- max笔记
-
* 回复内容中包含的链接未经审核,可能存在风险,暂不予完整展示!
250 - 未知模块:c:WINDOWS esourceswindowblindswblind.dll
251 - 未知模块:c:工具软件区新QQTencentMSIMG32.dll
252 - 未知模块:c:WINDOWS esourceswindowblindswbhelp.dll
253 - 未知模块:c:工具软件区新QQTencentFinePlus.dll
254 未知进程:c:工具软件区ftcleaner.exe 命令行: C:工具软件区FTCleaner.exe
255 - 未知模块:c:工具软件区MSVBVM60.DLL
256 - 未知模块:c:工具软件区VB6CHS.DLL
257 - 未知模块:c:WINDOWS esourceswindowblindswblind.dll
258 - 未知模块:c:WINDOWS esourceswindowblindswbhelp.dll
259 - 未知模块:c:WINDOWSsystem32SogouPy.ime
260 - 未知模块:c:工具软件区搜狗sogouinputPluginsgimeword.dll
261 - 未知模块:c:工具软件区ftcapi.dll
262 - 未知模块:c:工具软件区ftcapi3.dll
263 - 未知模块:c:工具软件区ftcapi2.dll
264 - 未知模块:c:WINDOWSsystem32 cpipdog0.dll
265 未知进程:c:工具软件区fyganalyze.exe 命令行: C:工具软件区FygAnalyze.exe
266 - 未知模块:c:WINDOWS esourceswindowblindswblind.dll
267 - 未知模块:c:WINDOWS esourceswindowblindswbhelp.dll
268 - 未知模块:c:WINDOWSsystem32SogouPy.ime
269 - 未知模块:c:工具软件区搜狗sogouinputPluginsgimeword.dll
270 - 未知模块:c:工具软件区psapi.dll
启动信息:
271 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<igfxtray><C:WINDOWSsystem32igfxtray.exe>
272 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<igfxpers><C:WINDOWSsystem32igfxpers.exe>
273 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<igfxhkcmd><C:WINDOWSsystem32hkcmd.exe>
274 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<ehTray><C:WINDOWSehomeehtray.exe>
275 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<Cpqset><C:Program FilesHPQDefault Settingscpqset.exe>
276 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<RavTask><"C:Program FilesRisingRavRavTask.exe" -system>
277 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<WebPlayerUpdater><"C:Program FilesVIEWGOODWebPlayer 2007WebPlayerDeamon.exe" /Hide>
278 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<360Antiarp><C:工具软件区360安全卫士360safeAntiArpAntiArp.exe /start>
279 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
<Windows木马防火墙><C:工具软件区Trojanwall.exe>
280 [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
<ctfmon.exe><C:WINDOWSsystem32ctfmon.exe>
281 [HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon]
<Shell><Explorer.exe>
282 [HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon]
<Userinit><userinit.exe,>
283 [HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon]
<UIHost><logonui.exe>
284 [HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWindows]
<AppInit_DLLs><>
285 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify]
<WBSrv><C:WINDOWSResourcesWindowBlindswbsrv.dll>
286 [C:Documents and Settingshp「开始」菜单程序启动]
<C:Documents and Settingshp「开始」菜单程序启动desktop.ini>
287 [C:Documents and SettingsAll Users「开始」菜单程序启动]
<C:Documents and SettingsAll Users「开始」菜单程序启动desktop.ini>
IE辅助对象BHO信息:
288 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
<{01443AEC-0FD1-40fd-9C87-E93D1494C233}><C:Program FilesThunder NetworkThunderComDllsTDAtOnce_Now.dll>
289 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
<{889D2FEB-5411-4565-8998-1DD2C5261283}><C:Program FilesThunder NetworkThunderComDllsxunleiBHO_Now.dll>
IE右键菜单信息:
290 [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt]
<使用迅雷下载><C:Program FilesThunder NetworkThunderProgramgeturl.htm>
291 [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt]
<使用迅雷下载全部链接><C:Program FilesThunder NetworkThunderProgramgetallurl.htm>
292 [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt]
<导出到 Microsoft Office Excel(&X)><res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000>
293 [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt]
<添加到QQ表情><C:工具软件区新QQTencentAddEmotion.htm>
IE工具栏项信息:
294 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
<{08B0E5C0-4FCB-11CF-AAA5-00401C608501}><>
295 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
<{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}><C:Program FilesThunder NetworkThunderThunder.exe>
296 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
<{e2e2dd38-d088-4134-82b7-f2ba38496583}><%windir%Network Diagnosticxpnetdiag.exe>
ActiveX对象DPF信息:
297 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD}><C:工具软件区新QQTencentQzoneQQPhotoDraw.dll>
298 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{488A4255-3236-44B3-8F27-FA1AECAA8844}><C:WINDOWSsystem32alieditaliedit.dll>
299 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{5EC7C511-CD0F-42E6-830C-1BD9882F3458}><C:WINDOWSDOWNLO~1POWERP~1.DLL>
300 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{8AD9C840-044E-11D1-B3E9-00805F499D93}><>
301 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}><C:WINDOWSsystem32SUBMIT~1.DLL>
302 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{9C3C2C08-C494-4F52-AE94-85156A447D43}><>
303 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}><>
304 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}><>
305 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}><C:Program FilesJavajre1.6.0_03in pjpi160_03.dll>
306 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
<{D27CDB6E-AE6D-11CF-96B8-444553540000}><C:WINDOWSsystem32MacromedFlashFlash9e.ocx>
网络服务SPI信息:
307 c:windowssystem32 cpipdog0.dll
308 c:windowssystem32 cpipdog0.dll
309 c:windowssystem32 cpipdog0.dll
310 c:windowssystem32 cpipdogr0.dll
311 c:windowssystem32 cpipdogr0.dll
映像劫持IFEO信息:
312 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options]
<Your Image File Name Here without a path><C:WINDOWSsystem32 tsd -d>
系统服务信息:
313 [ AddFiltr | AddFiltr | 停用 ]
c:program fileshewlett-packardhp quick launch buttonsaddfiltr.exe
314 [ ASP.NET State Service | aspnet_state | 停用 ]
c:w**************.netframeworkv1.1.4322aspnet_state.exe
315 [ Contrl Center of Storm Media | ccosm | 启动 ]
c:工具软件区新建文件夹stormliv.exe
316 [ COM+ System Application | COMSysApp | 启动 ]
c:windowssystem32dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235}
317 [ Human Interface Device Access | HidServ | 停用 ]
c:windowssystem32svchost.exe - c:windowssystem32hidserv.dll
318 [ hpqwmiex | hpqwmiex | 启动 ]
c:program fileshewlett-packardsharedhpqwmiex.exe
319 [ InstallDriver Table Manager | IDriverT | 停用 ]
c:program filescommon filesinstallshielddriver1050intel 32idrivert.exe
320 [ LightScribeService Direct Disc Labeling Service | LightScribeService | 启动 ]
c:program filescommon fileslightscribelssrvc.exe
321 [ Office Source Engine | ose | 停用 ]
c:program filescommon filesmicrosoft sharedsource engineose.exe
322 [ Rising Proxy Service | RfwProxySrv | 启动 ]
c:program files ising fw fwproxy.exe
323 [ Rising Process Communication Center | RsCCenter | 启动 ]
c:program files ising avccenter.exe
324 [ Rising RealTime Monitor | RsRavMon | 停用 ]
c:program files ising av avmond.exe
325 [ MS Software Shadow Copy Provider | SwPrv | 停用 ]
c:windowssystem32dllhost.exe /processid:{6fbaedaa-c832-4e7c-b2f7-01ed47943604}
326 [ Windows Media Connect Service | WMConnectCDS | 停用 ]
c:program fileswindows media connect 2wmccds.exe
系统驱动信息:
327 [ 360AntiArp | 360AntiArp | 启动 ]
c:windowssystem32drivers360antiarp.sys
328 [ FTCkillfile | FTCkillfile | 停用 ]
c:windowssystem32driversftckillfile.sys
329 [ FTCProtect | FTCProtect | 启动 ]
c:windowssystem32driversftcprotect.sys
330 [ FTCProTime | FTCProTime | 启动 ]
c:windowssystem32driversftcprotime.sys
331 [ HookCont | HookCont | 启动 ]
C:WINDOWSsystem32drivershookcont.sys
332 [ HookNtos | HookNtos | 启动 ]
C:WINDOWSsystem32drivershookntos.sys
333 [ HookReg | HookReg | 启动 ]
C:WINDOWSsystem32drivershookreg.sys
334 [ HookSys | HookSys | 启动 ]
C:WINDOWSsystem32drivershooksys.sys
335 [ HookUrl | HookUrl | 启动 ]
c:program files ising fwhookurl.sys
336 [ Netgroup Packet Filter | NPF | 停用 ]
c:windowssystem32drivers pf.sys
337 [ npkcrypt | npkcrypt | 停用 ]
c:工具软件区qq pkcrypt.sys
338 [ PxHelp20 | PxHelp20 | 启动 ]
c:windowssystem32driverspxhelp20.sys
339 [ Rising Rfwbase Driver | RfwBase | 启动 ]
c:windowssystem32drivers fwbase.sys
340 [ Srramdisk Driver | RRamdisk | 启动 ]
c:windowssystem32drivers ramdisk.sys
341 [ RsAntiSpyware | RsAntiSpyware | 启动 ]
c:windowssystem32drivers sboot.sys
342 [ RsFwDrv | RsFwDrv | 启动 ]
c:program files ising fw sfwdrv.sys
343 [ RsNTGDI | RsNTGDI | 启动 ]
c:windowssystem32drivers sntgdi.sys
344 [ TCP/IP Protocol Driver | Tcpip | 启动 ]
c:windowssystem32drivers cpip.sys
345 [ TesSafe | TesSafe | 停用 ]
c:windowssystem32 essafe.sys
已经加载的驱动信息:
346 C:WINDOWSsystem32drivers sboot.sys
347 C:WINDOWSsystem32driverspxhelp20.sys
348 C:WINDOWSsystem32drivers ramdisk.sys
349 c:windowssystem32drivers360antiarp.sys
350 C:WINDOWSsystem32drivers cpip.sys
351 c:program files ising fw sfwdrv.sys
352 c:program files ising fw fwhelp.sys
353 C:WINDOWSsystem32drivershookhelp.sys
354 C:WINDOWSsystem32driversdump_iastor.sys
355 C:WINDOWSsystem32drivers fwbase.sys
356 c:program files ising fwhookurl.sys
357 C:WINDOWSsystem32driversftcprotect.sys
358 C:WINDOWSsystem32driversftcprotime.sys
359 C:WINDOWSsystem32drivers sntgdi.sys
360 C:WINDOWSsystem32drivershooksys.sys
361 C:WINDOWSsystem32drivershookreg.sys
362 C:WINDOWSsystem32drivershookntos.sys
363 C:WINDOWSsystem32drivershookcont.sys
- 真可
-
没有问题
就是软件装的多了点
有点杂乱
建议吧工具转移到分系统盘符
- 瑞瑞爱吃桃
-
建议装个360 可以自己看看了
不用事事找别人
- 可乐
-
什么问题?说说看:?
- meira
-
具体内容在哪里呀?