收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 请高手帮忙看看有病毒否
返回列表 发新帖
查看: 1602|回复: 0
收起左侧

[求助] 请高手帮忙看看有病毒否

[复制链接]
jonck
发表于 2007-9-22 21:12:43 | 显示全部楼层 |阅读模式
今天机器突然死机,重启后系统巨慢,用ARSWP扫描出一个木马,NOD32和微点居然都没反应.请高手帮忙看看还有病毒否,还有请介绍个对木马查杀比较可靠的杀毒软件
  1. 2007-09-22,21:00:04
  2. System Repair Engineer 2.5.16.900
  3. Smallfrogs (http://www.KZTechs.com)
  4. Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
  5. 以下内容被选中:
  6.     所有的启动项目(包括注册表、启动文件夹、服务等)
  7.     浏览器加载项
  8.     正在运行的进程(包括进程模块信息)
  9.     文件关联
  10.     Winsock 提供者
  11.     Autorun.inf
  12.     HOSTS 文件
  13.     进程特权扫描

  15. 启动项目
  16. 注册表
  17. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  18.       [(Verified)Microsoft Windows Publisher]
  19. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  20.     <; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
  21.     <; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
  22.     <; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
  23.     <"C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE>  [Eset ]
  24. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  25.       [(Verified)]
  26.       [(Verified)Microsoft Windows Publisher]
  27. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  28.     <>  [N/A]
  29. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  30.       [(Verified)]
  31. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  32.       [(Verified)Microsoft Windows Component Publisher]
  33. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
  34.     <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
  35. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
  36.     <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
  37. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
  38.     <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
  39. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
  40.     <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
  41. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
  42.       [(Verified)Microsoft Windows Component Publisher]
  43. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
  44.     <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
  45. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
  46.       [Microsoft Corporation]
  47. ==================================
  48. 启动文件夹
  49. N/A
  50. ==================================
  51. 服务
  52. [Adobe LM Service / Adobe LM Service][Stopped/Disabled]
  53.   <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe">
  54. [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Manual Start]
  55.   
  56. [EPSON Printer Status Agent2 / EPSONStatusAgent2][Stopped/Disabled]
  57.   
  58. [Human Interface Device Access / HidServ][Stopped/Disabled]
  59.   %SystemRoot%\System32\hidserv.dll>
  60. [Machine Debug Manager / MDM][Stopped/Disabled]
  61.   <"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe">
  62. [MPSVC Service / MPSVCService][Running/Auto Start]
  63.   
  64. [NOD32 Kernel Service / NOD32krn][Running/Auto Start]
  65.   <"C:\Program Files\Eset\nod32krn.exe">
  66. [NVIDIA Display Driver Service / NVSvc][Stopped/Disabled]
  67.   
  68. [Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Auto Start]
  69.   
  70. ==================================
  71. 驱动程序
  72. [81687 / 81687][Stopped/Manual Start]
  73.   <\??\C:\WINDOWS\system32\Drivers\81671.sys>
  74. [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  75.   
  76. [aeaudio / aeaudio][Running/Manual Start]
  77.   
  78. [AMON / AMON][Running/Auto Start]
  79.   <\SystemRoot\system32\drivers\amon.sys>
  80. [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  81.   <\??\d:\AVG Anti-Spyware 7.5\guard.sys>
  82. [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  83.   
  84. [bootdrv / bootdrv][Stopped/Boot Start]
  85.   <\SystemRoot\System32\Drivers\bootdrv.sys>
  86. [Cdsys / Cdsys][Stopped/Manual Start]
  87.   <\??\C:\WINDOWS\system32\cdcd.sys>
  88. [cpuz / cpuz][Stopped/Manual Start]
  89.   <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz.sys>
  90. [Creative SBLive! Gameport / ctljystk][Stopped/Manual Start]
  91.   
  92. [3Com EtherLink XL 90X Adapter Driver / EL90X][Running/Manual Start]
  93.   <3Com Corporation>
  94. [mp110001 / mp110001][Running/Auto Start]
  95.   
  96. [mp110002 / mp110002][Running/Auto Start]
  97.   
  98. [mp110003 / mp110003][Running/Boot Start]
  99.   <\SystemRoot\system32\drivers\mp110003.sys>
  100. [mp110004 / mp110004][Running/Auto Start]
  101.   
  102. [mp110005 / mp110005][Running/Manual Start]
  103.   
  104. [mp110006 / mp110006][Running/System Start]
  105.   
  106. [mp110007 / mp110007][Running/System Start]
  107.   
  108. [mp110008 / mp110008][Running/Auto Start]
  109.   
  110. [mp110009 / mp110009][Running/System Start]
  111.   
  112. [mp110010 / mp110010][Running/Boot Start]
  113.   <\SystemRoot\system32\drivers\mp110010.sys>
  114. [mp110011 / mp110011][Running/System Start]
  115.   
  116. [mp110012 / mp110012][Stopped/Manual Start]
  117.   
  118. [mp110013 / mp110013][Running/Boot Start]
  119.   <\SystemRoot\system32\drivers\mp110013.sys>
  120. [nod32drv / nod32drv][Running/System Start]
  121.   <\SystemRoot\system32\drivers\nod32drv.sys>
  122. [Netgroup Packet Filter / NPF][Stopped/Manual Start]
  123.   
  124. [npkcrypt / npkcrypt][Running/Auto Start]
  125.   <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys>
  126. [nv / nv][Running/Manual Start]
  127.   
  128. [StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
  129.   <\SystemRoot\System32\drivers\prodrv06.sys>
  130. [StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
  131.   <\SystemRoot\System32\drivers\prohlp02.sys>
  132. [StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
  133.   <\SystemRoot\System32\drivers\prosync1.sys>
  134. [Psx Hid to Gamepad Port Enabler / PSXGamepadEnabler][Running/Manual Start]
  135.   
  136. [Psx Port Enumerator / PsxPortEnumerator][Running/Manual Start]
  137.   
  138. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  139.   
  140. [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  141.   
  142. [Secdrv / Secdrv][Running/Auto Start]
  143.   
  144. [SFI Service / sf][Running/System Start]
  145.   
  146. [StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
  147.   <\SystemRoot\System32\drivers\sfhlp01.sys>
  148. [smwdm / smwdm][Running/Manual Start]
  149.   
  150. [sptd / sptd][Running/Boot Start]
  151.   <\SystemRoot\System32\Drivers\sptd.sys>
  152. [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  153.   
  154. [XScanPF / XScanPF][Stopped/Manual Start]
  155.   <\??\C:\Documents and Settings\Administrator\桌面\X-Scan-v3.3-cn\X-Scan-v3.3\dat\xpf.sys>
  156. [VIMICRO USB PC Camera / ZSMC301b][Running/Manual Start]
  157.   
  158. ==================================
  159. 浏览器加载项
  160. [AcroIEHlprObj Class]
  161.   {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
  162. [Thunder Browser Helper]
  163.   {889D2FEB-5411-4565-8998-1DD2C5261283}
  164. [浩方对战平台]
  165.   {0A155D3C-68E2-4215-A47A-E800A446447A}
  166. [信息检索(&R)]
  167.   {92780B25-18CC-41C8-B9BE-3C9C571A8263}
  168. [Edit Class]
  169.   {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D}
  170. [SSReaderPlug]
  171.   {1DE88635-1C72-401E-B23B-93FA86D30F3B}
  172. [PowerPlr Control]
  173.   {2354A44B-3CEB-4829-9940-545B03103538}
  174. [CedarLogic.TaoXiWeb]
  175.   {B0AF7D9F-7050-4995-A21C-182AA05727CB}
  176. [Shockwave Flash Object]
  177.   {D27CDB6E-AE6D-11CF-96B8-444553540000}
  178. [AcroIEHlprObj Class]
  179.   {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
  180. [Edit Class]
  181.   {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D}
  182. [iTrusPTA Class]
  183.   {1E0DFFCF-27FF-4574-849B-55007349FEDA}
  184. [Windows Media Player]
  185.   {22D6F312-B0F6-11D0-94AB-0080C74C7E95}
  186. [HTML Document]
  187.   {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
  188. [DHTML Edit Control Safe for Scripting for IE5]
  189.   {2D360201-FFF5-11D1-8D03-00A0C959BC0A}
  190. [XML Document]
  191.   {48123BC4-99D9-11D1-A6B3-00C04FD91555}
  192. [EditCtrl Class]
  193.   {488A4255-3236-44B3-8F27-FA1AECAA8844}
  194. [HHCtrl Object]
  195.   {52A2AAAE-085D-4187-97EA-8C30DB990436}
  196. [Shell Name Space]
  197.   {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
  198. [PowerPlayer Control]
  199.   {5EC7C511-CD0F-42E6-830C-1BD9882F3458}
  200. [StormPlayer Object]
  201.   {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}
  202. [Windows Media Player]
  203.   {6BF52A52-394A-11D3-B153-00C04F79FAA6}
  204. [WangWangObj Class]
  205.   {6E213FC7-DD5A-4115-B7E6-D4C7838C361E}
  206. [360SafeLive]
  207.   {87515F61-A66C-4319-A0E0-D416CB8059E3}
  208. [Microsoft Web 浏览器]
  209.   {8856F961-340A-11D0-A96B-00C04FD705A2}
  210. [Thunder Browser Helper]
  211.   {889D2FEB-5411-4565-8998-1DD2C5261283}
  212. [Microsoft Scriptlet Component]
  213.   {AE24FDAE-03C6-11D1-8B76-0080C744F389}
  214. [SearchAssistantOC]
  215.   {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
  216. [RDS.DataSpace]
  217.   {BD96C556-65A3-11D0-983A-00C04FC29E36}
  218. [Tencent Safety Online Base Module]
  219.   {C09B522F-8AED-4E21-A65C-DC1AB652BAEE}
  220. [RealPlayer G2 Control]
  221.   {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}
  222. [Shockwave Flash Object]
  223.   {D27CDB6E-AE6D-11CF-96B8-444553540000}
  224. [使用迅雷下载]
  225.   
  226. [导出到 Microsoft Excel(&X)]
  227.   
  228. [添加到QQ表情]
  229.   
  230. [添加到Vbuzzer RSS频道列表]
  231.   
  232. ==================================
  233. 正在运行的进程
  234. [PID: 516 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  235. [PID: 568 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  236. [PID: 592 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  237.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  238.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  239. [PID: 636 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  240.     [C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
  241.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  242. [PID: 648 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  243.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  244.     [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
  245.     [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
  246. [PID: 820 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  247.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  248. [PID: 1044 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  249.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  250.     [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
  251.     [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
  252. [PID: 1396 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  253.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  254.     [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
  255.     [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
  256. [PID: 1520 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  257.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  258. [PID: 1576 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  259.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  260.     [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
  261.     [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
  262. [PID: 1612 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
  263.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  264.     [C:\WINDOWS\system32\EBPMON2.DLL]  [SEIKO EPSON CORPORATION, 2, 39, 0, 0]
  265.     [C:\WINDOWS\system32\hpzll4pi.dll]  [Hewlett-Packard Company, 60.061.243.00]
  266.     [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 12.3.4518.1014]
  267.     [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp4pi.dll]  [Hewlett-Packard Corporation, 60.061.243.00]
  268.     [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 12.3.4518.1014]
  269. [PID: 1928 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  270.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  271.     [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
  272.     [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
  273.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  274.     [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
  275.     [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
  276.     [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
  277.     [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9371]
  278.     [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9371]
  279.     [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
  280.     [C:\WINDOWS\system32\nvshell.dll]  [, ]
  281. [PID: 440 / Administrator][C:\Program Files\Eset\nod32kui.exe]  [Eset , 2, 70, 39 ]
  282.     [C:\Program Files\Eset\nod32rui.dll]  [N/A, ]
  283.     [C:\Program Files\Eset\pu_amon.dll]  [Eset , 2, 70, 39 ]
  284.     [C:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 70, 39 ]
  285.     [C:\Program Files\Eset\pu_dmon.dll]  [Eset , 2, 70, 39 ]
  286.     [C:\Program Files\Eset\pr_dmon.dll]  [N/A, ]
  287.     [C:\Program Files\Eset\pu_emon.dll]  [Eset , 2, 70, 39 ]
  288.     [C:\Program Files\Eset\pr_emon.dll]  [N/A, ]
  289.     [C:\Program Files\Eset\pu_imon.dll]  [Eset , 2, 70, 39 ]
  290.     [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
  291.     [C:\Program Files\Eset\pu_nod32.dll]  [Eset , 2, 70, 39 ]
  292.     [C:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 70, 39 ]
  293.     [C:\Program Files\Eset\pu_upd.dll]  [Eset , 2, 70, 39 ]
  294.     [C:\Program Files\Eset\pr_upd.dll]  [N/A, ]
  295.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  296. [PID: 548 / SYSTEM][C:\Program Files\Eset\nod32krn.exe]  [Eset , 2, 70, 39 ]
  297.     [C:\Program Files\Eset\nod32krr.dll]  [Eset , 2, 70, 39 ]
  298.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  299.     [C:\Program Files\Eset\ps_amon.dll]  [Eset , 2, 70, 39 ]
  300.     [C:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 70, 39 ]
  301.     [C:\Program Files\Eset\ps_dmon.dll]  [Eset , 2, 70, 39 ]
  302.     [C:\Program Files\Eset\pr_dmon.dll]  [N/A, ]
  303.     [C:\Program Files\Eset\ps_emon.dll]  [Eset , 2, 70, 39 ]
  304.     [C:\Program Files\Eset\pr_emon.dll]  [N/A, ]
  305.     [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
  306.     [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
  307.     [C:\Program Files\Eset\ps_nod32.dll]  [Eset , 2, 70, 39 ]
  308.     [C:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 70, 39 ]
  309.     [C:\Program Files\Eset\ps_upd.dll]  [Eset , 2, 70, 39 ]
  310.     [C:\Program Files\Eset\pr_upd.dll]  [N/A, ]
  311. [PID: 712 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  312. [PID: 1476 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  313.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  314. [PID: 2064 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  315.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  316.     [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
  317.     [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
  318. [PID: 2136 / Administrator][G:\TOOLS\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
  319.     [G:\TOOLS\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
  320.     [C:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10039]
  321. ==================================
  322. 文件关联
  323. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  324. .EXE  OK. ["%1" %*]
  325. .COM  OK. ["%1" %*]
  326. .PIF  OK. ["%1" %*]
  327. .REG  OK. [regedit.exe "%1"]
  328. .BAT  OK. ["%1" %*]
  329. .SCR  OK. ["%1" /S]
  330. .CHM  Error. ["hh.exe" %1]
  331. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  332. .INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  333. .INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  334. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  335. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  336. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
  337. ==================================
  338. Winsock 提供者
  339. NOD32 protected [MSAFD Tcpip [TCP/IP]]
  340.     C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
  341. NOD32 protected [MSAFD Tcpip [UDP/IP]]
  342.     C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
  343. NOD32 protected [MSAFD Tcpip [RAW/IP]]
  344.     C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
  345. NOD32 protected [RSVP UDP Service Provider]
  346.     C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
  347. NOD32 protected [RSVP TCP Service Provider]
  348.     C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
  349. NOD32
  350.     C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
  351. ==================================
  352. Autorun.inf
  353. N/A
  354. ==================================
  355. HOSTS 文件
  356. 127.0.0.1       localhost
  357. ==================================
  358. 进程特权扫描
  359. 特殊特权被允许: SeLoadDriverPrivilege [PID = 1928, C:\WINDOWS\EXPLORER.EXE]
  360. 特殊特权被允许: SeLoadDriverPrivilege [PID = 440, C:\PROGRAM FILES\ESET\NOD32KUI.EXE]
  361. ==================================
  362. API HOOK
  363. N/A
  364. ==================================
  365. 隐藏进程
  366. N/A
  367. ==================================
复制代码
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-11 14:22 , Processed in 0.123177 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表