【原创】发现灰鸽子新变种,请教高手!清除不了 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【原创】发现灰鸽子新变种,请教高手!清除不了

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

【原创】发现灰鸽子新变种,请教高手!清除不了

山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:	发表于： 2006-05-09 09:30 \| 只看楼主短消息资料字号：小中大 1楼【原创】发现灰鸽子新变种,请教高手!清除不了最近用最新的瑞星版本的杀毒软件发现一个新变种.瑞星病毒资料库里没有这种病毒. Backdoor.Gpigeon.bkf 发现路径:C:\Program Files\Internet Explorer\EXPLORE.EXE 最新版本的瑞星能清除,但是重起之后在杀还有. 瑞星病毒查杀结果报告提交者：Rav 系统版本：Microsoft Windows XP Home Edition 补丁版本：Service Pack 2 Build 2600 IE版本：6.0.2900.2180 IP地址：192. 本次扫描文件数： 147445 个本次扫描时间：2201 秒发现病毒种类： 1 种查杀病毒种类： 1 种发现病毒种类列表：病毒： Backdoor.Gpigeon.bkf 次数： 1 请教高手解决. 2006-05-09 11:06:19
山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:	分享到：

ceshi123 快乐黄口狮帖子:221 注册: 2006-05-04 来自:	发表于： 2006-05-09 09:30 \| 短消息资料字号：小中大 2楼很普通的安全模式下杀
ceshi123 快乐黄口狮帖子:221 注册: 2006-05-04 来自:

山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:	发表于： 2006-05-09 09:32 \| 只看楼主短消息资料字号：小中大 3楼可以完全清楚干净吗?
山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:

拒绝网游珍惜生命初生襁褓狮帖子:275 注册: 2006-04-29 来自:	发表于： 2006-05-09 09:33 \| 短消息资料字号：小中大 4楼 http://www.kztechs.com/sreng/sreng2.zip 下载，扫描，粘贴日值
拒绝网游珍惜生命初生襁褓狮帖子:275 注册: 2006-04-29 来自:

山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:	发表于： 2006-05-09 09:55 \| 只看楼主短消息资料字号：小中大 5楼安全模式清除失败,还是老问题. 用灰格子专杀扫描无法覆盖病毒,只能暂时清除.
山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:

zq77 雄霸杖朝狮帖子:16648 注册: 2006-02-24 来自:江苏	发表于： 2006-05-09 10:01 \| 短消息资料字号：小中大 6楼下载HIJACKTHIS 导出全部日志 http://forum.ikaka.com/topic.asp?board=28&artid=6979213 这里下
zq77 雄霸杖朝狮帖子:16648 注册: 2006-02-24 来自:江苏

山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:	发表于： 2006-05-09 10:12 \| 只看楼主短消息资料字号：小中大 7楼用瑞星听诊器扫描后的信息,打包提取失败. 未知家族病毒分析扫描结果: C:\Program Files\Internet Explorer\IEXPLORE.EXE --> 与 Backdoor.Gpigeon 100%相似. 系统活动进程 C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\NVSVC32.EXE C:\WINDOWS\SYSTEM32\SMSS.EXE C:\PROGRAM FILES\SAMSUNG\MAGICKBD\MAGICKBD.EXE C:\PROGRAM FILES\SAMSUNG\MAGICKBD\EASYBOXDLL.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\PROGRAM FILES\SAMSUNG\MAGICKBD\SITSNDMX.DLL C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\PROGRAM FILES\SAMSUNG\MAGICKBD\SITKBDHK.DLL C:\PROGRAM FILES\SAMSUNG\MAGICKBD\KBDHID9X.DLL C:\WINDOWS\VM_STI.EXE C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\PROGRAM FILES\SRS LABS\WOWXT AND TSXT DRIVER\SRS_POSTINSTALLER.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\WDFMGR.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\CSRSS.EXE C:\WINDOWS\SYSTEM32\WINLOGON.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\PROGRAM FILES\STARDOCK\OBJECT DESKTOP\THEMEMANAGER\FASTLOAD.DLL C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\WINDOWS\SYSTEM32\SERVICES.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\LSASS.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\PROGRA~1\YAHOO!\ASSISTANT\YASSISTSE.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\PROGRAM FILES\STARDOCK\OBJECT DESKTOP\THEMEMANAGER\WBHELP.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\PROGRA~1\YAHOO!\ASSISTANT\SHELL\YASMENU.DLL C:\PROGRA~1\YAHOO!\ASSISTANT\SHELL\YASSECBLK.DLL C:\PROGRA~1\YAHOO!\ASSISTANT\SHELL\YIEANGEL.DLL C:\PROGRA~1\YAHOO!\ASSISTANT\SHELL\YMENUINFO.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\PROGRAM FILES\STARDOCK\OBJECT DESKTOP\THEMEMANAGER\WBHELP.DLL C:\WINDOWS\SYSTEM32\RAVEXT.DLL C:\PROGRA~1\WINDOW~2\WMPBAND.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YALIVE.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YALLIVEEX.DLL C:\WINDOWS\SYSTEM32\XUNLEIBHO_V14.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YPHTB.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YASBAR.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YDRAGS~1.DLL C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL C:\PROGRAM FILES\BAIDU\BAR\BAIDUBAR.DLL C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YWIPER.DLL C:\PROGRAM FILES\WINRAR\RAREXT.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\ALG.EXE C:\PROGRAM FILES\JAVA\JRE1.5.0\BIN\JUSCHED.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\PROGRAM FILES\STARDOCK\OBJECT DESKTOP\THEMEMANAGER\WBHELP.DLL C:\PROGRAM FILES\ANALOG DEVICES\CORE\SMAX4PNP.EXE C:\PROGRAM FILES\ANALOG DEVICES\CORE\SMWDMIF.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE C:\WINDOWS\SYSTEM32\SYNCOM.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE C:\WINDOWS\SYSTEM32\SYNCOM.DLL C:\WINDOWS\SYSTEM32\SYNTPAPI.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\WINDOWS\AGRSMMSG.EXE C:\PROGRAM FILES\LTMOH\LTMOH.EXE C:\PROGRAM FILES\LTMOH\MOHAPI.DLL C:\WINDOWS\SYSTEM32\SPOOLSV.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\WINDOWS\SYSTEM32\BTHCRP.DLL C:\WINDOWS\SYSTEM32\WIDCOMMSDK.DLL C:\WINDOWS\SYSTEM32\WBTAPI.DLL C:\WINDOWS\SYSTEM32\MDIMON.DLL C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\MDIPPR.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YLIVE.EXE C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YALIVE.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YALLIVEEX.DLL C:\WINDOWS\SYSTEM32\CTFMON.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL C:\PROGRAM FILES\STARDOCK\OBJECT DESKTOP\THEMEMANAGER\WBHELP.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\PROGRAM FILES\RAINLENDAR\RAINLENDAR.EXE C:\PROGRAM FILES\RAINLENDAR\RAINLENDAR.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\WINDOWS\SYSTEM32\WUAUCLT.EXE D:\常灵的文档\下载\软件\RSDETECT.EXE C:\PROGRA~1\YAHOO!\ASSIST~1\YHELPER.DLL C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE C:\WINDOWS\SYSTEM32\WBSYS.DLL 普通自启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run IMJPMIG8.1 = "C:\WINDOWS\IME\IMJP8_1\IMJPMIG.EXE" /SPOIL /REMADVDEF /MIGRATION32 PHIME2002ASync = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /SYNC PHIME2002A = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /IMENAME SunJavaUpdateSched = C:\PROGRAM FILES\JAVA\JRE1.5.0\BIN\JUSCHED.EXE NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\SYSTEM32\NVCPL.DLL,NVSTARTUP nwiz = NWIZ.EXE /INSTALL High Definition Audio 属性页快捷方式 = HDASHCUT.EXE SoundMAXPnP = C:\PROGRAM FILES\ANALOG DEVICES\CORE\SMAX4PNP.EXE SoundMAX = C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE /TRAY SynTPLpr = C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE SynTPEnh = C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE AGRSMMSG = AGRSMMSG.EXE LtMoh = C:\PROGRAM FILES\LTMOH\LTMOH.EXE MagicKeyboard = C:\PROGRAM FILES\SAMSUNG\MAGICKBD\PREMKBD.EXE YLive.exe = C:\PROGRA~1\YAHOO!\ASSIST~1\YLIVE.EXE IMSCMig = C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /PRELOAD NeroFilterCheck = C:\WINDOWS\SYSTEM32\NEROCHECK.EXE RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM yassistse = "C:\PROGRA~1\YAHOO!\ASSISTANT\YASSISTSE.EXE" BigDogPath = C:\WINDOWS\VM_STI.EXE USB PC CAMERA 301P StormCodec_Helper = "C:\PROGRAM FILES\RINGZ STUDIO\STORM CODEC\STORMSET.EXE" /S /OPTI InsertImage = D:\!SUNV\DFVCD\INSERTIMAGE.EXE KernelFaultCheck = C:\WINDOWS\SYSTEM32\DUMPREP 0 -K HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE AppInit_DLLs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs = wbsys.dll 系统文件关联 .exe ==> exefile = "%1" %* .com ==> comfile = "%1" %* .cmd ==> cmdfile = "%1" %* .bat ==> batfile = "%1" %* .txt ==> txtfile = %SystemRoot%\system32\NOTEPAD.EXE %1 .scr ==> scrfile = "%1" /S .reg ==> regfile = regedit.exe "%1" .doc ==> Word.Document.8 = "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde 其它启动项 WIN.INI 无信息 SYSTEM.INI SHELL = Explorer.exe SCRNSAVE.EXE = C:\WINDOWS\system32\logon.scr Winlogon 启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify crypt32chain = CRYPT32.DLL cryptnet = CRYPTNET.DLL cscdll = CSCDLL.DLL ScCertProp = WLNOTIFY.DLL Schedule = WLNOTIFY.DLL sclgntfy = SCLGNTFY.DLL SensLogn = WLNOTIFY.DLL termsrv = WLNOTIFY.DLL WB = C:\PROGRAM FILES\STARDOCK\OBJECT DESKTOP\THEMEMANAGER\FASTLOAD.DLL wlballoon = WLNOTIFY.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE, shell = EXPLORER.EXE IE - BHO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {0005A87D-D626-4B3A-84F9-1D9571695F55} = C:\WINDOWS\system32\xunleibho_v14.dll {33BBE430-0E42-4f12-B075-8D21ACB10DCB} = C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll {38928D50-8A48-44C2-945F-D2F23F771410} = C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll {406F94F0-504F-4a40-8DFD-58B0666ABEBD} = C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll {54EBD53A-9BC1-480B-966A-843A333CA162} = D:\常灵的文档\Tencent\QQ\QQIEHelper.dll {62EED7C6-9F02-42f9-B634-98E2899E147B} = C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL {6671A431-5C3D-463d-A7CF-5587F9B7E191} = C:\PROGRA~1\MMSASS~1\Mmsass~1.dll {B580CF65-E151-49C3-B73F-70B13FCA8E86} = C:\Program Files\Baidu\Bar\BaiduBar.dll
山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:

山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:	发表于： 2006-05-09 10:13 \| 只看楼主短消息资料字号：小中大 8楼 Winsock SPI MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{A19F65F4-9496-4B60-9919-C08CA36CC78D}] SEQPACKET 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{A19F65F4-9496-4B60-9919-C08CA36CC78D}] DATAGRAM 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{5BA3DB77-FE5F-42BB-A6E8-A29EFD9A09E3}] SEQPACKET 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{5BA3DB77-FE5F-42BB-A6E8-A29EFD9A09E3}] DATAGRAM 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{BB76D3AE-558C-4E93-ABCF-10AF8AC1BBE5}] SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{BB76D3AE-558C-4E93-ABCF-10AF8AC1BBE5}] DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{72AA9690-FBCE-4435-A4A9-93930B787EF6}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{72AA9690-FBCE-4435-A4A9-93930B787EF6}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{1CCB8F7A-F534-4FD8-A78D-25C830B82A32}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{1CCB8F7A-F534-4FD8-A78D-25C830B82A32}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{B3D6D054-B725-45F6-8193-5218064335C9}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{B3D6D054-B725-45F6-8193-5218064335C9}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL 系统服务项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services Alerter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE ALG = C:\WINDOWS\SYSTEM32\ALG.EXE AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS btwdins = C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE CiSvc = C:\WINDOWS\SYSTEM32\CISVC.EXE ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235} CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS DcomLaunch = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE ERSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS FastUserSwitchingCompatibility = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS helpsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HTTPFilter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE Messenger = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE NtmsSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NVSvc = C:\WINDOWS\SYSTEM32\NVSVC32.EXE ose = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE" PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RfwProxySrv = C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE RfwService = C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS RsCCenter = "C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE" RsRavMon = "C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE" RSVP = C:\WINDOWS\SYSTEM32\RSVP.EXE SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS sofia.cn = C:\WINDOWS\520SOFIA.EXE Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE srservice = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SRS_PostInstaller = "C:\PROGRAM FILES\SRS LABS\WOWXT AND TSXT DRIVER\SRS_POSTINSTALLER.EXE" SSDPSRV = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC SwPrv = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{6DEA236B-91C4-4CF8-A34D-30407E7890F6} SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TermService = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS UMWdf = C:\WINDOWS\SYSTEM32\WDFMGR.EXE upnphost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE UPS = C:\WINDOWS\SYSTEM32\UPS.EXE VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE wscsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS xmlprov = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:

山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:	发表于： 2006-05-09 10:13 \| 只看楼主短消息资料字号：小中大 9楼文件驱动 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services FltMgr = C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS sr = C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS 系统驱动项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS ACPIEC = C:\WINDOWS\SYSTEM32\DRIVERS\ACPIEC.SYS ADDMEM = C:\DOCUME~1\常灵\LOCALS~1\TEMP\__SAMSUNG_UPDATE\ADDMEM.SYS ADIHdAudAddService = C:\WINDOWS\SYSTEM32\DRIVERS\ADIHDAUD.SYS AEAudioService = C:\WINDOWS\SYSTEM32\DRIVERS\AEAUDIO.SYS aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS AgereSoftModem = C:\WINDOWS\SYSTEM32\DRIVERS\AGRSM.SYS Arp1394 = C:\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS Atmarpc = C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS BaseTDI = C:\WINDOWS\SYSTEM32\DRIVERS\BASETDI.SYS bcm4sbxp = C:\WINDOWS\SYSTEM32\DRIVERS\BCM4SBXP.SYS BTKRNL = C:\WINDOWS\SYSTEM32\DRIVERS\BTKRNL.SYS BTSERIAL = C:\WINDOWS\SYSTEM32\DRIVERS\BTSERIAL.SYS BTSLBCSP = C:\WINDOWS\SYSTEM32\DRIVERS\BTSLBCSP.SYS BTWUSB = C:\WINDOWS\SYSTEM32\DRIVERS\BTWUSB.SYS CCDECODE = C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.SYS Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS CmBatt = C:\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS Compbatt = C:\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS DOSMEMIO = C:\WINDOWS\SYSTEM32\MEMIO.SYS drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS ExpScaner = C:\PROGRAM FILES\RISING\RAV\EXPSCAN.SYS FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS gwiopm = C:\PROGRAM FILES\WOM\GWIOPM.SYS HdAudAddService = C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDIO.SYS HDAudBus = C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS hidusb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS HOOKAPI = C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS HookCont = C:\PROGRAM FILES\RISING\RAV\HOOKCONT.SYS HookReg = C:\PROGRAM FILES\RISING\RAV\HOOKREG.SYS HookSys = C:\PROGRAM FILES\RISING\RAV\HOOKSYS.SYS HookUrl = C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS i8042prt = C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS Imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS intelppm = C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS Ip6Fw = C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS IRENUM = C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS MEMSCAN = C:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS mProcRs = C:\PROGRAM FILES\RISING\RFW\MPROCRS.SYS MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS mssmbios = C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS MSTEE = C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS NABTSFEC = C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.SYS NdisIP = C:\WINDOWS\SYSTEM32\DRIVERS\NDISIP.SYS NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS NIC1394 = C:\WINDOWS\SYSTEM32\DRIVERS\NIC1394.SYS NPF = C:\WINDOWS\SYSTEM32\DRIVERS\NPF.SYS npkcrypt = D:\常灵的文档\TENCENT\QQ\NPKCRYPT.SYS nv = C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS NwlnkFlt = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS NwlnkFwd = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS ohci1394 = C:\WINDOWS\SYSTEM32\DRIVERS\OHCI1394.SYS PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS PCIIde = C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS Pcmcia = C:\WINDOWS\SYSTEM32\DRIVERS\PCMCIA.SYS PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS PSched = C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS rimmptsk = C:\WINDOWS\SYSTEM32\DRIVERS\RIMMPTSK.SYS rimsptsk = C:\WINDOWS\SYSTEM32\DRIVERS\RIMSPTSK.SYS rismxdp = C:\WINDOWS\SYSTEM32\DRIVERS\RIXDPTSK.SYS RsFwDrv = C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS sdbus = C:\WINDOWS\SYSTEM32\DRIVERS\SDBUS.SYS Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS SLIP = C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.SYS splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS streamip = C:\WINDOWS\SYSTEM32\DRIVERS\STREAMIP.SYS swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS SynTP = C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS USBSTOR = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS usbuhci = C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS vcddev = C:\WINDOWS\SYSTEM32\DRIVERS\VCDVNIC.SYS VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS w39n51 = C:\WINDOWS\SYSTEM32\DRIVERS\W39N51.SYS Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS WmiAcpi = C:\WINDOWS\SYSTEM32\DRIVERS\WMIACPI.SYS wowfilter = C:\WINDOWS\SYSTEM32\DRIVERS\WOWFILTER.SYS WSTCODEC = C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS ZSMC301b = C:\WINDOWS\SYSTEM32\DRIVERS\USBVM31B.SYS
山水秋千初生襁褓狮帖子:10 注册: 2006-05-09 来自:

zq77 雄霸杖朝狮帖子:16648 注册: 2006-02-24 来自:江苏	发表于： 2006-05-09 10:14 \| 短消息资料字号：小中大 10楼小朋友看5楼照5楼的做
zq77 雄霸杖朝狮帖子:16648 注册: 2006-02-24 来自:江苏

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT