1   1  /  1  页   跳转

[求助] 瑞星杀毒软件和防火墙都不正常

收藏
xiaoxiao212
头像
初生襁褓狮
  • 帖子:20
  • 注册: 2004-12-22
  • 来自:
发表于: 2008-12-29 19:49 | 只看楼主 短消息 资料
字号: 1楼

瑞星杀毒软件和防火墙都不正常

刚刚用瑞星杀出100多个病毒,再次查杀显示无病毒。但重启后右下角的工具栏里没有杀毒软件和防火墙的图标,瑞星杀毒实时监控和实时防御被禁止了,点击开启没有反映。哪位高手指点一下吧,十分感谢!!!

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

附件附件:

下载次数:166
文件类型:text/plain
文件大小:
上传时间:2008-12-29 19:49:18
描述:txt
分享到:
gototop
 
xiaoxiao212
头像
初生襁褓狮
  • 帖子:20
  • 注册: 2004-12-22
  • 来自:
发表于: 2008-12-29 19:55 | 只看楼主 短消息 资料
字号: 2楼

回复:瑞星杀毒软件和防火墙都不正常

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
    <MINIFLASHGET><"D:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe" /minimize>  [(Verified)Trend Media Corporation Limited]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows XP Publisher]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <MINIFLASHGET><"D:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe" /minimize>  [(Verified)Trend Media Corporation Limited]
    <RavTray><"C:\Program Files\Rising\Rav\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HBService32><System.exe>  [N/A]
    <RFWTray><"C:\Program Files\Rising\Rfw\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\SYSTEM32\Userinit.exe,>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><1A945F4C.dll,89DA3EF0.dll,6A800476.dll,536AFBA3.dll,5A28618F.dll,ECFE41DE.dll,78A8BE79.dll,D6088937.dll,2C4CEFBC.dll,F19ED094.dll,3AD50572.dll,F3B2B992.dll,BFB202C3.dll,492C34D1.dll,519E4852.dll,79C9D3EA.dll,8AC81EB5.dll,6B37ED9F.dll,B96EB327.dll,77E223B7.dll,920DF320.dll,1B589D74.dll,1614C570.dll,861B6E2D.dll,B74E7607.dll,913040A4.dll,HBmhly.dll,HBXY2.dll,HBJXSJ.dll,HBWULIN2.dll,HBKDXY.dll,HBASKTAO.dll,HBZHUXIAN.dll,HBWOW.dll,HBCHIBI.dll,HBZG.dll,HBXMJ.dll,CCA64432.dll,5F9A67ED.dll,4779989E.dll,889A86B4.dll,ED82D494.dll,DF38DD7C.dll,40C14EDA.dll,02B36121.dll,A8C6F3F9.dll,8C565E09.dll,D46E204F.dll,1EE5B866.dll,8A25456D.dll,08C3CC23.dll,D530B934.dll,26F451D5.dll,9FE35C24.dll,1A97EA12.dll,E6D2BBB9.dll,A41D71B4.dll,kmon.dll>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{ECFE41DE-B1A0-41D1-BE1E-E49BCB39309C}><C:\WINDOWS\System32\ECFE41DE.dll>  [File is missing]
    <{78A8BE79-BF22-4CAF-B397-2FD479A022F7}><C:\WINDOWS\System32\78A8BE79.dll>  [File is missing]
    <{F19ED094-C7D5-4EF8-82B7-B36BC9BE8EC9}><C:\WINDOWS\System32\F19ED094.dll>  [File is missing]
    <{2C4CEFBC-3A32-486C-BDB0-B3982CC408EC}><C:\WINDOWS\System32\2C4CEFBC.dll>  [File is missing]
    <{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><08223B03.dll>  [N/A]
    <{4FBFD5A4-5FE8-4444-8BD9-FD0FAFA64F96}><4FBFD5A4.dll>  [N/A]
    <{EF8EFC85-0038-479B-BB0E-B0A52A15CECA}><C:\Program Files\Internet Explorer\SysKetNt.Sys>  [File is missing]
    <{3AD50572-A2AC-4361-8A56-7ECADE74C615}><C:\WINDOWS\System32\3AD50572.dll>  [File is missing]
    <{5A28618F-3EE1-4A36-B8C2-ECE75B8FF26E}><C:\WINDOWS\System32\5A28618F.dll>  [File is missing]
    <{536AFBA3-14AF-4499-86DB-EDDCD04379B8}><C:\WINDOWS\System32\536AFBA3.dll>  [File is missing]
    <{6A800476-C39B-440A-8596-0519C8981DDE}><C:\WINDOWS\System32\6A800476.dll>  [File is missing]
    <{1A945F4C-01E3-497D-BB3C-E7D240BD801B}><C:\WINDOWS\System32\1A945F4C.dll>  [File is missing]
    <{913040A4-B893-47AC-839E-5ABB53B92AD2}><C:\WINDOWS\System32\913040A4.dll>  [File is missing]
    <{B74E7607-B815-4B42-8D10-F7821E151428}><C:\WINDOWS\System32\B74E7607.dll>  [File is missing]
    <{861B6E2D-87E9-43BB-8544-21782D75525A}><C:\WINDOWS\System32\861B6E2D.dll>  [File is missing]
    <{1614C570-29DB-44EA-A52F-F2C0D4111373}><C:\WINDOWS\System32\1614C570.dll>  [File is missing]
    <{1B589D74-D595-47A9-BAA1-71BF32ADBE03}><C:\WINDOWS\System32\1B589D74.dll>  [File is missing]
    <{920DF320-A50D-4976-A25B-6114BB57E69F}><C:\WINDOWS\System32\920DF320.dll>  [File is missing]
    <{77E223B7-3642-43E9-82AA-6B93C29EFB55}><C:\WINDOWS\System32\77E223B7.dll>  [File is missing]
    <{B96EB327-F834-4A68-ADC7-1B8343E5E0CA}><C:\WINDOWS\System32\B96EB327.dll>  [File is missing]
    <{6B37ED9F-8900-4FE7-B2D8-80D49676430A}><C:\WINDOWS\System32\6B37ED9F.dll>  [File is missing]
    <{8AC81EB5-4CC0-40AD-9A94-E409129528CC}><C:\WINDOWS\System32\8AC81EB5.dll>  [File is missing]
    <{79C9D3EA-DC06-4ADD-9A3F-975245A19A5F}><C:\WINDOWS\System32\79C9D3EA.dll>  [File is missing]
    <{519E4852-D10C-4FDA-8884-0B1E1335D88E}><C:\WINDOWS\System32\519E4852.dll>  [File is missing]
    <{492C34D1-6CE2-443F-B02C-645FC2BD451E}><C:\WINDOWS\System32\492C34D1.dll>  [File is missing]
    <{BFB202C3-514D-432B-8571-A69C90883A1A}><C:\WINDOWS\System32\BFB202C3.dll>  [File is missing]
    <{F3B2B992-50E9-4C1A-A31F-A73BECA85BF4}><C:\WINDOWS\System32\F3B2B992.dll>  [File is missing]
    <{D6088937-39A9-48EB-9B31-1D9B2A1D3E83}><C:\WINDOWS\System32\D6088937.dll>  [File is missing]
    <{81719C8D-A324-4C5B-9319-4A68770F35D8}><C:\WINDOWS\System32\81719C8D.dll>  [File is missing]
    <{89DA3EF0-9195-465F-A935-F16C32109E7D}><C:\WINDOWS\System32\89DA3EF0.dll>  [File is missing]
    <{82ADEDFE-9A1E-4AB8-9AE2-EC76FC38B901}><C:\WINDOWS\System32\82ADEDFE.dll>  [File is missing]
    <{CCA64432-B043-4518-876A-B1D5D0426C2C}><C:\WINDOWS\System32\CCA64432.dll>  [File is missing]
    <{5F9A67ED-089D-4512-8C70-D3D418FC3A7A}><C:\WINDOWS\System32\5F9A67ED.dll>  [File is missing]
    <{4779989E-398B-46AC-B4F4-2215C8AD429C}><C:\WINDOWS\System32\4779989E.dll>  [File is missing]
    <{889A86B4-A760-446B-97D0-DCE698F89062}><C:\WINDOWS\System32\889A86B4.dll>  [File is missing]
    <{ED82D494-2487-47CF-BD86-3A845B70C88A}><C:\WINDOWS\System32\ED82D494.dll>  [File is missing]
    <{DF38DD7C-1D05-410A-B8F1-D9227C8EECA8}><C:\WINDOWS\System32\DF38DD7C.dll>  [File is missing]
    <{40C14EDA-6C7E-4EA5-AAD3-861887DDF512}><C:\WINDOWS\System32\40C14EDA.dll>  [File is missing]
    <{02B36121-505C-4BF9-8CFF-9D818D6F02A8}><C:\WINDOWS\System32\02B36121.dll>  [File is missing]
    <{A8C6F3F9-0A96-4574-9424-34234D4FD4D8}><C:\WINDOWS\System32\A8C6F3F9.dll>  [File is missing]
    <{8C565E09-B609-46D2-BAAD-A4C39994A3FF}><C:\WINDOWS\System32\8C565E09.dll>  [File is missing]
    <{D46E204F-2170-43B4-B265-3B07E2A561F5}><C:\WINDOWS\System32\D46E204F.dll>  [File is missing]
    <{1EE5B866-C221-4583-9A6B-A9613388C8DC}><C:\WINDOWS\System32\1EE5B866.dll>  [File is missing]
    <{8A25456D-A442-4D85-9C9A-D1D39350DCAF}><C:\WINDOWS\System32\8A25456D.dll>  [File is missing]
    <{08C3CC23-D09D-4208-9D1F-21C6C590B513}><C:\WINDOWS\System32\08C3CC23.dll>  [File is missing]
    <{D530B934-882F-4837-A0CE-7474097ACDB0}><C:\WINDOWS\System32\D530B934.dll>  [File is missing]
    <{26F451D5-72D9-4364-AC4C-8EF7B0A9A30A}><C:\WINDOWS\System32\26F451D5.dll>  [File is missing]
    <{9FE35C24-8926-4EFC-B1C5-769715F5091D}><C:\WINDOWS\System32\9FE35C24.dll>  [File is missing]
    <{1A97EA12-6878-4865-8F42-7B251BF9F4A8}><C:\WINDOWS\System32\1A97EA12.dll>  [File is missing]
    <{E6D2BBB9-2957-4666-A2D6-61D9025C8DE2}><C:\WINDOWS\System32\E6D2BBB9.dll>  [File is missing]
    <{A41D71B4-8F4A-4839-A908-EFF3A95799D8}><C:\WINDOWS\System32\A41D71B4.dll>  [File is missing]
gototop
 
xiaoxiao212
头像
初生襁褓狮
  • 帖子:20
  • 注册: 2004-12-22
  • 来自:
发表于: 2008-12-29 19:56 | 只看楼主 短消息 资料
字号: 3楼

回复:瑞星杀毒软件和防火墙都不正常

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows XP Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows XP Publisher]
    <WebCheck><%SystemRoot%\System32\webcheck.dll>  [(Verified)Microsoft Windows XP Publisher]
    <SysTray><C:\WINDOWS\System32\stobject.dll>  [(Verified)Microsoft Windows XP Publisher]
    <ECFE41DE><C:\WINDOWS\System32\ECFE41DE.dll>  [File is missing]
    <78A8BE79><C:\WINDOWS\System32\78A8BE79.dll>  [File is missing]
    <F19ED094><C:\WINDOWS\System32\F19ED094.dll>  [File is missing]
    <2C4CEFBC><C:\WINDOWS\System32\2C4CEFBC.dll>  [File is missing]
    <3AD50572><C:\WINDOWS\System32\3AD50572.dll>  [File is missing]
    <5A28618F><C:\WINDOWS\System32\5A28618F.dll>  [File is missing]
    <536AFBA3><C:\WINDOWS\System32\536AFBA3.dll>  [File is missing]
    <6A800476><C:\WINDOWS\System32\6A800476.dll>  [File is missing]
    <1A945F4C><C:\WINDOWS\System32\1A945F4C.dll>  [File is missing]
    <913040A4><C:\WINDOWS\System32\913040A4.dll>  [File is missing]
    <B74E7607><C:\WINDOWS\System32\B74E7607.dll>  [File is missing]
    <861B6E2D><C:\WINDOWS\System32\861B6E2D.dll>  [File is missing]
    <1614C570><C:\WINDOWS\System32\1614C570.dll>  [File is missing]
    <1B589D74><C:\WINDOWS\System32\1B589D74.dll>  [File is missing]
    <920DF320><C:\WINDOWS\System32\920DF320.dll>  [File is missing]
    <77E223B7><C:\WINDOWS\System32\77E223B7.dll>  [File is missing]
    <B96EB327><C:\WINDOWS\System32\B96EB327.dll>  [File is missing]
    <6B37ED9F><C:\WINDOWS\System32\6B37ED9F.dll>  [File is missing]
    <8AC81EB5><C:\WINDOWS\System32\8AC81EB5.dll>  [File is missing]
    <79C9D3EA><C:\WINDOWS\System32\79C9D3EA.dll>  [File is missing]
    <519E4852><C:\WINDOWS\System32\519E4852.dll>  [File is missing]
    <492C34D1><C:\WINDOWS\System32\492C34D1.dll>  [File is missing]
    <BFB202C3><C:\WINDOWS\System32\BFB202C3.dll>  [File is missing]
    <F3B2B992><C:\WINDOWS\System32\F3B2B992.dll>  [File is missing]
    <D6088937><C:\WINDOWS\System32\D6088937.dll>  [File is missing]
    <81719C8D><C:\WINDOWS\System32\81719C8D.dll>  [File is missing]
    <89DA3EF0><C:\WINDOWS\System32\89DA3EF0.dll>  [File is missing]
    <82ADEDFE><C:\WINDOWS\System32\82ADEDFE.dll>  [File is missing]
    <CCA64432><C:\WINDOWS\System32\CCA64432.dll>  [File is missing]
    <5F9A67ED><C:\WINDOWS\System32\5F9A67ED.dll>  [File is missing]
    <4779989E><C:\WINDOWS\System32\4779989E.dll>  [File is missing]
    <889A86B4><C:\WINDOWS\System32\889A86B4.dll>  [File is missing]
    <ED82D494><C:\WINDOWS\System32\ED82D494.dll>  [File is missing]
    <DF38DD7C><C:\WINDOWS\System32\DF38DD7C.dll>  [File is missing]
    <40C14EDA><C:\WINDOWS\System32\40C14EDA.dll>  [File is missing]
    <02B36121><C:\WINDOWS\System32\02B36121.dll>  [File is missing]
    <A8C6F3F9><C:\WINDOWS\System32\A8C6F3F9.dll>  [File is missing]
    <8C565E09><C:\WINDOWS\System32\8C565E09.dll>  [File is missing]
    <D46E204F><C:\WINDOWS\System32\D46E204F.dll>  [File is missing]
    <1EE5B866><C:\WINDOWS\System32\1EE5B866.dll>  [File is missing]
    <8A25456D><C:\WINDOWS\System32\8A25456D.dll>  [File is missing]
    <08C3CC23><C:\WINDOWS\System32\08C3CC23.dll>  [File is missing]
    <D530B934><C:\WINDOWS\System32\D530B934.dll>  [File is missing]
    <26F451D5><C:\WINDOWS\System32\26F451D5.dll>  [File is missing]
    <9FE35C24><C:\WINDOWS\System32\9FE35C24.dll>  [File is missing]
    <1A97EA12><C:\WINDOWS\System32\1A97EA12.dll>  [File is missing]
    <E6D2BBB9><C:\WINDOWS\System32\E6D2BBB9.dll>  [File is missing]
    <A41D71B4><C:\WINDOWS\System32\A41D71B4.dll>  [File is missing]
gototop
 
xiaoxiao212
头像
初生襁褓狮
  • 帖子:20
  • 注册: 2004-12-22
  • 来自:
发表于: 2008-12-29 19:56 | 只看楼主 短消息 资料
字号: 4楼

回复:瑞星杀毒软件和防火墙都不正常

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows XP Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe]
    <IFEO[360safebox.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiArp.exe]
    <IFEO[AntiArp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
    <IFEO[avcenter.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe]
    <IFEO[avgnt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe]
    <IFEO[DrvAnti.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\filemon.exe]
    <IFEO[filemon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFRing3.exe]
    <IFEO[GFRing3.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFUpd.exe]
    <IFEO[GFUpd.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McNASvc.exe]
    <IFEO[McNASvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McProxy.exe]
    <IFEO[McProxy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Mcshield.exe]
    <IFEO[Mcshield.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe]
    <IFEO[mcsysmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpfSrv.exe]
    <IFEO[MpfSrv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSetup.exe]
    <IFEO[NAVSetup.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ProcessSafe.exe]
    <IFEO[ProcessSafe.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe]
    <IFEO[procexp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctorMain.exe]
    <IFEO[QQDoctorMain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RawCopy.exe]
    <IFEO[RawCopy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regmon.exe]
    <IFEO[regmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegTool.exe]
    <IFEO[RegTool.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe]
    <IFEO[rfwProxy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RFWSTUB.EXE]
    <IFEO[RFWSTUB.EXE]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RStray.exe]
    <IFEO[RStray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rtvscan.exe]
    <IFEO[Rtvscan.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe]
    <IFEO[safeboxTray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SelfUpdate.exe]
    <IFEO[SelfUpdate.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SuperKiller.exe]
    <IFEO[SuperKiller.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Thunder5.exe]
    <IFEO[Thunder5.exe]><svchost.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.exe]
    <IFEO[TrojDie.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zxsweep.exe]
    <IFEO[zxsweep.exe]><ntsd -d>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\logon.scr>  [(Verified)Microsoft Windows XP Publisher]
gototop
 
xiaoxiao212
头像
初生襁褓狮
  • 帖子:20
  • 注册: 2004-12-22
  • 来自:
发表于: 2008-12-29 19:57 | 只看楼主 短消息 资料
字号: 5楼

回复:瑞星杀毒软件和防火墙都不正常

启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>

==================================
服务
[GP_CLT_Service / GP_CLT_Service][Running/Auto Start]
  <C:\WINDOWS\System32\GP_CLT_Service.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
  <C:\Program Files\Rising\Rav\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RavTask Manager / RavTask][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask><Beijing Rising Information Technology Co., Ltd.>
[Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start]
  <C:\Program Files\Rising\Rfw\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising Proxy  Service / RfwProxySrv][Stopped/Auto Start]
  <C:\Program Files\Rising\Rfw\rfwProxy.exe><(File is missing)>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <C:\Program Files\Rising\Rfw\rfwsrv.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwTask Manager / RfwTask][Running/Auto Start]
  <"C:\Program Files\Rising\Rfw\RavTask.exe" RfwTask><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <C:\Program Files\Rising\Rav\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
  <C:\Program Files\Rising\Rav\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[aliimz / aliimz][Stopped/Manual Start]
  <System32\Drivers\aliimz.sys><N/A>
[Apaidi / Apaidi][Running/Auto Start]
  <\??\C:\WINDOWS\System32\drivers\Apaidi.sys><N/A>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Stopped/Disabled]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[New0 / New0][Stopped/Auto Start]
  <\??\C:\WINDOWS\System32\new.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
  <System32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\C:\Program Files\Rising\Rfw\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver / RTL8023][Running/Manual Start]
  <System32\DRIVERS\Rtlnic51.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[SiS AGP Filter / SISAGP][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[SiSide / SiSide][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\siside.sys><Silicon Integrated Systems Corp.>
[Add Performance Filter Driver / sisperf][Running/Boot Start]
  <\SystemRoot\system32\drivers\sisperf.sys><Silicon Integrated Systems Corp.>
[Sony Digital Imaging Video2 / sonypvs1][Stopped/Manual Start]
  <System32\DRIVERS\sonypvs1.sys><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[播放机恢复设备控制驱动程序 / StMp3Rec][Stopped/Manual Start]
  <System32\Drivers\StMp3Rec.sys><Samsung, Inc.>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\TesSafe.sys><TENCENT>
[rspp / rspp][Stopped/System Start]
  <\??\C:\WINDOWS\system32\Drivers\Rspp.sys><Beijing Rising Information Technology Co., Ltd.>
gototop
 
xiaoxiao212
头像
初生襁褓狮
  • 帖子:20
  • 注册: 2004-12-22
  • 来自:
发表于: 2008-12-29 19:58 | 只看楼主 短消息 资料
字号: 6楼

回复:瑞星杀毒软件和防火墙都不正常

浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v5.dll, >
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\System32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[MiniFlashGetBHO]
  {C74E94A7-B7BD-4891-9328-455395BCC7AD} <D:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll, (Signed) FlashGet Inc>
[]
  {EF8EFC85-0038-479B-BB0E-B0A52A15CECA} <C:\Program Files\Internet Explorer\SysKetNt.Sys, N/A>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, >
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll, >
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, (Signed) Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\System32\aliedit\pta.dll, (Signed) >
[PowerPlr Control]
  {2354A44B-3CEB-4829-9940-545B03103538} <C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, (Signed) 创智数码科技股份有限公司>
[]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[IJetCarNetscapeMini Class]
  {6C1C7AF0-0DC2-4770-9B27-517416A85F3B} <D:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll, (Signed) FlashGet Inc>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\Program Files\Alisoft\WangWang\WangWangX6.dll, (Signed) 阿里巴巴软件(上海)有限公司>
[使用迷你快车下载]
  <D:\Program Files\FlashGet Network\FlashGet Mini\GetUrl.htm, N/A>
[使用迷你快车下载全部链接]
  <D:\Program Files\FlashGet Network\FlashGet Mini\GetAllUrl.htm, N/A>
[使用迷你快车下载该网页FLV]
  <D:\Program Files\FlashGet Network\FlashGet Mini\FlashGetFlvdetector.htm, N/A>
[导出当前页到超星阅览器(&A)]
  <D:\Program file\SSREADER36\ss_all.htm, N/A>
[导出选中部分到超星阅览器(&S)]
  <D:\Program file\SSREADER36\ss_select.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[火狐Flash保存]
  <D:\Program Files\FoxFlashplayer\PlugIns\GetFlash.htm, N/A>
gototop
 
xiaoxiao212
头像
初生襁褓狮
  • 帖子:20
  • 注册: 2004-12-22
  • 来自:
发表于: 2008-12-29 19:59 | 只看楼主 短消息 资料
字号: 7楼

回复:瑞星杀毒软件和防火墙都不正常

=================================
正在运行的进程
[PID: 676 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 740 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 764 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Infected) Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
[PID: 808 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 824 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1004 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1092 / SYSTEM][C:\Program Files\Rising\Rav\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\Program Files\Rising\Rav\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [C:\Program Files\Rising\Rav\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
[PID: 1108 / SYSTEM][C:\Program Files\Rising\Rfw\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\Program Files\Rising\Rfw\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
[PID: 1128 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1272 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1304 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1344 / SYSTEM][C:\Program Files\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rfw\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rfw\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Rfw\MonComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Rfw\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Rfw\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\Program Files\Rising\Rfw\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.74]
    [C:\Program Files\Rising\Rfw\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rfw\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.0]
    [C:\Program Files\Rising\Rfw\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.3]
    [C:\Program Files\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
    [C:\Program Files\Rising\Rfw\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Rfw\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rfw\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.18]
    [C:\Program Files\Rising\Rfw\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rfw\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.23]
    [C:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Rfw\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
    [C:\Program Files\Rising\Rfw\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
[PID: 1592 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1624 / SYSTEM][C:\Program Files\Rising\Rav\rsnetsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.9]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 2012 / cc][C:\WINDOWS\Explorer.exe]  [(Verified) Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\System32\nvshell.dll]  [NVIDIA Corporation, 6.14.10.5303]
    [C:\WINDOWS\System32\NVWRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.5303]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Tencent\RTX\RTXShl.dll]  [Tencent, 1, 0, 0, 1]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 328 / SYSTEM][C:\WINDOWS\System32\GP_CLT_Service.exe]  [, 1, 0, 1, 5]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
[PID: 396 / cc][C:\WINDOWS\System32\GP_CLT.exe]  [, 2, 0, 0, 1]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
    [C:\WINDOWS\System32\GP_IFD.dll]  [CIDC., 1, 0, 17, 29]
    [C:\WINDOWS\System32\GP_COS.dll]  [hsic, 2, 0, 0, 1]
[PID: 436 / SYSTEM][C:\WINDOWS\System32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.5303]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
[PID: 484 / cc][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3018]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
[PID: 568 / cc][C:\WINDOWS\System32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
[PID: 872 / SYSTEM][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Rav\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33]
[PID: 1188 / SYSTEM][C:\Program Files\Rising\Rfw\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\Program Files\Rising\Rfw\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Rfw\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rfw\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Rfw\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33]
[PID: 1320 / SYSTEM][C:\Program Files\Rising\Rav\ScanFrm.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Rav\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
    [C:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Rav\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.9]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
    [C:\Program Files\Rising\Rav\ScanRavT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.23]
    [C:\Program Files\Rising\Rav\ScanBT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.36]
    [C:\Program Files\Rising\Rav\ScanStub.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.8]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [C:\Program Files\Rising\Rav\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [C:\Program Files\rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\rising\Rav\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\rising\Rav\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\rising\Rav\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\rising\Rav\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\rising\Rav\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
    [C:\Program Files\rising\Rav\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\rising\Rav\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\rising\Rav\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\rising\Rav\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\rising\Rav\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[PID: 1404 / LOCAL SERVICE][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
[PID: 1228 / cc][C:\Program Files\rising\AntiSpyware\knownsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [C:\Program Files\rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.6]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\Program Files\rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 3956 / cc][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
    [C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll]  [, 1, 0, 0, 0]
    [C:\WINDOWS\System32\xunleibho_v5.dll]  [, 4, 3, 3, 30]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.7.2006011200]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\urlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\Program Files\Rising\AntiSpyware\UrlRule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [D:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll]  [FlashGet Inc, 1.0.1.1002]
    [D:\Program Files\FlashGet Network\FlashGet Mini\FlashGetExt.dll]  [FlashGet Inc, 1, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.48]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 2996 / cc][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
    [C:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rav\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
[PID: 1496 / cc][C:\WINDOWS\msagent\AgentSvr.exe]  [(Verified) Microsoft Corporation, 2.00.0.3422]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
[PID: 2172 / cc][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
    [C:\WINDOWS\System32\WMASF.DLL]  [Microsoft Corporation, 9.00.00.2980 built by: lab03_dev(bld4act)]
[PID: 2332 / cc][C:\DOCUME~1\cc\LOCALS~1\Temp\Rar$EX00.422\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
[PID: 3280 / cc][C:\DOCUME~1\cc\LOCALS~1\Temp\Rar$EX00.422\SRE3a2ecbd6.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31]
    [C:\WINDOWS\System32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6240]
    [C:\DOCUME~1\cc\LOCALS~1\Temp\Rar$EX00.422\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
gototop
 
xiaoxiao212
头像
初生襁褓狮
  • 帖子:20
  • 注册: 2004-12-22
  • 来自:
发表于: 2008-12-29 20:00 | 只看楼主 短消息 资料
字号: 8楼

回复:瑞星杀毒软件和防火墙都不正常

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 764, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 396, C:\WINDOWS\SYSTEM32\GP_CLT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 484, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2172, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2332, C:\DOCUME~1\CC\LOCALS~1\TEMP\RAR$EX00.422\SRENGLDR.EXE]

==================================
计划任务
N/A

==================================
API HOOK
入口点错误:NtCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003E574D)
入口点错误:NtCreateKey (危险等级: 高,  被下面模块所HOOK: 0x003E58ED)
入口点错误:NtLoadDriver (危险等级: 高,  被下面模块所HOOK: 0x003E603D)
入口点错误:NtSetValueKey (危险等级: 高,  被下面模块所HOOK: 0x003E59BD)
入口点错误:NtWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003E581D)
入口点错误:ZwCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003E574D)
入口点错误:ZwCreateKey (危险等级: 高,  被下面模块所HOOK: 0x003E58ED)
入口点错误:ZwSetValueKey (危险等级: 高,  被下面模块所HOOK: 0x003E59BD)
入口点错误:ZwWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003E581D)
入口点错误:CreateServiceA (危险等级: 高,  被下面模块所HOOK: 0x003E5CFD)
入口点错误:CreateServiceW (危险等级: 高,  被下面模块所HOOK: 0x003E5DCD)
入口点错误:LoadLibraryA (危险等级: 高,  被下面模块所HOOK: 0x003E69FD)
入口点错误:LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: 0x003E55E5)
入口点错误:CreateFileW (危险等级: 高,  被下面模块所HOOK: 0x003E651D)
入口点错误:CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x003E692D)
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x003E678D)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT