收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 高人进,帮俺看看这个检测有没有问题 谢谢
返回列表 发新帖
查看: 2122|回复: 0
收起左侧

[其他相关] 高人进,帮俺看看这个检测有没有问题 谢谢

[复制链接]
YYDDFYYTL
发表于 2010-12-22 16:33:21 | 显示全部楼层 |阅读模式

  2. 2010-12-22,11:29:07
  3. System Repair Engineer 2.8.2.1321
  4. Smallfrogs ([url=http://www.KZTechs.com]http://www.KZTechs.com[/url])
  5. Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
  6. 以下内容被选中:
  7.     所有的启动项目(包括注册表、启动文件夹、服务等)
  8.     浏览器加载项
  9.     正在运行的进程(包括进程模块信息)
  10.     文件关联
  11.     Winsock 提供者
  12.     Autorun.inf
  13.     HOSTS 文件
  14.     进程特权扫描
  15.     计划任务
  16.     Windows 安全更新检查
  17.     API HOOK
  18.     隐藏进程

  20. 启动项目
  21. 注册表
  22. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  23.     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
  24. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  25.     <360Safetray><"C:\Program Files\360\360Safe\safemon\360tray.exe" /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
  26.     <VMUserServices><C:\Program Files\Virtual Machine Additions\vmusrvc.exe>  [(Verified)Microsoft Corporation]
  27.     <Rvsystem><C:\PROGRA~1\Returnil\Returnil.exe>  [Returnil SIA]
  28.     <360NetFireWall><"C:\Program Files\360\360netfw\360nfw.exe" /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
  29. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  30.     <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
  31.     <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
  32. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  33.     <AppInit_DLLs><>  [N/A]
  34. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  35.     <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
  36. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  37.     <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
  38. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  39.     <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
  40.     <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
  41.     <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
  42.     <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
  43. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
  44.     <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
  45. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
  46.     <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
  47. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
  48.     <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
  49. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
  50.     <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
  51. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
  52.     <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
  53. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
  54.     <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
  55. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
  56.     <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
  57. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
  58.     <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
  59. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
  60.     <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
  61. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
  62.     <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
  63. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
  64.     <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
  65. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
  66.     <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
  67. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
  68.     <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
  69. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
  70.     <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
  71. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
  72.     <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
  73. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
  74.     <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
  75. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
  76.     <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  []
  77. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
  78.     <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
  79. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
  80.     <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
  81. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
  82.     <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
  83. ==================================
  84. 启动文件夹
  85. N/A
  86. ==================================
  87. 服务
  88. [360网络防火墙 云安全防护服务 / 360fwrp][Running/Auto Start]
  89.   <C:\Program Files\360\360netfw\360fwrp.exe><360.cn>
  90. [Human Interface Device Access / HidServ][Stopped/Disabled]
  91.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  92. [Sandboxie Service / SbieSvc][Running/Auto Start]
  93.   <"C:\Program Files\Sandboxie\SbieSvc.exe"><SANDBOXIE L.T.D>
  94. [主动防御 / ZhuDongFangYu][Running/Auto Start]
  95.   <"C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe"><360.cn>
  96. ==================================
  97. 驱动程序
  98. [360netmon / 360netmon][Running/System Start]
  99.   <\??\C:\WINDOWS\system32\drivers\360netmon.sys><360.cn>
  100. [360SelfProtection / 360SelfProtection][Running/System Start]
  101.   <system32\drivers\360SelfProtection.sys><360安全中心>
  102. [Agnitum firewall driver / afw][Running/Manual Start]
  103.   <system32\DRIVERS\afw.sys><Agnitum Ltd.>
  104. [Agnitum Firewall Core Driver / afwcore][Running/Manual Start]
  105.   <\??\C:\WINDOWS\system32\drivers\afwcore.sys><Agnitum Ltd.>
  106. [BAPIDRV / BAPIDRV][Running/System Start]
  107.   <\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS><360.cn>
  108. [Creative SB16/AWE32/AWE64 Driver (WDM) / ctlsb16][Running/Manual Start]
  109.   <system32\drivers\ctlsb16.sys><Copyright (C) Creative Technology Ltd. 1994-2001>
  110. [DC21x4 Based Network Adapter Driver / DC21x4][Running/Manual Start]
  111.   <system32\DRIVERS\dc21x4.sys><Intel Corporation.>
  112. [EfiSystemMon / EfiMon][Running/System Start]
  113.   <System32\Drivers\Efimon.sys><奇虎网>
  114. [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Stopped/Manual Start]
  115.   <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
  116. [HookPort / HookPort][Running/Boot Start]
  117.   <\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
  118. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  119.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  120. [Quantum DeepScanner Servers / qutmdserv][Running/System Start]
  121.   <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys><360.cn>
  122. [qutmipc / qutmipc][Running/System Start]
  123.   <\??\C:\WINDOWS\system32\drivers\qutmipc.sys><360安全中心>
  124. [RVFsSec / RVFsSec][Running/Boot Start]
  125.   <\SystemRoot\system32\Drivers\RVFsSec.sys><Returnil SIA>
  126. [RVSDISK / RVSDISK][Running/Boot Start]
  127.   <\SystemRoot\system32\Drivers\RVSDISK.sys><N/A>
  128. [RVSYSTEM / RVSYSTEM][Running/Boot Start]
  129.   <\SystemRoot\system32\Drivers\RVSYSTEM.sys><Returnil SIA>
  130. [SbieDrv / SbieDrv][Running/Manual Start]
  131.   <\??\C:\Program Files\Sandboxie\SbieDrv.sys><SANDBOXIE L.T.D>
  132. [Secdrv / Secdrv][Stopped/Manual Start]
  133.   <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
  134. [SATALink driver accelerator / SiFilter][Running/Boot Start]
  135.   <\SystemRoot\system32\drivers\SiWinAcc.sys><Silicon Image, Inc.>
  136. [TCP/IP Protocol Driver / Tcpip][Running/System Start]
  137.   <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
  138. [VMware Pointing Device / vmmouse][Stopped/Manual Start]
  139.   <system32\DRIVERS\vmmouse.sys><VMware, Inc.>
  140. [vpc-s3 / vpc-s3][Running/Manual Start]
  141.   <system32\DRIVERS\vpc-s3.sys><Microsoft Corporation>
  142. [WMDrive / WMDrive][Running/System Start]
  143.   <\??\C:\WINDOWS\system32\drivers\WMDrive.sys><WinMount International Inc>
  144. [truecrypt / truecrypt][Running/Disabled]
  145.   <\??\C:\Program Files\TrueCrypt\truecrypt.sys><TrueCrypt Foundation>
  146. ==================================
  147. 浏览器加载项
  148. [QQCycloneHelper Class]
  149.   {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, (Signed) Tencent Technology (Shenzhen) Company Limited>
  150. [ThunderAtOnce Class]
  151.   {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
  152. [Thunder Browser Helper]
  153.   {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
  154. [Java(tm) Plug-In 2 SSV Helper]
  155.   {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
  156. [JQSIEStartDetectorImpl Class]
  157.   {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, (Signed) Sun Microsystems, Inc.>
  158. [启动迅雷5]
  159.   {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) 深圳市迅雷网络技术有限公司>
  160. []
  161.   {61F0024B-8278-4999-B7E6-2718426D9FE6} <, >
  162. [Java Plug-in 1.6.0_22]
  163.   {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
  164. [Java Plug-in 1.6.0_22]
  165.   {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
  166. [Java Plug-in 1.6.0_22]
  167.   {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_22.dll, (Signed) Sun Microsystems, Inc.>
  168. [QQCycloneHelper Class]
  169.   {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, (Signed) Tencent Technology (Shenzhen) Company Limited>
  170. [ThunderAtOnce Class]
  171.   {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
  172. []
  173.   {2D90D33C-DE76-42D0-9040-E4466DDC24AC} <, >
  174. [Thunder Agent Class]
  175.   {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
  176. []
  177.   {548BF84E-9665-47F9-B635-7380F8943E90} <, >
  178. []
  179.   {61F0024B-8278-4999-B7E6-2718426D9FE6} <, >
  180. [360SafeLive]
  181.   {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360\360Safe\Safelive.dll, (Signed) 360.cn>
  182. [Thunder Browser Helper]
  183.   {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
  184. []
  185.   {9701758C-4373-482E-B13C-776C048EC890} <, >
  186. []
  187.   {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <, >
  188. [HallToolkit Class]
  189.   {A24E6133-404F-4431-A296-2DE576FC5AEE} <C:\Program Files\Common Files\Thunder Network\XLGame\HallTool.1.0.0.5.(207).dll, (Signed) 深圳市迅雷网络技术有限公司>
  190. [APlayer Control]
  191.   {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
  192. []
  193.   {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, >
  194. [Java(tm) Plug-In 2 SSV Helper]
  195.   {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
  196. [JQSIEStartDetectorImpl Class]
  197.   {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, (Signed) Sun Microsystems, Inc.>
  198. []
  199.   {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
  200. [&使用QQ旋风下载]
  201.   <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
  202. [&使用QQ旋风下载全部链接]
  203.   <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
  204. [&使用QQ旋风离线下载]
  205.   <C:\Program Files\Tencent\QQDownload\xfofflinedown.htm, N/A>
  206. ==================================
  207. 正在运行的进程
  208. [PID: 420 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
  209. [PID: 524 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
  210. [PID: 548 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
  211.     [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  212. [PID: 592 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
  213. [PID: 604 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
  214.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  215. [PID: 764 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
  216.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  217. [PID: 1060 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
  218.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  219. [PID: 1156 / SYSTEM][C:\Program Files\Sandboxie\SbieSvc.exe]  [SANDBOXIE L.T.D, 3.49.04]
  220.     [C:\Program Files\Sandboxie\SbieDll.dll]  [SANDBOXIE L.T.D, 3.49.04]
  221. [PID: 1176 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
  222.     [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  223. [PID: 1360 / SYSTEM][C:\Program Files\360\360netfw\360fwrp.exe]  [360.cn, 1, 0, 0, 1003]
  224. [PID: 1536 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
  225.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  226. [PID: 1612 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
  227.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  228. [PID: 1628 / SYSTEM][C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe]  [360.cn, 3, 2, 2, 1002]
  229.     [C:\Program Files\360\360Safe\SoftMgr\360SoftMgrS.dll]  [360.cn, 2, 1, 6, 1032]
  230.     [C:\Program Files\360\360Safe\deepscan\CloudCom2.dll]  [360.cn, 3, 2, 5, 5101]
  231.     [C:\Program Files\360\360Safe\deepscan\heavygate.dll]  [360.cn, 3, 6, 21, 0]
  232.     [C:\Program Files\360\360Safe\deepscan\qutmload.dll]  [360安全中心, 6, 7, 0, 1001]
  233. [PID: 1652 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  234.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  235.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  236.     [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
  237.     [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  238.     [C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
  239.     [C:\WINDOWS\system32\msdmo.dll]  [, ]
  240.     [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
  241.     [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
  242.     [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
  243.     [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  244. [PID: 1808 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)]
  245.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  246. [PID: 1864 / SYSTEM][C:\Program Files\Virtual Machine Additions\vmsrvc.exe]  [Microsoft Corporation, 013.820]
  247. [PID: 1924 / SYSTEM][C:\Program Files\Virtual Machine Additions\vpcmap.exe]  [Microsoft Corporation, 013.820]
  248. [PID: 452 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
  249.     [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  250. [PID: 472 / Administrator][C:\Program Files\Virtual Machine Additions\vmusrvc.exe]  [Microsoft Corporation, 013.820]
  251.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  252. [PID: 512 / Administrator][C:\PROGRA~1\Returnil\Returnil.exe]  [Returnil SIA, 2.0.0.7058]
  253.     [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  254.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  255. [PID: 732 / Administrator][C:\Program Files\360\360netfw\360nfw.exe]  [360.cn, 1, 0, 0, 1005]
  256.     [C:\Program Files\360\360netfw\DumpUper.exe]  [360安全中心, 1, 1, 0, 1101]
  257.     [C:\Program Files\360\360netfw\MiniUI9.dll]  [360.cn, 7, 3, 0, 1002]
  258.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  259.     [C:\Program Files\360\360netfw\360fwctl.dll]  [360.cn, 1, 0, 0, 1004]
  260.     [C:\Program Files\360\360netfw\360netview.dll]  [360.cn, 1, 0, 0, 1003]
  261.     [C:\Program Files\360\360netfw\deepscan\Cloudcom2.dll]  [360.cn, 3, 2, 3, 1006]
  262.     [C:\Program Files\360\360netfw\deepscan\deepscan.dll]  [360.cn, 3, 2, 3, 1022]
  263.     [C:\Program Files\360\360netfw\Fwapi.dll]  [360.cn, 1, 0, 0, 1004]
  264.     [C:\Program Files\360\360netfw\nfwlive.dll]  [360.cn, 1, 0, 0, 1004]
  265.     [C:\Program Files\360\360netfw\safelive.dll]  [360.cn, 1, 0, 0, 1007]
  266.     [C:\Program Files\360\360netfw\pdown.dll]  [360.cn, 1, 2, 0, 1016]
  267.     [C:\Program Files\360\360netfw\nfwconn.dll]  [360.cn, 1, 0, 0, 1004]
  268.     [C:\Program Files\360\360netfw\nfwids.dll]  [360.cn, 1, 0, 0, 1004]
  269.     [C:\Program Files\360\360netfw\nfwcontrl.dll]  [360.cn, 1, 0, 0, 1004]
  270.     [C:\Program Files\360\360netfw\nfwnetr.dll]  [360.cn, 1, 0, 0, 1004]
  271.     [C:\Program Files\360\360netfw\nfwLog.dll]  [360.cn, 1, 0, 0, 1004]
  272.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  273. [PID: 780 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
  274.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  275. [PID: 324 / Administrator][C:\Program Files\TrueCrypt\TrueCrypt.exe]  [TrueCrypt Foundation, 7.0]
  276.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  277.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  278. [PID: 2824 / Administrator][C:\Program Files\360\360Se\360se3\360SE.exe]  [360.cn, 3, 5, 0, 7]
  279.     [C:\Program Files\360\360Se\360se3\Extensions\SafeCentral\SafeCentral.dll]  [360.cn, 1, 3, 1, 1054]
  280.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  281.     [C:\Program Files\360\360Se\360se3\Extensions\Favorites\Favorites.dll]  [360.cn, 2, 0, 2, 1050]
  282.     [C:\Program Files\360\360Se\360se3\Extensions\LoginEnrol\LoginEnrol.dll]  [360.cn, 2, 0, 2, 1050]
  283.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  284.     [C:\Program Files\360\360Safe\safemon\iNetSafe.dll]  [360.cn, 1, 0, 0, 1008]
  285.     [C:\Program Files\360\360Safe\safemon\AppFltr.dll]  [, 1, 0, 0, 1001]
  286.     [C:\Program Files\360\360Se\360se3\sqlite3.dll]  [N/A, ]
  287.     [C:\PROGRA~1\360\360Se\360se3\Extensions\UICenter\UICenter.dll]  [360.cn, 1, 1, 0, 1006]
  288.     [C:\Program Files\360\360Safe\safemon\LoadWDUI.dll]  [360.cn, 1, 0, 0, 1018]
  289.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtAddons\ExtAddons.dll]  [360.cn, 1, 0, 5, 1005]
  290.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtAdfilter\ExtAdfilter.dll]  [360.cn, 1, 1, 0, 1040]
  291.     [C:\Program Files\360\360Safe\Safemon\adfilter.dll]  [360.cn, 1, 0, 0, 1007]
  292.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtBank\ExtBank.dll]  [360.cn, 1, 0, 2, 1003]
  293.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtDoctor\ExtDoctor.dll]  [360.cn, 1, 0, 0, 1013]
  294.     [C:\Documents and Settings\Administrator\Application Data\360se\extensions\ExtDoctor\doctor.dll]  [360.cn, 1, 0, 1, 1014]
  295.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtDownload\ExtDownload.dll]  [360.cn, 1, 0, 4, 1004]
  296.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtPages\ExtPages.dll]  [360.cn, 1, 0, 7, 1001]
  297.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtProxy\ExtProxy.dll]  [360.cn, 1, 0, 2, 1004]
  298.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtSafeAddress\ExtSafeAddress.dll]  [360.cn, 1, 0, 1, 1005]
  299.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtSuggest\ExtSuggest.dll]  [360SE, 1, 0, 1, 2]
  300.     [C:\PROGRA~1\360\360Se\360se3\Extensions\ExtUrlQuery\ExtUrlQuery.dll]  [360.cn, 1, 0, 0, 1001]
  301.     [C:\PROGRA~1\360\360Se\360se3\Extensions\onlinefav\onlinefav.dll]  [360.cn, 3, 1, 0, 1001]
  302.     [C:\PROGRA~1\360\360Se\360se3\Extensions\SnapPlugin\SnapPlugin.dll]  [360.cn, 1, 1, 0, 1003]
  303.     [C:\PROGRA~1\360\360Se\360se3\Extensions\TranslatorPlugin\TranslatorPlugin.dll]  [360.cn, 2, 0, 0, 1012]
  304.     [C:\Program Files\360\360Safe\safemon\urlproc.dll]  [360.cn, 1, 2, 5, 1001]
  305.     [C:\Program Files\360\360Safe\safemon\urlprocnet.dll]  [360.cn, 1, 2, 2, 1001]
  306.     [C:\Program Files\360\360Safe\deepscan\heavygate.dll]  [360.cn, 3, 6, 21, 0]
  307.     [C:\Program Files\360\360Safe\360common.dll]  [360.cn, 7, 3, 0, 1014]
  308.     [C:\Program Files\360\360Safe\safemon\sepro.dll]  [360.cn, 1, 2, 0, 1003]
  309.     [C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx]  [Adobe Systems, Inc., 10,1,102,64]
  310.     [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  311. [PID: 3308 / Administrator][C:\Program Files\360\360Se\360se3\Extensions\SafeCentral\urlproc.exe]  [360.cn, 1.0.0.1002]
  312.     [C:\Program Files\360\360Se\360se3\Extensions\SafeCentral\urlproc.dll]  [360.cn, 1, 2, 0, 1004]
  313.     [C:\Program Files\360\360Se\360se3\Extensions\SafeCentral\urlprocnet.dll]  [360.cn, 1, 1, 0, 1005]
  314.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  315. [PID: 268 / Administrator][C:\Program Files\腾讯游戏\QQGAME\QQGame.exe]  [深圳市腾讯计算机系统有限公司, 2, 4, 106, 60]
  316.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  317.     [C:\Program Files\腾讯游戏\QQGAME\Common\Utility.dll]  [N/A, ]
  318.     [C:\Program Files\腾讯游戏\QQGAME\HelpDll.dll]  [, 1, 0, 0, 1]
  319.     [C:\Program Files\腾讯游戏\QQGAME\ResEx.dll]  [深圳市腾讯计算机系统有限公司, 0, 10, 0, 0]
  320.     [C:\Program Files\腾讯游戏\QQGAME\factory.dll]  [N/A, ]
  321.     [C:\Program Files\腾讯游戏\QQGAME\Logic\ComAsyn.dll]  [N/A, ]
  322.     [C:\Program Files\腾讯游戏\QQGAME\Logic\StartUp.dll]  [N/A, ]
  323.     [C:\Program Files\腾讯游戏\QQGAME\Res\ErrorDes.dll]  [N/A, ]
  324.     [C:\Program Files\腾讯游戏\QQGAME\UI\CommonUI.dll]  [, 1, 0, 0, 1]
  325.     [C:\Program Files\腾讯游戏\QQGAME\Tenio\TenFact.dll]  [Tencent, 0, 1, 6, 1]
  326.     [C:\Program Files\腾讯游戏\QQGAME\Tenio\TenHall.dll]  [Tencent, 0, 1, 6, 1]
  327.     [C:\Program Files\腾讯游戏\QQGAME\Logic\MainLogi.dll]  [N/A, ]
  328.     [C:\Program Files\腾讯游戏\QQGAME\Logic\AdBanner.dll]  [N/A, ]
  329.     [C:\Program Files\腾讯游戏\QQGAME\Logic\UIStyle.dll]  [N/A, ]
  330.     [C:\Program Files\腾讯游戏\QQGAME\Res\QGString.dll]  [N/A, ]
  331.     [C:\Program Files\腾讯游戏\QQGAME\Logic\Login.dll]  [N/A, ]
  332.     [C:\Program Files\腾讯游戏\QQGAME\ProtHand\QQProt.dll]  [N/A, ]
  333.     [C:\Program Files\腾讯游戏\QQGAME\Logic\DlImpl.dll]  [N/A, ]
  334.     [C:\Program Files\腾讯游戏\QQGAME\Logic\DlProxy.dll]  [N/A, ]
  335.     [C:\Program Files\腾讯游戏\QQGAME\Logic\LafDown.dll]  [N/A, ]
  336.     [C:\Program Files\腾讯游戏\QQGAME\ProtHand\BaseProt.dll]  [N/A, ]
  337.     [C:\Program Files\腾讯游戏\QQGAME\Common\ProcMsg.dll]  [, 1, 0, 0, 1]
  338.     [C:\Program Files\腾讯游戏\QQGAME\Logic\SelfInfo.dll]  [N/A, ]
  339.     [C:\Program Files\腾讯游戏\QQGAME\Common\Compress.dll]  [N/A, ]
  340.     [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  341.     [C:\Program Files\腾讯游戏\QQGAME\Logic\CAAddins\MGRoom.dll]  [N/A, ]
  342.     [C:\Program Files\腾讯游戏\QQGAME\ProtHand\ScatProt.dll]  [N/A, ]
  343.     [C:\Program Files\腾讯游戏\QQGAME\Logic\MRoomMgr.dll]  [N/A, ]
  344.     [C:\Program Files\腾讯游戏\QQGAME\Logic\ShopMgr.dll]  [N/A, ]
  345.     [C:\Program Files\腾讯游戏\QQGAME\Logic\ItemShop.dll]  [N/A, ]
  346.     [C:\Program Files\腾讯游戏\QQGAME\Logic\ScripEng.dll]  [N/A, ]
  347.     [C:\Program Files\腾讯游戏\QQGAME\python24.dll]  [Python Software Foundation, 2.4.1]
  348.     [C:\Program Files\腾讯游戏\QQGAME\Logic\ChanAdd\DirChn.dll]  [N/A, ]
  349.     [C:\Program Files\腾讯游戏\QQGAME\Logic\QQAvDld.dll]  [N/A, ]
  350.     [C:\Program Files\腾讯游戏\QQGAME\Logic\GAvatar.dll]  [N/A, ]
  351.     [C:\Program Files\腾讯游戏\QQGAME\Logic\CAAddins\GLaunch.dll]  [, 1, 0, 0, 1]
  352.     [C:\Program Files\腾讯游戏\QQGAME\UI\SocialUI.dll]  [N/A, ]
  353.     [C:\Program Files\腾讯游戏\QQGAME\Storage\MiscStor.dll]  [N/A, ]
  354.     [C:\Program Files\腾讯游戏\QQGAME\Socket\NetMod.dll]  [N/A, ]
  355.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  356.     [C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
  357.     [C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx]  [Adobe Systems, Inc., 10,1,102,64]
  358. [PID: 684 / Administrator][C:\Program Files\腾讯游戏\QQGAME\QQGameDl.exe]  [N/A, ]
  359.     [C:\Program Files\腾讯游戏\QQGAME\Common\Utility.dll]  [N/A, ]
  360.     [C:\Program Files\腾讯游戏\QQGAME\factory.dll]  [N/A, ]
  361.     [C:\Program Files\腾讯游戏\QQGAME\Logic\ComAsyn.dll]  [N/A, ]
  362.     [C:\Program Files\腾讯游戏\QQGAME\Logic\DlImpl.dll]  [N/A, ]
  363.     [C:\Program Files\腾讯游戏\QQGAME\Logic\DlProxy.dll]  [N/A, ]
  364.     [C:\Program Files\腾讯游戏\QQGAME\Common\ProcMsg.dll]  [, 1, 0, 0, 1]
  365.     [C:\Program Files\腾讯游戏\QQGAME\ProtHand\BaseProt.dll]  [N/A, ]
  366.     [C:\Program Files\腾讯游戏\QQGAME\Socket\NetMod.dll]  [N/A, ]
  367. [PID: 2424 / Administrator][C:\WINDOWS\system32\NOTEPAD.EXE]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
  368.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  369.     [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.cn, 6, 7, 6, 1002]
  370. [PID: 3104 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.963\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
  371. [PID: 3976 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.963\SRE5e459eae.EXE]  [Smallfrogs Studio, 2.8.2.1321]
  372.     [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
  373.     [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.963\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
  374. ==================================
  375. 文件关联
  376. .TXT  Error. [C:\WINDOWS\system32\NOTEPAD.EXE %1]
  377. .EXE  OK. ["%1" %*]
  378. .COM  OK. ["%1" %*]
  379. .PIF  OK. ["%1" %*]
  380. .REG  OK. [regedit.exe "%1"]
  381. .BAT  OK. ["%1" %*]
  382. .SCR  OK. ["%1" /S]
  383. .CHM  OK. ["C:\WINDOWS\hh.exe" %1]
  384. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  385. .INI  Error. [C:\WINDOWS\system32\NOTEPAD.EXE %1]
  386. .INF  Error. [C:\WINDOWS\system32\NOTEPAD.EXE %1]
  387. .VBS  Error. ["C:\WINDOWS\System32\WScript.exe" "%1" %*]
  388. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  389. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
  390. ==================================
  391. Winsock 提供者
  392. N/A
  393. ==================================
  394. Autorun.inf
  395. N/A
  396. ==================================
  397. HOSTS 文件
  398. 127.0.0.1       localhost
  399. ==================================
  400. 进程特权扫描
  401. 特殊特权被允许: SeLoadDriverPrivilege [PID = 548, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
  402. 特殊特权被允许: SeLoadDriverPrivilege [PID = 512, C:\PROGRA~1\RETURNIL\RETURNIL.EXE]
  403. ==================================
  404. 计划任务
  405. N/A
  406. ==================================
  407. Windows 安全更新检查
  408. N/A
  409. ==================================
  410. API HOOK
  411. N/A
  412. ==================================
  413. 隐藏进程
  414. N/A
  415. ==================================

复制代码

回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-6-14 18:00 , Processed in 0.127384 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表