|
|
计算机反病毒论坛诊断报告 V1.0.7.620
诊断时间: 2008-09-21 10:09:50
处理器(CPU): Intel(R) Celeron(R) CPU 420 @ 1.60GHz
物理内存: 0.99 GB
操作系统: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
IE版本: Internet Explorer V6.0.2900.2180
以上数据请复制后在论坛上发表,论坛地址为:
计算机反病毒论坛-www.hackpro.cn
==================================================
进程和模块列表
smss.exe [\SystemRoot\System32\smss.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\SystemRoot\System32\smss.exe] [,]
csrss.exe [C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\??\C:\WINDOWS\system32\csrss.exe] [,]
winlogon.exe [winlogon.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\??\C:\WINDOWS\system32\winlogon.exe] [,]
services.exe [C:\WINDOWS\system32\services.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SCESRV.dll] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
lsass.exe [C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\LSASRV.dll] [Microsoft Corporation,5.1.2600.3249 (xpsp_sp2_gdr.071106-1716)]
svchost.exe [C:\WINDOWS\system32\svchost -k DcomLaunch] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
svchost.exe [C:\WINDOWS\system32\svchost -k rpcss] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
svchost.exe [C:\WINDOWS\System32\svchost.exe -k netsvcs] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
svchost.exe [C:\WINDOWS\system32\svchost.exe -k NetworkService] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
svchost.exe [C:\WINDOWS\system32\svchost.exe -k LocalService] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
KWatch.EXE ["C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"] [Kingsoft Corporation,2008,07,03,444]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation,8.00.50727.762]
[C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAEPlat.DLL] [Kingsoft Corporation,2007,12,25,56]
[C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAEPlatA.DLL] [Kingsoft Corporation,2007,12,25,56]
[C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAESgnLd.DLL] [Kingsoft Corporation,2008,06,20,7]
[C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAEOLEA.DAT] [Kingsoft Corporation,2007,12,25,56]
[C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAEntryA.DAT] [Kingsoft Corporation,2007,12,25,56]
[C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAEUnpack.DAT] [Kingsoft Corporation,2008,08,26,264]
[C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KARchive.DAT] [Kingsoft Corporation,2007,12,25,56]
[C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KUnpaMgr.DAT] [Kingsoft Corporation,2007,12,25,56]
spoolsv.exe [C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation,5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\SPOOLSS.DLL] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\CNAB4LMK.DLL] [CANON INC.,1.02.0.004]
[C:\WINDOWS\system32\CNAB4SMK.DLL] [CANON INC.,1.02.0.004]
[C:\WINDOWS\system32\CNAB4PTU.DLL] [CANON INC.,1.02.0.004]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll] [Microsoft Corporation,6.0.5824.16384 (winmain(wmbla).060911-0725)]
CDAC11BA.EXE [C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision,4.20.020]
[C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision,4.20.020]
stormliv.exe [E:\暴风影音\stormliv.exe /asservice] [北京暴风网际科技有限公司,3, 8, 3, 15]
[E:\暴风影音\MSVCP60.dll] [Microsoft Corporation,6.02.3104.0]
KISSvc.EXE ["C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE"] [Kingsoft Corporation,2008,04,22,364]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation,8.00.50727.762]
SearchIndexer.exe [C:\WINDOWS\system32\SearchIndexer.exe /Embedding] [Microsoft Corporation,6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\TQUERY.DLL] [Microsoft Corporation,6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
wscntfy.exe [C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
alg.exe [C:\WINDOWS\System32\alg.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
Explorer.EXE [C:\WINDOWS\Explorer.EXE] [Microsoft Corporation,6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc.,9.0.0.0]
KAVStart.exe ["C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup] [Kingsoft Corporation,2008,09,12,613]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation,8.00.50727.762]
hkcmd.exe ["C:\WINDOWS\system32\hkcmd.exe" ] [Intel Corporation,6.14.10.4820]
igfxpers.exe ["C:\WINDOWS\system32\igfxpers.exe" ] [Intel Corporation,6.14.10.4820]
smax4pnp.exe ["C:\Program Files\Analog Devices\Core\smax4pnp.exe" ] [Analog Devices, Inc.,6,0,6000,82]
[C:\Program Files\Analog Devices\Core\SMWDMIF.dll] [Analog Devices, Inc.,6, 0, 6000, 007]
igfxsrvc.exe [C:\WINDOWS\system32\igfxsrvc.exe -Embedding] [Intel Corporation,6.14.10.4820]
Smax4.exe ["C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray] [Analog Devices, Inc.,5, 2, 0, 44]
[C:\Program Files\Analog Devices\SoundMAX\Smax4.exe] [Analog Devices, Inc.,5, 2, 0, 44]
ctfmon.exe ["C:\WINDOWS\system32\ctfmon.exe" ] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
swBOEngine.exe ["E:\solidworks\swScheduler\swBOEngine.exe" ] [Dassault Systemes,16.0.0.9034]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation,8.00.50727.762]
CNAB4RPK.EXE [C:\WINDOWS\system32\CNAB4RPK.EXE] [CANON INC.,1.02.0.004]
[C:\WINDOWS\system32\CNAB4RPK.EXE] [CANON INC.,1.02.0.004]
QQ.exe ["F:\QQ\QQ.exe" ] [TENCENT,8,0,777,1805]
[F:\QQ\gdiplus.dll] [Microsoft Corporation,5.1.3102.3352 (xpsp_sp2_qfe.080415-1302)]
TXPlatform.exe ["F:\QQ\TXPlatform.exe" -Embedding] [Tencent,1, 0, 170, 0]
iexplore.exe ["C:\Program Files\Internet Explorer\iexplore.exe" ] [Microsoft Corporation,6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation,6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation,8.00.50727.762]
[E:\迅雷组件\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD,1, 0, 0, 20]
[E:\迅雷组件\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD,1, 0, 0, 16]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation,8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation,8.00.50727.762]
KVSysCheck36.exe ["F:\三少扫描\KVSysCheck36.exe" ] [Jiangmin Co., Ltd.,1, 0, 7, 905]
[F:\三少扫描\KVSysCheck36.exe] [Jiangmin Co., Ltd.,1, 0, 7, 905]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SysCheck.dll] [Jiangmin Co., Ltd.,1, 0, 7, 827]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\KvDetect.dll] [Jiangmin Co.Ltd,1, 0, 7, 718]
wmiprvse.exe [C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation,5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
==================================================
启动项列表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\run]
[IMJPMIG8.1] ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] [Microsoft Corporation,]
[PHIME2002ASync] [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC] [Microsoft Corporation,]
[PHIME2002A] [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName] [Microsoft Corporation,]
[IMSCMig] [C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload] [Microsoft Corporation,]
[KavStart] ["C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup] [Kingsoft Corporation,]
[IgfxTray] [C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation,]
[HotKeysCmds] [C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation,]
[Persistence] [C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation,]
[SoundMAXPnP] [C:\Program Files\Analog Devices\Core\smax4pnp.exe] [Analog Devices, Inc.,]
[SoundMAX] ["C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray] [Analog Devices, Inc.,]
[Adobe Reader Speed Launcher] ["E:\PDF\9.0升级版本\Reader\Reader_sl.exe"] [Adobe Systems Incorporated,]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\run]
[ctfmon.exe] [C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation,]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
[Shell] [Explorer.exe] [,]
[UIHost] [logonui.exe] [,]
[Userinit] [C:\WINDOWS\system32\userinit.exe] [,]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
[Your Image File Name Here without a path] [ntsd -d] [,]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[crypt32chain] [crypt32.dll] [,]
[cryptnet] [cryptnet.dll] [,]
[cscdll] [cscdll.dll] [,]
[igfxcui] [igfxdev.dll] [,]
[ScCertProp] [wlnotify.dll] [,]
[Schedule] [wlnotify.dll] [,]
[sclgntfy] [sclgntfy.dll] [,]
[SensLogn] [WlNotify.dll] [,]
[termsrv] [wlnotify.dll] [,]
[wlballoon] [wlnotify.dll] [,]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute]
[BootExecute] [autocheck autochk *] [Microsoft Corporation,]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs]
[advapi32] [advapi32.dll] [Microsoft Corporation,]
[comdlg32] [comdlg32.dll] [Microsoft Corporation,]
[gdi32] [gdi32.dll] [Microsoft Corporation,]
[imagehlp] [imagehlp.dll] [Microsoft Corporation,]
[kernel32] [kernel32.dll] [Microsoft Corporation,]
[lz32] [lz32.dll] [Microsoft Corporation,]
[ole32] [ole32.dll] [Microsoft Corporation,]
[oleaut32] [oleaut32.dll] [Microsoft Corporation,]
[olecli32] [olecli32.dll] [Microsoft Corporation,]
[olecnv32] [olecnv32.dll] [Microsoft Corporation,]
[olesvr32] [olesvr32.dll] [Microsoft Corporation,]
[olethk32] [olethk32.dll] [Microsoft Corporation,]
[rpcrt4] [rpcrt4.dll] [Microsoft Corporation,]
[shell32] [shell32.dll] [Microsoft Corporation,]
[url.dll] [Microsoft Corporation,]
[urlmon] [urlmon.dll] [Microsoft Corporation,]
[user32] [user32.dll] [Microsoft Corporation,]
[version] [version.dll] [Microsoft Corporation,]
[wininet] [wininet.dll] [Microsoft Corporation,]
[wldap32] [wldap32.dll] [Microsoft Corporation,]
==================================================
服务项列表
C-DillaCdaC11BA WIN32 OWN PROCESS AUTO START RUNNING
[C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision,]
HidServ WIN32 SHARE PROCESS DISABLED STOPPED
[C:\WINDOWS\System32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\hidserv.dll] [,]
idsvc WIN32 SHARE PROCESS DEMAND START STOPPED
["C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"] [Microsoft Corporation,]
NetTcpPortSharing WIN32 SHARE PROCESS DISABLED STOPPED
["C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" -- ] [,]
SolidWorks Licensing Service WIN32 OWN PROCESS DEMAND START STOPPED
["C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe"] [SolidWorks,]
==================================================
驱动列表
CdaC15BA KERNEL DRIVER AUTO START None
[C:\WINDOWS\system32\drivers\CDAC15BA.SYS] [Macrovision Europe Ltd,]
Tcpip KERNEL DRIVER SYSTEM START PNP_TDI
[C:\WINDOWS\system32\DRIVERS\tcpip.sys] [Microsoft Corporation,]
******************************** Not found file ********************************
Abiosdsk KERNEL DRIVER DISABLED Primary disk
[C:\WINDOWS\system32\drivers\Abiosdsk.sys] [,]
abp480n5 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\abp480n5.sys] [,]
adpu160m KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\adpu160m.sys] [,]
Aha154x KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\Aha154x.sys] [,]
aic78u2 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\aic78u2.sys] [,]
aic78xx KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\aic78xx.sys] [,]
AliIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\AliIde.sys] [,]
amsint KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\amsint.sys] [,]
asc KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\asc.sys] [,]
asc3350p KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\asc3350p.sys] [,]
asc3550 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\asc3550.sys] [,]
Atdisk KERNEL DRIVER DISABLED Primary disk
[C:\WINDOWS\system32\drivers\Atdisk.sys] [,]
cd20xrnt KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\cd20xrnt.sys] [,]
Changer KERNEL DRIVER SYSTEM START Filter
[C:\WINDOWS\system32\drivers\Changer.sys] [,]
CmdIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\CmdIde.sys] [,]
Cpqarray KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\Cpqarray.sys] [,]
dac2w2k KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\dac2w2k.sys] [,]
dac960nt KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\dac960nt.sys] [,]
dpti2o KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\dpti2o.sys] [,]
hpn KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\hpn.sys] [,]
i2omgmt KERNEL DRIVER SYSTEM START SCSI Class
[C:\WINDOWS\system32\drivers\i2omgmt.sys] [,]
i2omp KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\i2omp.sys] [,]
ini910u KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ini910u.sys] [,]
IntelIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\IntelIde.sys] [,]
KSysCall KERNEL DRIVER SYSTEM START None
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\KSysCall.sys] [,]
lbrtfdc KERNEL DRIVER SYSTEM START System Bus Extender
[C:\WINDOWS\system32\drivers\lbrtfdc.sys] [,]
mraid35x KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\mraid35x.sys] [,]
PCIDump KERNEL DRIVER SYSTEM START PCI Configuration
[C:\WINDOWS\system32\drivers\PCIDump.sys] [,]
PDCOMP KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\PDCOMP.sys] [,]
PDFRAME KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\PDFRAME.sys] [,]
PDRELI KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\PDRELI.sys] [,]
PDRFRAME KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\PDRFRAME.sys] [,]
perc2 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\perc2.sys] [,]
perc2hib KERNEL DRIVER DISABLED Filter
[C:\WINDOWS\system32\drivers\perc2hib.sys] [,]
ql1080 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ql1080.sys] [,]
Ql10wnt KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\Ql10wnt.sys] [,]
ql12160 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ql12160.sys] [,]
ql1240 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ql1240.sys] [,]
ql1280 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ql1280.sys] [,]
Simbad KERNEL DRIVER DISABLED Filter
[C:\WINDOWS\system32\drivers\Simbad.sys] [,]
Sparrow KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\Sparrow.sys] [,]
symc810 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\symc810.sys] [,]
symc8xx KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\symc8xx.sys] [,]
sym_hi KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\sym_hi.sys] [,]
sym_u3 KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\sym_u3.sys] [,]
TosIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\TosIde.sys] [,]
ultra KERNEL DRIVER DISABLED SCSI miniport
[C:\WINDOWS\system32\drivers\ultra.sys] [,]
ViaIde KERNEL DRIVER DISABLED System Bus Extender
[C:\WINDOWS\system32\drivers\ViaIde.sys] [,]
WDICA KERNEL DRIVER DEMAND START None
[C:\WINDOWS\system32\drivers\WDICA.sys] [,]
==================================================
浏览器加载项列表
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
[启动迅雷5] [E:\迅雷组件\Thunder.exe] [Thunder Networking Technologies,LTD,5, 6, 8, 19] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436}
[金山网页防挂马模块设置] [E:\迅雷组件\Thunder.exe] [Thunder Networking Technologies,LTD,5, 6, 8, 19] {3AECD3C1-7085-4731-96DC-47B6CF7EF749}
[联想] [[url]http://www.lenovo.com] [,] {6096E38F-5AC1-4391-8EC4-75DFA92FB32F}
[信息检索] [http://www.lenovo.com] [,] {92780B25-18CC-41C8-B9BE-3C9C571A8263}
[Messenger] [C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation,4.7.3000] {FB5F1910-F110-11d2-BB9E-00C04F795683}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
[ThunderAtOnce Class] [E:\迅雷组件\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD,1.0.5.29] {01443AEC-0FD1-40fd-9C87-E93D1494C233}
[Adobe PDF Link Helper] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll] [Adobe Systems Incorporated,9.0.0.2008061100] {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
[Thunder Browser Helper] [E:\迅雷组件\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD,5, 0, 8, 96] {889D2FEB-5411-4565-8998-1DD2C5261283}
[kingsoft browser shield] [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation,2008,06,06,396] {D963BE1A-6B35-47DB-B002-49FAE71D85CC}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
[使用迅雷下载] [E:\迅雷组件\Program\geturl.htm] [,] {D963BE1A-6B35-47DB-B002-49FAE71D85CC}
[使用迅雷下载全部链接] [E:\迅雷组件\Program\getallurl.htm] [,] {D963BE1A-6B35-47DB-B002-49FAE71D85CC}
[导出到 Microsoft Office Excel(&X)] [res://E:\OFFICE~1\OFFICE11\EXCEL.EXE/3000] [,] {D963BE1A-6B35-47DB-B002-49FAE71D85CC}
[添加到QQ表情] [F:\QQ\AddEmotion.htm] [,] {D963BE1A-6B35-47DB-B002-49FAE71D85CC}
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
[Microsoft Url 搜索挂接] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation,6.00.2900.3395 (xpsp_sp2_gdr.080623-1307)] {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
[每日提示(&T)] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation,6.00.2900.3395 (xpsp_sp2_gdr.080623-1307)] {4D5C8C25-D075-11d0-B416-00C04FB90376}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
[URL 执行挂钩] [shell32.dll] [Microsoft Corporation,6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] {AEB6717E-7E19-11d0-97EE-00C04FD91972}
[Windows Desktop Search Namespace Manager] [C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll] [Microsoft Corporation,6.0.6000.16431 (vista_gdr(wmbla).070205-1422)] {56F9679E-7826-4C84-81F3-532071A8BCC5}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
[Browseui 预加载程序] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation,6.00.2900.3395 (xpsp_sp2_gdr.080623-1307)] {438755C2-A8BA-11D1-B96B-00A0C90312E1}
[组件类别缓存程序] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation,6.00.2900.3395 (xpsp_sp2_gdr.080623-1307)] {8C7461EF-2B13-11d2-BE35-3078302C2030}
==================================================
文件关联信息
.txt txtfile %SystemRoot%\system32\NOTEPAD.EXE %1
.exe exefile "%1" %*
.com comfile "%1" %*
.pif piffile "%1" %*
.reg regfile regedit.exe "%1"
.bat batfile "%1" %*
.scr scrfile "%1" /S
.chm chm.file "hh.exe" %1
.hlp hlpfile winhlp32.exe %1
.ini inifile %SystemRoot%\System32\NOTEPAD.EXE %1
.inf inffile %SystemRoot%\System32\NOTEPAD.EXE %1
.vbs VBSFile %SystemRoot%\System32\WScript.exe "%1" %*
.js JSFile %SystemRoot%\System32\WScript.exe "%1" %*
.lnk lnkfile {00021401-0000-0000-C000-000000000046}
==================================================
Winsock服务提供者信息
000000000001 C:\WINDOWS\system32\mswsock.dll
000000000002 C:\WINDOWS\system32\mswsock.dll
000000000003 C:\WINDOWS\system32\mswsock.dll
000000000004 C:\WINDOWS\system32\rsvpsp.dll
000000000005 C:\WINDOWS\system32\rsvpsp.dll
000000000006 C:\WINDOWS\system32\mswsock.dll
000000000007 C:\WINDOWS\system32\mswsock.dll
000000000008 C:\WINDOWS\system32\mswsock.dll
000000000009 C:\WINDOWS\system32\mswsock.dll
000000000010 C:\WINDOWS\system32\mswsock.dll
000000000011 C:\WINDOWS\system32\mswsock.dll
000000000012 C:\WINDOWS\system32\mswsock.dll
000000000013 C:\WINDOWS\system32\mswsock.dll
000000000014 C:\WINDOWS\system32\mswsock.dll
000000000015 C:\WINDOWS\system32\mswsock.dll
000000000016 C:\WINDOWS\system32\mswsock.dll
000000000017 C:\WINDOWS\system32\mswsock.dll
000000000018 C:\WINDOWS\system32\mswsock.dll
000000000019 C:\WINDOWS\system32\mswsock.dll
000000000020 C:\WINDOWS\system32\mswsock.dll
000000000021 C:\WINDOWS\system32\mswsock.dll
000000000022 C:\WINDOWS\system32\mswsock.dll
==================================================
自动播放文件
==================================================
隐藏文件列表
C:\NTBOOTDD.SYS
C:\Program Files\Autodesk\Autodesk Express Viewer\Setup.exe
==================================================
隐藏注册表列表 |
|
[/fly]
大姐,你就这样给孩
青州市天硕幼儿园部
青州公安对跨境网络
大家都来避坑水果街
丰田凯美瑞这么吓人
店铺转让
发表于 2008-9-21 10:27:13
楼主