发表于: 2007-08-27 17:25 | 只看楼主 短消息 资料
字号: 11楼

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[D:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[E:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[F:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 436, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 492, C:\PROGRAM FILES\CNNIC\CDN\CDNUP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 524, D:\杀毒\RISING\RAV\RAVTASK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 572, D:\杀毒\RISING\RAV\RAVMON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 336, C:\PROGRA~1\YOK\YOK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 336, C:\PROGRA~1\YOK\YOK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2444, D:\杀毒\RISING\RAV\RAV.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]