qq堂游戏部落首页

我使用sreng23时气泡提示:提醒你下面的函数内容与预期值不符.

 日期:2007-01-18 21时

API HOOK
警告!System Repair Engineer 提醒
你下面的函数内容与预期值不符,他
们可能被一些恶意的软件所修改:
入口点错误:LoadLibraryExW
[e20]怎么弄啊?
选择里面的IE修复完毕还是有提示信息啊!就这个病毒了!别的都没了~弄好就胜利啦[e20]
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KavStart><"D:\KAV2007\KAVStart.exe" -startup> [Kingsoft Corporation]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\System32\Userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
<D:\KAV2007\KWatch.EXE><Kingsoft Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Office Source Engine / ose][Stopped/Manual Start]
<><N/A>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
<system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AntiyNF / AntiyNF][Running/Auto Start]
<system32\drivers\AntiyNF.sys><N/A>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[basic2 / basic2][Stopped/Manual Start]
<System32\DRIVERS\HSF_BSC2.sys><N/A>
[hsf_msft / hsf_msft][Stopped/Manual Start]
<System32\DRIVERS\HSF_MSFT.sys><N/A>
[KWatch3 / KWatch3][Running/System Start]
<\??\C:\WINDOWS\System32\drivers\KWatch3.SYS><Kingsoft Corporation>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\D:\腾讯QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NTSIM / NTSIM][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\ntsim.sys><VIA Technologies, Inc.>
[nv / nv][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
<\SystemRoot\System32\drivers\prodrv06.sys><Protection Technology>
[StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\prohlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
<\SystemRoot\System32\drivers\prosync1.sys><Protection Technology>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Rksample / Rksample][Stopped/Manual Start]
<System32\DRIVERS\HSF_SAMP.sys><N/A>
[RsAntiSpyware / RsAntiSpyware][Stopped/Disabled]
<\SystemRoot\System32\drivers\RsBoot.sys><Beijing Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Running/Auto Start]
<System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp01.sys><Protection Technology>
[SkyProcs / SkyProcs][Stopped/Manual Start]
<\??\D:\天网防火墙\Firewall\SkyProcs.sys><N/A>
[WINIO / WINIO][Stopped/Manual Start]
<\??\C:\DOCUME~1\ludong\LOCALS~1\Temp\Rar$EX00.844\QQ堂刷分顶峰(于闯制造) 多开\winio.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[XPROTECTOR / XPROTECTOR][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\Oreans.sys><N/A>
[USB PC Camera 301P / ZSMC301b][Running/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>
[VIMICRO USB PC Camera / ZSMC302][Stopped/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>
正在运行的进程
[PID: 448][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 520][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 544][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 588][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 600][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 768][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 844][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 920][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 940][D:\KAV2007\KWatch.EXE] [Kingsoft Corporation, 2005, 9, 27, 51]
[D:\KAV2007\KAVIPC2.DLL] [Kingsoft Corporation, 2004, 12, 28, 20]
[D:\KAV2007\KAEPlat.DLL] [Kingsoft Corp., 2006, 8, 29, 60]
[D:\KAV2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[D:\KAV2007\KAEUnpack.DAT] [Kingsoft Corp., 2006, 10, 26, 69]
[PID: 972][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\system32\hpzsnt10.dll] [HP, 2.323.0.0]
[PID: 1364][C:\WINDOWS\System32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.5216]
[PID: 1376][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1396][C:\WINDOWS\System32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1408][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[D:\KAV2007\KAVEXT.DLL] [Kingsoft Corporation, 2005, 8, 5, 16]
[D:\Winrar 3.61\rarext.dll] [N/A, N/A]
[D:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2005, 2, 22, 233]
[D:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 9, 7, 132]
[PID: 1800][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[D:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1224][D:\KAV2007\KMailMon.EXE] [Kingsoft Corporation, 2006, 12, 27, 942]
[D:\KAV2007\KAntiSpm.dll] [Kingsoft Corporation, 2006, 8, 19, 104]
[D:\KAV2007\KAVIPC2.DLL] [Kingsoft Corporation, 2004, 12, 28, 20]
[D:\KAV2007\KAECall2.DLL] [Kingsoft Corporation, 2004, 12, 28, 7]
[D:\KAV2007\KAEPlat.DLL] [Kingsoft Corp., 2006, 8, 29, 60]
[D:\KAV2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[D:\KAV2007\KAEUnpack.DAT] [Kingsoft Corp., 2006, 10, 26, 69]
[D:\KAV2007\KAConfig.DLL] [Kingsoft Corporation, 2007, 1, 11, 41]
[D:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2005, 2, 22, 233]
[D:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 9, 7, 132]
[PID: 668][D:\KAV2007\KAVStart.EXE] [Kingsoft Corporation, 2006, 11, 10, 212]
[D:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 9, 7, 132]
[D:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2005, 2, 22, 233]
[D:\KAV2007\KAVIPC2.DLL] [Kingsoft Corporation, 2004, 12, 28, 20]
[D:\KAV2007\SvcTimer.DLL] [Kingsoft Corporation, 2006.12.22.84]
[D:\KAV2007\KAVPassp.dll] [Kingsoft Corporation, 2006, 12, 30, 271]
[D:\KAV2007\PopSprt3.dll] [Kingsoft Corporation, 2006, 9, 26, 38]
[D:\KAV2007\KAPlugin.DLL] [Kingsoft Corporation, 2005, 9, 28, 21]
[PID: 1464][D:\腾讯TT\TTraveler.exe] [腾讯公司, 3.1.0.261]
[D:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 9, 7, 132]
[D:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2005, 2, 22, 233]
[D:\腾讯TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] [腾讯公司, 1, 1, 0, 5]
[D:\腾讯TT\Plugins\TWeather\TWeather.dll] [, 1, 0, 0, 3]
[D:\腾讯TT\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
[D:\KAV2007\KAScript.DLL] [Kingsoft Corporation, 2006, 12, 11, 72]
[PID: 1404][C:\WINDOWS\regedit.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[D:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 9, 7, 132]
[D:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1324][C:\Documents and Settings\ludong\桌面\新建文件夹\SREngKAV.EXE] [Smallfrogs Studio, 2.3.13.690]
[D:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 9, 7, 132]
[D:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2005, 2, 22, 233]
API HOOK
警告!System Repair Engineer 提醒
你下面的函数内容与预期值不符,他
们可能被一些恶意的软件所修改:
入口点错误:LoadLibraryExW
用毒霸的可疑文件扫描试试看。不排除中了rootkit的可能。http://www.f-secure.com/blacklight/ 下载一个F-Secure BlackLight或者其他的rootkit检测软件试试看。
API HOOK
警告!System Repair Engineer 提醒
你下面的函数内容与预期值不符,他
们可能被一些恶意的软件所修改:
入口点错误:LoadLibraryExW

我觉得可以放在一边
好象没什么事的,我第一次用SRENG也不知道这是怎么回事,上来问了问,斑竹说不用管的,我也是这样,一打开SRENG桌面右下角就会出现的
上一篇:3D.qq秀一直提示我下载3D。。

下一篇:03.29每日软件更新aqaqaq001整理