返回列表 发帖
xiangjiaosa

Rank: 1

UID
336394 
帖子
185 
精华
威望
0  
阅读权限
100 
性别
男 
注册时间
2006-2-16 
1# 跳转到 » 倒序看帖
打印
tT
发表于 2007-9-14 20:16 | 显示全部帖子

..神仙哥哥.又中毒了.郁闷到家啦.............


昨天好了.今天又中毒了....当时我在玩网络游戏........毒就开始乱跳了.郁闷啦........继续发日志


  1. 2007-09-14,20:20:07

  3. System Repair Engineer 2.5.16.900
  4. Smallfrogs ([url]http://www.KZTechs.com[/url])

  6. Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

  8. 以下内容被选中:
  9.     所有的启动项目(包括注册表、启动文件夹、服务等)
  10.     浏览器加载项
  11.     正在运行的进程(包括进程模块信息)
  12.     文件关联
  13.     Winsock 提供者
  14.     Autorun.inf
  15.     HOSTS 文件
  16.     进程特权扫描


  19. 启动项目
  20. 注册表
  21. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  22.     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
  23.     <bgswitch><; C:\WINDOWS\system32\bgswitch.exe>  []
  24. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
  25.     <w><%SystemRoot%\WinRaR.exe>  [N/A]
  26.     <wm><%SystemRoot%\winlogor.exe>  [N/A]
  27.     <wl><%SystemRoot%\intent.exe>  [N/A]
  28.     <mm><%SystemRoot%\sourro.exe>  []
  29.     <zx><%SystemRoot%\winadr.exe>  [N/A]
  30.     <rx><%SystemRoot%\winnt.exe>  []
  31.     <aa><%SystemRoot%\SVchont.exe>  [N/A]
  32. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  33.     <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
  34.     <!AVG Anti-Spyware><; "F:\AVG\新建文件夹\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [(Verified)GRISOFT LTD]
  35. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
  36.     <RavRuneip><C:\WINDOWS\system32\RacvSvc.EXE bjsyntahov.dll,HFanMa>  [N/A]
  37. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  38.     <shell><Explorer.exe>  [(Verified)Tencent Technology(Shenzhen) Company Limited]
  39.     <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
  40. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  41.     <AppInit_DLLs><kaqhczy.dll>  []
  42. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  43.     <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
  44. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  45.     <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><F:\AVG\新建文件夹\AVG Anti-Spyware 7.5\shellexecutehook.dll>  [(Verified)GRISOFT LTD]
  46.     <{1D561258-45F3-A451-F908-A258458226D1}><C:\WINDOWS\system32\kvdxsama.dll>  [N/A]
  47.     <{1598FF45-DA60-F48A-BC43-10AC47853D51}><C:\WINDOWS\system32\rarjapi.dll>  [N/A]
  48.     <{134345F1-DACF-3452-CB7D-4620F34A1531}><>  [N/A]
  49.     <{2C87A354-ABC3-DEDE-FF33-3213FD7447C2}><C:\WINDOWS\system32\kvdxbma.dll>  []
  50.     <{5D83AD9C-3BFC-43F5-979D-2904DBC54A8E}><C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys>  []
  51.     <{3D47B341-43DF-4563-753F-345FFA3157D3}><C:\WINDOWS\system32\kvmxcma.dll>  []
  52.     <{1E32FA58-3453-FA2D-BC49-F340348ACCE1}><C:\WINDOWS\system32\rsmyapm.dll>  []
  53.     <{1960356A-458E-DE24-BD50-268F589A56A1}><C:\WINDOWS\system32\avwlamn.dll>  []
  54.     <{12FAACDE-34DA-CCD4-AB4D-DA34485A3421}><C:\WINDOWS\system32\rsjzapm.dll>  []
  55.     <{1859245F-345D-BC13-AC4F-145D47DA34F1}><C:\WINDOWS\system32\avzxamn.dll>  []
  56.     <{37D81718-1314-5200-2597-587901018073}><C:\WINDOWS\system32\kaqhczy.dll>  []
  57. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  58.     <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
  59. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
  60.     <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
  61. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
  62.     <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
  63. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
  64.     <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
  65. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
  66.     <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
  67. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
  68.     <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
  69. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
  70.     <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows XP Publisher]
  71. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
  72.     <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]

  74. ==================================
  75. 启动文件夹
  76. [QQ游戏启动加速程序]
  77.   <C:\Documents and Settings\jh1jcka\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> F:\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>

  79. ==================================
  80. 服务
  81. [Ati HotKey Poller / Ati HotKey Poller][Stopped/Auto Start]
  82.   <C:\WINDOWS\system32\Ati2evxx.exe><>
  83. [ATI Smart / ATI Smart][Stopped/Auto Start]
  84.   <C:\WINDOWS\system32\ati2sgag.exe><>
  85. [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Auto Start]
  86.   <F:\AVG\新建文件夹\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.>
  87. [DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
  88.   <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
  89. [Help and Support / helpsvc][Stopped/Auto Start]
  90.   <C:\WINDOWS\system32\inetres.exe-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><Microsoft Corporation>
  91. [Human Interface Device Access / HidServ][Stopped/Disabled]
  92.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  93. [Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
  94.   <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><>
  95. [Terminal Services / TermService][Running/Manual Start]
  96.   <C:\WINDOWS\System32\svchost -k DComLaunch-->%SystemRoot%\System32\termsrv.dll><Microsoft Corporation>
  97. [Windows Media Connect Service / WMConnectCDS][Stopped/Manual Start]
  98.   <C:\Program Files\Windows Media Connect 2\wmccds.exe><Microsoft Corporation>
  99. [Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
  100.   <C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>
  101. [KVSrvXP / KVSrvXP][Running/Auto Start]
  102.   <F:\江民\JiangMin\AntiVirus\kvsrvxp.exe /Service><Jiangmin Co., Ltd.>

  104. ==================================
  105. 驱动程序
  106. [54609 / 54609][Stopped/Manual Start]
  107.   <\??\C:\WINDOWS\system32\Drivers\54578.sys><Driver>
  108. [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  109.   <system32\drivers\ac97intc.sys><Intel Corporation>
  110. [ati2mtag / ati2mtag][Running/Manual Start]
  111.   <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
  112. [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  113.   <\??\F:\AVG\新建文件夹\AVG Anti-Spyware 7.5\guard.sys><N/A>
  114. [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  115.   <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
  116. [ BsDeamon Application - BsDeamon Application / BsDeamon][Running/System Start]
  117.   <\??\F:\江民\JiangMin\ANTIVI~1\BsDeamon.sys><Jiangmin Co., Ltd.>
  118. [KRegEx / KRegEx][Running/Auto Start]
  119.   <\??\F:\江民\JiangMin\antivirus\KRegEx.sys><Jiangmin Co. Ltd.>
  120. [KVFileGuard From Jiangmin / KVFileGuard][Running/Disabled]
  121.   <\??\F:\江民\JiangMin\AntiVirus\KVfg.sys><Jiangmin Co., Ltd.>
  122. [KVRedir From Jiangmin / KVRedir][Running/System Start]
  123.   <\??\F:\江民\JiangMin\AntiVirus\KVREDIR.SYS><Jiangmin Co., Ltd.>
  124. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  125.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  126. [Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver / rtl8029][Running/Manual Start]
  127.   <system32\DRIVERS\RTL8029.SYS><Realtek Semiconductor Corporation>
  128. [Secdrv / Secdrv][Stopped/Manual Start]
  129.   <system32\DRIVERS\secdrv.sys><N/A>
  130. [Jiangmin AntiVirus Software - System Guard / SysGuard][Running/Boot Start]
  131.   <\SystemRoot\system32\Drivers\SysGuard.sys><Jiangmin Co., Ltd.>
  132. [Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
  133.   <system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
  134. [Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
  135.   <system32\DRIVERS\wudfrd.sys><Microsoft Corporation>
  136. [Jiangmin Antivirus Software - SysCall Services / KSysCall][Running/System Start]
  137.   <\??\F:\江民\JiangMin\common\KSysCall.sys><Jiangmin Co.,  Ltd.>

  139. ==================================
  140. 浏览器加载项
  141. [ThunderAtOnce Class]
  142.   {01443AEC-0FD1-40fd-9C87-E93D1494C233} <F:\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
  143. [Thunder Browser Helper]
  144.   {80BF4636-D65B-43F3-BB60-C5DD3D5FB7B9} <F:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
  145. [BrowseHelper Class]
  146.   {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <F:\江民\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
  147. [RegisterHelper Class]
  148.   {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} <F:\江民\JiangMin\AntiVirus\UrlGuard.dll, Jiangmin Co., Ltd.>
  149. [启动迅雷5]
  150.   {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
  151. [番茄花园]
  152.   {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <[url]http://www.tomatolei.com[/url], N/A>
  153. [江民杀毒工具栏]
  154.   {B5A34A93-D538-43A7-8371-864CB6148D12} <F:\江民\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
  155. [ThunderAtOnce Class]
  156.   {01443AEC-0FD1-40FD-9C87-E93D1494C233} <F:\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
  157. [Thunder Agent Class]
  158.   {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <F:\迅雷\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
  159. [Thunder Browser Helper]
  160.   {80BF4636-D65B-43F3-BB60-C5DD3D5FB7B9} <F:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
  161. [BrowseHelper Class]
  162.   {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <F:\江民\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
  163. [360SafeLive]
  164.   {87515F61-A66C-4319-A0E0-D416CB8059E3} <F:\360\360safe\live.dll, 360safe.com>
  165. [Thunder Browser Helper]
  166.   {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
  167. [江民杀毒工具栏]
  168.   {B5A34A93-D538-43A7-8371-864CB6148D12} <F:\江民\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
  169. [RegisterHelper Class]
  170.   {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} <F:\江民\JiangMin\AntiVirus\UrlGuard.dll, Jiangmin Co., Ltd.>
  171. [使用迅雷下载]
  172.   <F:\迅雷\Program\geturl.htm, N/A>
  173. [使用迅雷下载全部链接]
  174.   <F:\迅雷\Program\getallurl.htm, N/A>

  176. ==================================
  177. 正在运行的进程
  178. [PID: 436 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  179. [PID: 492 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  180. [PID: 516 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  181.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  182. [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  183. [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  184. [PID: 744 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  185. [PID: 828 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  186. [PID: 896 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  187. [PID: 980 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  188. [PID: 1064 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  189. [PID: 1232 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
  190. [PID: 1320 / jh1jcka][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  191.     [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)]
  192.     [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)]
  193.     [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)]
  194.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  195.     [F:\江民\JiangMin\AntiVirus\KVshell.dll]  [Jiangmin Co.Ltd, 2, 0, 7, 905]
  196.     [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 717]
  197.     [C:\WINDOWS\system32\kvinstall.dll]  [Jiangmin Co.,Ltd, 2, 0, 7, 831]
  198.     [F:\江民\JiangMin\AntiVirus\lang\kvxp0804.lng]  [N/A, ]
  199.     [F:\江民\JiangMin\common\GUIEXT.DLL]  [Jiangmin Co.Ltd, 2, 0, 7, 828]
  200.     [F:\江民\JiangMin\common\lang\guiext0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
  201.     [F:\AVG\新建文件夹\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [GRISOFT s.r.o., 7, 5, 1, 36]
  202.     [F:\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.15]
  203.     [F:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 18]
  204.     [F:\rar\rarext.dll]  [N/A, ]
  205.     [F:\AVG\新建文件夹\AVG Anti-Spyware 7.5\context.dll]  [GRISOFT s.r.o., 7, 5, 1, 36]
  206.     [C:\WINDOWS\system32\kvdxbma.dll]  [N/A, ]
  207.     [C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys]  [N/A, ]
  208.     [C:\WINDOWS\system32\kvmxcma.dll]  [N/A, ]
  209.     [C:\WINDOWS\system32\rsmyapm.dll]  [N/A, ]
  210.     [C:\WINDOWS\video.dll]  [N/A, ]
  211.     [C:\WINDOWS\rx.dll]  [N/A, ]
  212.     [C:\WINDOWS\system32\avwlamn.dll]  [N/A, ]
  213.     [C:\WINDOWS\system32\rsjzapm.dll]  [N/A, ]
  214.     [C:\WINDOWS\system32\avzxamn.dll]  [N/A, ]
  215.     [C:\WINDOWS\system32\kaqhczy.dll]  [N/A, ]
  216.     [C:\Program Files\NetMeeting\ravwdmon.dat]  [N/A, ]
  217. [PID: 1516 / jh1jcka][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  [ATI Technologies, Inc., 6.14.10.5120]
  218.     [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  [ATI Technologies, Inc., 6.14.10.5120]
  219.     [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  [ATI Technologies, Inc., 6.14.10.5120]
  220.     [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  [ATI Technologies, Inc., 6.14.10.5120]
  221.     [C:\WINDOWS\system32\kvdxbma.dll]  [N/A, ]
  222.     [C:\WINDOWS\system32\rsmyapm.dll]  [N/A, ]
  223.     [C:\WINDOWS\system32\kvmxcma.dll]  [N/A, ]
  224.     [C:\WINDOWS\video.dll]  [N/A, ]
  225.     [C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys]  [N/A, ]
  226.     [C:\WINDOWS\system32\avwlamn.dll]  [N/A, ]
  227.     [C:\WINDOWS\rx.dll]  [N/A, ]
  228.     [C:\WINDOWS\system32\rsjzapm.dll]  [N/A, ]
  229.     [C:\WINDOWS\system32\avzxamn.dll]  [N/A, ]
  230.     [C:\WINDOWS\system32\kaqhczy.dll]  [N/A, ]
  231. [PID: 1540 / jh1jcka][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  232.     [C:\WINDOWS\system32\kvdxbma.dll]  [N/A, ]
  233.     [C:\WINDOWS\system32\rsmyapm.dll]  [N/A, ]
  234.     [C:\WINDOWS\system32\kvmxcma.dll]  [N/A, ]
  235.     [C:\WINDOWS\video.dll]  [N/A, ]
  236.     [C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys]  [N/A, ]
  237.     [C:\WINDOWS\system32\avwlamn.dll]  [N/A, ]
  238.     [C:\WINDOWS\rx.dll]  [N/A, ]
  239.     [C:\WINDOWS\system32\avzxamn.dll]  [N/A, ]
  240.     [C:\WINDOWS\system32\rsjzapm.dll]  [N/A, ]
  241.     [C:\WINDOWS\system32\kaqhczy.dll]  [N/A, ]
  242.     [C:\Program Files\NetMeeting\ravwdmon.dat]  [N/A, ]
  243. [PID: 1820 / SYSTEM][C:\WINDOWS\Explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  244.     [F:\AVG\新建文件夹\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [GRISOFT s.r.o., 7, 5, 1, 36]
  245.     [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)]
  246.     [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)]
  247.     [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)]
  248.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  249.     [F:\江民\JiangMin\AntiVirus\KVshell.dll]  [Jiangmin Co.Ltd, 2, 0, 7, 905]
  250.     [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 717]
  251.     [C:\WINDOWS\system32\kvinstall.dll]  [Jiangmin Co.,Ltd, 2, 0, 7, 831]
  252.     [F:\江民\JiangMin\AntiVirus\lang\kvxp0804.lng]  [N/A, ]
  253.     [F:\江民\JiangMin\common\GUIEXT.DLL]  [Jiangmin Co.Ltd, 2, 0, 7, 828]
  254.     [F:\江民\JiangMin\common\lang\guiext0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
  255.     [F:\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.15]
  256.     [F:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 18]
  257.     [F:\迅雷\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 11]
  258.     [F:\迅雷\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 12]
  259. [PID: 1408 / jh1jcka][F:\QQ\QQ.exe]  [TENCENT, 7,0,365,1701]
  260.     [F:\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,0,365,1701]
  261.     [F:\QQ\QQHelperDll.dll]  [TENCENT, 7,0,365,1701]
  262.     [F:\QQ\BasicCtrlDll.dll]  [TENCENT, 7,0,365,1701]
  263.     [F:\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
  264.     [F:\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
  265.     [F:\QQ\RICHED20.dll]  [Jiangmin Co., Ltd., 10, 0, 7, 720]
  266.     [F:\QQ\riched20_.dll]  [Microsoft Corporation, 5.31.23.1218]
  267.     [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 717]
  268.     [C:\WINDOWS\system32\kvinstall.dll]  [Jiangmin Co.,Ltd, 2, 0, 7, 831]
  269.     [F:\江民\JiangMin\antivirus\lang\JmIMProtect0804.lng]  [Jiangmin Co., Ltd., 10, 0, 7, 726]
  270.     [F:\QQ\QQAPI.dll]  [TENCENT, 7,0,365,1701]
  271.     [F:\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
  272.     [F:\QQ\LoginCtrl.dll]  [TENCENT, 7,0,365,1701]
  273.     [F:\QQ\LoginCtrlRes.dll]  [TENCENT, 7,0,365,1701]
  274.     [F:\QQ\QQRes.dll]  [TENCENT, 7,0,365,1701]
  275.     [F:\QQ\QQMainFrame.dll]  [N/A, ]
  276.     [F:\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
  277.     [F:\QQ\CQQApplication.dll]  [N/A, ]
  278.     [F:\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
  279.     [F:\QQ\NewSkin.dll]  [TENCENT, 7,0,365,1701]
  280.     [F:\QQ\HostingMgr.dll]  [TENCENT, 7,0,365,1701]
  281.     [F:\QQ\CameraDll.dll]  [TENCENT, 7,0,365,1701]
  282.     [F:\QQ\MailSummary.dll]  [TENCENT, 7,0,365,1701]
  283.     [F:\QQ\QQKnowledgeSearch.dll]  [TENCENT, 7,0,365,1701]
  284.     [F:\QQ\QQAllInOne.dll]  [TENCENT, 7,0,365,1701]
  285.     [F:\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
  286.     [F:\QQ\QQSpace.dll]  [TENCENT, 7,0,365,1701]
  287.     [F:\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
  288.     [C:\WINDOWS\system32\msdmo.dll]  [, ]
  289.     [F:\QQ\QQGroupMng.dll]  [TENCENT, 7,0,365,1701]
  290.     [F:\QQ\UserDefinedHead.dll]  [TENCENT, 7,0,365,1701]
  291.     [F:\QQ\QQPlugin.dll]  [N/A, ]
  292.     [F:\QQ\QQCustomFace.dll]  [N/A, ]
  293.     [F:\QQ\QQPet.dll]  [TENCENT, 7,0,365,1701]
  294.     [F:\QQ\QQSysMsgMng.dll]  [N/A, ]
  295.     [F:\QQ\QQConfigPlugin.dll]  [TENCENT, 7,0,365,1701]
  296.     [F:\QQ\QQAvatar.dll]  [N/A, ]
  297.     [F:\QQ\QRingMng.dll]  [N/A, ]
  298.     [F:\QQ\ImageOle.dll]  [TENCENT, 7,0,365,1701]
  299.     [F:\QQ\QQLiveQMng.dll]  [TENCENT, 7,0,365,1701]
  300.     [F:\QQ\QQMagicFace.dll]  [TENCENT, 7,0,365,1701]
  301.     [F:\QQ\QQSceneMng.dll]  [N/A, ]
  302.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  303.     [F:\QQ\LongConnection.dll]  [TENCENT, 7,0,365,1701]
  304.     [F:\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 320]
  305.     [F:\QQ\PhoneAPI.dll]  [TENCENT, 7,0,365,1701]
  306.     [F:\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
  307.     [F:\QQ\BQQApplication.dll]  [N/A, ]
  308.     [F:\QQ\CommercesMng.dll]  [TENCENT, 7,0,365,1701]
  309.     [F:\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
  310.     [F:\江民\JiangMin\AntiVirus\UrlGuard.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 913]
  311.     [F:\江民\JiangMin\Kernel\EngFace.dll]  [Jiangmin Co., Ltd., 2, 0, 7, 911]
  312.     [F:\江民\JiangMin\Kernel\UNACE.dll]  [N/A, ]
  313.     [F:\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 1, 9, 95]
  314.     [F:\QQ\GroupConnection.dll]  [TENCENT, 7,0,365,1701]
  315.     [F:\QQ\QQZip.dll]  [TENCENT, 7,0,365,1701]
  316.     [F:\QQ\QQFileTransfer.dll]  [TENCENT, 7,0,365,1701]
  317.     [C:\WINDOWS\system32\DirectX10.dll]  [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
  318.     [C:\WINDOWS\system32\kvdxbma.dll]  [N/A, ]
  319.     [C:\WINDOWS\system32\kvmxcma.dll]  [N/A, ]
  320.     [C:\WINDOWS\system32\rsmyapm.dll]  [N/A, ]
  321.     [C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys]  [N/A, ]
  322.     [C:\WINDOWS\video.dll]  [N/A, ]
  323.     [C:\WINDOWS\system32\avwlamn.dll]  [N/A, ]
  324.     [C:\WINDOWS\rx.dll]  [N/A, ]
  325.     [C:\WINDOWS\system32\rsjzapm.dll]  [N/A, ]
  326.     [C:\WINDOWS\system32\avzxamn.dll]  [N/A, ]
  327.     [C:\WINDOWS\system32\kaqhczy.dll]  [N/A, ]
  328.     [C:\Program Files\NetMeeting\ravwdmon.dat]  [N/A, ]
  329. [PID: 1952 / jh1jcka][F:\QQ\TIMPlatform.exe]  [TENCENT, 7,0,365,1701]
  330.     [F:\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
  331. [PID: 2792 / jh1jcka][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  332.     [C:\WINDOWS\system32\kvdxbma.dll]  [N/A, ]
  333.     [C:\WINDOWS\system32\kvmxcma.dll]  [N/A, ]
  334.     [C:\WINDOWS\system32\rsmyapm.dll]  [N/A, ]
  335.     [C:\WINDOWS\video.dll]  [N/A, ]
  336.     [C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys]  [N/A, ]
  337.     [C:\WINDOWS\system32\avwlamn.dll]  [N/A, ]
  338.     [C:\WINDOWS\rx.dll]  [N/A, ]
  339.     [C:\WINDOWS\system32\avzxamn.dll]  [N/A, ]
  340.     [C:\WINDOWS\system32\rsjzapm.dll]  [N/A, ]
  341.     [C:\WINDOWS\system32\kaqhczy.dll]  [N/A, ]
  342.     [C:\Program Files\NetMeeting\ravwdmon.dat]  [N/A, ]
  343. [PID: 3164 / jh1jcka][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  344.     [C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys]  [N/A, ]
  345.     [C:\WINDOWS\system32\kvmxcma.dll]  [N/A, ]
  346.     [C:\WINDOWS\system32\avwlamn.dll]  [N/A, ]
  347.     [C:\WINDOWS\rx.dll]  [N/A, ]
  348.     [C:\WINDOWS\video.dll]  [N/A, ]
  349.     [C:\WINDOWS\system32\rsmyapm.dll]  [N/A, ]
  350.     [C:\WINDOWS\system32\kvdxbma.dll]  [N/A, ]
  351.     [C:\WINDOWS\system32\avzxamn.dll]  [N/A, ]
  352.     [C:\WINDOWS\system32\kaqhczy.dll]  [N/A, ]
  353.     [C:\WINDOWS\system32\rsjzapm.dll]  [N/A, ]
  354. [PID: 3328 / jh1jcka][C:\WINDOWS\system32\notepad.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  355.     [C:\WINDOWS\system32\rsjzapm.dll]  [N/A, ]
  356.     [C:\Program Files\NetMeeting\ravwdmon.dat]  [N/A, ]
  357.     [C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys]  [N/A, ]
  358.     [C:\WINDOWS\system32\kvmxcma.dll]  [N/A, ]
  359.     [C:\WINDOWS\system32\kaqhczy.dll]  [N/A, ]
  360.     [C:\WINDOWS\system32\avzxamn.dll]  [N/A, ]
  361.     [C:\WINDOWS\system32\avwlamn.dll]  [N/A, ]
  362.     [C:\WINDOWS\system32\kvdxbma.dll]  [N/A, ]
  363.     [C:\WINDOWS\system32\rsmyapm.dll]  [N/A, ]
  364.     [C:\WINDOWS\rx.dll]  [N/A, ]
  365.     [C:\WINDOWS\video.dll]  [N/A, ]
  366. [PID: 3600 / jh1jcka][F:\日志\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
  367.     [C:\WINDOWS\system32\kvmxcma.dll]  [N/A, ]
  368.     [C:\Program Files\NetMeeting\ravwdmon.dat]  [N/A, ]
  369.     [C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys]  [N/A, ]
  370.     [C:\WINDOWS\system32\avzxamn.dll]  [N/A, ]
  371.     [C:\WINDOWS\system32\avwlamn.dll]  [N/A, ]
  372.     [C:\WINDOWS\system32\kaqhczy.dll]  [N/A, ]
  373.     [C:\WINDOWS\system32\rsjzapm.dll]  [N/A, ]
  374.     [C:\WINDOWS\rx.dll]  [N/A, ]
  375.     [C:\WINDOWS\video.dll]  [N/A, ]
  376.     [C:\WINDOWS\system32\rsmyapm.dll]  [N/A, ]
  377.     [C:\WINDOWS\system32\kvdxbma.dll]  [N/A, ]
  378.     [F:\日志\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

  380. ==================================
  381. 文件关联
  382. .TXT  Error. [C:\WINDOWS\system32\notep.exe %1]
  383. .EXE  OK. ["%1" %*]
  384. .COM  OK. ["%1" %*]
  385. .PIF  OK. ["%1" %*]
  386. .REG  OK. [regedit.exe "%1"]
  387. .BAT  OK. ["%1" %*]
  388. .SCR  OK. ["%1" /S]
  389. .CHM  Error. ["hh.exe" %1]
  390. .HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
  391. .INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
  392. .INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  393. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  394. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  395. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]

  397. ==================================
  398. Winsock 提供者
  399. N/A

  401. ==================================
  402. Autorun.inf
  403. N/A

  405. ==================================
  406. HOSTS 文件
  407. N/A

  409. ==================================
  410. 进程特权扫描
  411. 特殊特权被允许: SeLoadDriverPrivilege [PID = 1516, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE]

  413. ==================================
  414. API HOOK
  415. N/A

  417. ==================================
  418. 隐藏进程
  419. N/A

  421. ==================================
复制代码
收藏 分享

返回列表