收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 原创工具区 帮忙看看这个报告
返回列表 发新帖
查看: 2704|回复: 2
收起左侧

帮忙看看这个报告

[复制链接]
龙井茶
发表于 2007-3-26 16:36:43 | 显示全部楼层 |阅读模式
帮别人的忙,我看了又拿不准确.请高手赐教

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <ISUSPM Startup><C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup>  [InstallShield Software Corporation]
    <ISUSScheduler><"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [InstallShield Software Corporation]
    <F-Secure Manager><"C:\Program Files\F-Secure\Common\FSM32.EXE" /splash>  [F-Secure Corporation]
    <F-Secure TNB><"C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW>  [F-Secure Corporation]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <BigDogPath><C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)>  [N/A]
    <AutoRegC><; autoregc.exe>  []
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><; >  [N/A]
    <PHIME2002ASync><; >  [N/A]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><E:\avg\AVG Anti-Spyware 7.5\shellexecutehook.dll>  [Anti-Malware Development a.s.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\System Safety Monitor]
    <WinlogonNotify: System Safety Monitor><SSMWinlogonEx.dll>  [(Verified)System Safety Limited]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\new\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\oicq\QQ.exe [TENCENT]><N>

==================================
服务
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <E:\avg\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
[F-Secure Automatic Update / BackWeb Plug-in - 7681197][Running/Auto Start]
  <C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE><N/A>
[beorsyl / beorsyl][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\COMMON~1\oeoryyl\oeoryyl.dll>< >
[F-Secure Gatekeeper Handler Starter / F-Secure Gatekeeper Handler Starter][Running/Auto Start]
  <"C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe"><F-Secure Corp.>
[F-Secure Network Request Broker / F-Secure Network Request Broker][Running/Manual Start]
  <"C:\Program Files\F-Secure\Common\FNRB32.EXE"><F-Secure Corporation>
[fsbwsys / fsbwsys][Running/Auto Start]
  <"C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe"><F-Secure Corp.>
[F-Secure Anti-Virus Firewall Daemon / FSDFWD][Running/Manual Start]
  <"C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe"><F-Secure Corporation>
[F-Secure Management Agent / FSMA][Running/Auto Start]
  <"C:\Program Files\F-Secure\Common\FSMA32.EXE"><F-Secure Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[KVSrvXP / KVSrvXP][Running/Auto Start]
  <C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe /Service><Jiangmin Co., Ltd.>
[KVWSC / KVWSC][Running/Auto Start]
  <"C:\Program Files\JiangMin\AntiVirus\KVWSC.exe"><Jiangmin Co.,Ltd>
[Navoct / Navoct][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< >
[Std pnuu Service / pnuu][Running/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\hfmm\usww.dll,Service -s><Microsoft Corporation>
[Vsn vwaa Service / vwaa][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\bsgg\ignn.dll,Service><Microsoft Corporation>
[yenccv / yenccv][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\lenccv\lenccv.dll>< >

==================================
驱动程序
[a320raid / a320raid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[AAC / AAC][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AAC.SYS><Adaptec, Inc.>
[aar1210 / aar1210][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[abp480n5 / abp480n5][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[adpu320 / adpu320][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC6290 / AEC6290][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6290.SYS><ACARD Technology Corp.>
[AEC67160 / AEC67160][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC67160.SYS><ACARD Technology Corp.>
[AEC671X / AEC671X][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC671X.SYS><ACARD Technology Corp.>
[AEC6880 / AEC6880][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6880.SYS><ACARD Technology Corp.>
[AEC6890 / AEC6890][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[Aha154x / Aha154x][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Aero-Info PCI JScard / AIPCI_Device][Running/Manual Start]
  <System32\Drivers\AIPCI.sys><Your Corporation>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Microsoft Corporation>
[arc / arc][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[asc / asc][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\E:\avg\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[HelloNet PPPoE 虚拟网卡 / BRPPPOE][Running/Manual Start]
  <system32\DRIVERS\brpppoe.sys><N/A>
[BsDeamon / BsDeamon][Running/System Start]
  <\??\C:\PROGRA~1\JiangMin\ANTIVI~1\BsDeamon.sys><Jiangmin Co.,Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
  <system32\drivers\cmuda.sys><C-Media Inc>
[dac2w2k / dac2w2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[elxstor / elxstor][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[F-Secure File System Filter / F-Secure Filter][Running/Auto Start]
  <\??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys><>
[F-Secure Gatekeeper / F-Secure Gatekeeper][Running/Auto Start]
  <\??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSgk.sys><>
[F-Secure File System Recognizer / F-Secure Recognizer][Running/Auto Start]
  <\??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys><>
[FASTSX / FASTSX][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\FASTSX.SYS><Promise Technology, Inc.>
[fasttrak / fasttrak][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[fasttx2k2 / fasttx2k2][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
  <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[F-Secure Firewall Driver / FSFW][Running/Boot Start]
  <\SystemRoot\System32\drivers\fsdfw.sys><F-Secure Corporation>
[ghen / ghenp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ghenp.sys><N/A>
[HpCISSs / HpCISSs][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Hpt366 / Hpt366][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[HPT371 / HPT371][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[hpt374 / hpt374][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[Intel Integrated RAID / iaStor][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[ini910u / ini910u][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[ITERAID_Service_Install / iteraid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[KSysCall Service / KSysCall][Running/System Start]
  <\??\C:\PROGRA~1\JiangMin\common\KSysCall.sys><Jiangmin Co. Ltd.>
[KSysMon / KSysMon][Running/System Start]
  <\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KSysMon.sys><Jiangmin Co. Ltd.>
[KVDP / KVDP][Stopped/Manual Start]
  <\??\C:\Program Files\JiangMin\AntiVirus\KVDP.sys><Jiangmin Co., Ltd.>
[KVRedir / KVRedir][Stopped/Manual Start]
  <\??\C:\Program Files\JiangMin\AntiVirus\KVREDIR.SYS><Jiangmin Co., Ltd.>
[LSI_SAS / LSI_SAS][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[m5228 / m5228][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\m5281.sys><ALi Corporation>
[MegaIDE / MegaIDE][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[megasas / megasas][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[mraid2k / mraid2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.>
[mraid35x / mraid35x][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[Microsoft TV/Video Connection / NdisIP][Stopped/Manual Start]
  <system32\DRIVERS\NdisIP.sys><N/A>
[nfrd960 / nfrd960][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Intel SCSI Controller / NvAtaBus][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[PNP649R / PNP649R][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\PNP649R.SYS><CMD Technology, Inc.>
[SiI 680 ATA Controller / Pnp680][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[QLogic Fibre Channel SCSI Miniport Driver / ql2300][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[RAIDSRC / RAIDSRC][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\RAIDSRC.SYS><Intel/ICP>
[S150SX8 / S150SX8][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\S150SX8.SYS><Promise Technology, Inc.>
[S3SavageNB / S3SavageNB][Running/Manual Start]
  <system32\DRIVERS\s3gnbm.sys><S3 Graphics, Inc.>
[System Safety Monitor 2.0 Core Engine / safemon][Running/Boot Start]
  <\SystemRoot\system32\drivers\safemon.sys><System Safety Limited>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc>
[SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SISIDE / SISIDE][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISIDE.SYS><Silicon Integrated Systems Corp.>
[SiSRaid / SiSRaid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid1 / SiSRaid1][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems>
[SISRAIDS / SISRAIDS][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISRAIDS.SYS><Silicon Integrated Systems Corp>
[BDA Slip De-Framer / SLIP][Stopped/Manual Start]
  <system32\DRIVERS\SLIP.sys><N/A>
[Sparrow / Sparrow][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[symc810 / symc810][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SYMMPI / SYMMPI][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SYMMPI.SYS><LSI Logic>
[sym_hi / sym_hi][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TosIde / TosIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[UlSata / UlSata][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ULSATAS / ULSATAS][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ULSATAS.SYS><Promise Technology, Inc.>
[ultra / ultra][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaidexp.sys><VIA Technologies, Inc.>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viaraid / viaraid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
[viasraid / viasraid][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Stopped/Manual Start]
  <System32\Drivers\usbVM31b.sys><VM>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\E:\oicq\npkcrypt.sys><INCA Internet Co., Ltd.>
回复

举报

龙井茶
 楼主| 发表于 2007-3-26 16:37:49 | 显示全部楼层
浏览器加载项
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <E:\qqq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[BrowseHelper Class]
  {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360\360safe\safemon\safemon.dll, >
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\oicq\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\qqq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[Filetran Control]
  {88734439-46D0-42C0-A13F-7E881EE550CF} <C:\WINDOWS\DOWNLO~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
[a-squared Scanner]
  {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} <C:\WINDOWS\DOWNLO~1\asquared.ocx, Emsi Software GmbH>
[UpdateC2 Control]
  {DC7094C6-8F61-42ED-AECE-63F5EEF647C5} <C:\PROGRA~1\UUSee\updateC2.ocx, N/A>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[KvScanOnline Control]
  {EF6205C1-3F17-4829-BCB5-1336ED89E356} <C:\WINDOWS\system32\KvDown.ocx, dreamersoft>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <E:\qqq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[BrowseHelper Class]
  {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360\360safe\safemon\safemon.dll, >
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, N/A>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[vtxx]
  {F10D7E4E-C750-4A2D-8444-AC598E3E19FB} <C:\PROGRA~1\COMMON~1\bsgg\fdkk.dll, N/A>
[上传到QQ网络硬盘]
  <E:\oicq\AddToNetDisk.htm, N/A>
[使用影音传送带下载]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[发送到《X档案》]
  <res://C:\WINDOWS\system32\XFILE.CPL/800, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\oicq\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\oicq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\oicq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 596][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1500][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\avg\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [Anti-Malware Development a.s., 7, 5, 0, 47]
    [C:\WINDOWS\system32\epyoq.dll]  [N/A, ]
    [C:\Program Files\JiangMin\AntiVirus\KVshell.dll]  [Jiangmin Co.Ltd, 1, 0, 6, 921]
    [C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng]  [N/A, ]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [C:\Program Files\JiangMin\common\GUIEXT.DLL]  [Jiangmin Co.Ltd, 1, 0, 6, 919]
    [C:\Program Files\JiangMin\common\lang\guiext0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
    [E:\360\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [C:\Program Files\F-Secure\Common\fpshx.dll]  [F-Secure Corporation, 5.50.9200]
    [C:\Program Files\F-Secure\Common\FSMA32.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\Common\FSPMAPI.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\WINDOWS\system32\XFILE.CPL]  [X-File Studio, 1, 0, 0, 66]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [E:\avg\AVG Anti-Spyware 7.5\context.dll]  [Anti-Malware Development a.s., 7, 5, 0, 49]
    [E:\UC\UCIdleHook.dll]  [北京新浪信息技术有限公司, 1, 0, 1, 0]
[PID: 1660][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
[PID: 408][C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe]  [InstallShield Software Corporation, 3, 10, 100, 1146]
[PID: 420][C:\Program Files\F-Secure\Common\FSM32.EXE]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\Common\FSPMAPI.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\Common\FSMA32.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\Common\FSLD32.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\Common\fsexc.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\F-Secure\FSGUI\av550about.dll]  [, 5, 70, 1220, 0]
    [C:\Program Files\F-Secure\Common\fsmres.ENG]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\FWES\Program\fsdfwpi.dll]  [F-Secure Corporation, 5.72.6]
    [C:\Program Files\F-Secure\Anti-Virus\fsmuiav.dll]  [F-Secure Corporation, 5.53.10331]
    [C:\Program Files\F-Secure\Anti-Virus\FSAVURES.ENG]  [N/A, ]
    [C:\Program Files\F-Secure\TNB\fstnb.dll]  [F-Secure Corporation, 1.0.125 ]
    [C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwui.dll]  [F-Secure Corporation, 6.71.4]
    [C:\Program Files\F-Secure\Common\FSMA32S.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\FSGUI\guilaunc.dll]  [F-Secure Corporation, 5, 71, 1260, 0]
    [C:\Program Files\F-Secure\Common\fsmaui32.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\Common\fsmaures.ENG]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\FSGUI\avabtres.ENG]  [, 5.70.0001]
    [C:\Program Files\F-Secure\Common\fsdfwpi.ENG]  [F-Secure Corporation, 5.72.6]
    [C:\Program Files\F-Secure\Common\fsdfwpi2.eng]  [F-Secure Corporation, 5.72.6]
    [C:\Program Files\F-Secure\FSGUI\gres.dll]  [N/A, ]
    [C:\Program Files\F-Secure\Anti-Virus\FSAVDW.DLL]  [, 5.53.10210]
    [E:\UC\UCIdleHook.dll]  [北京新浪信息技术有限公司, 1, 0, 1, 0]
[PID: 452][C:\WINDOWS\VM_STI.EXE]  [Vimicro, 4, 2, 1124, 6]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
[PID: 460][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [E:\UC\UCIdleHook.dll]  [北京新浪信息技术有限公司, 1, 0, 1, 0]
[PID: 1148][C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe]  [N/A, ]
    [C:\Program Files\F-Secure\BackWeb\7681197\6.3.2.62-7681197L\Program\backWeb.dll]  [BackWeb Technologies Inc., Version 6.3.2 (Build 62R)]
    [C:\Program Files\F-Secure\BackWeb\7681197\6.3.2.62-7681197L\Program\bwsec.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [C:\Program Files\F-Secure\BackWeb\7681197\6.3.2.62-7681197L\Program\clntutil.dll]  [N/A, ]
    [C:\PROGRA~1\F-Secure\BackWeb\7681197\632~1.62-\program\EN\ClientRC.dll]  [BackWeb Technologies Inc., Version 6.3.2 (Build 62R)]
    [C:\Program Files\F-Secure\BackWeb\7681197\Program\BWfiles-7681197.dll]  [N/A, ]
    [C:\Program Files\F-Secure\BackWeb\7681197\6.3.2.62-7681197L\Program\BWfiles.dll]  [, Version 6.3.2 (Build 62R)]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [C:\Program Files\F-Secure\BackWeb\7681197\6.3.2.62-7681197L\Program\ncast.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwce.dll]  [F-Secure Corporation, 6.72.757]
    [C:\Program Files\F-Secure\Common\fsexc.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwres.ENG]  [F-Secure Corporation, 6.70.713]
    [c:\program files\f-secure\common\fsld32.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwres.dll]  [F-Secure Corporation, 6.71.1]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [c:\program files\f-secure\common\fsma32.dll]  [F-Secure Corporation, 5.70.7913 ]
    [c:\program files\f-secure\common\FSPMAPI.dll]  [F-Secure Corporation, 5.70.7913 ]
[PID: 3748][C:\Program Files\F-Secure\FSGUI\fsguiexe.exe]  [F-Secure Corporation, 5, 71, 1370, 0]
    [C:\Program Files\F-Secure\Common\fsexc.dll]  [F-Secure Corporation, 5.70.7913 ]
    [c:\program files\f-secure\common\fsld32.dll]  [F-Secure Corporation, 5.70.7913 ]
    [C:\Program Files\F-Secure\FSGUI\guiplugin.dll]  [F-Secure Corporation, 5, 71, 1370, 0]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [c:\program files\f-secure\common\fsma32.dll]  [F-Secure Corporation, 5.70.7913 ]
    [c:\program files\f-secure\common\FSPMAPI.dll]  [F-Secure Corporation, 5.70.7913 ]
    [c:\program files\f-secure\tnb\fstnb.dll]  [F-Secure Corporation, 1.0.125 ]
    [C:\Program Files\F-Secure\FSGUI\fsavesui.dll]  [F-Secure Corporation, 5, 71, 1370, 0]
    [C:\Program Files\F-Secure\FSGUI\gres.dll]  [N/A, ]
    [C:\Program Files\F-Secure\FSGUI\fsavesres.ENG]  [, 1, 0, 1, 0]
[PID: 312][C:\Program Files\河南铁通宽带拨号软件\HNMainUI.exe]  [, 2, 3, 0, 1]
    [C:\Program Files\河南铁通宽带拨号软件\HNKernel.dll]  [HelloNet, 2.2.0.1]
    [C:\Program Files\河南铁通宽带拨号软件\HNUtils.dll]  [, 2, 2, 0, 1]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\河南铁通宽带拨号软件\HNRes_0804.dll]  [, 2, 2, 0, 1]
    [C:\Program Files\河南铁通宽带拨号软件\plugins\Diagnose.dll]  [HelloNet, 2.2.0.1]
[PID: 3560][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\JiangMin\AntiVirus\KVshell.dll]  [Jiangmin Co.Ltd, 1, 0, 6, 921]
    [C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng]  [N/A, ]
    [E:\360\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
    [c:\PROGRA~1\iesnap\navpref.dll]  [, 1, 0, 1, 1]
    [c:\PROGRA~1\iesnap\navseg.dll]  [, 1, 0, 1, 1]
    [c:\PROGRA~1\iesnap\navneg.dll]  [, 1, 0, 1, 1]
    [E:\UC\UCIdleHook.dll]  [北京新浪信息技术有限公司, 1, 0, 1, 0]
    [C:\WINDOWS\system32\WINWB86.IME]  [Microsoft Corporation, 4.00.950]
[PID: 1352][c:\PROGRA~1\iesnap\navplay.exe]  [, 1, 0, 1, 1]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
[PID: 536][E:\UC\uc.exe]  [北京新浪信息技术有限公司, 5.1.0.960]
    [E:\UC\vcl60.bpl]  [Borland Software Corporation, 6.0.6.240]
    [E:\UC\rtl60.bpl]  [Borland Software Corporation, 6.0.6.243]
    [E:\UC\vclx60.bpl]  [Borland Software Corporation, 6.0.6.163]
    [E:\UC\vclie60.bpl]  [Borland Software Corporation, 6.0.6.163]
    [E:\UC\bcbie60.bpl]  [N/A, ]
    [E:\UC\BORLNDMM.DLL]  [Borland Software Corporation, 6.0.10.157]
    [E:\UC\CC3260MT.DLL]  [Borland Corporation, 0.0.0.0 (informal build)]
    [E:\UC\ucavatar.bpl]  [Beijing Sina Information Technology Co.,Ltd, 1.1.0.0]
    [E:\UC\ucchatroom.bpl]  [北京新浪信息技术有限公司, 1.3.0.0]
    [E:\UC\LANGUAGERES.DLL]  [北京新浪信息技术有限公司, 1.1.0.0]
    [E:\UC\ucdcontrol.bpl]  [北京新浪信息技术有限公司, 1.3.0.0]
    [E:\UC\uchm.bpl]  [Beijing Sina Information Technology Co.,Ltd, 1.3.0.0]
    [E:\UC\ucui.bpl]  [北京新浪信息技术有限公司, 1.3.0.0]
    [E:\UC\ucskin.bpl]  [北京新浪信息技术有限公司, 1.2.0.0]
    [E:\UC\ucudpmessager.dll]  [Beijing Sina Information Technology Co.,Ltd
, 1.1.0.0]
    [E:\UC\STLPMT45.DLL]  [N/A, ]
    [E:\UC\ucapi.dll]  [北京新浪信息技术有限公司, 1.1.0.0]
    [E:\UC\ucres.dll]  [北京新浪信息技术有限公司, 1.3.0.0]
    [E:\UC\ucdatamanager.dll]  [Beijing Sina Information Technology Co.,Ltd, 1.2.0.0]
    [E:\UC\ucmargin.dll]  [北京新浪信息技术有限公司, 1.1.0.0]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [E:\UC\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1205]
    [E:\UC\riched32.dll]  [Microsoft Corporation, 5.00.2134.1]
    [E:\UC\UCIdleHook.dll]  [北京新浪信息技术有限公司, 1, 0, 1, 0]
    [E:\UC\UCHttpDl.dll]  [北京新浪信息技术有限公司, 1, 1, 9, 0]
    [E:\UC\HelpEx.dll]  [北京新浪信息技术有限公司, 1.0.0.0]
    [E:\UC\UCEmtMgr.dll]  [北京新浪信息技术有限公司, 1.2.0.0]
    [E:\UC\UCBugCatch.dll]  [北京新浪信息技术有限公司, 1, 2, 8, 0]
    [E:\UC\UCSocket.DLL]  [北京新浪信息技术有限公司, 1, 1, 21, 0]
    [E:\UC\UTNTyper.dll]  [北京新浪信息技术有限公司, 1, 0, 0, 0]
    [E:\UC\UCDDP.dll]  [Beijing Sina Information Technology Co.,Ltd, 1.1.0.0]
    [E:\avg\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [Anti-Malware Development a.s., 7, 5, 0, 47]
[PID: 292][E:\sreng\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [E:\UC\UCIdleHook.dll]  [北京新浪信息技术有限公司, 1, 0, 1, 0]
    [E:\sreng\sreng2\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]
[PID: 1680][E:\UC\UCChatRoom.exe]  [北京新浪信息技术有限公司, 1.1.0.0]
    [E:\UC\vcl60.bpl]  [Borland Software Corporation, 6.0.6.240]
    [E:\UC\rtl60.bpl]  [Borland Software Corporation, 6.0.6.243]
    [E:\UC\vclie60.bpl]  [Borland Software Corporation, 6.0.6.163]
    [E:\UC\bcbie60.bpl]  [N/A, ]
    [E:\UC\BORLNDMM.DLL]  [Borland Software Corporation, 6.0.10.157]
    [E:\UC\CC3260MT.DLL]  [Borland Corporation, 0.0.0.0 (informal build)]
    [E:\UC\LANGUAGERES.DLL]  [北京新浪信息技术有限公司, 1.1.0.0]
    [E:\UC\UCUDPMESSAGER.DLL]  [Beijing Sina Information Technology Co.,Ltd
, 1.1.0.0]
    [E:\UC\STLPMT45.DLL]  [N/A, ]
    [E:\UC\UCTCPMESSAGER.DLL]  [Beijing Sina Information Technology Co.,Ltd, 1.1.0.0]
    [E:\UC\UCAPI.DLL]  [北京新浪信息技术有限公司, 1.1.0.0]
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 62R)]
    [c:\PROGRA~1\iesnap\navstub.dll]  [, 1, 0, 1, 1]
    [C:\PROGRA~1\COMMON~1\hfmm\xvss.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\hfmm\sxee.dll]  [ , 1, 0, 0, 6]
    [E:\UC\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1205]
    [E:\UC\UCSocket.DLL]  [北京新浪信息技术有限公司, 1, 1, 21, 0]
    [E:\UC\UCIdleHook.dll]  [北京新浪信息技术有限公司, 1, 0, 1, 0]
    [E:\UC\UCAudioChat.dll]  [Beijing Sina Information Technology Co.,Ltd, 2006, 3, 7, 2]
    [E:\UC\UcMediaPlayer.DLL]  [北京新浪信息技术有限公司, 1, 1, 0, 0]
    [E:\UC\UCVideo.DLL]  [北京新浪信息技术有限公司, 4, 5, 2, 0]
    [E:\UC\UCMediaSaver.dll]  [北京新浪信息技术有限公司, 1, 1, 1, 0]
    [E:\UC\UCTransfer.dll]  [北京新浪信息技术有限公司, 1, 0, 0, 2]
    [E:\UC\UCACodec.dll]  [Beijing Sina Information Technology Co.,Ltd , 1.2.0]
    [E:\UC\UCVCodec3.dll]  [Beijing Sina Information Technology Co.,Ltd, 2, 1, 0, 0]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [C:\WINDOWS\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
回复

举报

wangjay1980
发表于 2007-3-27 00:28:49 | 显示全部楼层
<AutoRegC><; autoregc.exe>  []

[beorsyl / beorsyl][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\COMMON~1\oeoryyl\oeoryyl.dll>< >
[Navoct / Navoct][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< >
[Std pnuu Service / pnuu][Running/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\hfmm\usww.dll,Service -s><Microsoft Corporation>
[Vsn vwaa Service / vwaa][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\bsgg\ignn.dll,Service><Microsoft Corporation>
[yenccv / yenccv][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\lenccv\lenccv.dll>< >

[ghen / ghenp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ghenp.sys><N/A>

[ 本帖最后由 wangjay1980 于 2007-3-27 00:31 编辑 ]
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-22 21:10 , Processed in 0.137115 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表