|
|
计算机反病毒论坛诊断报告 V1.0.7.620
诊断时间: 2008-03-09 9:59:45
处理器(CPU): Intel(R) Celeron(R) CPU 8.2GHz
物理内存: 4 GB
操作系统: Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)
IE版本: Internet Explorer V6.0.2900.2180
以上数据请复制后在论坛上发表,论坛地址为:
计算机反病毒论坛-www.hackpro.cn
==================================================
进程和模块列表
smss.exe [\SystemRoot\System32\smss.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\SystemRoot\System32\smss.exe] [,]
csrss.exe [C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\??\C:\WINDOWS\system32\csrss.exe] [,]
winlogon.exe [winlogon.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\??\C:\WINDOWS\system32\winlogon.exe] [,]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
services.exe [C:\WINDOWS\system32\services.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SCESRV.dll] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
lsass.exe [C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\LSASRV.dll] [Microsoft Corporation,5.1.2600.3249 (xpsp_sp2_gdr.071106-1716)]
svchost.exe [C:\WINDOWS\system32\svchost -k DcomLaunch] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
svchost.exe [C:\WINDOWS\system32\svchost -k rpcss] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
svchost.exe [C:\WINDOWS\System32\svchost.exe -k netsvcs] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
svchost.exe [C:\WINDOWS\system32\svchost.exe -k LocalService] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
spoolsv.exe [C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation,5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\SPOOLSS.DLL] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
CDAC11BA.EXE [C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision,4.20.020]
[C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision,4.20.020]
stormliv.exe ["C:\Program Files\StormII\stormliv.exe" /asservice] [北京暴风网际科技有限公司,3, 8, 1, 13]
[C:\Program Files\StormII\stormliv.exe] [北京暴风网际科技有限公司,3, 8, 1, 13]
kvsrvxp.exe [E:\江民杀毒\JiangMin\AntiVirus\kvsrvxp.exe /Service] [Jiangmin Co., Ltd.,10, 0, 7, 526]
[E:\江民杀毒\JiangMin\AntiVirus\kvsrvxp.exe] [Jiangmin Co., Ltd.,10, 0, 7, 526]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd.,1, 0, 7, 226]
[E:\江民杀毒\JiangMin\AntiVirus\SvcSafe.dll] [,10, 0, 8, 106]
[E:\江民杀毒\JiangMin\AntiVirus\lang\SvcSafe0804.lng] [,]
[C:\WINDOWS\system32\KVInstall.dll] [Jiangmin Co.,Ltd,2, 0, 7, 831]
[E:\江民杀毒\JiangMin\KVOL\autoUpdate.dll] [Jiangmin Co.Ltd,1, 0, 7, 3291]
[E:\江民杀毒\JiangMin\AntiVirus\FileGuardNT.dll] [Jiangmin Co., Ltd.,10, 2, 7, 413]
[E:\江民杀毒\JiangMin\common\KvTxd.dll] [Jiangmin Co., Ltd.,10.0.6.1106]
[E:\江民杀毒\JiangMin\AntiVirus\NetGuard.dll] [Jiangmin Co., Ltd.,1, 0, 8, 111]
[E:\江民杀毒\JiangMin\AntiVirus\GuardPS.dll] [Jiangmin Co., Ltd.,1, 0, 6, 1110]
[E:\江民杀毒\JiangMin\KVOL\UpdatePlugIn.dll] [Jiangmin Co., Ltd.,1, 0, 6, 831]
KVWSC.exe ["E:\江民杀毒\JiangMin\AntiVirus\KVWSC.exe"] [Jiangmin Co.,Ltd,1, 0, 7, 131]
[E:\江民杀毒\JiangMin\AntiVirus\KVWSC.exe] [Jiangmin Co.,Ltd,1, 0, 7, 131]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd.,1, 0, 7, 226]
[C:\WINDOWS\system32\KVInstall.dll] [Jiangmin Co.,Ltd,2, 0, 7, 831]
svchost.exe [C:\WINDOWS\system32\svchost.exe -k imgsvc] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
CNAB4RPK.EXE [C:\WINDOWS\system32\CNAB4RPK.EXE] [CANON INC.,1.02.0.004]
[C:\WINDOWS\system32\CNAB4RPK.EXE] [CANON INC.,1.02.0.004]
Explorer.EXE [C:\WINDOWS\Explorer.EXE] [Microsoft Corporation,6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc.,7.0.0.0]
[E:\江民杀毒\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd,1, 0, 7, 806]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd.,1, 0, 7, 226]
igfxtray.exe ["C:\WINDOWS\system32\igfxtray.exe" ] [Intel Corporation,3,0,0,2082]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation,3,0,0,2082]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
hkcmd.exe ["C:\WINDOWS\system32\hkcmd.exe" ] [Intel Corporation,3,0,0,2082]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation,3,0,0,2082]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
KVMonXP.kxp ["E:\江民杀毒\JiangMin\AntiVirus\KVMonXP.kxp" ] [Jiangmin Co.Ltd,1, 0, 7, 816]
[E:\江民杀毒\JiangMin\AntiVirus\KVMonXP.kxp] [Jiangmin Co.Ltd,1, 0, 7, 816]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd.,1, 0, 7, 226]
[C:\WINDOWS\system32\KVInstall.dll] [Jiangmin Co.,Ltd,2, 0, 7, 831]
[E:\江民杀毒\JiangMin\AntiVirus\lang\kvmonxp0804.lng] [,]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
[E:\江民杀毒\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd,1, 0, 7, 626]
[E:\江民杀毒\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd.,7, 1, 0, 200]
[E:\江民杀毒\JiangMin\AntiVirus\KvInterpreter.dll] [Jiangmin Co., Ltd.,10, 0, 7, 417]
[E:\江民杀毒\JiangMin\AntiVirus\VirusUpload.dll] [,2, 2, 7, 607]
[E:\江民杀毒\JiangMin\antivirus\TrojDie.dll] [Jiangmin Co.Ltd,10, 0, 7, 816]
[E:\江民杀毒\JiangMin\AntiVirus\KvGuardJsMenu.dll] [Jiangmin Co Ltd,10, 0, 0, 831]
[E:\江民杀毒\JiangMin\AntiVirus\KVMon.dll] [Jiangmin Co., Ltd.,1, 0, 6, 1123]
[E:\江民杀毒\JiangMin\AntiVirus\lang\KVMon0804.lng] [Jiangmin Co., Ltd.,1, 0, 6, 1019]
[E:\江民杀毒\JiangMin\antivirus\KRegEx.dll] [Jiangmin Co. Ltd.,10, 0, 6, 1214]
[E:\江民杀毒\JiangMin\AntiVirus\lang\TrojDie0804.lng] [,10, 0, 6, 1221]
[E:\江民杀毒\JiangMin\antivirus\KRegExMain.dll] [Jiangmin Co.Ltd,10, 0, 6, 1103]
[E:\江民杀毒\JiangMin\common\ComUIPS.dll] [Jiangmin Co.Ltd,1.0.0.808]
[E:\江民杀毒\JiangMin\AntiVirus\Kvwshm.dll] [Jiangmin Co., Ltd.,10, 0, 6, 724]
[E:\江民杀毒\JiangMin\AntiVirus\PrivateMon.dll] [Jiangmin Co.Ltd,1, 0, 0, 909]
[E:\江民杀毒\JiangMin\AntiVirus\KVNotifyUI.dll] [Jiangmin Co.Ltd,1.0.6.802]
[E:\江民杀毒\JiangMin\AntiVirus\lang\KVNotifyUI0804.lng] [,]
[E:\江民杀毒\JiangMin\AntiVirus\KsProtect.dll] [Jiangmin Co. Ltd.,1, 0, 7, 326]
[E:\江民杀毒\JiangMin\common\KvTools.dll] [Jiangmin Co. Ltd.,1, 0, 7, 323]
[E:\江民杀毒\JiangMin\common\IsysCall.dll] [Jiangmin Co., Ltd.,1, 0, 7, 326]
[E:\江民杀毒\JiangMin\AntiVirus\ISysMon.dll] [Jiangmin Co., Ltd.,1, 0, 7, 301]
[E:\江民杀毒\JiangMin\common\KregTrust.dll] [Jiangmin Co.,10, 0, 6, 812]
[E:\江民杀毒\JiangMin\common\KvTxd.dll] [Jiangmin Co., Ltd.,10.0.6.1106]
[E:\江民杀毒\JiangMin\KVFW\KvfwUtl.dll] [Jiangmin Co., Ltd.,10, 0, 7, 227]
[E:\江民杀毒\JiangMin\KVFW\lang\KVFW0804.lng] [,9, 0, 5, 1031]
[C:\WINDOWS\system32\MSCOREE.DLL] [Microsoft Corporation,2.0.50727.253 (QFE.050727-2500)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation,1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation,7.10.3052.4]
ctfmon.exe ["C:\WINDOWS\system32\ctfmon.exe" ] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
wuauclt.exe ["C:\WINDOWS\system32\wuauclt.exe"] [Microsoft Corporation,7.0.6000.381 (winmain(wmbla).070730-1740)]
QQ.exe ["F:\QQ\QQ.exe" ] [TENCENT,7,1,576,1763]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
TXPlatform.exe ["F:\QQ\TXPlatform.exe" -Embedding] [Tencent,1, 0, 170, 0]
DllHost.exe [C:\WINDOWS\system32\DllHost.exe /Processid:{EC093C58-82F3-4A03-BBCB-B14349475815}] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\江民杀毒\JiangMin\common\ComUI.dll] [Jiangmin Co,.Ltd,1, 0, 7, 112]
[E:\江民杀毒\JiangMin\common\ComUIPS.dll] [Jiangmin Co.Ltd,1.0.0.808]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd.,1, 0, 7, 226]
[E:\江民杀毒\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd,1, 0, 7, 626]
[E:\江民杀毒\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd.,7, 1, 0, 200]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
QQ.exe ["F:\QQ\QQ.exe" ] [TENCENT,7,1,576,1763]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
iexplore.exe ["C:\Program Files\Internet Explorer\iexplore.exe" ] [Microsoft Corporation,6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation,6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
[E:\江民杀毒\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd,1, 0, 7, 806]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd.,1, 0, 7, 226]
[E:\江民杀毒\JiangMin\AntiVirus\lang\kvxp0804.lng] [,]
[E:\江民杀毒\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd,1, 0, 7, 626]
[E:\江民杀毒\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd.,7, 1, 0, 200]
KVSysCheck34.exe ["F:\三少扫描\KVSysCheck34.exe" ] [Jiangmin Co., Ltd.,1, 0, 7, 905]
[F:\三少扫描\KVSysCheck34.exe] [Jiangmin Co., Ltd.,1, 0, 7, 905]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd.,1, 0, 7, 226]
[C:\WINDOWS\system32\KVInstall.dll] [Jiangmin Co.,Ltd,2, 0, 7, 831]
[C:\DOCUME~1\Owner\LOCALS~1\Temp\SysCheck.dll] [Jiangmin Co., Ltd.,1, 0, 7, 827]
[C:\DOCUME~1\Owner\LOCALS~1\Temp\KvDetect.dll] [Jiangmin Co.Ltd,1, 0, 7, 718]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc.,2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [,]
[F:\热带鱼水族屏保\SogouInput\Plugin\SgImeWord.dll] [,1, 0, 0, 31]
[E:\江民杀毒\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd,1, 0, 7, 626]
[E:\江民杀毒\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd.,7, 1, 0, 200]
[E:\江民杀毒\JiangMin\common\KregTrust.dll] [Jiangmin Co.,10, 0, 6, 812]
[E:\江民杀毒\JiangMin\common\KvTools.dll] [Jiangmin Co. Ltd.,1, 0, 7, 323]
[E:\江民杀毒\JiangMin\common\IsysCall.dll] [Jiangmin Co., Ltd.,1, 0, 7, 326]
[E:\江民杀毒\JiangMin\AntiVirus\KsProtect.dll] [Jiangmin Co. Ltd.,1, 0, 7, 326]
[E:\江民杀毒\JiangMin\AntiVirus\IsysMon.dll] [Jiangmin Co., Ltd.,1, 0, 7, 301]
==================================================
启动项列表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\run]
[IMJPMIG8.1] ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] [Microsoft Corporation,]
[IgfxTray] [C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation,]
[HotKeysCmds] [C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation,]
[KVMON] [E:\江民杀毒\JiangMin\AntiVirus\KVMonXP.kxp] [Jiangmin Co.Ltd,]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\run]
[ctfmon.exe] [C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation,]
[updateMgr] [F:\AdobeAcrobatReaderv7.0简体中文版\Reader\AdobeUpdateManager.exe AcRdB7_0_9] [,]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
[Shell] [Explorer.exe] [,]
[UIHost] [logonui.exe] [,]
[Userinit] [C:\WINDOWS\system32\userinit.exe,] [,]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
[auto.exe] [AUTOGUARDER GUARDED.] [,]
[Your Image File Name Here without a path] [ntsd -d] [,]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[crypt32chain] [crypt32.dll] [,]
[cryptnet] [cryptnet.dll] [,]
[cscdll] [cscdll.dll] [,]
[igfxcui] [igfxsrvc.dll] [,]
[ScCertProp] [wlnotify.dll] [,]
[Schedule] [wlnotify.dll] [,]
[sclgntfy] [sclgntfy.dll] [,]
[SensLogn] [WlNotify.dll] [,]
[termsrv] [wlnotify.dll] [,]
[wlballoon] [wlnotify.dll] [,]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute]
[BootExecute] [autocheck autochk *] [Microsoft Corporation,]
[BootExecute] [KvNative.exe] [Jiangmin Co., Ltd.,]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs]
[advapi32] [advapi32.dll] [Microsoft Corporation,]
[comdlg32] [comdlg32.dll] [Microsoft Corporation,]
[gdi32] [gdi32.dll] [Microsoft Corporation,]
[imagehlp] [imagehlp.dll] [Microsoft Corporation,]
[kernel32] [kernel32.dll] [Microsoft Corporation,]
[lz32] [lz32.dll] [Microsoft Corporation,]
[ole32] [ole32.dll] [Microsoft Corporation,]
[oleaut32] [oleaut32.dll] [Microsoft Corporation,]
[olecli32] [olecli32.dll] [Microsoft Corporation,]
[olecnv32] [olecnv32.dll] [Microsoft Corporation,]
[olesvr32] [olesvr32.dll] [Microsoft Corporation,]
[olethk32] [olethk32.dll] [Microsoft Corporation,]
[rpcrt4] [rpcrt4.dll] [Microsoft Corporation,]
[shell32] [shell32.dll] [Microsoft Corporation,]
[url] [url.dll] [Microsoft Corporation,]
[urlmon] [urlmon.dll] [Microsoft Corporation,]
[user32] [user32.dll] [Microsoft Corporation,]
[version] [version.dll] [Microsoft Corporation,]
[wininet] [wininet.dll] [Microsoft Corporation,]
[wldap32] [wldap32.dll] [Microsoft Corporation,]
==================================================
服务项列表
AppMgmt WIN32 SHARE PROCESS DEMAND START STOPPED
[C:\WINDOWS\system32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\appmgmts.dll] [,]
aspnet_state WIN32 OWN PROCESS DEMAND START STOPPED
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe] [Microsoft Corporation,]
C-DillaCdaC11BA WIN32 OWN PROCESS AUTO START RUNNING
[C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision,]
ccosm WIN32 OWN PROCESS AUTO START RUNNING
[C:\Program Files\StormII\stormliv.exe /asservice] [北京暴风网际科技有限公司,]
HidServ WIN32 SHARE PROCESS DISABLED STOPPED
[C:\WINDOWS\System32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\hidserv.dll] [,]
KVSrvXP WIN32 OWN PROCESS AUTO START RUNNING
[E:\江民杀毒\JiangMin\AntiVirus\kvsrvxp.exe /Service] [Jiangmin Co., Ltd.,]
KVWSC WIN32 OWN PROCESS AUTO START RUNNING
["E:\江民杀毒\JiangMin\AntiVirus\KVWSC.exe"] [Jiangmin Co.,Ltd,]
==================================================
驱动列表
aeaudio KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\aeaudio.sys] [Andrea Electronics Corporation,]
BsDeamon KERNEL DRIVER SYSTEM START None
[E:\江民杀毒\JiangMin\ANTIVI~1\BsDeamon.sys] [Jiangmin Co.,Ltd.,]
CdaC15BA KERNEL DRIVER AUTO START None
[C:\WINDOWS\system32\drivers\CdaC15BA.SYS] [Macrovision Europe Ltd,]
HdFw_slot KERNEL DRIVER DEMAND START None
[E:\江民杀毒\JiangMin\KVFW\HdFw.sys] [Jiangmin Co., Ltd.,]
KAnalyser KERNEL DRIVER SYSTEM START Boot File System
[E:\江民杀毒\JiangMin\ANTIVI~1\KANALY~1.SYS] [Jiangmin Co.,Ltd.,]
KRegEx KERNEL DRIVER SYSTEM START None
[E:\江民杀毒\JiangMin\ANTIVI~1\KRegEx.sys] [Jiangmin Co. Ltd.,]
KSysCall KERNEL DRIVER SYSTEM START System Bus Extender
[E:\江民杀毒\JiangMin\common\KSysCall.sys] [Jiangmin Co., Ltd.,]
KSysFilter KERNEL DRIVER BOOT START KSysFilter
[C:\WINDOWS\System32\Drivers\KSysFilt.sys] [Jiangmin Co. Ltd.,]
KVDP FILESYSTEM DRIVER DEMAND START None
[E:\江民杀毒\JiangMin\AntiVirus\KVDP.sys] [Jiangmin Co., Ltd.,]
KVREDIR KERNEL DRIVER SYSTEM START PNP_TDI
[E:\江民杀毒\JiangMin\AntiVirus\KVREDIR.sys] [Jiangmin Co., Ltd.,]
smwdm KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\smwdm.sys] [Analog Devices, Inc.,]
******************************** Not found file ********************************
Abiosdsk KERNEL DRIVER DISABLED Primary disk
[C:\WINDOWS\system32\drivers\Abiosdsk.sys] [,]
abp480n5 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\abp480n5.sys] [,]
adpu160m KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\adpu160m.sys] [,]
Aha154x KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\Aha154x.sys] [,]
aic78u2 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\aic78u2.sys] [,]
aic78xx KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\aic78xx.sys] [,]
AliIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\AliIde.sys] [,]
amsint KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\amsint.sys] [,]
asc KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\asc.sys] [,]
asc3350p KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\asc3350p.sys] [,]
asc3550 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\asc3550.sys] [,]
Atdisk KERNEL DRIVER DISABLED Primary disk
[C:\WINDOWS\system32\drivers\Atdisk.sys] [,]
cd20xrnt KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\cd20xrnt.sys] [,]
Changer KERNEL DRIVER SYSTEM START Filter
[C:\WINDOWS\system32\drivers\Changer.sys] [,]
CmdIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\CmdIde.sys] [,]
Cpqarray KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\Cpqarray.sys] [,]
dac2w2k KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\dac2w2k.sys] [,]
dac960nt KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\dac960nt.sys] [,]
dpti2o KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\dpti2o.sys] [,]
EverestDriver KERNEL DRIVER DEMAND START None
[G:\系统\everest\kerneld.wnt] [,]
hpn KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\hpn.sys] [,]
i2omgmt KERNEL DRIVER SYSTEM START SCSI Class
[C:\WINDOWS\system32\drivers\i2omgmt.sys] [,]
i2omp KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\i2omp.sys] [,]
ini910u KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ini910u.sys] [,]
lbrtfdc KERNEL DRIVER SYSTEM START System Bus Extender
[C:\WINDOWS\system32\drivers\lbrtfdc.sys] [,]
mraid35x KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\mraid35x.sys] [,]
PCIDump KERNEL DRIVER SYSTEM START PCI Configuration
[C:\WINDOWS\system32\drivers\PCIDump.sys] [,]
PDCOMP KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\PDCOMP.sys] [,]
PDFRAME KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\PDFRAME.sys] [,]
PDRELI KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\PDRELI.sys] [,]
PDRFRAME KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\PDRFRAME.sys] [,]
perc2 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\perc2.sys] [,]
perc2hib KERNEL DRIVER DISABLED Filter
[C:\WINDOWS\system32\drivers\perc2hib.sys] [,]
ql1080 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ql1080.sys] [,]
Ql10wnt KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\Ql10wnt.sys] [,]
ql12160 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ql12160.sys] [,]
ql1240 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ql1240.sys] [,]
ql1280 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ql1280.sys] [,]
Simbad KERNEL DRIVER DISABLED Filter
[C:\WINDOWS\system32\drivers\Simbad.sys] [,]
Sparrow KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\Sparrow.sys] [,]
symc810 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\symc810.sys] [,]
symc8xx KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\symc8xx.sys] [,]
sym_hi KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\sym_hi.sys] [,]
sym_u3 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\sym_u3.sys] [,]
TosIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\TosIde.sys] [,]
ultra KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ultra.sys] [,]
ViaIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\ViaIde.sys] [,]
WDICA KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\WDICA.sys] [,]
==================================================
浏览器加载项列表
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[江民杀毒工具栏] [E:\江民杀毒\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd,1, 0, 7, 806] {B5A34A93-D538-43A7-8371-864CB6148D12}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
[BrowseHelper Class] [E:\江民杀毒\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd,1, 0, 7, 806] {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9}
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
[Microsoft Url 搜索挂接] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation,6.00.2900.3268 (xpsp_sp2_gdr.071206-1518)] {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
[每日提示(&T)] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation,6.00.2900.3268 (xpsp_sp2_gdr.071206-1518)] {4D5C8C25-D075-11d0-B416-00C04FB90376}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
[URL 执行挂钩] [shell32.dll] [Microsoft Corporation,6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] {AEB6717E-7E19-11d0-97EE-00C04FD91972}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
[Browseui 预加载程序] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation,6.00.2900.3268 (xpsp_sp2_gdr.071206-1518)] {438755C2-A8BA-11D1-B96B-00A0C90312E1}
[组件类别缓存程序] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation,6.00.2900.3268 (xpsp_sp2_gdr.071206-1518)] {8C7461EF-2B13-11d2-BE35-3078302C2030}
==================================================
文件关联信息
.txt txtfile C:\WINDOWS\notepad.exe %1
.exe exefile "%1" %*
.com comfile "%1" %*
.pif piffile "%1" %*
.reg regfile regedit.exe "%1"
.bat batfile "%1" %*
.scr AutoCADScriptFile "C:\WINDOWS\system32\notepad.exe" "%1"
.chm chm.file "hh.exe" %1
.hlp hlpfile %SystemRoot%\System32\winhlp32.exe %1
.ini inifile C:\WINDOWS\System32\NOTEPAD.EXE %1
.inf inffile %SystemRoot%\System32\NOTEPAD.EXE %1
.vbs VBSFile %SystemRoot%\System32\WScript.exe "%1" %*
.js JSFile %SystemRoot%\System32\WScript.exe "%1" %*
.lnk lnkfile {00021401-0000-0000-C000-000000000046}
==================================================
Winsock服务提供者信息
000000000001 C:\WINDOWS\system32\mswsock.dll
000000000002 C:\WINDOWS\system32\mswsock.dll
000000000003 C:\WINDOWS\system32\mswsock.dll
000000000004 C:\WINDOWS\system32\rsvpsp.dll
000000000005 C:\WINDOWS\system32\rsvpsp.dll
000000000006 C:\WINDOWS\system32\mswsock.dll
000000000007 C:\WINDOWS\system32\mswsock.dll
000000000008 C:\WINDOWS\system32\mswsock.dll
000000000009 C:\WINDOWS\system32\mswsock.dll
000000000010 C:\WINDOWS\system32\mswsock.dll
000000000011 C:\WINDOWS\system32\mswsock.dll
000000000012 C:\WINDOWS\system32\mswsock.dll
000000000013 C:\WINDOWS\system32\mswsock.dll
000000000014 C:\WINDOWS\system32\mswsock.dll
000000000015 C:\WINDOWS\system32\mswsock.dll
==================================================
自动播放文件
==================================================
隐藏文件列表
C:\WINDOWS\Drivers\Intel\Graphics\hkcmd.ZMX
C:\WINDOWS\Drivers\Intel\Graphics\igfxcfg.ZMX
C:\WINDOWS\Drivers\Intel\Graphics\igfxdiag.ZMX
C:\WINDOWS\Drivers\Intel\Graphics\igfxext.ZMX
C:\WINDOWS\Drivers\Intel\Graphics\igfxtray.ZMX
C:\Documents and Settings\All Users\Application Data\Jiangmin\Temp\hkcmd.ZMX.txd
C:\Documents and Settings\All Users\Application Data\Jiangmin\Temp\igfxcfg.ZMX.txd
C:\Documents and Settings\All Users\Application Data\Jiangmin\Temp\igfxdiag.ZMX.txd
C:\Documents and Settings\All Users\Application Data\Jiangmin\Temp\igfxext.ZMX.txd
C:\Documents and Settings\All Users\Application Data\Jiangmin\Temp\igfxtray.ZMX.txd
C:\Documents and Settings\All Users\Application Data\Jiangmin\Temp\Setup.exe.txd
C:\Program Files\Autodesk\Autodesk Express Viewer\Setup.exe
C:\AutoRun.inf\AntiAutoRun.\abc123666555.txt
==================================================
隐藏注册表列表 |
|
金生缘珠宝网店
http://shop35009280.taobao.com
大姐,你就这样给孩
青州市天硕幼儿园部
青州公安对跨境网络
大家都来避坑水果街
丰田凯美瑞这么吓人
店铺转让
发表于 2008-3-9 10:13:52
楼主
