瑞星卡卡安全论坛

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SiSPower><Rundll32.exe SiSPower.dll,ModeAgent>  [Silicon Integrated Systems Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <marsrmt><C:\Program Files\联想（Lenovo）\联想天骄遥控器（Mars）\marsrmt.exe>  [N/A]
    <SKDaemon><c:\Program Files\联想\联想标准键盘\skdaemon.exe>  [N/A]
    <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe>  [奇虎网]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\自然风光.SCR>  [N/A]

==================================
启动文件夹
[Utility Tray]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Utility Tray.lnk --> C:\WINDOWS\system32\sistray.exe [Silicon Integrated Systems Corporation]><N>
[Adobe Gamma Loader.exe]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.exe.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
服务
[卡巴斯基反病毒6.0 / AVP]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[Brother Popup Suspend service for Resource manager / brmfrmps]
  <"C:\WINDOWS\system32\Brmfrmps.exe" -service ><Brother Industries, Ltd.>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Lenovo TV Recoding / Lenovo TV Recoding]
  <C:\Program Files\Lenovo\数码家电\lxRecSvr.exe><N/A>
[SCCMonitor / SCCMonitor]
  <"C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe"><N/A>
[Vsn upjm Service / upjm]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\xvps\esws.dll,Service><Microsoft Corporation>
[VisionService / VisionService]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\vision\VISVER.DLL,Service><Microsoft Corporation>

==================================
驱动程序
[00003018 / 00003018]
  <\SystemRoot\system32\drivers\00003018.SYS><N/A>
[Albus / Albus]
  <\SystemRoot\system32\drivers\Albus.SYS><N/A>
[Service for WDM 3D Audio Driver / ALCXSENS]
  <system32\drivers\ALCXSENS.SYS><Sensaura>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Brother MFC Filter Driver / brfilt]
  <System32\Drivers\Brfilt.sys><Brother Industries Ltd.>
[Brother Multi Function Parallel Image driver / brparimg]
  <system32\DRIVERS\BrParImg.sys><Brother Industries Ltd.>
[Brother WDM Parallel Driver / BrParWdm]
  <System32\Drivers\BrParwdm.sys><Brother Industries Ltd.>
[Brother Serial driver / BrSerWDM]
  <System32\Drivers\BrSerWdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm]
  <System32\Drivers\BrUsbMdm.sys><Brother Industries Ltd.>
[Brother MFC USB Scanner driver / BrUsbScn]
  <System32\Drivers\BrUsbScn.sys><Brother Industries Ltd.>
[Conexant 23880 Video Capture / CX23880]
  <system32\drivers\cx88vid.sys><N/A>
[Conexant 2388x Crossbar / CX88XBAR]
  <system32\drivers\CX88XBAR.sys><N/A>
[Conexant 2388x Tuner / CXTUNE]
  <system32\drivers\CX88TUNE.sys><N/A>
[FixDrv / FixDrv]
  <C:\WINDOWS\SYSTEM32\DRIVERS\FixDrv.SYS><N/A>
[HOSTNT / HOSTNT]
  <\??\C:\WINDOWS\system32\drivers\hostnt.sys><N/A>
[HpaFilt / HpaFilt]
  <C:\WINDOWS\SYSTEM32\DRIVERS\HpaFilt.SYS><Lenovo Software inc.>
[kl1 / kl1]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[MHDRV / MHDRV]
  <\??\C:\WINDOWS\system32\drivers\mhdrv.sys><SafeNet China Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[RCMHDOG / RCMHDOG]
  <\??\C:\WINDOWS\system32\drivers\rcmhdog.sys><SafeNet China Ltd.>
[Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver / RTL8023]
  <system32\DRIVERS\Rtlnic51.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiS315 / SiS315]
  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiSide / SiSide]
  <\SystemRoot\system32\DRIVERS\siside.sys><Silicon Integrated Systems Corp.>
[SiSkp / SiSkp]
  <system32\DRIVERS\srvkp.sys><Silicon Integrated Systems Corporation>
[Add Performance Filter Driver / sisperf]
  <\SystemRoot\system32\drivers\sisperf.sys><Silicon Integrated Systems Corp.>
[PS/2 Keyboard Filter Driver for WinXp / Skkbdf]
  <system32\DRIVERS\Skkbdf.sys><Silitek Corp.>
[SafeNet MicroDog USB Device Driver / UsbC]
  <System32\Drivers\rcusbwdm.sys><SafeNet China Ltd.>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[rmgj]
  {5C356A96-643A-48E7-AB31-D8DBB020A4F6} <C:\PROGRA~1\COMMON~1\xvps\bwtw.dll, >
[Vision]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[]
  {B432D70A-E457-4DBD-823F-B88095FADB54} <C:\WINDOWS\system32\ruwcjpcxsapzb.dll, N/A>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, N/A>
[Web反病毒保护]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[联想]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[rmgj]
  {5C356A96-643A-48E7-AB31-D8DBB020A4F6} <C:\PROGRA~1\COMMON~1\xvps\bwtw.dll, >
[Vision]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\vision\vision.dll, >
[]
  {B432D70A-E457-4DBD-823F-B88095FADB54} <C:\WINDOWS\system32\ruwcjpcxsapzb.dll, N/A>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
[>>彩信发送<<]
  <res://C:\PROGRA~1\vision\vision.dll/mms.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 500][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 568][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 592][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 644][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 656][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 800][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 868][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 980][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1136][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1316][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.0.2003051500]
    [C:\PROGRA~1\COMMON~1\xvps\bwtw.dll]  [, 1, 2, 0, 8]
    [C:\PROGRA~1\vision\vision.dll]  [, 1, 2, 0, 7]
    [C:\PROGRA~1\vision\alvsn.dll]  [N/A, 1, 0, 0, 4]
    [C:\WINDOWS\system32\ruwcjpcxsapzb.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
[PID: 1392][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\brmfpmon.dll]  [Brother Industries,Ltd., 2.01]
[PID: 1564][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.27]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
[PID: 1576][C:\Program Files\联想（Lenovo）\联想天骄遥控器（Mars）\marsrmt.exe]  [N/A, N/A]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
[PID: 1584][C:\Program Files\联想\联想标准键盘\skdaemon.exe]  [, 1, 0, 0, 1]

[C:\Program Files\联想\联想标准键盘\MacFun.dll]  [Silitek, 1, 0, 0, 0]
    [C:\Program Files\联想\联想标准键盘\OpenDriver.dll]  [Silitek, 1, 0, 0, 0]
    [C:\Program Files\联想\联想标准键盘\OSD.dll]  [silitek, 1, 0, 0, 1]
    [C:\Program Files\联想\联想标准键盘\lxkeyled.dll]  [Silitek, 1, 0, 0, 1]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
[PID: 1612][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3208]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
[PID: 1628][C:\Program Files\360safe\safemon\360tray.exe]  [奇虎网, 1, 0, 1, 1002]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
    [C:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 1, 0, 0, 1001]
    [C:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 2, 2, 1, 2000]
[PID: 1636][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
[PID: 1656][C:\WINDOWS\system32\sistray.exe]  [Silicon Integrated Systems Corporation, 0.0.0.3670]
    [C:\WINDOWS\system32\SiSApCom.dll]  [Silicon Integrated Systems Corporation, 0.0.0.3670]
    [C:\WINDOWS\system32\SiSBase.dll]  [Silicon Integrated Systems Corporation, 6.14.10.3671]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
[PID: 2016][C:\WINDOWS\system32\Brmfrmps.exe]  [Brother Industries, Ltd., 1.10.10.144]
[PID: 204][C:\Program Files\Lenovo\数码家电\lxRecSvr.exe]  [N/A, N/A]
    [C:\Program Files\Lenovo\数码家电\rcConfig.dll]  [, 1, 0, 0, 1]
[PID: 224][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
[PID: 468][C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe]  [N/A, N/A]
[PID: 540][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\BrMfWia1.dll]  [Brother Industries, Ltd., 2.1.1.6 built by: WinDDK]
    [C:\WINDOWS\system32\BrRsmSti.dll]  [Brother Industries, Ltd., 1, 1, 0, 3]
    [C:\WINDOWS\system32\BRMFBIDI.dll]  [Brother Industries, Ltd., 1.45.15.340]
    [C:\WINDOWS\system32\BRSCNRSM.dll]  [Brother Industries,Ltd., 1.0.0.14]
[PID: 272][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\COMMON~1\xvps\esws.dll]  [, 1, 2, 0, 8]
[PID: 816][C:\Program Files\lenovo\联想智能控制中心\SCC\LenovoSmartControlCenter.exe]  [N/A, N/A]
    [C:\Program Files\lenovo\联想智能控制中心\SCC\LxSimpleOsd.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\lenovo\联想智能控制中心\SCC\QuakeII.dll]  [http://www.lenovo.com, 2.0]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
    [C:\Program Files\lenovo\联想智能控制中心\SCC\Remled.dll]  [N/A, N/A]
[PID: 1040][C:\WINDOWS\system32\BRMFRSMG.EXE]  [Brother Industries, Ltd., 1.45.15.340]
    [C:\WINDOWS\system32\BREVIF.dll]  [Brother Industries, Ltd., 1.45.15.340]
    [C:\WINDOWS\system32\BrSerIf.DLL]  [Brother Industries, Ltd., 1.45.15.340]
    [C:\WINDOWS\system32\BrmfUSB.DLL]  [Brother Industries, Ltd., 1.45.15.352]
[PID: 2068][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2480][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.0.2003051500]
    [C:\PROGRA~1\COMMON~1\xvps\bwtw.dll]  [, 1, 2, 0, 8]
    [C:\PROGRA~1\vision\vision.dll]  [, 1, 2, 0, 7]
    [C:\PROGRA~1\vision\alvsn.dll]  [N/A, 1, 0, 0, 4]
    [C:\WINDOWS\system32\ruwcjpcxsapzb.dll]  [N/A, N/A]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\macromed\flash\flash.ocx]  [Macromedia, Inc., 6,0,79,0]
[PID: 2804][F:\许莹\tools\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\360safe\safemon\safemon.dll]  [N/A, 1, 0, 0, 1001]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[D:\]
[autorun]
open=d:\mplay.com

==================================
HOSTS 文件
127.0.0.1      localhost

该用户帖子内容已被屏蔽

 


头衔:社区会员
等级:新手上路
文章:3
注册:2007-1-15 
     


“Trojan.Agent.yjg，RootKit.RegProt.d”谁能告诉我怎么杀这两个病毒哦 ~~？[face12

引用:

【雙吇蓙ㄩ戀僾的贴子】   头衔:社区会员 等级:新手上路 文章:3 注册:2007-1-15        “Trojan.Agent.yjg，RootKit.RegProt.d”谁能告诉我怎么杀这两个病毒哦 ~~？[face12 ………………

自己发帖 不要在别人帖子后面发 不要重复发帖

高手请来看看！！
人都要崩溃了！！