文静110 - 2006-6-14 20:05:00
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
E:\PROGRA~1\SKYNET\pfw.exe
E:\Program Files\killporn\shield.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Program Files\ADSL超频奇兵 V4.3\ADSLx2.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Chinagames\iGame.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\conime.exe
C:\DOCUME~1\WZL~1.DCX\LOCALS~1\Temp\Rar$EX35.898\HijackThis1991zww.exe
--------------------------------------------------
文件夹中的启动项
Shell folders Startup:
[C:\Documents and Settings\wzl.DCXX\「开始」菜单\程序\启动]
ADSL超频奇兵 V4.3.lnk = ?
Shell folders AltStartup:
*Folder not found*
User shell folders Startup:
*Folder not found*
User shell folders AltStartup:
*Folder not found*
Shell folders Common Startup:
[C:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动]
*No files*
Shell folders Common AltStartup:
*Folder not found*
User shell folders Common Startup:
*Folder not found*
User shell folders Alternate Common Startup:
*Folder not found*
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
* 未找到相关注册表键值 *
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
* 未找到相关注册表键值 *
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SKYNET Personal FireWall = E:\PROGRA~1\SKYNET\pfw.exe
KAVPersonal50 = "e:\Program Files\Kaspersky Lab\kav.exe" /minimize
风景动态桌面 = "E:\Program Files\动感风景壁纸\dtzm.exe" start
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
桌面图标文字自动透明 = E:\Program Files\Wom\WinMem.exe XP
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
* 未找到值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
* 未找到值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
* 未找到值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
killporn = E:\Program Files\killporn\shield.exe
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
* 未找到值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
* 未找到值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
* 未找到相关注册表键值 *
--------------------------------------------------
文件打开方式关联 for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
(黙认) = "%1" %*
--------------------------------------------------
© 2000 - 2024 Rising Corp. Ltd.