收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 软件区 解疑答难区 麻烦高手来帮我看看,我的电脑有没有中木马和病毒
返回列表 发新帖
查看: 1631|回复: 7
收起左侧

[已解决] 麻烦高手来帮我看看,我的电脑有没有中木马和病毒

 关闭 [复制链接]
2aaaaaa
发表于 2007-10-5 11:16:37 | 显示全部楼层 |阅读模式
[CODE]

2007-10-05,11:05:48

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <H/PC Connection Agent><"D:\Program Files\Microsoft ActiveSync\wcescomm.exe">  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <HControl><C:\WINDOWS\ATK0100\HControl.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <IntelZeroConfig><"C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe">  [Intel Corporation]
    <Power_Gear><C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1>  [N/A]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe">  [(Verified)Kaspersky Lab]
    <Storm2Set><C:\WINDOWS\system32\rundll32.exe "d:\PROGRA~1\StormII\StormSet.dll",CheckEnv>  [(Verified)Beijing Baofeng Inc.]
    <Knight V><; C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Kaspersky Internet Security 7.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[Intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
  <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
[Intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>

==================================
驱动程序
[AEGIS Protocol (IEEE 802.1x) v3.4.9.0 / AegisP][Running/Auto Start]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[AntiARP NDIS Protocol Driver / AntiArpNdisProt][Running/Auto Start]
  <system32\DRIVERS\AntiArpNdisProt.sys><Windows (R) 2000 DDK provider>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[CdaC15BA / CdaC15BA][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[cheetah1 / cheetah1][Stopped/Manual Start]
  <\??\D:\TDDOWNLOAD\cheetahengine\cheetah.sys><N/A>
[GDTdiInterceptor / GDTdiInterceptor][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys><>
[Microsoft 用于 High Definition Audio 服务的 UAA 功能驱动程序 / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[IlvMoneyDRIVER53 / IlvMoneyDRIVER53][Stopped/Manual Start]
  <\??\F:\LLLLLLLLLLLLLL\MoonLight Engine_1059\IlvMoney1055.sys><N/A>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ATKACPI.sys><>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[puma1 / puma1][Stopped/Manual Start]
  <\??\F:\LLLLLLLLLLLLLL\20070804PE\puma.sys><N/A>
[QuakeDRV / QuakeDRV][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\quakedrv.sys><N/A>
[rimsptsk / rimsptsk][Running/Manual Start]
  <system32\DRIVERS\rimsptsk.sys><REDC>
[risdptsk / risdptsk][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\risdptsk.sys><REDC>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[WLAN 传输 / s24trans][Running/Auto Start]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[smserial / smserial][Running/Manual Start]
  <system32\DRIVERS\smserial.sys><Motorola Inc.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[spuce1 / spuce1][Stopped/Manual Start]
  <\??\F:\LLLLLLLLLLLLLL\Spuc3ngine6.30修正版\spuce.sys><N/A>
[USB2.0 1.3M Web Cam / SynMini][Running/Manual Start]
  <System32\Drivers\SynMini.sys><Syntek America Inc.>
[USB2.0 1.3M Web Cam Still Image / SynScan][Running/Manual Start]
  <System32\Drivers\SynScan.sys><Syntek America Inc.>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TSP / TSP][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Stopped/Manual Start]
  <system32\DRIVERS\w39n51.sys><Intel? Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[xAntiArpSpoof Service / xAntiArp][Running/Manual Start]
  <system32\DRIVERS\xAntiArp.sys><Windows (R) 2000 DDK provider>
回复

举报

2aaaaaa
 楼主| 发表于 2007-10-5 11:16:58 | 显示全部楼层
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, N/A>
[CLDown Object]
  {0BECAB3A-E1F8-45E6-8332-38DD750EBA01} <D:\TuoTu-2.1.0.64_PConline\TuoTuHelper_v8.dll, Tuotu.com>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\AyuClient\GameClient.exe, 上海浩方在线信息技术有限公司>
[网页监控统计信息]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll, Kaspersky Lab>
[Create Mobile Favorite]
  {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <D:\PROGRA~1\MICROS~2\INetRepl.dll, Microsoft Corporation>
[Create Mobile Favorite]
  {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <D:\PROGRA~1\MICROS~2\INetRepl.dll, Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Common Files\Kingsoft\Extract\AddIns\IEBand.dll, 金山软件股份有限公司>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[MofileUploadX Control]
  {7260569F-1D40-4E7F-B95B-2E68D35668B9} <C:\WINDOWS\DOWNLO~1\MoUpload.ocx, >
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\DOWNLO~1\TSOBase.ocx, Tencent Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[金山毒霸在线产品升级]
  {E847C78C-C210-4195-8799-FBF3BF89797D} <C:\WINDOWS\system32\kingsoft\KOS\KOSInit.ocx, 金山软件股份有限公司>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, N/A>
[CLDown Object]
  {0BECAB3A-E1F8-45E6-8332-38DD750EBA01} <D:\TuoTu-2.1.0.64_PConline\TuoTuHelper_v8.dll, Tuotu.com>
[PeerDraw 类]
  {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <d:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, N/A>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\DOCUME~1\ll8\APPLIC~1\ppStream\203~1.400\POWERP~1.DLL, PPStream Inc.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[StormPlayer Object]
  {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <d:\Program Files\StormII\mps.dll, Biejing Baofeng Inc.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\Program Files\Common Files\Kingsoft\Extract\AddIns\IEBand.dll, 金山软件股份有限公司>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\Program Files\Alisoft\WangWang\WangWangX4.dll, 阿里巴巴软件(上海)有限公司>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360safe.com>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\DOWNLO~1\TSOBase.ocx, Tencent Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Windows Live Sign-in Control]
  {D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent\AddToNetDisk.htm, N/A>
[使用脱兔下载]
  <D:\TuoTu-2.1.0.64_PConline\TT_one.htm, N/A>
[使用脱兔下载全部链接]
  <D:\TuoTu-2.1.0.64_PConline\TT_all.htm, N/A>
[使用迅雷下载]
  <D:\Thunder\Thunder\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Thunder\Thunder\getallurl.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\AddEmotion.htm, N/A>
[添加到卡巴斯基反横幅广告]
  <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm, N/A>
[珊瑚虫超级搜索]
  <, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent\SendMMS.htm, N/A>
回复

举报

2aaaaaa
 楼主| 发表于 2007-10-5 11:18:44 | 显示全部楼层
==================================
正在运行的进程
[PID: 1336 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1444 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1472 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4124]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1516 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1528 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1700 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4124]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2499]
[PID: 1732 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1816 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1956 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 2016 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe]  [Intel Corporation, 10, 1, 0, 1]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
[PID: 2044 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe]  [Intel Corporation , 10, 1, 0, 33]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, ]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 0, 3]
    [C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL]  [N/A, ]
[PID: 324 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 548 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 724 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\EBPMON24.DLL]  [SEIKO EPSON CORPORATION, 5, 4, 0, 0]
[PID: 1116 / ll8][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4124]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2499]
[PID: 1256 / ll8][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [D:\TuoTu-2.1.0.64_PConline\TuoTuHelper_v8.dll]  [Tuotu.com, 2.0.0.6]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 1, 1001]
[PID: 1492 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.020]
[PID: 1760 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.4.31.1]
    [C:\Program Files\Common Files\LightScribe\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\LightScribe\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 1908 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe]  [Intel Corporation, 10, 1, 0, 1]
[PID: 1944 / ll8][C:\WINDOWS\ATK0100\HControl.exe]  [, 1043, 2, 15, 53]
    [C:\WINDOWS\ATK0100\CMSSC.dll]  [N/A, ]
    [C:\WINDOWS\ATK0100\inter_f2.dll]  [ATK, 1043, 2, 15, 52]
    [C:\WINDOWS\ATK0100\ATKWLIOC.DLL]  [ACTIONTEC Electronics,Inc, 2.01.02]
    [C:\WINDOWS\ATK0100\SiSPkt.dll]  [Silicon Integrated Systems Corp., 1, 0, 0, 45]
    [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll]  [Intel Corporation, 10, 1, 0, 37]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 10, 1, 0, 1]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 0, 3]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, ]
    [C:\WINDOWS\system32\SynCOM.dll]  [Synaptics, Inc., 8.2.0 21Oct05]
[PID: 2008 / ll8][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 8.2.0 21Oct05]
    [C:\WINDOWS\system32\SynCOM.dll]  [Synaptics, Inc., 8.2.0 21Oct05]
    [C:\WINDOWS\system32\SynTPAPI.dll]  [Synaptics, Inc., 8.2.0 21Oct05]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 452 / ll8][C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe]  [Intel Corporation, 10, 1, 0, 42]
    [C:\Program Files\Intel\Wireless\bin\PfMgrApi.dll]  [Intel Corporation, 10, 1, 0, 46]
    [C:\Program Files\Intel\Wireless\bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
    [C:\Program Files\Intel\Wireless\bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\bin\DbEngine.dll]  [Intel Corporation, 10, 1, 0, 13]
    [C:\Program Files\Intel\Wireless\bin\LIBEAY32.dll]  [N/A, ]
    [C:\Program Files\Intel\Wireless\bin\IntStngs.dll]  [, 10, 1, 0, 3]
    [C:\Program Files\Intel\Wireless\bin\MurocApi.dll]  [Intel Corporation, 10, 1, 0, 37]
    [C:\Program Files\Intel\Wireless\bin\S24MUDLL.dll]  [Intel Corporation, 10, 1, 0, 1]
    [C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll]  [Intel Corporation, 10, 1, 0, 42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 468 / ll8][C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe]  [ASUSTeK Computer Inc., 1043, 6, 15, 113]
    [C:\Program Files\ASUS\Power4 Gear\ATKMETHOD.dll]  [ASUSTeK Computer Inc., 1043, 6, 15, 113]
[PID: 552 / ll8][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 596 / ll8][D:\Program Files\Microsoft ActiveSync\wcescomm.exe]  [Microsoft Corporation, 4.5.5096.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 652 / ll8][D:\PROGRA~1\MICROS~2\rapimgr.exe]  [Microsoft Corporation, 4.5.5096.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 960 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1124 / ll8][C:\WINDOWS\ATK0100\ATKOSD.exe]  [, 1043, 2, 15, 53]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 3156 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1988 / ll8][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3560 / ll8][D:\Program Files\Opera\Opera.exe]  [Opera Software, 8808]
    [D:\Program Files\Opera\Opera.dll]  [Opera Software, 8808]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\Program Files\Opera\Program\Plugins\NPSWF32.dll]  [, ]
[PID: 2608 / ll8][E:\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [E:\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [E:\sreng2\Plugins\NTFSTREAM.SRE]  [Smallfrogs Studio, 1, 0, 0, 5]
[PID: 3284 / ll8][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\WINDOWS\system32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [D:\TuoTu-2.1.0.64_PConline\TuoTuHelper_v8.dll]  [Tuotu.com, 2.0.0.6]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 3, 6, 1, 1001]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\nfio.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\fsdrvplg.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\basegui.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\thpimpl.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\FSSync.dll]  [Kaspersky Lab, 7.0.5.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\winreg.ppl]  [Kaspersky Lab, 7.0.0.125]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
[PID: 3736 / ll8][C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe]  [Microsoft Corporation, 4.100.313.1]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.125]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  Error. [AutoCADScriptFile]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 2044, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 452, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\ZCFGSVC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 468, C:\PROGRAM FILES\ASUS\POWER4 GEAR\BATTERYLIFE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3560, D:\PROGRAM FILES\OPERA\OPERA.EXE]

==================================
API HOOK
RVA  错误: LoadLibraryA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: GetProcAddress (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)

==================================
隐藏进程
N/A

==================================


[/CODE]
回复

举报

shenrenrenren
头像被屏蔽
发表于 2007-10-5 11:38:11 | 显示全部楼层
报告没有异常。
回复

举报

2aaaaaa
 楼主| 发表于 2007-10-5 12:55:09 | 显示全部楼层
不是吧?我看这个东西的错误啊,你说没异常?
回复

举报

shenrenrenren
头像被屏蔽
发表于 2007-10-5 12:56:52 | 显示全部楼层
那个是卡巴的。
回复

举报

2aaaaaa
 楼主| 发表于 2007-10-5 14:04:51 | 显示全部楼层
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  Error. [AutoCADScriptFile]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]


这个 Error就是错误啊
回复

举报

shuipao
发表于 2007-10-5 15:22:29 | 显示全部楼层
那个没错,路径表示方法识别上的问题。没事。
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-23 07:05 , Processed in 0.128668 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表