瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 斑竹\高手请进我的电脑怎么会有这么多的连接?是不是成了肉鸡了?

12   1  /  2  页   跳转

斑竹\高手请进我的电脑怎么会有这么多的连接?是不是成了肉鸡了?

收藏
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-04 07:55 | 只看楼主 短消息 资料
字号: 1楼

斑竹\高手请进我的电脑怎么会有这么多的连接?是不是成了肉鸡了?

每次打开网页都会出现下列描述的情况.
只要上网,不论打开几个网页,用命令查看连接,总会发现有电脑中打开了许多端口,有许多外部连接连到我的电脑.今天早上打开了三个网页,结果就有这么多的连接见图.多的以致于一个图截不完,截了三个.最奇怪的是本地地址为127.0.0.1这可以理解,因为这是本机IE地址,可怎么外部地址也变成了127.0.0.1呢?请问这样的情况是不是正常呢?是不是我的电脑或IE被插了木马了?
最后编辑2006-04-06 17:09:39
分享到:
gototop
 
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-04 07:56 | 只看楼主 短消息 资料
字号: 2楼

附件附件:

下载次数:463
文件类型:image/pjpeg
文件大小:
上传时间:2006-4-4 7:56:39
描述:
gototop
 
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-04 07:57 | 只看楼主 短消息 资料
字号: 3楼

附件附件:

下载次数:319
文件类型:image/pjpeg
文件大小:
上传时间:2006-4-4 7:57:10
描述:
gototop
 
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-04 07:57 | 只看楼主 短消息 资料
字号: 4楼

附件附件:

下载次数:351
文件类型:image/pjpeg
文件大小:
上传时间:2006-4-4 7:57:43
描述:
gototop
 
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-04 07:59 | 只看楼主 短消息 资料
字号: 5楼

日志
HijackThis_815汉化版扫描日志 V1.99.1
保存于      7:58:12, 日期 2006-4-4
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Lenovo\数码家电\lxRecSvr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Lenovo\联想智能控制中心\SCC\LenovoSmartControlCenter.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\联想\联想标准键盘\skdaemon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\program files\lenovo\联想安全中心\安全中心\LenovoHD.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\lenovo\联想安全中心\安全中心\LENOVOHDPRO.EXE
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
E:\网络安全\相关软件\4842302005817230232\HijackThis1991zww.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: (no name) - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - (no file)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [SKDaemon] C:\Program Files\联想\联想标准键盘\skdaemon.exe
O4 - 启动项HKLM\\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - 启动项HKLM\\Run: [LenovoHD] c:\program files\lenovo\联想安全中心\安全中心\LenovoHD.exe
O4 - 启动项HKLM\\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - 启动项HKLM\\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - 启动项HKLM\\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: Save豪杰超级解霸V8实时播放 - d:\Herosoft\HeroV8\MPURLGET.HTM
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 收藏此页到新浪ViVi - http://vivi.sina.com.cn/collect/click.php?agent=ddt
O8 - IE右键菜单中的新增项目: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - IE右键菜单中的新增项目: 豪杰超级解霸V8实时播放 - d:\Herosoft\HeroV8\MPURLGET.HTM
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - 浏览器额外的按钮: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - 浏览器额外的按钮: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - d:\Herosoft\HeroV8\STHSDVD.EXE (file missing)
O9 - 浏览器额外的“工具”菜单项: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - d:\Herosoft\HeroV8\STHSDVD.EXE (file missing)
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127042862466
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131717853879
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - https://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38613.353912037
O17 - HKLM\System\CCS\Services\Tcpip\..\{54F5ED98-55DF-47E6-A718-780ED2135552}: NameServer = 221.228.255.1 218.2.135.1
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - NT 服务: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - NT 服务: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - NT 服务: .NET Runtime Optimization Service v2.0.50215_X86 (clr_optimization_v2.0.50215_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50215\mscorsvw.exe (file missing)
O23 - NT 服务: Lenovo TV Recoding - Unknown owner - C:\Program Files\Lenovo\数码家电\lxRecSvr.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: SCCMonitor - Unknown owner - C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe
O23 - NT 服务: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - NT 服务: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
gototop
 
读来毒网
头像
飘泊而立狮
  • 帖子:610
  • 注册: 2004-04-18
  • 来自:
发表于: 2006-04-04 08:14 | 短消息 资料
字号: 6楼

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present(修复)
其它没有看见可疑,楼主可以用SREng扫描个日志上来看看
下载在置顶帖那里有:[必读]本版说明及常用小软件下载(2006.1.10软件更新)
http://www.kztechs.com/sreng/sreng2.zip
gototop
 
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-05 00:08 | 只看楼主 短消息 资料
字号: 7楼

问题的关键是本地地址是127.0.0.1这可以理解,因为这是本机地址.可为什么外部地址也是127.0.0.1呢?难道是自己的电脑攻击自己?不然就是电脑中了马了?马在向外连接?真搞不懂.有高手能解答吗?
gototop
 
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-05 00:13 | 只看楼主 短消息 资料
字号: 8楼

SREng日志:
2006-04-05,00:09:36

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows XP Professional Service Pack 2 - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <nwiz><nwiz.exe /install>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SKDaemon><C:\Program Files\联想\联想标准键盘\skdaemon.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <CmUsbSound><RunDll32 cmcnfgu.cpl,CMICtrlWnd>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SoundMan><SOUNDMAN.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <LenovoHD><c:\program files\lenovo\联想安全中心\安全中心\LenovoHD.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Windows Defender><"C:\Program Files\Windows Defender\MSASCui.exe" -hide>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Zone Labs Client><C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RealTray><; C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SunJavaUpdateSched><; C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\System32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
服务
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe><N/A>
[Kaspersky Anti-Virus 6.0 / AVP]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[.NET Runtime Optimization Service v2.0.50215_X86 / clr_optimization_v2.0.50215_32]
  <><N/A>
[Lenovo TV Recoding / Lenovo TV Recoding]
  <C:\Program Files\Lenovo\数码家电\lxRecSvr.exe><N/A>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[SCCMonitor / SCCMonitor]
  <"C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe"><N/A>
[Ulead Burning Helper / UleadBurningHelper]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[TrueVector Internet Monitor / vsmon]
  <C:\WINDOWS\system32\ZONELABS\vsmon.exe -service><Zone Labs, LLC>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Web Anti-Virus]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Office Update Installation Engine]
  {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Java Plug-in 1.4.2_04]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll, JavaSoft / Sun Microsystems, Inc.>
[Java Plug-in 1.4.2_04]
  {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} <C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll, JavaSoft / Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corp.>
[Office Update Installation Engine]
  {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
gototop
 
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-05 00:13 | 只看楼主 短消息 资料
字号: 9楼

==================================
正在运行的进程
[PID: 524][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 608][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 632][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\klogon.dll]  <Kaspersky Lab><6.0.0.299>
[PID: 680][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 692][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 840][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 888][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 956][C:\Program Files\Windows Defender\MsMpEng.exe]  <Microsoft Corporation><1.1.1051.0>
[PID: 1000][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1248][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1492][C:\Program Files\Lenovo\数码家电\lxRecSvr.exe]  <N/A><N/A>
    [C:\Program Files\Lenovo\数码家电\rcConfig.dll]  <><1, 0, 0, 1>
[PID: 1508][C:\WINDOWS\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.7184>
[PID: 1600][C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe]  <N/A><N/A>
[PID: 1660][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  <Ulead Systems, Inc.><1, 0, 0, 3>
[PID: 1740][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 3336][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2649 (xpsp.050406-1732)>
    [D:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><6.0.1.2003110300>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  <Kaspersky Lab><1.0.6.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  <Kaspersky Lab><6.0.0.299>
[PID: 3408][C:\Program Files\Lenovo\联想智能控制中心\SCC\LenovoSmartControlCenter.exe]  <N/A><N/A>
    [C:\Program Files\Lenovo\联想智能控制中心\SCC\LxSimpleOsd.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Lenovo\联想智能控制中心\SCC\QuakeII.dll]  <http://www.lenovo.com><2.0>
    [C:\Program Files\Lenovo\联想智能控制中心\SCC\Remled.dll]  <N/A><N/A>
[PID: 3276][C:\Program Files\联想\联想标准键盘\skdaemon.exe]  <><1, 0, 0, 1>
    [C:\Program Files\联想\联想标准键盘\MacFun.dll]  <Silitek><1, 0, 0, 0>
    [C:\Program Files\联想\联想标准键盘\OpenDriver.dll]  <Silitek><1, 0, 0, 0>
    [C:\Program Files\联想\联想标准键盘\OSD.dll]  <silitek><1, 0, 0, 1>
    [C:\Program Files\联想\联想标准键盘\lxkeyled.dll]  <Silitek><1, 0, 0, 1>
[PID: 504][C:\WINDOWS\system32\RunDll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system\cmcnfgu.cpl]  <C-Media Corporation><1, 0, 41, 17>
    [C:\WINDOWS\System32\cmpropu.dll]  <C-Media Corporation><1.0.2.3>
[PID: 476][C:\WINDOWS\system32\RUNDLL32.EXE]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\NvMcTray.dll]  <NVIDIA Corporation><6.14.10.7184>
    [C:\WINDOWS\system32\NVRSZHC.DLL]  <NVIDIA Corporation><6.14.10.7184>
[PID: 320][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5.1.0.27>
[PID: 3920][C:\program files\lenovo\联想安全中心\安全中心\LenovoHD.exe]  <Lenovo><1, 0, 0, 1>
    [C:\program files\lenovo\联想安全中心\安全中心\RegCtrl.dll]  <N/A><N/A>
    [C:\program files\lenovo\联想安全中心\安全中心\FileCtrl.dll]  <N/A><N/A>
[PID: 3504][C:\Program Files\Windows Defender\MSASCui.exe]  <Microsoft Corporation><1.1.1051.0>
[PID: 3008][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1276][C:\program files\lenovo\联想安全中心\安全中心\LENOVOHDPRO.EXE]  <><1, 0, 0, 1>
[PID: 360][C:\Program Files\Evermore\EIO\EIOffice.exe]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\client\jvm.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\hpi.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\verify.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\java.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\zip.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\awt.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\fontmanager.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\net.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\TopWindow.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\cmm.dll]  <N/A><N/A>
    [C:\Program Files\Java\j2re1.4.2_04\bin\dcpr.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\cneighborhood.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\printerParameters.dll]  <N/A><N/A>
[PID: 2860][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1220][C:\Program Files\FlashGet\flashget.exe]  <Amaze Soft><1, 4, 0, 0>
[PID: 2760][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><6.0.1.2003110300>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  <Kaspersky Lab><1.0.6.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  <Kaspersky Lab><6.0.0.299>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
[PID: 2988][C:\WINDOWS\system32\mmc.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  <Kaspersky Lab><1.0.6.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  <Kaspersky Lab><6.0.0.299>
[PID: 1960][C:\WINDOWS\System32\dllhost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3684][C:\WINDOWS\System32\msdtc.exe]  <Microsoft Corporation><2001.12.4414.258>
[PID: 2876][E:\网络安全\相关软件\SREng及操作\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.12.350>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
网络笨羊
头像
初生襁褓狮
  • 帖子:740
  • 注册: 2005-11-05
  • 来自:
发表于: 2006-04-05 17:19 | 只看楼主 短消息 资料
字号: 10楼

没一个高手能解答吗?
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT