瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 中了4199.com....处理过后又有一堆的垃圾网站(附有日志)

1   1  /  1  页   跳转

中了4199.com....处理过后又有一堆的垃圾网站(附有日志)

收藏
中国星34420
头像
拙长孩提狮
  • 帖子:74
  • 注册: 2006-07-04
  • 来自:
发表于: 2006-10-18 10:55 | 只看楼主 短消息 资料
字号: 1楼

中了4199.com....处理过后又有一堆的垃圾网站(附有日志)

用mopery的帖处理了一次,,,可后来又有堆的垃圾网站不停的跳出来...还在C:/目录下生成了很多.exe程序.Temp目录也有很多.....运行了硬盘的软件(exe),就生成了~.exe!

2006-10-17,22:02:19

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>  [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINDOWS\System32\NavLogon.dll>  [(Verified)Symantec Corporation]

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[Monitor Apache Servers]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Monitor Apache Servers.lnk --> C:\APACHE~1\Apache2\bin\APACHE~1.EXE [Apache Software Foundation]><N>

==================================
服务
[Apache2 / Apache2]
  <"C:\Apache Group\Apache2\bin\Apache.exe" -k runservice><Apache Software Foundation>
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch]
  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
  <C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe><Macrovision Corporation>
[SavRoam / SavRoam]
  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec SPBBCSvc / SPBBCSvc]
  <C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050615.008\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050615.008\navex15.sys><Symantec Corporation>
[npkcrypt / npkcrypt]
  <\??\D:\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SAVRT / SAVRT]
  <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
  <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><N/A>
[SPBBCDrv / SPBBCDrv]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[]
  {29A8B48F-9AB3-43D3-8B87-7D1888197563} <C:\WINDOWS\system32\ATIDEMGRED.dll, N/A>
[Wbho Class]
  {40E3A34A-3282-41F8-AD2C-051BAB96AD4A} <C:\WINDOWS\System32\Usign.dll, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[上传到QQ网络硬盘]
  <D:\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\QQ\SendMMS.htm, N/A>
最后编辑2006-10-18 10:50:53
分享到:
gototop
 
中国星34420
头像
拙长孩提狮
  • 帖子:74
  • 注册: 2006-07-04
  • 来自:
发表于: 2006-10-18 10:58 | 只看楼主 短消息 资料
字号: 2楼

=================================
正在运行的进程
[PID: 464][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 512][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 536][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\NavLogon.dll]  [Symantec Corporation, 10.0.1.1000]
[PID: 580][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 592][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 772][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 824][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 940][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 968][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1300][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 103.5.4.3]
[PID: 1456][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\WINDOWS\system32\ATIDEMGRED.dll]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\WINDOWS\System32\JPWB.IME]  [长江软件工作室, 4.00.950]
[PID: 1468][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\BB.DLL]  [Symantec Corporation, 1,5,1,3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  [Symantec Corporation, 1,5,1,3]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 103.5.4.3]
[PID: 1624][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.05]
[PID: 1656][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 103.5.4.3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 103.5.4.3]
    [C:\WINDOWS\System32\SYMREDIR.DLL]  [Symantec Corporation, 5.5.2.1]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 103.5.4.3]
[PID: 1676][C:\PROGRA~1\SYMANT~1\VPTray.exe]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.5.0.44]
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 10.0.1.1000]
[PID: 1688][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1740][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1848][C:\Apache Group\Apache2\bin\ApacheMonitor.exe]  [Apache Software Foundation, 2.0.59]
[PID: 132][C:\Apache Group\Apache2\bin\Apache.exe]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\bin\libapr.dll]  [Apache Software Foundation, 0.9.12]
    [C:\Apache Group\Apache2\bin\libaprutil.dll]  [Apache Software Foundation, 0.9.12]
    [C:\Apache Group\Apache2\bin\libapriconv.dll]  [Apache Software Foundation, 0.9.7]
    [C:\Apache Group\Apache2\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_access.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_actions.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_alias.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_asis.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_auth.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_autoindex.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_dir.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_env.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_imap.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_include.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_isapi.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_mime.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_userdir.so]  [Apache Software Foundation, 2.0.59]
    [E:\php5\php5apache2.dll]  [The PHP Group, 5.0.5.5]
    [C:\WINDOWS\System32\php5ts.dll]  [The PHP Group, 5.0.5.5]
gototop
 
中国星34420
头像
拙长孩提狮
  • 帖子:74
  • 注册: 2006-07-04
  • 来自:
发表于: 2006-10-18 10:59 | 只看楼主 短消息 资料
字号: 3楼

[PID: 188][C:\Program Files\Symantec AntiVirus\DefWatch.exe]  [Symantec Corporation, 10.0.1.1000]
[PID: 328][C:\Program Files\Symantec AntiVirus\Rtvscan.exe]  [Symantec Corporation, 10.0.1.1000]
    [C:\WINDOWS\System32\CBA.DLL]  [LANDesk Software Ltd., 6.12.0.137 E]
    [C:\WINDOWS\System32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.137 E]
    [C:\WINDOWS\System32\NTS.dll]  [LANDesk Software Ltd., 6.12.0.137 E]
    [C:\WINDOWS\System32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.137 E]
    [C:\Program Files\Symantec AntiVirus\NAVLU.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec Corporation, 10.0.1.1000]
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Symantec AntiVirus\I2ldvp3.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ccDec.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\ccScan.dll]  [Symantec Corporation, 103.5.4.3]
    [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  [Symantec Corporation, 1.4.0.11]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050615.008\ccEraser.dll]  [Symantec Corporation, 103.5.3.4]
    [C:\Program Files\Symantec AntiVirus\DefUtDCD.dll]  [Symantec Corporation, 3.1.13a.0]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050615.008\ecmsvr32.dll]  [Symantec Corporation, 51.1.0.15]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050615.008\NAVEX32a.DLL]  [Symantec Corporation, 20051.1.0.12]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050615.008\NAVENG32.DLL]  [Symantec Corporation, 20051.1.0.12]
    [C:\Program Files\Symantec AntiVirus\NAVAP32.DLL]  [Symantec Corporation, 9.5.0.44]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.5.0.44]
    [C:\Program Files\Symantec AntiVirus\IMail.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Symantec AntiVirus\NotesExt.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Symantec AntiVirus\vpmsece3.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Symantec AntiVirus\SymProtectStorage.dll]  [Symantec Corporation, 10.0.1.1000]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 1,5,1,3]
[PID: 396][C:\Apache Group\Apache2\bin\Apache.exe]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\bin\libapr.dll]  [Apache Software Foundation, 0.9.12]
    [C:\Apache Group\Apache2\bin\libaprutil.dll]  [Apache Software Foundation, 0.9.12]
    [C:\Apache Group\Apache2\bin\libapriconv.dll]  [Apache Software Foundation, 0.9.7]
    [C:\Apache Group\Apache2\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_access.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_actions.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_alias.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_asis.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_auth.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_autoindex.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_dir.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_env.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_imap.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_include.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_isapi.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_mime.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.59]
    [C:\Apache Group\Apache2\modules\mod_userdir.so]  [Apache Software Foundation, 2.0.59]
    [E:\php5\php5apache2.dll]  [The PHP Group, 5.0.5.5]
    [C:\WINDOWS\System32\php5ts.dll]  [The PHP Group, 5.0.5.5]
[PID: 2664][C:\Documents and Settings\杜永恩\桌面\飞鸽传输.exe]  [Azhi.net, 2.05]
[PID: 3476][D:\日志扫描\sreng2new\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT