46:58

Autorun.inf
N/A

==================================
HOSTS 文件
==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 2008, C:\PROGRAM FILES\360SAFE\SAFEMON\360TRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2008, C:\PROGRAM FILES\360SAFE\SAFEMON\360TRAY.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2140, D:\GREENSOFT\PRCMGR\PRCMGR\PRCMGR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2140, D:\GREENSOFT\PRCMGR\PRCMGR\PRCMGR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 848, D:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================

[/CODE]

显示全部楼层 · 发表于 2007-9-27 18:52:58

SREngLOG

显示全部楼层 · 发表于 2007-9-27 19:02:36

下载windows清理助手清理恶意软件
http://www.arswp.com/download/arswp2/arswp2.zip

日志基本无问题，用上面的软件查杀一下，也许是你的那个软件的误报。

MailSkinner.rtk怎么杀？

回复 2楼 fireqq 的帖子

回复 7楼 fireqq 的帖子