瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 请各位朋友帮我看看是怎么会事,谢谢了..

1   1  /  1  页   跳转

请各位朋友帮我看看是怎么会事,谢谢了..

收藏
1118504
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2007-01-17
  • 来自:
发表于: 2007-01-17 00:16 | 只看楼主 短消息 资料
字号: 1楼

请各位朋友帮我看看是怎么会事,谢谢了..

[CODE]

2007-01-16,23:45:35

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <KavPFW><"C:\kav2005\KPFW32.EXE">  [Kingsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <KavStart><"C:\kav2005\KAVStart.exe" -startup>  [Kingsoft Corporation]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <AnyComm_IncTray><; "C:\Program Files\Lenovo\IGRS EasyShare\IncTray.exe">  [联想集团有限公司]
    <iDuba Personal FireWall><; >  [N/A]
    <RTHDCPL><; RTHDCPL.EXE>  [(Verified)Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[General Updater/AutoUpdater Service / GUA][Running/Auto Start]
  <"C:\Program Files\lenovo\GUA\GUA.exe"><lenovo>
[IGRS / IGRS][Running/Auto Start]
  <C:\Program Files\Lenovo\IGRS\IGRS.exe><联想集团有限公司>
[IGRSFILE / IGRSFILE][Running/Auto Start]
  <C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe><Lenovo Group Limited>
[IgrsFileShare / IgrsFileShare][Running/Auto Start]
  <"C:\Program Files\Lenovo\IGRS EasyShare\FileShare.exe"><联想集团有限公司>
[IgrsMonitor / IgrsMonitor][Running/Auto Start]
  <C:\WINDOWS\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\IgrsMonitor.dll><联想集团有限公司>
[Intelligent Network Config / IncSvc][Running/Auto Start]
  <C:\WINDOWS\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\IncSvc.dll><联想集团有限公司>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
  <"C:\kav2005\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <C:\kav2005\KWatch.EXE><Kingsoft Corporation>
[MicroGrid DirectRouter / MicroGrid.DirectRouter][Running/Auto Start]
  <C:\WINDOWS\System32\IgrsSvcs.exe -k IgrsSvcs-->C:\Program Files\Lenovo\IGRS\Ext\router.dll><联想集团有限公司>
[Windows Help / WinHelp][Stopped/Auto Start]
  <><N/A>

==================================
驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
  <system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hid7906 / hid7906][Stopped/Manual Start]
  <system32\drivers\hid7906.sys><Compuware Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[KNetWch / KNetWch][Running/System Start]
  <\??\C:\kav2005\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkcusb / npkcusb][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcusb.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[smserial / smserial][Running/Manual Start]
  <system32\DRIVERS\smserial.sys><Motorola Inc.>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[tifm21 / tifm21][Running/Manual Start]
  <system32\drivers\tifm21.sys><Texas Instruments>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Running/Manual Start]
  <system32\DRIVERS\w39n51.sys><Intel? Corporation>
[Wbutton / Wbutton][Stopped/System Start]
  <\SystemRoot\system32\drivers\Wbutton.sys><N/A>
[Wireless Monitor & Config Protocol Driver / WMCDRV][Running/Auto Start]
  <system32\DRIVERS\wmcdrv.sys><Lenovo Group Limited>

==================================
浏览器加载项
[Thunder Browser Helper]
  {31EBA2E1-58B2-4980-9C41-F12F5F1422C5} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_004.dll, Thunder Networking Technologies,LTD>
[IEHandle Class]
  {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} <C:\WINDOWS\system32\TPHANDLE.dll, 江苏科建教育软件有限责任公司>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[闪联任意通]
  {0C9B3AB9-DEDF-11D8-A2D4-0050FC464B19} <C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll, 联想集团有限公司>
[VGAPlayer Control]
  {339C1EE2-1029-46B8-81F1-360217F26FC4} <C:\WINDOWS\DOWNLO~1\VGAPLA~1.OCX, 北京翰博尔信息技术有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD>
[闪联任意通]
  {0C9B3AB9-DEDF-11D8-A2D4-0050FC464B19} <C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll, 联想集团有限公司>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Thunder Browser Helper]
  {31EBA2E1-58B2-4980-9C41-F12F5F1422C5} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_004.dll, Thunder Networking Technologies,LTD>
[IEHandle Class]
  {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} <C:\WINDOWS\system32\TPHANDLE.dll, 江苏科建教育软件有限责任公司>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[VGAPlayer Control]
  {339C1EE2-1029-46B8-81F1-360217F26FC4} <C:\WINDOWS\DOWNLO~1\VGAPLA~1.OCX, 北京翰博尔信息技术有限公司>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\kav2005\KAVAFish.DLL, Kingsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\WebThunder\MediaAddin10.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到eREAD表情]
  <, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[金山毒霸反钓鱼...]
  <C:\kav2005\KAF\ShowSet.htm, N/A>
最后编辑2007-01-17 00:11:02
分享到:
gototop
 
1118504
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2007-01-17
  • 来自:
发表于: 2007-01-17 00:19 | 只看楼主 短消息 资料
字号: 2楼

==================================
正在运行的进程
[PID: 428][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 868][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4133]
[PID: 944][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 956][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1104][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4133]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 1120][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1220][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1292][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1348][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1460][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1732][C:\kav2005\KWatch.EXE]  [Kingsoft Corporation, 2005, 11, 21, 53]
    [C:\kav2005\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\kav2005\KAEPlat.DLL]  [Kingsoft Corp., 2006, 8, 29, 60]
    [C:\kav2005\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\kav2005\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 10, 26, 69]
[PID: 1848][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1912][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4133]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 140][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll]  [联想集团有限公司, 1, 0, 2, 65]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\kav2005\KAVEXT.DLL]  [Kingsoft Corporation, 2005, 8, 5, 16]
[PID: 176][C:\Program Files\lenovo\GUA\GUA.exe]  [lenovo, 1.0.0.21]
[PID: 280][C:\Program Files\Lenovo\IGRS\IGRS.exe]  [联想集团有限公司, 1.0.1.217]
    [C:\Program Files\Lenovo\IGRS\framework.dll]  [联想集团有限公司, 1.0.1.217]
    [C:\Program Files\Lenovo\IGRS\ReliablePlugin.dll]  [联想集团有限公司, 1.0.1.217]
    [C:\Program Files\Lenovo\IGRS\CorePlugin.dll]  [联想集团有限公司, 1.0.1.217]
    [C:\Program Files\Lenovo\IGRS\SocketPlugin.dll]  [联想集团有限公司, 1.0.1.217]
    [C:\Program Files\Lenovo\IGRS\BTComPlugin.dll]  [联想集团有限公司, 1.0.1.217]
    [C:\Program Files\Lenovo\IGRS\SerialPortMonitor.dll]  [lenovo, 1, 0, 1, 19]
    [C:\Program Files\Lenovo\IGRS\ProxyPlugin.dll]  [联想集团有限公司, 1.0.1.217]
    [C:\Program Files\Lenovo\IGRS\SvcHostPlugin.dll]  [联想集团有限公司, 1.0.1.217]
[PID: 324][C:\WINDOWS\System32\IgrsSvcs.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\lenovo\igrs\ext\igrsmonitor.dll]  [联想集团有限公司, 1, 2, 1, 21]
    [C:\WINDOWS\system32\IgrsApi.dll]  [Lenovo Group Limited, 1.0.1.195]
    [c:\program files\lenovo\igrs\ext\incsvc.dll]  [联想集团有限公司, 1, 0, 1, 14]
    [C:\WINDOWS\system32\wmcdrv.dll]  [Lenovo Group Limited, 3, 1, 0, 13]
    [c:\program files\lenovo\igrs\ext\router.dll]  [联想集团有限公司, 1, 5, 0, 17]
[PID: 516][C:\kav2005\KPfwSvc.EXE]  [Kingsoft Corporation, 2005, 9, 5, 28]
[PID: 592][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 632][C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe]  [Lenovo Group Limited, 1, 0, 0, 4]
    [C:\WINDOWS\system32\IgrsApi.dll]  [Lenovo Group Limited, 1.0.1.195]
    [C:\Program Files\lenovo\IGRS Profiles\File Profile\Util.dll]  [N/A, 1, 0, 1, 1]
    [C:\Program Files\lenovo\IGRS Profiles\File Profile\FrameWork.dll]  [Lenovo, 1, 0, 1, 1]
    [C:\Program Files\lenovo\IGRS Profiles\File Profile\FileProfileModule.dll]  [Lenovo Group Limited, 2, 0, 2, 35]
    [C:\Program Files\lenovo\IGRS Profiles\File Profile\BFileDialog.dll]  [Lenovo Group Limited, 2, 0, 1, 32]
[PID: 692][C:\Program Files\Lenovo\IGRS EasyShare\FileShare.exe]  [联想集团有限公司, 1, 0, 2, 24]
gototop
 
1118504
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2007-01-17
  • 来自:
发表于: 2007-01-17 00:19 | 只看楼主 短消息 资料
字号: 3楼

[C:\Program Files\Lenovo\IGRS EasyShare\IGRSAVSDK.dll]  [联想集团有限公司, 1, 0, 1, 50204]
    [C:\WINDOWS\system32\IgrsApi.dll]  [Lenovo Group Limited, 1.0.1.195]
    [C:\Program Files\Lenovo\IGRS EasyShare\QuickDB.dll]  [N/A, N/A]
[PID: 1932][C:\kav2005\KAVStart.exe]  [Kingsoft Corporation, 2006, 11, 10, 212]
    [C:\kav2005\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\kav2005\SvcTimer.DLL]  [Kingsoft Corporation, 2006.12.22.84]
    [C:\kav2005\KAVPassp.dll]  [Kingsoft Corporation, 2006, 12, 30, 271]
    [C:\kav2005\PopSprt3.dll]  [Kingsoft Corporation, 2006, 9, 26, 38]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
[PID: 204][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 212][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1316][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1548][C:\kav2005\KPFW32.EXE]  [Kingsoft Corporation, 2006, 12, 11, 666]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\kav2005\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\kav2005\KAConfig.DLL]  [Kingsoft Corporation, 2006, 10, 30, 39]
    [C:\kav2005\FiltList.dll]  [N/A, N/A]
    [C:\kav2005\KAVPassp.DLL]  [Kingsoft Corporation, 2006, 12, 30, 271]
    [C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll]  [联想集团有限公司, 1, 0, 2, 65]
[PID: 1276][C:\kav2005\KMailMon.EXE]  [Kingsoft Corporation, 2006, 12, 27, 942]
    [C:\kav2005\KAntiSpm.dll]  [Kingsoft Corporation, 2006, 8, 19, 104]
    [C:\kav2005\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\kav2005\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\kav2005\KAEPlat.DLL]  [Kingsoft Corp., 2006, 8, 29, 60]
    [C:\kav2005\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\kav2005\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 10, 26, 69]
    [C:\kav2005\KAConfig.DLL]  [Kingsoft Corporation, 2006, 10, 30, 39]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
[PID: 3940][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\Program Files\Tencent\QQ\VPortal.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, N/A]
    [C:\kav2005\KAScript.DLL]  [Kingsoft Corporation, 2006, 12, 11, 72]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技(深圳)有限公司, 2, 1, 3, 30]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\ShareFiles.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQZip.dll]  [tencent, 0, 3, 2, 4]
[PID: 2112][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 3684][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 4028][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 2272][C:\kav2005\KAV32.EXE]  [Kingsoft Corporation, 2006, 12, 29, 82]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll]  [联想集团有限公司, 1, 0, 2, 65]
    [C:\kav2005\KAV32Res.dll]  [Kingsoft Corporation, 2006, 12, 25, 88]
    [C:\kav2005\KAEPlat.DLL]  [Kingsoft Corp., 2006, 8, 29, 60]
    [C:\kav2005\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\kav2005\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 10, 26, 69]
    [C:\kav2005\KAConfig.DLL]  [Kingsoft Corporation, 2006, 10, 30, 39]
    [C:\kav2005\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\kav2005\KAVPassp.DLL]  [Kingsoft Corporation, 2006, 12, 30, 271]
    [C:\kav2005\DBAgent.DLL]  [Kingsoft Corporation, 2005, 10, 27, 9]
    [C:\kav2005\KWindUp.DLL]  [Kingsoft Corp., 2006, 1, 10, 18]
    [C:\kav2005\KAEPrev.dll]  [Kingsoft Corporation, 2006, 12, 7, 20]
    [C:\kav2005\KAEMemEx.dll]  [N/A, 2006, 10, 17, 16]
    [C:\kav2005\KAEMalDt.dll]  [N/A, 2006, 12, 7, 20]
    [C:\kav2005\KAERemov.dll]  [N/A, 2006, 12, 7, 20]
    [C:\kav2005\KAScript.DLL]  [Kingsoft Corporation, 2006, 12, 11, 72]
[PID: 716][C:\Program Files\TTPlayer\TTPlayer.exe]  [Alen Soft, 4, 6, 8, 0]
    [C:\Program Files\TTPlayer\ttpcomm.dll]  [N/A, N/A]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\TTPlayer\ttpres.dll]  [Alen Soft, 4, 6, 8, 0]
    [C:\Program Files\TTPlayer\AddIn\ttp_lrcsh.dll]  [N/A, N/A]
    [C:\kav2005\KAScript.DLL]  [Kingsoft Corporation, 2006, 12, 11, 72]
[PID: 3332][G:\123\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\kav2005\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\kav2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
gototop
 
1118504
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2007-01-17
  • 来自:
发表于: 2007-01-17 00:20 | 只看楼主 短消息 资料
字号: 4楼

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 www.qq3344.com127.0.0.1 www.dj3344.com127.0.0.1 www.yysky.net127.0.0.1 www.qq168.net127.0.0.1 www.777888.com127.0.0.1 www.5dsoft.com127.0.0.1 www.wokoo.net127.0.0.1 www.coolcdrom.com127.0.0.1 www.mtv51.com127.0.0.1 www.yibinren.com127.0.0.1 yeapple.com127.0.0.1 movie.sx.zj.cn127.0.0.1 www.cctv8.net127.0.0.1 www.kuliao.com127.0.0.1 www.yyqy.com127.0.0.1 www.sunvod.com127.0.0.1 www.t168.com127.0.0.1 www.boliwo.com127.0.0.1 www.zhengdian.com127.0.0.1 girlchinese.com127.0.0.1 www.37021.com127.0.0.1 www.cnqb.net127.0.0.1 www.58589.com127.0.0.1 www.pixpox.com127.0.0.1 www.k163.com127.0.0.1 www.pk.com127.0.0.1 www.xxx.com127.0.0.1 www.ehomeday.com127.0.0.1 www.jinpin.net127.0.0.1 www.es158.com127.0.0.1 www.aisa-girl.net127.0.0.1 www.boliwu.com127.0.0.1 www.cctv1.net127.0.0.1 www.play.cn.gs127.0.0.1 www.nnptt.com127.0.0.1 vod.hengshui.com127.0.0.1 tv.megajoy.com127.0.0.1 www.my288.com127.0.0.1 www.youmiss.com127.0.0.1 www.laws-online.net127.0.0.1 www.435000.com127.0.0.1 www.eastedu.com.cn127.0.0.1 www.ezhgc.com127.0.0.1 www.mmgirls.com127.0.0.1 www.qq520.com127.0.0.1 www.love520.net127.0.0.1 www.hj168.net127.0.0.1 www.wwmmww.com127.0.0.1 www.wo265.com127.0.0.1 www.9911.com127.0.0.1 36920.com127.0.0.1 www.piaoxue.com219.153.32.58 bbs.cpcw.com

==================================
API HOOK
警告!System Repair Engineer 提醒
你下面的函数内容与预期值不符,他
们可能被一些恶意的软件所修改:
入口点错误:LoadLibraryExW

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT