收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 软件区 解疑答难区 SREng的扫描报告
返回列表 发新帖
查看: 1773|回复: 6
收起左侧

[已解决] SREng的扫描报告

 关闭 [复制链接]
cbz107
发表于 2007-4-20 19:20:20 | 显示全部楼层 |阅读模式
谁会看的帮帮看看有什么问题,隐藏进程和危险入口点错误是安全的



  2. 2007-04-20,19:14:30
  3. System Repair Engineer 2.4.12.806
  4. Smallfrogs (http://www.KZTechs.com)
  5. Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
  6. 以下内容被选中:
  7.     所有的启动项目(包括注册表、启动文件夹、服务等)
  8.     浏览器加载项
  9.     正在运行的进程(包括进程模块信息)
  10.     文件关联
  11.     Winsock 提供者
  12.     Autorun.inf
  13.     HOSTS 文件

  15. 启动项目
  16. 注册表
  17. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  18.     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)]
  19.     <jiajiasr><C:\Program Files\jj4\jiajiasr.exe>  [加加工作组]
  20. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  21.     <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
  22.     <Twister><"C:\Program Files\Filseclab\Twister\Twister.exe" -a>  [Filseclab Corporation]
  23.     <XFILTER><"C:\Program Files\Filseclab\xfilter\xfilter.exe" -a>  [费尔安全实验室]
  24.     <ThunderMini><F:\Program Files\ThunderMini\ThunderMiniShell.exe>  []
  25.     <UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe">  []
  26.     <Google IME Autoupdater><F:\Program Files\Google Pinyin\GooglePinyinDaemon.exe>  [(Verified)Google Inc]
  27.     <360Safetray><F:\Program Files\360safe\safemon\360Tray.exe /start>  [奇虎网]
  28. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  29.     <shell><Explorer.exe>  [(Verified)]
  30.     <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)]
  31.     <UIHost><logonui.exe>  [(Verified)]
  32. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
  33.     <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
  34. [HKEY_CURRENT_USER\Control Panel\Desktop]
  35.     <SCRNSAVE.EXE><C:\WINDOWS\system32\MAL.scr>  []
  36. ==================================
  37. 启动文件夹
  38. [眼睛卫士]
  39.   <C:\Documents and Settings\mingjia.MS-47E2ED10D1E9\「开始」菜单\程序\启动\眼睛卫士.lnk --> F:\PROGRA~1\眼睛卫士\EyeGuard.exe [DUX Studio]><N>
  40. ==================================
  41. 服务
  42. [Human Interface Device Access / HidServ][Stopped/Disabled]
  43.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  44. ==================================
  45. 驱动程序
  46. [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  47.   <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
  48. [Filseclab Dynamic Defense System Driver / filar][Running/System Start]
  49.   <\??\C:\PROGRA~1\COMMON~1\FILSEC~1\filar.sys><Filseclab Corporation>
  50. [Filseclab Process Protection Driver / filpp][Running/Manual Start]
  51.   <\??\C:\PROGRA~1\COMMON~1\FILSEC~1\filpp.sys><Filseclab Corporation>
  52. [icehill / icehill][Stopped/System Start]
  53.   <system32\drivers\icehill.sys><N/A>
  54. [Filseclab Twister Kernel Module / IMMDRV][Running/Manual Start]
  55.   <\??\C:\PROGRA~1\FILSEC~1\Twister\immdrv.sys><Filseclab Corp.>
  56. [npkcrypt / npkcrypt][Running/Auto Start]
  57.   <\??\F:\Program Files\腾讯 QQ & TM\npkcrypt.sys><INCA Internet Co., Ltd.>
  58. [nv / nv][Running/Manual Start]
  59.   <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
  60. [PnpWmkDrv / PnpWmkDrv][Running/System Start]
  61.   <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A>
  62. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  63.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  64. [Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  65.   <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
  66. [Secdrv / Secdrv][Stopped/Manual Start]
  67.   <system32\DRIVERS\secdrv.sys><N/A>
  68. [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  69.   <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
  70. [Filseclab Packet Filter / XPacket][Running/Boot Start]
  71.   <\SystemRoot\System32\xpacket.sys><Filseclab Corporation>
  72. [VIMICRO USB PC Camera (ZC0301PLH) / ZSMC303][Stopped/Manual Start]
  73.   <System32\Drivers\usbVM303.sys><Vimicro Corporation>
  74. ==================================
  75. 浏览器加载项
  76. [Thunder Browser Helper]
  77.   {7E853D71-626A-48EC-A868-BA8D5E23E045} <F:\Program Files\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
  78. [ThunderMini Browser Helper]
  79.   {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} <F:\Program Files\ThunderMini\ComDlls\XunLeiMiniBHO_001.dll, Thunder Networking Technologies,LTD>
  80. [Windows Live Sign-in Helper]
  81.   {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
  82. [NavigatMon Class]
  83.   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <F:\Program Files\360safe\safemon\safemon.dll, >
  84. [启动迅雷5]
  85.   {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\Program Files\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
  86. [Office Genuine Advantage Validation Tool]
  87.   {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.DLL, >
  88. [Windows Genuine Advantage Validation Tool]
  89.   {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
  90. [Office Update Installation Engine]
  91.   {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
  92. [Shockwave Flash Object]
  93.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
  94. [PasswordEditCtrl Class]
  95.   {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <F:\Program Files\腾讯 QQ & TM\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
  96. [Office Genuine Advantage Validation Tool]
  97.   {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.DLL, >
  98. [Microsoft Office Control]
  99.   {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, Microsoft Corporation>
  100. [Shell Name Space]
  101.   {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
  102. [Thunder Browser Helper]
  103.   {7E853D71-626A-48EC-A868-BA8D5E23E045} <F:\Program Files\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
  104. [Thunder Browser Helper]
  105.   {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\Program Files\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
  106. [ThunderMini Browser Helper]
  107.   {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} <F:\Program Files\ThunderMini\ComDlls\XunLeiMiniBHO_001.dll, Thunder Networking Technologies,LTD>
  108. [Windows Live Sign-in Helper]
  109.   {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
  110. [SearchAssistantOC]
  111.   {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
  112. [NavigatMon Class]
  113.   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <F:\Program Files\360safe\safemon\safemon.dll, >
  114. [Office Update Installation Engine]
  115.   {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
  116. [Shockwave Flash Object]
  117.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
  118. [&使用迅雷下载]
  119.   <F:\Program Files\Thunder\Program\geturl.htm, N/A>
  120. [&使用迅雷下载全部链接]
  121.   <F:\Program Files\Thunder\Program\getallurl.htm, N/A>
  122. [&使用迷你迅雷下载]
  123.   <F:\Program Files\ThunderMini\Program\GetUrl.htm, N/A>
  124. [iSee 保存所有图片]
  125.   <F:\Program Files\iSee\iSeeSavePicAll.htm, N/A>
  126. [iSee保存Flash]
  127.   <F:\Program Files\iSee\iSeeSaveFlash.htm, N/A>
  128. [iSee保存所有图片]
  129.   <F:\Program Files\iSee\iSeeSavePicAll.htm, N/A>
  130. [iSee读取Exif]
  131.   <F:\Program Files\iSee\iSeeReadExif.htm, N/A>
  132. [导出到 Microsoft Office Excel(&X)]
  133.   <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
  134. ==================================
  135. 正在运行的进程
  136. [PID: 604][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  137. [PID: 660][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  138. [PID: 936][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  139.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  140.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  141.     [C:\WINDOWS\system32\mp3infp.dll]  [win32lab.com, 2.44.3.0]
  142.     [F:\Program Files\ThunderMini\ComDlls\XunLeiMiniBHO_001.dll]  [Thunder Networking Technologies,LTD, 2, 0, 0, 1]
  143.     [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
  144.     [C:\Program Files\Unlocker\UnlockerCOM.dll]  [N/A, ]
  145.     [C:\Program Files\Filseclab\Twister\Twshlext.dll]  [Filseclab Corp., 2, 0, 1, 988]
  146.     [C:\WINDOWS\system32\contmenu.dll]  [N/A, ]
  147.     [F:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  148.     [C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)]
  149. [PID: 1308][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.30]
  150. [PID: 1332][C:\Program Files\Filseclab\xfilter\xfilter.exe]  [费尔安全实验室, 3, 0, 3, 8981]
  151.     [C:\Program Files\Filseclab\xfilter\XFILTER.DLL]  [Filseclab Corporation, 3, 0, 3, 3715]
  152.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  153.     [F:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  154. [PID: 1360][C:\Program Files\Unlocker\UnlockerAssistant.exe]  [N/A, ]
  155.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  156. [PID: 1392][F:\Program Files\Google Pinyin\GooglePinyinDaemon.exe]  [Google Inc., 1, 0, 0, 1]
  157.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  158.     [C:\WINDOWS\system32\GooglePinyin.ime]  [Google Inc., ]
  159.     [C:\Program Files\Filseclab\xfilter\XFILTER.DLL]  [Filseclab Corporation, 3, 0, 3, 3715]
  160. [PID: 860][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  161.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  162. [PID: 1480][F:\Program Files\ThunderMini\program\ThunderMini.exe]  [Thunder Networking Technologies,LTD, 2, 0, 0, 29]
  163.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  164.     [F:\Program Files\ThunderMini\program\download_interface.dll]  [N/A, ]
  165.     [C:\Program Files\Filseclab\xfilter\XFILTER.DLL]  [Filseclab Corporation, 3, 0, 3, 3715]
  166.     [F:\Program Files\ThunderMini\program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 6]
  167.     [F:\Program Files\ThunderMini\Components\InMedia\iEmbedShell.dll]  [ , 1, 0, 0, 6]
  168.     [F:\Program Files\Thunder\Components\InMedia\iEmbed08.dll]  [ , 3, 2, 0, 63]
  169. [PID: 1648][C:\Program Files\jj4\jiajiasr.exe]  [加加工作组, 4, 1, 0, 47]
  170.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  171. [PID: 2420][F:\Program Files\腾讯 QQ & TM\TMDlls\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
  172.     [F:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  173.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  174.     [F:\Program Files\腾讯 QQ & TM\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
  175. [PID: 3344][F:\Program Files\360safe\safemon\360tray.exe]  [奇虎网, 3, 3, 0, 1004]
  176.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  177.     [F:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  178.     [F:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 3, 2, 0, 1001]
  179.     [F:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 3, 3, 0, 1004]
  180. [PID: 1876][F:\Program Files\腾讯TT\TTraveler.exe]  [腾讯公司, 3.2.200.275]
  181.     [F:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  182.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  183.     [C:\Program Files\Filseclab\xfilter\XFILTER.DLL]  [Filseclab Corporation, 3, 0, 3, 3715]
  184.     [F:\Program Files\腾讯TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
  185.     [C:\Program Files\StormII\Codec\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
  186.     [C:\Program Files\StormII\Codec\PmpSplt.ax]  [cooleyes, 1, 0, 0, 8]
  187.     [C:\Program Files\StormII\Codec\RadGtSplitter.ax]  [Gabest, 1, 0, 0, 0]
  188.     [C:\Program Files\StormII\Codec\AviSplitter.ax]  [Gabest, 1, 0, 0, 7]
  189.     [C:\Program Files\StormII\codec\FLVSplitter.ax]  [Gabest, 1, 0, 0, 1]
  190.     [C:\Program Files\StormII\Codec\MP4Splitter.ax]  [Gabest, 1, 0, 0, 2]
  191.     [C:\Program Files\StormII\Codec\RMSplt.ax]  [Gabest, 1, 0, 1, 1]
  192.     [C:\Program Files\StormII\codec\ac3filter.ax]  [, 1.01a]
  193.     [C:\WINDOWS\system32\ffdshow.ax]  [, 1.0.2.2028]
  194.     [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  195.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  196.     [C:\WINDOWS\system32\PYJJ4.IME]  [加加工作组, 4, 1, 0, 48]
  197.     [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
  198. [PID: 3888][C:\Program Files\Common Files\Filseclab\FilUp.exe]  [费尔安全实验室, 4, 0, 3, 2680]
  199.     [C:\Program Files\Common Files\Filseclab\twsupdate.dll]  [Filseclab Corp., 1, 0, 1, 497]
  200.     [C:\Program Files\Common Files\Filseclab\W32Tools.dll]  [Filseclab Corp., 1, 0, 2, 1642]
  201.     [C:\Program Files\Common Files\Filseclab\FAPIConv.dll]  [Filseclab Corp., 1, 0, 0, 45]
  202.     [C:\Program Files\Common Files\Filseclab\mdcoder.dll]  [Filseclab Corp., 1, 0, 0, 21]
  203.     [F:\Program Files\360safe\safemon\safemon.dll]  [, 3, 2, 0, 1001]
  204.     [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
  205.     [C:\Program Files\Filseclab\xfilter\XFILTER.DLL]  [Filseclab Corporation, 3, 0, 3, 3715]
  206. ==================================
  207. 文件关联
  208. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  209. .EXE  OK. ["%1" %*]
  210. .COM  OK. ["%1" %*]
  211. .PIF  OK. ["%1" %*]
  212. .REG  OK. [regedit.exe "%1"]
  213. .BAT  OK. ["%1" %*]
  214. .SCR  OK. ["%1" /S]
  215. .CHM  OK. ["C:\WINDOWS\hh.exe" %1]
  216. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  217. .INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  218. .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  219. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  220. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  221. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
  222. ==================================
  223. Winsock 提供者
  224. MSAFD Tcpip [TCP/IP]
  225.     C:\Program Files\Filseclab\xfilter\XFILTER.DLL(Filseclab Corporation, Filseclab Personal Firewall)
  226. MSAFD Tcpip [UDP/IP]
  227.     C:\Program Files\Filseclab\xfilter\XFILTER.DLL(Filseclab Corporation, Filseclab Personal Firewall)
  228. MSAFD Tcpip [RAW/IP]
  229.     C:\Program Files\Filseclab\xfilter\XFILTER.DLL(Filseclab Corporation, Filseclab Personal Firewall)
  230. RSVP UDP Service Provider
  231.     C:\Program Files\Filseclab\xfilter\XFILTER.DLL(Filseclab Corporation, Filseclab Personal Firewall)
  232. RSVP TCP Service Provider
  233.     C:\Program Files\Filseclab\xfilter\XFILTER.DLL(Filseclab Corporation, Filseclab Personal Firewall)
  234. ==================================
  235. Autorun.inf
  236. N/A
  237. ==================================

  239. HOSTS 文件
  240. 127.0.0.1       localhost
  241. ==================================
  242. API HOOK
  243. 入口点错误:CreateProcessA (危险等级: 一般,  被下面模块所HOOK: F:\Program Files\360safe\safemon\safemon.dll)
  244. 入口点错误:CreateProcessW (危险等级: 一般,  被下面模块所HOOK: F:\Program Files\360safe\safemon\safemon.dll)
  245. ==================================
  246. 隐藏进程
  247.     [1756] F:\Program Files\Thunder\Plugins\ThunderKAV\bin\KAVUpdate.exe
  248.     [1792] C:\Program Files\Filseclab\Twister\Twister.exe
  249.     [2036] F:\Program Files\Thunder\Plugins\ThunderKAV\bin\ScanningProcess.exe
  250.     [2136] F:\Program Files\腾讯 QQ & TM\QQ\qq.exe
  251.     [2648] F:\Program Files\Thunder\Program\Thunder5.exe
  252.     [3872] F:\Program Files\sreng2\SREng.EXE
  253.     [4024] F:\Program Files\DreamMail4\DM2005.exe
  254. ==================================
复制代码
回复

举报

vlansai
发表于 2007-4-20 19:40:18 | 显示全部楼层
没用过这个扫过 不过看起来没什么问题  就是扫描的时候没少开东西 迅雷 QQ 暴风2 等开了一大堆 看起来机器不错
回复

举报

wangjay1980
发表于 2007-4-20 19:49:54 | 显示全部楼层
不用看也没问题,不过你用什么隐藏的进程?
回复

举报

无敌敏敏
发表于 2007-4-20 19:49:58 | 显示全部楼层
启动项:
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\MAL.scr>

屏保程序怎么出现在启动项里

[ 本帖最后由 无敌敏敏 于 2007-4-20 19:52 编辑 ]
回复

举报

cbz107
 楼主| 发表于 2007-4-20 20:03:27 | 显示全部楼层
原帖由 无敌敏敏 于 2007-4-20 19:49 发表
启动项:
[HKEY_CURRENT_USER\Control Panel\Desktop]


屏保程序怎么出现在启动项里

准备卸载,那个是著名的水族馆热带鱼 汉化版
回复

举报

cbz107
 楼主| 发表于 2007-4-20 20:04:24 | 显示全部楼层
原帖由 wangjay1980 于 2007-4-20 19:49 发表
不用看也没问题,不过你用什么隐藏的进程?

自己隐藏的,有一个是隐藏进程是杀毒软件
回复

举报

jlennon
头像被屏蔽
发表于 2007-4-21 19:31:26 | 显示全部楼层
[C:\WINDOWS\system32\contmenu.dll]  [N/A, ]

貌似是3721的
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-28 20:12 , Processed in 0.138214 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表