[操作系统]求助!系统启动跳出两个无法加载项!不知道是什么~

楼主:吃饭不用手 时间:2007-07-01 08:01:00 点击:621 回复:4

字体:

边距:

背景:

还原:

如题,每次电脑开机都会先跳出小红伞的病毒报告,第一个是C:\WINDOWS\system32\xogujj.dll,这个移除,不能删除,操作后跳出一个系统无法加载这个的提示框,然后又跳出第二个小红伞的病毒报告,是C:\WINDOWS\system32\hgqvx.dll,这个可以删除,操作后还是跳出一个系统无法加载的提示框
  每次开机都是这样,我进C盘这两个文件和进注册表都删过了,还是没用,想问各位老大,这两个到底是什么玩意???要怎么搞掉啊~~~
楼主发言:1次 发图:0张
作者:panadacn 时间:2007-07-01 08:50:44
  MSCONFIG 删除启动项
  
  另外顺便注意一下 服务,最近发现有很多的会自己添加到服务中
作者:4K_Grubby 时间:2007-07-01 08:54:28
  使用System Repair Engineer 2.4扫描个日志,贴上来我帮你看看
作者:xuexs 时间:2007-07-01 10:10:43
  用Unlocker解除关联后删.
楼主吃饭不用手 时间:2007-07-01 18:33:27
  2007-07-01,18:29:12
  
  System Repair Engineer 2.4.12.806
  Smallfrogs (http://www.KZTechs.com)
  
  Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
  
  以下内容被选中:
   所有的启动项目(包括注册表、启动文件夹、服务等)
   浏览器加载项
   正在运行的进程(包括进程模块信息)
   文件关联
   Winsock 提供者
   Autorun.inf
   HOSTS 文件
  
  
  启动项目
  注册表
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
   <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
   <bgswitch><C:\WINDOWS\system32\bgswitch.exe> []
   <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
   <NVMixerTray><"C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"> [NVIDIA Corporation]
   <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
   <nwiz><; nwiz.exe /install> []
   <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
   <360Safetray><C:\Program Files\360safe\safemon\360Tray.exe /start> [奇虎网]
   <avgnt><"C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min> [Avira GmbH]
   <BigDogPath><C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera> [N/A]
   <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
   <StormCodec_Helper><"d:\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> []
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
   <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
   <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
   <UIHost><C:\WINDOWS\system32\XPSTYLE_ThemePackage\Logonui.exe> [Microsoft Corporation]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
   <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
   <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
  
  ==================================
  启动文件夹
  [Adobe Gamma Loader]
   <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
  [QQ游戏启动加速程序]
   <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> D:\QQ2005\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
  [抽屉书签]
   <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\抽屉书签.lnk --> C:\DOCUME~1\ADMINI~1\桌面\ChouTi.exe [Gozap.com]><N>
  [腾讯QQ]
   <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\QQ2005\QQ.exe [TENCENT]><N>
  [ADSL超频奇兵 V4.5]
   <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\ADSL超频奇兵 V4.5.lnk --> C:\PROGRA~1\Worldfax\ADSL超~1.5\ADSLx2.exe [奇兵软件 Worldfax.net]><N>
  
  ==================================
  服务
  [Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
   <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
  [AntiVir PersonalEdition Classic Scheduler / AntiVirScheduler][Running/Auto Start]
   <C:\Program Files\AntiVir PersonalEdition Classic\sched.exe><Avira GmbH>
  [AntiVir PersonalEdition Classic Guard / AntiVirService][Running/Auto Start]
   <C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe><Avira GmbH>
  [Human Interface Device Access / HidServ][Stopped/Disabled]
   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  [iPod 服务 / iPod Service][Stopped/Manual Start]
   <"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
  [NBService / NBService][Stopped/Manual Start]
   <C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
  [NMIndexingService / NMIndexingService][Stopped/Manual Start]
   <"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><Nero AG>
  [NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
   <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
  
  ==================================
  驱动程序
  [AMD Processor Driver / AmdK8][Running/System Start]
   <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
  [avgio / avgio][Running/System Start]
   <\??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys><Avira GmbH>
  [avgntflt / avgntflt][Running/Manual Start]
   <\??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys><Avira GmbH>
  [cesp / cespy][Running/Boot Start]
   <\SystemRoot\System32\DRIVERS\cespy.sys><N/A>
  [GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
   <System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
  [GMSIPCI / GMSIPCI][Stopped/Manual Start]
   <\??\G:\INSTALL\GMSIPCI.SYS><N/A>
  [npkcrypt / npkcrypt][Running/Auto Start]
   <\??\D:\QQ2005\npkcrypt.sys><INCA Internet Co., Ltd.>
  [nv / nv][Running/Manual Start]
   <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
  [nvata / nvata][Running/Boot Start]
   <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
  [nvatabus / nvatabus][Running/Boot Start]
   <\SystemRoot\system32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
  [Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Running/Manual Start]
   <system32\drivers\nvax.sys><NVIDIA Corporation>
  [NVIDIA Disk Cache Filter Driver / nvcchflt][Running/Boot Start]
   <\SystemRoot\system32\DRIVERS\nvcchflt.sys><NVIDIA Corporation>
  [Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Running/Manual Start]
   <system32\drivers\nvapu.sys><NVIDIA Corporation>
  [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  [QKeyServiceDisplay / QKeyService][Running/Boot Start]
   <\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
  [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
   <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
  [Secdrv / Secdrv][Stopped/Manual Start]
   <system32\DRIVERS\secdrv.sys><N/A>
  [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
   <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
  [xoguj / xogujj][Running/Boot Start]
   <\SystemRoot\System32\DRIVERS\xogujj.sys><N/A>
  [VIMICRO USB PC Camera / ZSMC302][Running/Manual Start]
   <System32\Drivers\usbVM31b.sys><VM>
  
  ==================================
  浏览器加载项
  [WebThunder Browser Helper]
   {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
  [BitComet Helper]
   {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <E:\BitComet\tools\BitCometBHO_1.1.3.28.dll, BitComet>
  [NavigatMon Class]
   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
  [启动Web迅雷]
   {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
  [QQ]
   {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\QQ2005\QQ.EXE, TENCENT>
  [Edit Class]
   {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
  [iTrusPTA Class]
   {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
  [MSN Photo Upload Tool]
   {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
  [163Uploader Control]
   {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\WINDOWS\system32\163UPL~1.OCX, 广州网易互动娱乐有限公司>
  [Filetran Control]
   {88734439-46D0-42C0-A13F-7E881EE550CF} <C:\PROGRA~1\Bluesky\BLUESK~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
  [CLive66_Checker_Ctrl Class]
   {B41B0E94-0518-4832-9E97-8263242FF050} <C:\WINDOWS\Downloaded Program Files\Live66_Checker3.dll, MASQ>
  [PasswordEditCtrl Class]
   {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
  [WebThunder Browser Helper]
   {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
  [WebThunder Class]
   {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
  [MMCPlayer Class]
   {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\Program Files\Sogou PXP\MMCShell.dll, Sohu.com Inc.>
  [Web Browser Applet Control]
   {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
  [Edit Class]
   {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
  [Fade]
   {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, Microsoft Corporation>
  [iTrusPTA Class]
   {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
  [Windows Media Player]
   {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
  [Recorder Control]
   {2423AB16-9F42-457B-A337-FE3B11964DB0} <C:\PROGRA~1\Bluesky\BLUESK~1\recorder.ocx, Bluesky Studio (http://www.bluesky.cn)>
  [HTML Document]
   {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
  [XML DOM Document]
   {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
  [DHTML Edit Control Safe for Scripting for IE5]
   {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
  [BlueskyVideo Control]
   {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} <C:\PROGRA~1\Bluesky\BLUESK~1\v2.ocx, 蓝天工作室(http://www.bluesky.cn)>
  [Vod Class]
   {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <D:\Thunder Network\WebThunder\DownAndPlay\DapPlayer1.1.0.46.dll, XunLei>
  [Ppd Control]
   {2F2BA87D-385E-4922-B41C-06E190B06AA9} <C:\PROGRA~1\Bluesky\BLUESK~1\ppd.ocx, Bluesky Studio(http://www.bluesky.cn)>
  [Share Control]
   {3072B1F1-0C4D-4E76-A7C6-FBAF129DBCC9} <C:\PROGRA~1\Bluesky\BLUESK~1\share.ocx, Bluesky Studio(http://www.bluesky.cn)>
  [BitComet Helper]
   {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <E:\BitComet\tools\BitCometBHO_1.1.3.28.dll, BitComet>
  [QuickTime Object]
   {4063BE15-3B08-470D-A0D5-B37161CFFD69} <D:\Ringz Studio\Storm Codec\QTPlugin.ocx, Apple Inc.>
  [WebUpload Class]
   {476B02A2-C68B-4448-AD24-1032FDCF4780} <C:\Program Files\superupload\UDriverActiveX.DLL, 四川网优互联科技有限公司>
  [EditCtrl Class]
   {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
  [MSN Photo Upload Tool]
   {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
  [Shell Name Space]
   {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
  [Traceppd Control]
   {5910C66C-F9BA-4306-8175-C098B7F0ED62} <C:\PROGRA~1\Bluesky\BLUESK~1\traceppd.ocx, BlueskyStudio(http://www.bluesky.cn)>
  [PP Control]
   {616DACC1-C5E6-4646-B36A-3FA4FC726BAD} <C:\PROGRA~1\Bluesky\BLUESK~1\ppc.ocx, Bluesky Studio (http://www.bluesky.cn)>
  [WUWebControl Class]
   {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
  [Windows Media Player]
   {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
  [WangWangObj Class]
   {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <C:\Program Files\Alisoft\WangWang\WangWangX4.dll, 阿里软件(中国)有限公司>
  [Videohelp Control]
   {75B75D86-D88B-4BEA-BC59-BFD9D7300518} <C:\PROGRA~1\Bluesky\BLUESK~1\VIDEOH~1.OCX, Bluesky Studio(http://www.bluesky.cn)>
  [MediaComm Class]
   {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Thunder Network\WebThunder\InMedia\MediaAddin13.dll, Thunder Networking Technologies,LTD>
  [163Uploader Control]
   {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\WINDOWS\system32\163UPL~1.OCX, 广州网易互动娱乐有限公司>
  [360SafeLive]
   {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360safe.com>
  [Microsoft Web Browser]
   {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
  [Filetran Control]
   {88734439-46D0-42C0-A13F-7E881EE550CF} <C:\PROGRA~1\Bluesky\BLUESK~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
  [XML DOM 文档 5.0]
   {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
  [XML HTTP 5.0]
   {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
  [Windows Live Sign-in Helper]
   {9030D464-4C02-4ABF-8ECC-5164760863C6} <, N/A>
  [Chat Control]
   {94EFE58C-E678-4808-AD65-24CE4B94C1FE} <C:\PROGRA~1\Bluesky\BLUESK~1\chat.ocx, Bluesky Studio(http://www.bluesky.cn)>
  [Blueskyvoice Control]
   {991481A7-4669-4e15-8C24-100404E1F5CB} <C:\PROGRA~1\Bluesky\BLUESK~1\BLUESK~2.OCX, 蓝天工作室(http://www.bluesky.cn)>
  [Display Control]
   {A1D97DB3-E564-4743-B2E7-6F5182CBF406} <C:\PROGRA~1\Bluesky\BLUESK~1\display.ocx, Bluesky Studio (http://www.bluesky.cn)>
  [Tracechat Control]
   {A40335C4-D3D1-4E7B-9130-039CDA5B603C} <C:\PROGRA~1\Bluesky\BLUESK~1\TRACEC~1.OCX, Bluesky Studio(http://www.bluesky.cn)>
  [RMGetLicense Class]
   {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
  [Microsoft Scriptlet Component]
   {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
  [PPChat Control]
   {AFB97F16-B7E8-4EB1-8133-FBD5AA2EBB3B} <C:\PROGRA~1\Bluesky\BLUESK~1\ppchat.ocx, Bluesky Studio(http://www.bluesky.cn)>
  [NavigatMon Class]
   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
  [Blueskyvoice Control]
   {BA0F088C-72C1-475a-92F8-42391DEF6961} <C:\PROGRA~1\Bluesky\BLUESK~1\BLUESK~1.OCX, 蓝天工作室(http://www.bluesky.cn)>
  [RDS.DataSpace]
   {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
  [Tencent Safety Online Base Module]
   {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\system32\TSOBase\TSOBase.ocx, Tencent Corporation>
  [Client Control]
   {C7B0C764-5D4E-433E-A854-591F28520577} <C:\PROGRA~1\Bluesky\BLUESK~1\client.ocx, >
  [Play Control]
   {CC20DDA1-9A21-4DEC-B5BE-E61E0351FCA9} <C:\PROGRA~1\Bluesky\BLUESK~1\play.ocx, Bluesky Studio (http://www.bluesky.cn)>
  [QQPlayerSvr Proxy Control]
   {CD108273-D434-43E6-AA90-1469F97EB398} <D:\QQ2005\QQPlayerProxy.dll, Tencent>
  [AUDIO__X_MS_WMA Moniker Class]
   {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
  [VIDEO__X_MS_ASF Moniker Class]
   {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
  [VIDEO__X_MS_WMV Moniker Class]
   {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
  [RealPlayer G2 Control]
   {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
  [Windows Live Sign-in Control]
   {D2517915-48CE-4286-970F-921E881B8C5C} <, N/A>
  [Shockwave Flash Object]
   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
  [QuickTimeCheck Class]
   {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <D:\Ringz Studio\Storm Codec\QTSystem\QuickTimeCheck.ocx, Apple Inc.>
  []
   {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
  [PasswordEditCtrl Class]
   {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
  [TimwpDll.TimwpCheck]
   {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\QQ2005\Timwp.dll, >
  [XML HTTP Request]
   {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
  [XML DOM Document 3.0]
   {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
  [XML HTTP 3.0]
   {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
  [XML DOM Document]
   {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
  [XML HTTP]
   {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
  [InstallCheck Class]
   {FFB8C97E-39D4-4E8A-9FE4-B451A0D6CA65} <C:\Program Files\Alisoft\WangWang\Ali_Check.dll, >
  [&使用BitComet下载]
   <res://E:\BitComet\BitComet.exe/AddLink.htm, N/A>
  [&使用BitComet下载全部链接]
   <res://E:\BitComet\BitComet.exe/AddAllLink.htm, N/A>
  [&使用BitComet下载本页视频]
   <res://E:\BitComet\BitComet.exe/AddVideo.htm, N/A>
  [上传到QQ网络硬盘]
   <D:\QQ2005\AddToNetDisk.htm, N/A>
  [使用Web迅雷下载]
   <D:\Thunder Network\WebThunder\GetUrl.htm, N/A>
  [使用Web迅雷下载全部链接]
   <D:\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
  [添加到QQ自定义面板]
   <D:\QQ2005\AddPanel.htm, N/A>
  [添加到QQ表情]
   <D:\QQ2005\AddEmotion.htm, N/A>
  [用QQ彩信发送该图片]
   <D:\QQ2005\SendMMS.htm, N/A>
  
  ==================================
  正在运行的进程
  [PID: 468][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [PID: 516][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [PID: 540][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
   [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  [PID: 584][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
   [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
  [PID: 596][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [PID: 752][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [PID: 812][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [PID: 876][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
  [PID: 1876][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
   [C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
   [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
   [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
   [D:\Thunder Network\WebThunder\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
   [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
  [PID: 848][C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe] [NVIDIA Corporation, 1.0.451]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerZHC.dll] [NVIDIA Corporation, 1.0.451]
   [C:\Program Files\Common Files\NVIDIA Shared\Audio\NVAudioMod.dll] [NVIDIA Corporation, 1.0.451]
   [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  [PID: 864][C:\Program Files\360safe\safemon\360Tray.exe] [奇虎网, 3, 5, 1, 1001]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [C:\Program Files\360safe\safemon\SafeKrnl.dll] [奇虎网, 3, 5, 0, 1001]
   [C:\Program Files\360safe\AntiAdwa.dll] [360Safe.com, 3, 5, 1, 1001]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\Program Files\360safe\live.dll] [360safe.com, 1, 0, 1, 1016]
  [PID: 928][C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe] [Avira GmbH, 7.00.04.05]
   [C:\Program Files\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
   [C:\Program Files\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
   [C:\Program Files\AntiVir PersonalEdition Classic\avgcmxp.dll] [Avira GmbH, 7.00.04.00]
   [C:\Program Files\AntiVir PersonalEdition Classic\AVWINLL.DLL] [Avira GmbH, 1.0.0.7]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
  [PID: 936][C:\WINDOWS\VM_STI.EXE] [BIGDOG, 4, 2, 610, 4]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [C:\WINDOWS\system32\msdmo.dll] [, ]
   [C:\WINDOWS\system32\VM31bPrp.Ax] [Vimicro, 1.00.01.00]
  [PID: 1084][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
  [PID: 1364][C:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.1.0178.00]
   [C:\Program Files\MSN Messenger\MSNCore.dll] [Microsoft Corporation, 8.1.0178.00]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\MSN Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
   [C:\Program Files\MSN Messenger\ContactsUX.dll] [Microsoft Corporation, 8.1.0178.00]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
   [C:\Program Files\MSN Messenger\msgsres.dll] [Microsoft Corporation, 8.1.0178.00]
   [C:\Program Files\MSN Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
   [C:\WINDOWS\system32\msdmo.dll] [, ]
   [C:\Program Files\MSN Messenger\lcres.dll] [Microsoft Corporation, 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
   [C:\Program Files\MSN Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
   [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
   [C:\Program Files\MSN Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.1.0178.00]
   [C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corp., 8.1.0178.00]
   [C:\WINDOWS\system32\VM31bPrp.Ax] [Vimicro, 1.00.01.00]
   [C:\Program Files\MSN Messenger\lmcdata.dll] [Microsoft Corporation, 8.1.0178.00]
   [C:\Program Files\MSN Messenger\contact.dll] [Microsoft Corporation, 8.1.0178.00]
   [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\MSN Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
   [C:\Program Files\MSN Messenger\abssm.dll] [Microsoft Corporation, 8.1.0178.00]
   [C:\WINDOWS\system32\mfplat.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
  [PID: 1748][C:\Documents and Settings\Administrator\桌面\ChouTi.exe] [Gozap.com, 1.0.7.5]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
  [PID: 1468][D:\QQ2005\QQ.exe] [TENCENT, 0, 0, 0, 0]
   [D:\QQ2005\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
   [D:\QQ2005\QQHelperDll.dll] [, 1, 0, 0, 1]
   [D:\QQ2005\BasicCtrlDll.dll] [Tencent, 7, 0, 101, 80]
   [D:\QQ2005\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [D:\QQ2005\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
   [D:\QQ2005\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
   [D:\QQ2005\QQAPI.dll] [, 1, 0, 0, 1]
   [D:\QQ2005\TMDlls\TIMProxy.dll] [tencent, 0, 3, 2, 4]
   [D:\QQ2005\LoginCtrl.dll] [N/A, ]
   [D:\QQ2005\LoginCtrlRes.dll] [, 1, 0, 0, 1]
  [PID: 2124][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.4: 2007051502]
   [C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
   [C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.7]
   [C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
   [C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7]
   [C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7]
   [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
   [C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
   [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
   [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
   [C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
   [C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
   [C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] [N/A, ]
   [C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
   [C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] [N/A, ]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
   [C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.62]
   [C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
   [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] [, ]
   [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  [PID: 2144][C:\Program Files\Worldfax\ADSL超频奇兵 V4.5\ADSLx2.exe] [奇兵软件 Worldfax.net, 4.5.0.1]
   [C:\WINDOWS\system32\addurl41.dll] [N/A, ]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
  [PID: 2296][D:\QQ2005\TMDlls\TIMPlatform.exe] [tencent, 0, 3, 1, 8]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [D:\QQ2005\TMDlls\TIMProxy.dll] [tencent, 0, 3, 2, 4]
  [PID: 2644][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\WINDOWS\system32\IEFRAME.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [C:\WINDOWS\system32\IEUI.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
   [C:\WINDOWS\system32\xmllite.dll] [Microsoft Corporation, 1.00.1018.0]
   [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
   [C:\Program Files\Internet Explorer\ieproxy.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [D:\Thunder Network\WebThunder\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
   [E:\BitComet\tools\BitCometBHO_1.1.3.28.dll] [BitComet, 20070328]
   [C:\WINDOWS\system32\ieapfltr.dll] [Microsoft Corporation, 7.0.6000.16461]
   [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
   [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
   [C:\WINDOWS\system32\DVDXP.IME] [風清揚, 4.00.950]
   [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950]
  [PID: 3220][D:\Thunder Network\WebThunder\WebThunder.exe] [深圳市迅雷网络技术有限公司, 1, 9, 1, 146]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [D:\Thunder Network\WebThunder\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
   [D:\Thunder Network\WebThunder\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [D:\Thunder Network\WebThunder\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 26]
   [D:\Thunder Network\WebThunder\download_interface.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
   [D:\Thunder Network\WebThunder\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
   [D:\Thunder Network\WebThunder\asyn_dns.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
   [D:\Thunder Network\WebThunder\Inmedia\iEmbedShell.dll] [ , 1, 0, 0, 19]
   [D:\Thunder Network\WebThunder\InMedia\iEmbed10.dll] [ , 3, 3, 1, 83]
   [D:\Thunder Network\WebThunder\DownAndPlay\WebDownAndPlay.dll] [xl, 1, 0, 0, 18]
   [D:\Thunder Network\WebThunder\CacheServer.dll] [, 1, 0, 0, 1]
   [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
   [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
   [C:\Program Files\Internet Explorer\ieproxy.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
  [PID: 3716][C:\Documents and Settings\Administrator\桌面\sreng_v2.4\SREng2\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
   [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
   [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
   [C:\Program Files\360safe\safemon\safemon.dll] [, 3, 5, 0, 1001]
   [C:\Documents and Settings\Administrator\桌面\sreng_v2.4\SREng2\Plugins\NWMON.SRE] [Smallfrogs Studio, 1, 0, 0, 8]
  
  ==================================
  文件关联
  .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  .EXE OK. ["%1" %*]
  .COM OK. ["%1" %*]
  .PIF OK. ["%1" %*]
  .REG OK. [regedit.exe "%1"]
  .BAT OK. ["%1" %*]
  .SCR OK. ["%1" /S]
  .CHM OK. ["C:\WINDOWS\hh.exe" %1]
  .HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
  .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  .LNK OK. [{00021401-0000-0000-C000-000000000046}]
  
  ==================================
  Winsock 提供者
  N/A
  
  ==================================
  Autorun.inf
  N/A
  
  ==================================
  HOSTS 文件
  127.0.0.1 localhost
  
  ==================================
  API HOOK
  N/A
  
  ==================================
  隐藏进程
  N/A
  
  ==================================
  
  
  [/CODE]
作者:

请遵守天涯社区公约言论规则,不得违反国家法律法规