微点交流论坛 - 微点主动防御软件 - 求组，如何删除acpidisk.sys【已解决】

微点交流论坛 » 微点主动防御软件 » 求组，如何删除acpidisk.sys【已解决】

1/2

jccgjccgcc
新手上路

积分 13
发帖 13
注册 2006-8-29

#1 求组，如何删除acpidisk.sys【已解决】

不知道什么时候中招的,微点提示有木马,老是提示删除,延时删除,重启删除,就是删不掉,后来下了个avast.也还是有,下面是avast日志,微点的日志被我删掉了,不知道哪找,见量
2007-10-6 22:05:18 SYSTEM 1684 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-7 6:30:19 SYSTEM 1860 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-7 16:39:43 SYSTEM 1836 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-7 16:50:06 SYSTEM 1852 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-8 6:11:13 SYSTEM 1868 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-8 17:58:34 SYSTEM 1848 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-8 20:26:14 SYSTEM 1872 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-8 20:34:13 SYSTEM 1660 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-8 21:16:51 Administrator 1844 Sign of "Win32:Cinmus-J [Rtk]" has been found in "C:\WINDOWS\system32\drivers\acpidisk.sys" file.
2007-10-8 21:26:49 Administrator 3148 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\WINDOWS\system32\TSOBase\Temp\TSECUA.COM" file.
2007-10-8 21:28:37 Administrator 3148 Sign of "Win32:Cinmus-D [Adw]" has been found in "C:\WINDOWS\Temp\~my1.tmp" file.
2007-10-8 21:34:20 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\austr.dll" file.
2007-10-8 21:34:20 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\cndsv.dll" file.
2007-10-8 21:34:20 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\cnprov.sys" file.
2007-10-8 21:34:20 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\cnprovh.dll" file.
2007-10-8 21:34:20 Administrator 3148 Sign of "JS:Agent-B [Trj]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\cnrbtn.html" file.
2007-10-8 21:34:20 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\config.exe" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\convf.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\idnaux.sys" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\idnreg.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\idnsvr.exe" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\ieaux.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\setup.exe" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4E\srchsp.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\cndsv.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\cnprov.sys" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\cnprovh.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\config.exe" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\idnreg.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\idnsvr.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\idnsvr.exe" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\ieaux.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\setup.dll" file.
2007-10-8 21:34:21 Administrator 3148 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Administrator\Local Settings\Temp\4B\setup.exe" file.
2007-10-8 21:36:39 Administrator 1844 Sign of "Win32:VB-FGK [Trj]" has been found in "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\_AVAST4_\UNP80782667.TMP" file.
2007-10-8 21:36:41 Administrator 3148 Sign of "Win32:VB-FGK [Trj]" has been found in "C:\Program Files\Common Files\Microsoft Shared\MSInfo\OINFOGDI.OCX\[UPX]" file.
2007-10-8 21:49:39 Administrator 3148 Sign of "Win32:Trojan-gen. {VC}" has been found in "E:\Program Files\《完美世界》国际版\launcher\Launcher.exe" file.
2007-10-8 21:58:41 Administrator 1844 Sign of "Win32:Genlot-D [Trj]" has been found in "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\_AVAST4_\UNP42784120.TMP" file.
2007-10-8 21:58:43 Administrator 3148 Sign of "Win32:Genlot-D [Trj]" has been found in "E:\Program Files\超级兔子\MagicSet\SRRest.exe\[UPX]" file.
2007-10-8 22:13:48 SYSTEM 1872 Sign of "Win32:Agent-LAI [Trj]" has been found in "C:\WINDOWS\SYSTEM32\DRIVERS\DTCCNZ54.SYS" file.
2007-10-8 22:19:37 SYSTEM 1868 Sign of "Win32:Agent-LAI [Trj]" has been found in "C:\WINDOWS\SYSTEM32\DRIVERS\KIVXDRV.SYS" file.
2007-10-8 22:19:43 SYSTEM 1868 Sign of "Win32:Agent-LAI [Trj]" has been found in "C:\WINDOWS\SYSTEM32\DRIVERS\DTCCNZ54.SYS" file.
2007-10-9 8:20:07 SYSTEM 1872 Sign of "Win32:Agent-LAI [Trj]" has been found in "C:\WINDOWS\SYSTEM32\DRIVERS\KIVXDRV.SYS" file.
2007-10-9 8:20:13 SYSTEM 1872 Sign of "Win32:Agent-LAI [Trj]" has been found in "C:\WINDOWS\SYSTEM32\DRIVERS\DTCCNZ54.SYS" file.

微点管理员已经远程帮助楼主解决

[ Last edited by Legend on 2007-10-9 at 10:41 ]

※ ※ ※ 本文纯属【jccgjccgcc】个人意见，与【微点交流论坛】立场无关※ ※ ※

2007-10-9 08:48

Legend
超级版主

超级版主

积分 77171
发帖 70170
注册 2005-10-29

#2

请您将您的技术支持信息文件（辅助功能-->生成技术支持信息）和这个文件（acpidisk.sys ）发送到virus@micropoint.com.cn我们具体分析一下
请在来信中附上这个帖子的地址，谢谢

[ Last edited by Legend on 2007-10-9 at 08:53 ]

※文章所有权归【Legend】与【东方微点论坛】共同所有，转载请注明出处！※

微点官方认证新浪微博：欢迎进入微点新浪微博
微点技术支持邮箱: support@micropoint.com.cn
给Legend发短消息

2007-10-9 08:52

jccgjccgcc
新手上路

积分 13
发帖 13
注册 2006-8-29

#3

以下是微点扫描的自启动项信息
程序名称启动方式程序说明全路径启动信息

autoexec.bat 批处理文件其他软件 C:\AUTOEXEC.BAT
crypt32.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\crypt32.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\CRYPT32CHAIN
cscdll.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\cscdll.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\CSCDLL
Fips.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\fips.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\FIPS
dmload.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\dmload.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMLOAD
redbook.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\redbook.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\REDBOOK
ctfmon.exe 注册表启动组 Microsoft Windows XP Professional C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\CTFMON.EXE
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000012\PACKEDCATALOGITEM
ftdisk.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\ftdisk.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\FTDISK
webclnt.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\webclnt.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WEBCLIENT
wmpdxm.dll ActiveX 插件 Microsoft Windows XP Professional C:\WINDOWS\system32\wmpdxm.dll HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{22D6F312-B0F6-11D0-94AB-0080C74C7E95}
Mup.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\mup.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MUP
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000008\PACKEDCATALOGITEM
trkwks.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\trkwks.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TRKWKS
Flpydisk.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\flpydisk.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\FLPYDISK
aswTdi.sys 驱动 avast安全软件 C:\WINDOWS\system32\drivers\aswTdi.sys

※ ※ ※ 本文纯属【jccgjccgcc】个人意见，与【微点交流论坛】立场无关※ ※ ※

2007-10-9 08:53

jccgjccgcc
新手上路

积分 13
发帖 13
注册 2006-8-29

#4

HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ASWTDI
isapnp.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\isapnp.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAPNP
dnsrslvr.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\dnsrslvr.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE
netbt.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\netbt.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NETBT
NvCpl.dll 注册表启动组其他软件 C:\WINDOWS\system32\nvcpl.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NVCPLDAEMON
dmio.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\dmio.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMIO
rasacd.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\rasacd.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\RASACD
KSecDD.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\ksecdd.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\KSECDD
rsvpsp.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\rsvpsp.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000005\PACKEDCATALOGITEM
mp110007.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110007.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110007
Beep.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\beep.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BEEP
dtccnz54.sys 驱动其他软件文件不存在(C:\WINDOWS\System32\DRIVERS\dtccnz54.sys) HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DTCCNZ54
wlnotify.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\WLBALLOON
webcheck.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\webcheck.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\WEBCHECK
mp110003.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110003.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110003
PProtect.sys 驱动其他软件文件不存在(C:\PROGRA~1\KV2006\PProtect.sys) HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PPROTECT
PCIDump.sys 驱动其他软件文件不存在(C:\WINDOWS\System32\DRIVERS\PCIDump.sys) HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PCIDUMP
srsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\srsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SRSERVICE
kivxdrv.sys 驱动其他软件文件不存在(C:\WINDOWS\System32\DRIVERS\kivxdrv.sys) HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\KIVXDRV
mp110013.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110013.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110013
rpcss.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\rpcss.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\RPCSS
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000017\PACKEDCATALOGITEM
ipsec.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\ipsec.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\IPSEC
Fs_Rec.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\fs_rec.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\FS_REC
PartMgr.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\partmgr.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PARTMGR
stobject.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\stobject.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\SYSTRAY
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000015\PACKEDCATALOGITEM
ipnathlp.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\ipnathlp.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS
ssstars.scr 屏幕保护 Microsoft Windows XP Professional C:\WINDOWS\system32\ssstars.scr HKEY_CURRENT_USER\CONTROL PANEL\DESKTOP\SCRNSAVE.EXE
lmhsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\lmhsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\LMHOSTS
logonui.exe 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\logonui.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\UIHOST
fltMgr.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\fltMgr.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\FLTMGR
nvatabus.sys 驱动其他软件 C:\WINDOWS\system32\drivers\nvatabus.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NVATABUS
mrxsmb.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\mrxsmb.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MRXSMB
shsvcs.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\shsvcs.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\THEMES
dhcpcsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\dhcpcsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DHCP
bootdrv.sys 驱动其他软件文件不存在(C:\WINDOWS\System32\Drivers\bootdrv.sys) HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BOOTDRV
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000007\PACKEDCATALOGITEM
Cdaudio.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\cdaudio.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CDAUDIO
lbrtfdc.sys 驱动其他软件文件不存在(C:\WINDOWS\System32\DRIVERS\lbrtfdc.sys) HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\LBRTFDC
NDIS.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\ndis.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NDIS
imapi.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\imapi.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPI
mp110002.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110002.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110002
WlNotify.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\SENSLOGN
w32time.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\w32time.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\W32TIME
mp110006.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110006.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110006
browseui.dll Explorer插件 Microsoft Windows XP Professional C:\WINDOWS\system32\browseui.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHAREDTASKSCHEDULER\{438755C2-A8BA-11D1-B96B-00A0C90312E1}
afd.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\afd.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AFD
services.exe 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\services.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG
Changer.sys 驱动其他软件文件不存在(C:\WINDOWS\System32\DRIVERS\Changer.sys) HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CHANGER
JAVASUP.VXD Vxd驱动其他软件 C:\WINDOWS\system32\javasup.vxd

※ ※ ※ 本文纯属【jccgjccgcc】个人意见，与【微点交流论坛】立场无关※ ※ ※

2007-10-9 08:53

jccgjccgcc
新手上路

积分 13
发帖 13
注册 2006-8-29

#5

HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\VXD\JAVASUP
ACPI.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\acpi.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ACPI
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000002\PACKEDCATALOGITEM
msgsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\msgsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MESSENGER
parport.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\parport.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PARPORT
cryptsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\cryptsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CRYPTSVC
services.exe 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\services.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PLUGPLAY
i8042prt.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\i8042prt.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\I8042PRT
fsvga.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\fsvga.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\FSVGA
SHELL32.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\shell32.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\POSTBOOTREMINDER
pci.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\pci.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PCI
ashServ.exe 服务 avast安全软件 C:\Program Files\Alwil Software\Avast4\ashServ.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AVAST! ANTIVIRUS
ntsd.EXE 进程关联启动 Microsoft Windows XP Professional C:\WINDOWS\system32\ntsd.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\YOUR IMAGE FILE NAME HERE WITHOUT A PATH
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000010\PACKEDCATALOGITEM
WMIsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\wbem\wmisvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINMGMT
wzcsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\wzcsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WZCSVC
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000006\PACKEDCATALOGITEM
cryptnet.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\cryptnet.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\CRYPTNET
wmpdxm.dll ActiveX 插件 Microsoft Windows XP Professional C:\WINDOWS\system32\wmpdxm.dll HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
wlnotify.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\SCCERTPROP
pchsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\HELPSVC
wscsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\wscsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WSCSVC
disk.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\disk.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DISK
alrsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\alrsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ALERTER
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000014\PACKEDCATALOGITEM
serial.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\serial.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SERIAL
wlnotify.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\TERMSRV
Explorer.exe 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\explorer.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\SHELL
VolSnap.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\volsnap.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\VOLSNAP
schedsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\schedsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SCHEDULE
wlnotify.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\SCHEDULE
shsvcs.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\shsvcs.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SHELLHWDETECTION
SHELL32.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\shell32.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\CDBURN
lsass.exe 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\lsass.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECTEDSTORAGE
processr.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\processr.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PROCESSOR
nvcchflt.sys 驱动其他软件 C:\WINDOWS\system32\drivers\nvcchflt.sys

※ ※ ※ 本文纯属【jccgjccgcc】个人意见，与【微点交流论坛】立场无关※ ※ ※

2007-10-9 08:54

jccgjccgcc
新手上路

积分 13
发帖 13
注册 2006-8-29

#6

HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NVCCHFLT
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000011\PACKEDCATALOGITEM
audiosrv.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\audiosrv.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AUDIOSRV
mp110010.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110010.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110010
mp110004.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110004.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110004
nv_agp.sys 驱动其他软件 C:\WINDOWS\system32\drivers\nv_agp.SYS HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NV_AGP
cdrom.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\cdrom.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CDROM
RDPCDD.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\rdpcdd.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\RDPCDD
rpcss.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\rpcss.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DCOMLAUNCH
kbdclass.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\kbdclass.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\KBDCLASS
Aavmker4.sys 驱动 avast安全软件 C:\WINDOWS\system32\drivers\aavmker4.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AAVMKER4
mp110008.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110008.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110008
MPSVC.exe 服务微点主动防御软件 C:\Program Files\Micropoint\MPSVC.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MPSVCSERVICE
Null.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\null.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NULL
sens.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\sens.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SENS
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000003\PACKEDCATALOGITEM
ashDisp.exe 注册表启动组 avast安全软件 C:\Program Files\Alwil Software\Avast4\ashDisp.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\AVAST!
wmp.dll ActiveX 插件 Microsoft Windows XP Professional C:\WINDOWS\system32\wmp.dll HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{6BF52A52-394A-11D3-B153-00C04F79FAA6}
srvsvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\srvsvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\LANMANSERVER
sclgntfy.dll 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\sclgntfy.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\SCLGNTFY
mp110001.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110001.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110001
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000009\PACKEDCATALOGITEM
dmserver.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\dmserver.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMSERVER
aswMon2.sys 驱动 avast安全软件 C:\WINDOWS\system32\drivers\aswmon2.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ASWMON2
nvsvc32.exe 服务第三方支持软件 C:\WINDOWS\system32\nvsvc32.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NVSVC
Npfs.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\npfs.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NPFS
tcpip.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\tcpip.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP
Sfloppy.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\sfloppy.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SFLOPPY
mp110009.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110009.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110009
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000001\PACKEDCATALOGITEM
wkssvc.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\wkssvc.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\LANMANWORKSTATION
seclogon.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\seclogon.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SECLOGON
netbios.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\netbios.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NETBIOS
browseui.dll Explorer插件 Microsoft Windows XP Professional C:\WINDOWS\system32\browseui.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHAREDTASKSCHEDULER\{8C7461EF-2B13-11D2-BE35-3078302C2030}
mp110011.sys 驱动微点主动防御软件 C:\WINDOWS\system32\drivers\mp110011.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MP110011
shell32.dll Explorer插件 Microsoft Windows XP Professional C:\WINDOWS\system32\shell32.dll HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{AEB6717E-7E19-11D0-97EE-00C04FD91972}
mouclass.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\mouclass.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MOUCLASS
Msfs.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\msfs.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MSFS
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000013\PACKEDCATALOGITEM
mswsock.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\mswsock.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000016\PACKEDCATALOGITEM
aswUpdSv.exe 服务 avast安全软件 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

※ ※ ※ 本文纯属【jccgjccgcc】个人意见，与【微点交流论坛】立场无关※ ※ ※

2007-10-9 08:54

jccgjccgcc
新手上路

积分 13
发帖 13
注册 2006-8-29

#7

HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ASWUPDSV
MountMgr.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\mountmgr.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MOUNTMGR
browser.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\browser.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BROWSER
wuauserv.dll 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\wuauserv.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
lsass.exe 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\lsass.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SAMSS
npkcrypt.sys 驱动 QQ E:\Program Files\QQ\npkcrypt.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NPKCRYPT
vga.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\vga.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\VGASAVE
mnmdd.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\mnmdd.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\MNMDD
rdbss.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\rdbss.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\RDBSS
spoolsv.exe 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\spoolsv.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\SPOOLER
i2omgmt.sys 驱动其他软件文件不存在(C:\WINDOWS\System32\DRIVERS\i2omgmt.sys) HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\I2OMGMT
rsvpsp.dll SPI Microsoft Windows XP Professional C:\WINDOWS\system32\rsvpsp.dll HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9\CATALOG_ENTRIES\000000000004\PACKEDCATALOGITEM
lsass.exe 服务 Microsoft Windows XP Professional C:\WINDOWS\system32\lsass.exe HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\POLICYAGENT
notepad.exe %1 文件类型关联启动 Microsoft Windows XP Professional C:\WINDOWS\NOTEPAD.EXE HKEY_CLASSES_ROOT\TXTFILE\SHELL\OPEN\COMMAND
userinit.exe 系统直接调用 Microsoft Windows XP Professional C:\WINDOWS\system32\userinit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\USERINIT
ParVdm.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\parvdm.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\PARVDM
termdd.sys 驱动 Microsoft Windows XP Professional C:\WINDOWS\system32\drivers\termdd.sys HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TERMDD

※ ※ ※ 本文纯属【jccgjccgcc】个人意见，与【微点交流论坛】立场无关※ ※ ※

2007-10-9 08:55

jccgjccgcc
新手上路

积分 13
发帖 13
注册 2006-8-29

#8

我现在找不到C:\WINDOWS\system32\drivers\acpidisk.sys这个文件,现在和刚开始微点杀病毒杀不掉一样,开机出错误窗口,提示找不到C:\WINDOWS\SYSTEM32\DRIVERS\DTCCNZ54.SYS模块,可

※ ※ ※ 本文纯属【jccgjccgcc】个人意见，与【微点交流论坛】立场无关※ ※ ※

2007-10-9 09:00

jccgjccgcc
新手上路

积分 13
发帖 13
注册 2006-8-29

#9

斑竹,麻烦说下这个怎么搞,我在网上找了找,说这个是驱动级病毒,我按上面那文章,怎么也杀不掉

※ ※ ※ 本文纯属【jccgjccgcc】个人意见，与【微点交流论坛】立场无关※ ※ ※

2007-10-9 09:06

Legend
超级版主

超级版主

积分 77171
发帖 70170
注册 2005-10-29

#10

请您加QQ群： 1471553 联系在线管理员，请他帮您看下。

※文章所有权归【Legend】与【东方微点论坛】共同所有，转载请注明出处！※

微点官方认证新浪微博：欢迎进入微点新浪微博
微点技术支持邮箱: support@micropoint.com.cn
给Legend发短消息

2007-10-9 09:08

1/2

论坛跳转:

可打印版本 | 推荐 | 订阅 | 收藏

[ 联系我们 - 东方微点 ] 北京东方微点信息技术有限责任公司福建东方微点信息安全有限责任公司闽ICP备05030815号