瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】Rootkit.Win32.Vanti.em病毒殺不掉

1   1  /  1  页   跳转

【求助】Rootkit.Win32.Vanti.em病毒殺不掉

收藏
Erika
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-12-02
  • 来自:
发表于: 2006-12-02 22:27 | 显示全部 短消息 资料
字号: 1楼

【求助】Rootkit.Win32.Vanti.em病毒殺不掉

電腦中了木馬Rootkit.Win32.Vanti.em
用防毒刪了,重新開機又出現

木馬程式 Rootkit.Win32.Vanti.em 檔案: C:\WINDOWS\TEMP\aoob.sys
怎么也刪不了,求高手幫忙
最后编辑2006-12-03 19:09:36
分享到:
gototop
 
Erika
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-12-02
  • 来自:
发表于: 2006-12-03 18:24 | 显示全部 短消息 资料
字号: 2楼

哪位高手幫幫忙
gototop
 
Erika
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-12-02
  • 来自:
发表于: 2006-12-03 18:59 | 显示全部 短消息 资料
字号: 3楼

瑞星听诊器結果
http://dreambbs02.hp.infoseek.co.jp/Rsinfo.htm

麻煩了
gototop
 
Erika
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-12-02
  • 来自:
发表于: 2006-12-03 19:09 | 显示全部 短消息 资料
字号: 4楼

2006-12-03,18:51:40

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <ravshell><C:\Progra~1\Eset\rund1132.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync>  [(Verified)Microsoft Corp.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <CJIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync>  [(Verified)Microsoft Corp.]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe">  [Kaspersky Lab]
    <Systems32><C:\WINDOWS\TEMP\svchost1.exe>  [N/A]
    <!AVG Anti-Spyware><"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [Anti-Malware Development a.s.]
    <nwiz><nwiz.exe /install>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><"C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll">  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll>  [Anti-Malware Development a.s.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\System32\klogon.dll>  [Kaspersky Lab]

==================================
Startup Folders
N/A

==================================
Services
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard]
  <C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
[Kaspersky Internet Security 6.0 / AVP]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
[Diskeeper / Diskeeper]
  <C:\Program Files\Executive Software\Diskeeper\DkService.exe><Executive Software International, Inc.>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>

==================================
Drivers
[a347bus / a347bus]
  <\SystemRoot\System32\DRIVERS\a347bus.sys><>
[a347scsi / a347scsi]
  <\SystemRoot\System32\Drivers\a347scsi.sys><>
[標準 IDE/ESDI 硬碟控制器 / atapi]
  <\SystemRoot\System32\DRIVERS\atapi.sys><N/A>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver]
  <\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[dtscsi / dtscsi]
  <\SystemRoot\System32\Drivers\dtscsi.sys><DT Soft Ltd.>
[Hamachi Network Interface / hamachi]
  <System32\DRIVERS\hamachi.sys><Applied Networking Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus]
  <System32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kl1 / kl1]
  <\SystemRoot\System32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif]
  <\??\C:\WINDOWS\System32\drivers\klif.sys><Kaspersky Lab>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[nv / nv]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[StarForce Protection Environment Driver v6 / prodrv06]
  <\SystemRoot\System32\drivers\prodrv06.sys><Protection Technology>
[StarForce Protection Helper Driver v2 / prohlp02]
  <\SystemRoot\System32\drivers\prohlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver v1 / prosync1]
  <\SystemRoot\System32\drivers\prosync1.sys><Protection Technology>
[直接平行連接埠連結驅動程式 / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp]
  <System32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01]
  <\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology (StarForce)>
[StarForce Protection Helper Driver / sfhlp01]
  <\SystemRoot\System32\drivers\sfhlp01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02]
  <\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology (StarForce)>
[StarForce Protection Synchronization Driver (version 2.x) / sfsync02]
  <\SystemRoot\System32\drivers\sfsync02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 4.x) / sfsync04]
  <\SystemRoot\System32\drivers\sfsync04.sys><Protection Technology (StarForce)>
[sptd / sptd]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TSP / TSP]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Web Anti-Virus]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
[參考資料(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[D.S.Lite]
  {F8475519-8412-4D40-A46E-692D9D04DF7F} <C:\Downloads\DSLite2\DSLite.exe, watermonster.org>
[收音機(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\System32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[上傳到QQ網路硬碟]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[下載編碼內容(&D.S.Lite)]
  <C:\Downloads\DSLite2\dl_text.html, N/A>
[下載編碼檔案內容(&D.S.Lite)]
  <C:\Downloads\DSLite2\dl_url.html, N/A>
[使用 FlashGet 下載]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[全部使用 FlashGet 下載]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[加入到卡巴斯基]
  <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm, N/A>
[匯出至 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[新增到QQ自定義面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[新增到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[添加到QQ自定義面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ MMS傳送該圖片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[用QQ彩信發送該圖片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
gototop
 
Erika
头像
初生襁褓狮
  • 帖子:11
  • 注册: 2006-12-02
  • 来自:
发表于: 2006-12-03 19:10 | 显示全部 短消息 资料
字号: 5楼

==================================
Running Processes
[PID: 760][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 808][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 832][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\klogon.dll]  [Kaspersky Lab, 6.0.1.411]
[PID: 880][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 892][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1076][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1176][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.1.411]
[PID: 1280][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1404][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\E_SL2346.DLL]  [SEIKO EPSON CORPORATION, 2, 15, 0, 0]
[PID: 1804][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll]  [Kaspersky Lab, 1.0.6.411]
    [C:\WINDOWS\System32\nview.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\NVWRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.11033]
    [C:\Program Files\Tencent\QQ\qdshm.dll]  [, 1, 0, 1, 2]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll]  [Anti-Malware Development a.s., 7, 5, 0, 49]
    [C:\Program Files\7-Zip\7-zip.dll]  [N/A, N/A]
    [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [Anti-Malware Development a.s., 7, 5, 0, 47]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [C:\WINDOWS\System32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8466]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.0.2003051500]
[PID: 2024][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 416][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.0.5.9]
    [C:\WINDOWS\System32\nview.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\NVWRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.11033]
[PID: 456][C:\WINDOWS\System32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.8466]
    [C:\WINDOWS\System32\NVRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.8466]
[PID: 472][C:\WINDOWS\TEMP\svchost1.exe]  [N/A, N/A]
    [C:\WINDOWS\TEMP\e9ut9.dll]  [N/A, N/A]
[PID: 480][C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe]  [Anti-Malware Development a.s., 7, 5, 0, 50]
    [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll]  [Anti-Malware Development a.s., 4, 2, 0, 15]
    [C:\WINDOWS\System32\nview.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\NVWRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.11033]
[PID: 548][C:\WINDOWS\System32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\nview.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\NVWRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.11033]
    [C:\WINDOWS\System32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8466]
    [C:\WINDOWS\System32\nvshell.dll]  [N/A, N/A]
[PID: 776][C:\Program Files\Executive Software\Diskeeper\DkService.exe]  [Executive Software International, Inc., 8.0.459.0]
    [C:\Program Files\Executive Software\Diskeeper\DkLib.dll]  [Executive Software International, Inc., 8.0.459.0]
    [C:\Program Files\Executive Software\Diskeeper\DkRes.dll]  [Executive Software International, Inc., 8.0.459.0]
[PID: 856][C:\WINDOWS\System32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8466]
[PID: 2412][C:\Program Files\Maxthon\Maxthon.exe]  [Maxthon International Ltd., 1, 5, 8, 120]
    [C:\Program Files\Maxthon\maxzlib.dll]  [ , 1, 0, 0, 2]
    [C:\WINDOWS\System32\nview.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\NVWRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.11033]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll]  [Kaspersky Lab, 1.0.6.411]
    [C:\Program Files\Maxthon\Plugin\ViewSource\ViewSrc.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8466]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\klscav.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prremote.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\params.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\basegui.ppl]  [Kaspersky Lab, 6.0.1.411]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.1.411]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\System32\Macromed\Common\SwSupport.dll]  [Adobe Systems, Inc., 10.1.4r20]
[PID: 2172][C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\IMEPADSV.EXE]  [Microsoft Corporation, 9.0.5510.0]
    [C:\WINDOWS\System32\nview.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\NVWRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.11033]
[PID: 2212][C:\Documents and Settings\Administrator\桌面\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\System32\nview.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\NVWRSZHT.DLL]  [NVIDIA Corporation, 6.14.10.11033]
    [C:\WINDOWS\System32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8466]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.1.411]
    [C:\Documents and Settings\Administrator\桌面\SREng\Plugins\SRECXTMG.SRE]  [Smallfrogs Studio, 1, 5, 0, 55]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1      localhost

==================================
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT