瑞星卡卡安全论坛

报告是保存为.html类型才发出来的
--------------------------------------------------------------------------------
[CODE] 2007-01-16,17:26:59 System Repair Engineer 2.3.13.690 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能 以下内容被选中： 所有的启动项目（包括注册表、启动文件夹、服务等） 浏览器加载项 正在运行的进程（包括进程模块信息） 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <360Safetray> [奇虎网] <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"> [Kaspersky Lab] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Corporation] [(Verified)Microsoft Corporation] [(Verified)Microsoft Corporation] ================================== 启动文件夹 N/A ================================== 服务 [卡巴斯基反病毒6.0 / AVP][Running/Auto Start] <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r> [B302EC43 / B302EC43][Stopped/Auto Start] [ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard][Stopped/Manual Start] ================================== 驱动程序 [a320raid / a320raid][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\a320raid.sys> [AAC / AAC][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AAC.SYS> [aar1210 / aar1210][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aar1210.sys> [abp480n5 / abp480n5][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\abp480n5.sys> [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start] [adpu160m / adpu160m][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\adpu160m.sys> [adpu320 / adpu320][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\adpu320.sys> [ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aec6210.sys> [ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aec6260.sys> [aec6280 / aec6280][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aec6280.sys> [AEC6290 / AEC6290][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC6290.SYS> [AEC67160 / AEC67160][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC67160.SYS> [AEC671X / AEC671X][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC671X.SYS> [AEC6880 / AEC6880][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC6880.SYS> [AEC6890 / AEC6890][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\AEC6890.sys> [aec68x5 / aec68x5][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aec68x5.sys> [Aha154x / Aha154x][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aha154x.sys> [aic78u2 / aic78u2][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aic78u2.sys> [aic78xx / aic78xx][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\aic78xx.sys> [AliIde / AliIde][Running/Boot Start] <\SystemRoot\System32\DRIVERS\aliide.sys> [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] [arc / arc][Stopped/Boot Start] <\SystemRoot\system32\drivers\arc.sys> [asc / asc][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\asc.sys> [asc3550 / asc3550][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\asc3550.sys> [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start] [CmdIde / CmdIde][Running/Boot Start] <\SystemRoot\System32\DRIVERS\cmdide.sys> [dac2w2k / dac2w2k][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\dac2w2k.sys> [dpti2o / dpti2o][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\dpti2o.sys> [Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start] [elxstor / elxstor][Stopped/Boot Start] <\SystemRoot\system32\drivers\elxstor.sys> [ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver][Stopped/System Start] <\??\C:\Program Files\ewido anti-spyware 4.0\guard.sys> [FASTSX / FASTSX][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\FASTSX.SYS> [fasttrak / fasttrak][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\fasttrak.sys> [fasttx2k / fasttx2k][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\fasttx2k.sys> [fasttx2k2 / fasttx2k2][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\fasttx2k2.sys> [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [HpCISSs / HpCISSs][Stopped/Boot Start] <\SystemRoot\system32\drivers\hpcisss.sys> [Hpt366 / Hpt366][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\Hpt366.sys> [HPT371 / HPT371][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\HPT371.sys> [hpt374 / hpt374][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\hpt374.sys> [hpt3xx / hpt3xx][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\hpt3xx.sys> [hptmv / hptmv][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\hptmv.sys> [hptpro / hptpro][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\hptpro.sys> [i81x / i81x][Running/Manual Start] [iAimFP0 / iAimFP0][Stopped/Manual Start] [iAimFP1 / iAimFP1][Stopped/Manual Start] [iAimFP2 / iAimFP2][Stopped/Manual Start] [iAimFP3 / iAimFP3][Stopped/Manual Start] [iAimFP4 / iAimFP4][Stopped/Manual Start] [iAimFP5 / iAimFP5][Stopped/Manual Start] [iAimFP6 / iAimFP6][Stopped/Manual Start] [iAimFP7 / iAimFP7][Stopped/Manual Start] [iAimTV0 / iAimTV0][Stopped/Manual Start] [iAimTV1 / iAimTV1][Stopped/Manual Start] [iAimTV3 / iAimTV3][Stopped/Manual Start] [iAimTV4 / iAimTV4][Stopped/Manual Start] [iAimTV5 / iAimTV5][Stopped/Manual Start] [iAimTV6 / iAimTV6][Stopped/Manual Start] [Intel Integrated RAID / iaStor][Stopped/Boot Start] <\SystemRoot\system32\drivers\iaStor.sys> [iirsp / iirsp][Stopped/Boot Start] <\SystemRoot\system32\drivers\iirsp.sys> [ini910u / ini910u][Stopped/Boot Start]

][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ini910u.sys> [ITERAID_Service_Install / iteraid][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\iteraid.sys> [kl1 / kl1][Running/Boot Start] <\SystemRoot\system32\drivers\kl1.sys> [klif / klif][Running/System Start] <\??\C:\WINDOWS\system32\drivers\klif.sys> [nfrd960 / nfrd960][Stopped/Boot Start] <\SystemRoot\system32\drivers\nfrd960.sys> [npkcrypt / npkcrypt][Stopped/Auto Start] <\??\d:\My Documents\npkcrypt.sys> [npkycryp / npkycryp][Stopped/Manual Start] <\??\d:\My Documents\npkycryp.sys> [NTSIM / NTSIM][Stopped/Manual Start] <\??\C:\WINDOWS\system32\ntsim.sys> [nv / nv][Stopped/Manual Start] [Intel SCSI Controller / NvAtaBus][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\NVATABUS.SYS> [NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\nvraid.sys> [PNP649R / PNP649R][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\PNP649R.SYS> [SiI 680 ATA Controller / Pnp680][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\pnp680.sys> [Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\pnp680r.sys> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [ql1080 / ql1080][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ql1080.sys> [Ql10wnt / Ql10wnt][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ql10wnt.sys> [ql12160 / ql12160][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ql12160.sys> [ql1280 / ql1280][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ql1280.sys> [QLogic Fibre Channel SCSI Miniport Driver / ql2300][Stopped/Boot Start] <\SystemRoot\system32\drivers\ql2300.sys> [RAIDSRC / RAIDSRC][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\RAIDSRC.SYS> [S150SX8 / S150SX8][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\S150SX8.SYS> [Secdrv / Secdrv][Stopped/Manual Start] [SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3112.sys> [Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start] <\SystemRoot\system32\drivers\SI3112r.sys> [SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3114.sys> [SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3114R.sys> [SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3124.sys> [SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SI3124R.sys> [SATALink driver accelerator / SiFilter][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SiWinAcc.sys> [SISIDE / SISIDE][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SISIDE.SYS> [SiSRaid / SiSRaid][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SiSRaid.sys> [SiSRaid1 / SiSRaid1][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SiSRaid1.sys> [SISRAIDS / SISRAIDS][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SISRAIDS.SYS> [Sparrow / Sparrow][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\sparrow.sys> [sptrak / sptrak][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\sptrak.sys> [symc810 / symc810][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\symc810.sys> [symc8xx / symc8xx][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\symc8xx.sys> [SYMMPI / SYMMPI][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\SYMMPI.SYS> [sym_hi / sym_hi][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\sym_hi.sys> [sym_u3 / sym_u3][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\sym_u3.sys> [TCP/IP Protocol Driver / Tcpip][Running/System Start] [TosIde / TosIde][Running/Boot Start] <\SystemRoot\System32\DRIVERS\toside.sys> [UlSata / UlSata][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ulsata.sys> [ULSATAS / ULSATAS][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ULSATAS.SYS> [ultra / ultra][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\ultra.sys> [ViaIde / ViaIde][Running/Boot Start] <\SystemRoot\System32\DRIVERS\viaide.sys> [viamraid / viamraid][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\viamraid.sys> [VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\viapdsk.sys> [viaraid / viaraid][Stopped/Boot Start] <\SystemRoot\System32\DRIVERS\viaraid.sys> [viasraid / viasraid][Stopped/Boot Start] <\SystemRoot\system32\drivers\viasraid.sys> [vmscsi / vmscsi][Stopped/Boot Start] <\SystemRoot\system32\drivers\vmscsi.sys> ================================== 浏览器加载项 [NavigatMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [Web反病毒保护] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} [QQ] {c95fe080-8f5d-11d2-a20b-00aa003c157b} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A> [HtmlDlgSafeHelper Class] {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [Thunder Browser Helper] {54EBD539-9BC1-480B-966A-843A333CA162} [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A> [Microsoft 外壳 UI 帮助程序] {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <%SystemRoot%\system32\shdocvw.dll, N/A> [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [NavigatMon Class]

{B69F34DD-F0F9-42DC-9EDD-957187DA688D} [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} [Tencent Safety Online Base Module] {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} [AUDIO__X_MS_WMA Moniker Class] {CD3AFA84-B84F-48F0-9393-7EDC34128127} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [&使用快车(FlashGet)下载] [&使用快车(FlashGet)下载全部链接] [&使用迅雷下载] [上传到QQ网络硬盘] [添加到QQ自定义面板] [添加到QQ表情] [用QQ彩信发送该图片] ================================== 正在运行的进程 [PID: 628][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 704][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 728][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950] [PID: 772][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 956][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1040][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1160][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1236][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1468][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [PID: 1632][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 2000][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 688][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950] [D:\My Documents\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002] [C:\Program Files\WinRAR\rarext.dll] [N/A, N/A] [C:\Program Files\ewido anti-spyware 4.0\context.dll] [Anti-Malware Development a.s., 4, 0, 0, 172] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll] [Kaspersky Lab, 6.0.0.299] [PID: 244][D:\My Documents\360safe\safemon\360Tray.exe] [奇虎网, 1, 0, 1, 1002] [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950] [D:\My Documents\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002] [D:\My Documents\360safe\safemon\SafeKrnl.dll] [奇虎网, 1, 0, 0, 1001] [D:\My Documents\360safe\AntiAdwa.dll] [360Safe.com, 2, 2, 2, 1000] [PID: 284][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\My Documents\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002] [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950] [PID: 1688][D:\Program Files\Opera9.10.3 优化正式版（免安装便携版）\Opera\Opera.exe] [Opera Software, 8679] [D:\Program Files\Opera9.10.3 优化正式版（免安装便携版）\Opera\Opera.dll] [Opera Software, 8679] [D:\My Documents\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002] [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950] [PID: 1428][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5, 5, 2, 252] [D:\My Documents\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002] [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 10] [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 11, 2, 22] [C:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031] [C:\Program Files\Thunder Network\Thunder\Program\log4cplus.dll] [, 1, 0, 2, 1] [C:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 11, 2, 22] [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950] [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 8] [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 12] [C:\WINDOWS\system32\macromed\flash\Flash85.ocx] [Macromedia, Inc., 8,5,0,133] [C:\Program Files\Thunder Network\Thunder\Components\DTAG\DTAG.dll] [, 1, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll] [, 1, 0, 0, 9] [C:\Program Files\Thunder Network\Thunder\Program\UpdateDownload.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 8] [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll] [　, 1, 0, 0, 14] [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed07.dll] [　, 3, 1, 0, 58] [C:\Program Files\Thunder Network\Thunder\Program\msgmanage.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 15] [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 10] [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 2, 1, 42] [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 3] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.304] [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299] [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299] [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299] [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299] [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299] [PID: 2828][d:\My Documents\扫描仪\SREng.EXE] [Smallfrogs Studio, 2.3.13.690] [D:\My Documents\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002] [C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ================================== API HOOK 警告！System Repair Engineer 提醒你下面的函数内容与预期值不符，他们可能被一些恶意的软件所修改： RVA 错误： LoadLibraryA RVA 错误： LoadLibraryExA RVA 错误： LoadLibraryExW RVA 错误： LoadLibraryW 入口点错误：CreateProcessA 入口点错误：CreateProcessW ================================== [/CODE]