1   1  /  1  页   跳转

求助呀

收藏
justlike
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-05-20
  • 来自:
发表于: 2006-05-20 18:03 | 显示全部 短消息 资料
字号: 1楼

求助呀

我用冷刃发现服务里有很多safemon.sys kilf.sys gpkiller.sys 都被标成红色.请问有问题吗?该怎么办?帮忙啊?!!!
最后编辑2006-05-26 23:32:11
分享到:
gototop
 
justlike
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-05-20
  • 来自:
发表于: 2006-05-21 09:42 | 显示全部 短消息 资料
字号: 2楼

帮忙看一下,扫描过了.

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <Kugoo><; >
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><; ?粓ō ?>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <run><; ?粓ō ?>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KAVPersonal50><"F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <DAEMON Tools-1033><; >
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KvMonXP><; >
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SoundMan><; SOUNDMAN.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
服务
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Kaspersky Anti-Virus Service / kavsvc]
  <"F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe"><Kaspersky Lab>
[KVWSC / KVWSC]
  <><N/A>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag]
  <C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[PeanuthullCore / PeanuthullCore]
  <D:\Program Files\PeanutHull3\PhCore.exe -service><广东网域>

==================================
浏览器加载项
[EyeOnBrowser Class]
  {1272F701-349D-4DB3-BBCD-10CBDCD049FE} <C:\WINDOWS\Downlo~1\_IS_WEBH.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Flash8.ocx, Macromedia, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, N/A>
[Shockwave Flash BrowserHelpObject]
  {1002C84D-A326-2D3C-13F3-2C2474392A91} <C:\WINDOWS\system32\FlashHlp.dll, N/A>
[EyeOnBrowser Class]
  {1272F701-349D-4DB3-BBCD-10CBDCD049FE} <C:\WINDOWS\Downlo~1\_IS_WEBH.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Flash8.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
  <F:\QQ\AddToNetDisk.htm, N/A>

==================================
正在运行的进程
[PID: 536][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 616][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 640][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SSMWinlogonEx.dll]  <System Safety Limited><2.0.0.564>
[PID: 684][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 696][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 852][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 948][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 984][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1028][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1080][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1392][C:\WINDOWS\system32\oodag.exe]  <O&O Software GmbH><8.0.1398>
    [C:\WINDOWS\system32\OODAGRS.DLL]  <O&O Software GmbH><8.0.1.1347>
[PID: 1664][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [F:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [E:\download\ske\contmenu.dll]  <N/A><N/A>
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\shellex.dll]  <Kaspersky Lab><5.0.527.1>
    [C:\WINDOWS\system32\nvcpl.dll]  <NVIDIA Corporation><6.14.10.8198>
    [C:\WINDOWS\system32\NVRSZHC.DLL]  <NVIDIA Corporation><6.14.10.8198>
    [C:\WINDOWS\system32\nvshell.dll]  <N/A><N/A>
    [E:\PROGRA~1\Kingsoft\KnightV\Tools\KVD\kscdrush.dll]  <金山软件股份有限公司><5, 0, 0, 0>
    [C:\Documents and Settings\ww\Application Data\Foxy\LinkMaker.dll]  <N/A><1, 0, 8, 0>
    [C:\WINDOWS\system32\ShellExt\GMailFS.dll]  <Bjarke Viksoe><1, 0, 0, 9>
[PID: 1916][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 464][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 780][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 600][D:\Program Files\内存扫把\ram.exe]  <jfzlnyf><1.09.0005>
    [D:\Program Files\内存扫把\Command.ocx]  <随想软件工作室 Capricciososoft><3.00.0915>
    [D:\Program Files\内存扫把\TrayForm.ocx]  <Eduardo Morcillo><1.03.0007>
[PID: 800][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1784][C:\Program Files\Maxthon\Maxthon.exe]  <Maxthon International Ltd.><1, 5, 2, 21>
    [C:\Program Files\Maxthon\maxzlib.dll]  < ><1, 0, 0, 2>
    [D:\Program Files\RhinoSoft.com\Serv-U\ServUPerfCount.dll]  <Rhino Software, Inc. +1(262) 560-9627><6, 2, 0, 0>
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  <><1, 0, 0, 1>
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrchpg.dll]  <Kaspersky Lab><5.0.527.20>
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scbridge.dll]  <Kaspersky Lab><5.0.527.1>
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\klipc.dll]  <Kaspersky Lab><5.0.527.0>
    [C:\WINDOWS\system32\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
[PID: 3728][D:\Rar$EX00.687\SREng.exe]  <Smallfrogs Studio><2.0.12.350>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
gototop
 
justlike
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-05-20
  • 来自:
发表于: 2006-05-26 23:26 | 显示全部 短消息 资料
字号: 3楼

来点同情心吧
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT