回复:帮我看看电脑有毒美德
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<wsctf.exe><wsctf.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<LoadService><; Rest In Peace> [N/A]
<SymRun><; > [N/A]
<ccApps><> [N/A]
<updater><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\\msgqueuelist.exe> [N/A]
<WinSysM><C:\WINDOWS\919331M.exe> [N/A]
<stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R> [(Verified)Tencent Technology(Shenzhen) Company Limited]
<GSICONEXE><GSICON.EXE> [N/A]
<DSLAGENTEXE><DSLAGENT.EXE PCI> [N/A]
<GsiFinal><rundll32 gspndll.dll,postInstall final> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{0EA66AD2-CF26-2E23-532B-B292E22F3266}><C:\Program Files\Internet Explorer\PLUGINS\NewTemp.dll> [N/A]
<{6598FF45-DA60-F48A-BC43-10AC47853D56}><C:\windows\Fonts\rarjfpi.dll> [N/A]
<{F859245F-345D-BC13-AC4F-145D47DA34FF}><C:\windows\Fonts\avzxomn.dll> [N/A]
==================================
驱动程序
[acpidisk / acpidisk][Stopped/Auto Start]
<\??\C:\windows\system32\drivers\acpidisk.sys><N/A>
[ADProt / ADProt][Running/System Start]
<\SystemRoot\system32\drivers\ADProt.sys><腾讯科技(深圳)有限公司>
[cdnprot / cdnprot][Running/Boot Start]
<\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[dyzlkjm / dyzlkjm][Running/Boot Start]
<\SystemRoot\system32\drivers\dyzlkjm.sys><>
[jadhbjid / jadhbjid][Running/Boot Start]
<\SystemRoot\system32\drivers\jadhbjid.sys><中国互联网络信息中心(CNNIC)>
[mseqsy / mseqsy][Stopped/Auto Start]
<system32\DRIVERS\msacpe.sys><N/A>
[msskye / msskye][Stopped/Auto Start]
<system32\DRIVERS\msaclue.sys><N/A>
==================================
浏览器加载项
[]
{0A71FCEB-0184-4347-A345-539CF9F38F6A} <C:\WINDOWS\system32\zcjepwinfj.dll, N/A>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\windows\system32\SSup.dll, TENCENT>
[]
{A7BE9548-E942-44B0-8EB2-B4D52A8158D7} <C:\WINDOWS\system32\ygvxgodylm.dll, Nicrosoft Inc.>
[]
{D868C2D4-502C-4488-A9D7-BF0A61F42261} <C:\WINDOWS\system32\towozldiqysrh.dll, N/A>
[]
{E5ADFAFA-8542-4BBD-BC1C-B295E63CA728} <C:\WINDOWS\system32\sseqcxsfss.dll, Nicrosoft Inc.>
[]
{0A71FCEB-0184-4347-A345-539CF9F38F6A} <C:\WINDOWS\system32\zcjepwinfj.dll, N/A>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr1.dll, Tencent>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\windows\system32\SSup.dll, TENCENT>
[]
{A7BE9548-E942-44B0-8EB2-B4D52A8158D7} <C:\WINDOWS\system32\ygvxgodylm.dll, Nicrosoft Inc.>
[]
{D868C2D4-502C-4488-A9D7-BF0A61F42261} <C:\WINDOWS\system32\towozldiqysrh.dll, N/A>
[]
{E5ADFAFA-8542-4BBD-BC1C-B295E63CA728} <C:\WINDOWS\system32\sseqcxsfss.dll, Nicrosoft Inc.>
==================================
正在运行的进程
[C:\WINDOWS\system32\ygvxgodylm.dll] [Nicrosoft Inc., 2.0.0.0]
[C:\WINDOWS\system32\sseqcxsfss.dll] [Nicrosoft Inc., 2.0.0.0]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll] [TENCENT, 5, 0, 4, 10]
[C:\windows\system32\gspndll.dll] [N/A, ]
[C:\windows\system32\instdll.dll] [N/A, ]
