1   1  /  1  页   跳转

挑战高手。奇怪病毒

收藏
boyhong
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-10-03
  • 来自:
发表于: 2007-04-04 12:43 | 显示全部 短消息 资料
字号: 1楼

挑战高手。奇怪病毒

首先说症一下症状:
开机进桌面前提示:c:\windows\sysytem32下maabp.sys内存分配无效。后来采取种种手段:删除该目录

下的:maabp.dll文件,同时取消开机提示项。重启后说,找到不到指定模块。再后来,每次重新启动,

都会自动建立并提示:找到不到指定模块

付上日志:(盼高手过目,先谢谢啦)
[CODE]

2007-04-04,09:52:02

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint\Apoint.exe>  [Alps Electric Co., Ltd.]
    <vptray><C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe>  [Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe

Systems>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Automatic LiveUpdate Scheduler / Automatic LiveUpdate Scheduler][Stopped/Auto Start]
  <"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[SMS 代理主机 / CcmExec][Running/Auto Start]
  <C:\WINDOWS\system32\CCM\CcmExec.exe><Microsoft Corporation>
[DefWatch / DefWatch][Running/Auto Start]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe><Symantec Corporation>
[EvtEng / EvtEng][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual

Start]
  <c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft

Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32

\IDriverT.exe"><Macrovision Corporation>
[Windows CardSpace / idsvc][Stopped/Manual Start]
  <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication

Foundation\infocard.exe"><Microsoft Corporation>
[LiveUpdate / LiveUpdate][Stopped/Manual Start]
  <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation>
[MSSQL$AUTODESKVAULT / MSSQL$AUTODESKVAULT][Running/Auto Start]
  <"C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe" -

sAUTODESKVAULT><Microsoft Corporation>
[MSSQL$INVENTORCONTENT / MSSQL$INVENTORCONTENT][Running/Auto Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -

sINVENTORCONTENT><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <"C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe"><Microsoft

Corporation>
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
  <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication

Foundation\SMSvcHost.exe"><Microsoft Corporation>
[Symantec AntiVirus Client / Norton AntiVirus Server][Running/Auto Start]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe><Symantec Corporation>
[RegSrvc / RegSrvc][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
  <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>
[SQLAgent$AUTODESKVAULT / SQLAgent$AUTODESKVAULT][Stopped/Manual Start]
  <"C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE" -i

AUTODESKVAULT><Microsoft Corporation>
[SQLAgent$INVENTORCONTENT / SQLAgent$INVENTORCONTENT][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i

INVENTORCONTENT><Microsoft Corporation>
[Symantec Core LC / Symantec Core LC][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec

Corporation>
[WLANKEEPER / WLANKEEPER][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe><Intel? Corporation>
==================================
最后编辑2007-04-04 12:53:17
分享到:
gototop
 
boyhong
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-10-03
  • 来自:
发表于: 2007-04-04 12:44 | 显示全部 短消息 资料
字号: 2楼

==================================
驱动程序
[a347bus / a347bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\a347bus.sys><>
[a347scsi / a347scsi][Running/Boot Start]
  <\SystemRoot\System32\Drivers\a347scsi.sys><>
[AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP][Running/Auto Start]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Alps Touch Pad Filter Driver for Windows 2000/XP / ApfiltrService][Running/Manual Start]
  <system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
[Anti SpyWare Toolkit Service / ASTService][Stopped/Manual Start]
  <\??\C:\Documents and Settings\dingjiaqing.CERI\桌面\07.03.26\AST.sys><N/A>
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\atapi.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Broadcom NetXtreme 57xx Gigabit Controller / b57w2k][Running/Manual Start]
  <system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[CdaC15BA / CdaC15BA][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[drvmcdb / drvmcdb][Running/Boot Start]
  <\SystemRoot\system32\drivers\drvmcdb.sys><Sonic Solutions>
[drvnddm / drvnddm][Running/Auto Start]
  <system32\drivers\drvnddm.sys><Sonic Solutions>
[IBM UltraPort Camera / DUSBCamera][Stopped/Manual Start]
  <System32\Drivers\IBM_501B.SYS><IBM>
[GTIPCI21 / GTIPCI21][Stopped/Manual Start]
  <system32\DRIVERS\gtipci21.sys><Texas Instruments>
[HSFHWICH / HSFHWICH][Running/Manual Start]
  <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Stopped/Manual Start]
  <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
  <system32\DRIVERS\HSF_DPV.SYS><Conexant Systems, Inc.>
[Intel Wireless Connection Agent Miniport for Win XP / IWCA][Stopped/Manual Start]
  <system32\DRIVERS\iwca.sys><Intel Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[NAVAP / NAVAP][Running/Manual Start]
  <\??\C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys><Symantec Corporation>
[NAVAPEL / NAVAPEL][Running/Auto Start]
  <\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS><Symantec

Corporation>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070324.005\NAVENG.sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070324.005\NAVEX15.sys><Symantec

Corporation>
[Nokia USB Generic / Nokia USB Generic][Stopped/Manual Start]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem][Stopped/Manual Start]
  <system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent][Stopped/Manual Start]
  <system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Port / Nokia USB Port][Stopped/Manual Start]
  <system32\drivers\nmwcdcj.sys><Nokia>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[OMCI / OMCI][Running/System Start]
  <\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS><Dell Computer Corporation>
[SMS Process Event Driver / prepdrvr][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\CCM\prepdrv.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[quqd / quqde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\quqde.sys><N/A>
[WLAN Transport / s24trans][Running/Auto Start]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Running/Auto Start]
  <System32\DRIVERS\secdrv.sys><Macrovision Europe Ltd>
[Sentinel / Sentinel][Running/Auto Start]
  <\SystemRoot\System32\Drivers\SENTINEL.SYS><Rainbow Technologies, Inc.>
[SMC IrCC Miniport Device Driver / SMCIRDA][Running/Manual Start]
  <system32\DRIVERS\smcirda.sys><SMC>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[sscdbhk5 / sscdbhk5][Running/System Start]
  <system32\drivers\sscdbhk5.sys><Sonic Solutions>
[ssrtln / ssrtln][Running/System Start]
  <system32\drivers\ssrtln.sys><Sonic Solutions>
[SigmaTel C-Major Audio / STAC97][Running/Manual Start]
  <system32\drivers\STAC97.sys><SigmaTel, Inc.>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[symlcbrd / symlcbrd][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\symlcbrd.sys><Symantec Corporation>
[tfsnboio / tfsnboio][Running/Auto Start]
  <system32\dla\tfsnboio.sys><Sonic Solutions>
[tfsncofs / tfsncofs][Running/Auto Start]
  <system32\dla\tfsncofs.sys><Sonic Solutions>
[tfsndrct / tfsndrct][Running/Auto Start]
  <system32\dla\tfsndrct.sys><Sonic Solutions>
[tfsndres / tfsndres][Running/Auto Start]
  <system32\dla\tfsndres.sys><Sonic Solutions>
[tfsnifs / tfsnifs][Running/Auto Start]
  <system32\dla\tfsnifs.sys><Sonic Solutions>
[tfsnopio / tfsnopio][Running/Auto Start]
  <system32\dla\tfsnopio.sys><Sonic Solutions>
[tfsnpool / tfsnpool][Running/Auto Start]
  <system32\dla\tfsnpool.sys><Sonic Solutions>
[tfsnudf / tfsnudf][Running/Auto Start]
  <system32\dla\tfsnudf.sys><Sonic Solutions>
[tfsnudfa / tfsnudfa][Running/Auto Start]
  <system32\dla\tfsnudfa.sys><Sonic Solutions>
[vaxscsi / vaxscsi][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\vaxscsi.sys><Alcohol Soft Co., Ltd.>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Stopped/Manual

Start]
  <system32\DRIVERS\w29n51.sys><Intel? Corporation>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市

腾讯计算机系统有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder

Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Conversion Toolbar Helper]
  {AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市

腾讯计算机系统有限公司>
[ShellextObj Class]
  {601E34F0-4ADF-4422-9CED-3FD0C3B14B41} <C:\WINDOWS\system32\shellext.dll, shellext>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder

Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Conversion Toolbar Helper]
  {AE7CD045-E861-484F-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx,

Adobe Systems, Inc.>
[Convert link target to Adobe PDF]
  <res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html,

N/A>
[Convert link target to existing PDF]
  <res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html,

N/A>
[Convert selected links to Adobe PDF]
  <res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[Convert selected links to existing PDF]
  <res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[Convert selection to Adobe PDF]
  <res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html,

N/A>
[Convert selection to existing PDF]
  <res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html,

N/A>
[Convert to Adobe PDF]
  <res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html,

N/A>
[Convert to existing PDF]
  <res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html,

N/A>
gototop
 
boyhong
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-10-03
  • 来自:
发表于: 2007-04-04 12:44 | 显示全部 短消息 资料
字号: 3楼

==================================
正在运行的进程
[PID: 656][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180

(xpsp_sp2_rtm.040803-2158)]
[PID: 704][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180

(xpsp_sp2_rtm.040803-2158)]
[PID: 728][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180

(xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4107]
[PID: 3732][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180

(xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
    [C:\WINDOWS\system32\shellext.dll]  [shellext, 1, 0, 0, 6]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk,

17.0.54.110]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc.,

7.0.0.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems

Incorporated, 7.0.9.2006121800]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder

Networking Technologies,LTD, 5, 0, 0, 2]
[PID: 3832][C:\Program Files\Apoint\Apoint.exe]  [Alps Electric Co., Ltd., 5.5.101.141]
    [C:\WINDOWS\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.4]
    [C:\Program Files\Apoint\Apoint.DLL]  [Alps Electric Co., Ltd., 5.5.104.252]
    [C:\Program Files\Apoint\EzAuto.dll]  [Alps Electric Co., Ltd., 5.5.1.85]
    [C:\Program Files\Apoint\EzLaunch.DLL]  [Alps Electric Co., Ltd., 5.5.1.64]
[PID: 3816][C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe]  [Symantec Corporation, 8.1.0.821]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Cliproxy.dll]  [Symantec

Corporation, 8.1.0.821]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec/Peter Norton Group, 1, 0, 0, 1]
[PID: 3828][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180

(xpsp_sp2_rtm.040803-2158)]
[PID: 3084][C:\Program Files\Apoint\Apntex.exe]  [Alps Electric Co., Ltd., 5.5.1.19]
    [C:\WINDOWS\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.4]
[PID: 3080][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180

(xpsp_sp2_rtm.040803-2158)]
[PID: 204][C:\Documents and Settings\dingjiaqing.CERI\桌面\sreng22.4.12.806\SREng.EXE] 

[Smallfrogs Studio, 2.4.12.806]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1                    about-blank.cc
127.0.0.1                    hao.allxun.com
127.0.0.1                    kzxf.com
127.0.0.1                    vod.mmdy.org
127.0.0.1                    www.123wa.com
127.0.0.1                    www.4199.com
127.0.0.1                    www.71791.com
127.0.0.1                    www.7939.com
127.0.0.1                    www.9505.com
127.0.0.1                    www.feixue.net
127.0.0.1                    www.kzxf.com
127.0.0.1                    www.my123.com
127.0.0.1                    www.piaoxue.com
127.0.0.1                    www.xfkz.com
127.0.0.1                    xfkz.com

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
boyhong
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2006-10-03
  • 来自:
发表于: 2007-04-04 13:03 | 显示全部 短消息 资料
字号: 4楼

顶一下,别沉了。
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT