瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 帮看个日志。。 右键菜单多了个 auto~~

1   1  /  1  页   跳转

帮看个日志。。 右键菜单多了个 auto~~

收藏
gaodedong
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2005-12-15
  • 来自:
发表于: 2006-12-20 21:22 | 只看楼主 短消息 资料
字号: 1楼

帮看个日志。。 右键菜单多了个 auto~~

2006-12-20,08:46:54

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <RealUpdate><C:\WINDOWS\system32\real.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Update><C:\WINDOWS\system32\Update.exe>  [N/A]
    <nod32kui><"C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE>  [Eset ]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\软件\ewido anti-spyware 4.0\ewido anti-spyware 4.0\shellexecutehook.dll>  [Anti-Malware Development a.s.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ccApp><; "c:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <Cpqset><; C:\Program Files\HPQ\Default Settings\cpqset.exe>  [N/A]
    <DetectorApp><; C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\DetectorApp.exe>  [N/A]
    <eabconfg.cpl><; C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start>  [Hewlett-Packard ]
    <High Definition Audio Property Page Shortcut><; CHDAudPropShortcut.exe>  [(Verified)Windows (R) Server 2003 DDK provider]
    <HP Software Update><; C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co.]
    <hpWirelessAssistant><; C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe>  [Hewlett-Packard Development Company, L.P.]
    <igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <igfxpers><; C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Intel Corporation]
    <igfxtray><; C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [N/A]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <QPService><; "C:\Program Files\HP\QuickPlay\QPService.exe">  [CyberLink Corp.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RealUpdate><; C:\WINDOWS\system32\real.exe>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RecGuard><; C:\Windows\SMINST\RecGuard.exe>  []
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <SunJavaUpdateSched><; C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe>  [Sun Microsystems, Inc.]
    <SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc.]
    <Update><; C:\WINDOWS\system32\Update.exe>  [N/A]
    <URLLSTCK.exe><; c:\Program Files\Norton Internet Security\UrlLstCk.exe>  [(Verified)Symantec Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Application Management / AppMgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Symantec Event Manager / ccEvtMgr]
  <"c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Internet Security Password Validation / ccISPwdSvc]
  <"c:\Program Files\Norton Internet Security\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Network Proxy / ccProxy]
  <"c:\Program Files\Common Files\Symantec Shared\ccProxy.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[COM Host / comHost]
  <"c:\Program Files\Norton Internet Security\comHost.exe"><Symantec Corporation>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
  <C:\软件\ewido anti-spyware 4.0\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[HP WMI Interface / hpqwmi]
  <C:\Program Files\HPQ\Shared\hpqwmi.exe><Hewlett-Packard Development Company, L.P.>
[hpqwmiex / hpqwmiex]
  <C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe><Hewlett-Packard Development Company, L.P.>
[InterBase Server / InterBaseServer]
  <C:\Program Files\InterBase7\bin\ibserver -s><Borland Software Corporation>
[LightScribeService Direct Disc Labeling Service / LightScribeService]
  <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[MSSQLSERVER / MSSQLSERVER]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[Norton AntiVirus 自动防护服务 / navapsvc]
  <"c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[NOD32 Kernel Service / NOD32krn]
  <"C:\Program Files\Eset\nod32krn.exe"><Eset>
[Norton Protection Center Service / NSCService]
  <C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE><Symantec Corporation>
[Symantec AVScan / SAVScan]
  <"c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe"><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc]
  <"c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec SPBBCSvc / SPBBCSvc]
  <"c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[SQLSERVERAGENT / SQLSERVERAGENT]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE -i MSSQLSERVER><Microsoft Corporation>
[Symantec Core LC / Symantec Core LC]
  <"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation>
[USBDeviceService / USBDeviceService]
  <C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\USBDeviceService.exe><>

==================================
驱动程序
[AliIde / AliIde]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMON / AMON]
  <\??\C:\WINDOWS\system32\drivers\amon.sys><Eset>
[WIDCOMM USB Bluetooth Driver / BTWUSB]
  <System32\Drivers\btwusb.sys><Broadcom Corporation.>
[Intel(R) PRO Network Connection Driver / E100B]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[eabfiltr / eabfiltr]
  <\??\C:\WINDOWS\system32\drivers\EABFiltr.sys><Hewlett-Packard Development Company, L.P.>
[eabusb / eabusb]
  <\??\C:\WINDOWS\system32\drivers\eabusb.sys><Hewlett-Packard Development Company, L.P.>
[ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver]
  <\??\C:\软件\ewido anti-spyware 4.0\ewido anti-spyware 4.0\guard.sys><N/A>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService]
  <system32\drivers\CHDAud.sys><Conexant Systems Inc.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HOSTNT / HOSTNT]
  <C:\WINDOWS\SYSTEM32\DRIVERS\HOSTNT.SYS><N/A>
[HSFHWAZL / HSFHWAZL]
  <system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV]
  <system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel AHCI Controller / iaStor]
  <\SystemRoot\System32\DRIVERS\iaStor.sys><Intel Corporation>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[HP Webcam 1000 / Mvc25U870_VID_1262&PID_25FD]
  <System32\Drivers\Mvc25U870.sys><Micro Vision Co.,Ltd>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20051127.005\NAVENG.Sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20051127.005\NavEx15.Sys><Symantec Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[rimmptsk / rimmptsk]
  <system32\DRIVERS\rimmptsk.sys><REDC>
[rimsptsk / rimsptsk]
  <system32\DRIVERS\rimsptsk.sys><REDC>
[Ricoh xD-Picture Card Driver / rismxdp]
  <system32\DRIVERS\rixdptsk.sys><REDC>
[SAVRT / SAVRT]
  <\??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
  <\??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SMC IrCC Miniport Device Driver / SMCIRDA]
  <system32\DRIVERS\smcirda.sys><SMC>
[SPBBCDrv / SPBBCDrv]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[SYMDNS / SYMDNS]
  <\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMFW / SYMFW]
  <\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation>
[SYMIDS / SYMIDS]
  <\SystemRoot\System32\Drivers\SYMIDS.SYS><Symantec Corporation>
[SYMIDSCO / SYMIDSCO]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys><Symantec Corporation>
[symlcbrd / symlcbrd]
  <\??\C:\WINDOWS\system32\drivers\symlcbrd.sys><Symantec Corporation>
[SYMNDIS / SYMNDIS]
  <\SystemRoot\System32\Drivers\SYMNDIS.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[Synaptics TouchPad Driver / SynTP]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[Rainbow China UMC Driver / UsbC]
  <System32\Drivers\rcusbwdm.sys><Rainbow China Co. Ltd.>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51]
  <system32\DRIVERS\w39n51.sys><Intel? Corporation>
[winachsf / winachsf]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
最后编辑2006-12-22 09:46:45
分享到:
gototop
 
gaodedong
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2005-12-15
  • 来自:
发表于: 2006-12-20 21:25 | 只看楼主 短消息 资料
字号: 2楼

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[CNavExtBho Class]
  {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Java Plug-in]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Norton AntiVirus]
  {C4069E3A-68F1-403E-B40E-20066696354B} <c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Java Plug-in]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
  {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[CNavExtBho Class]
  {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Norton AntiVirus]
  {C4069E3A-68F1-403E-B40E-20066696354B} <c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash.ocx, Macromedia, Inc.>
[Google 搜索(&G)]
  <res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[反向链接]
  <res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[类似网页]
  <res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html, N/A>
[缓存的网页快照]
  <res://c:\program files\google\GoogleToolbar2.dll/cmcache.html, N/A>
[翻译英文字词(&T)]
  <res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html, N/A>

==================================
正在运行的进程
[PID: 788][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 936][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 948][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
[PID: 1092][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1176][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
[PID: 1240][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
[PID: 1300][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1496][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
[PID: 1656][c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.1.17]
[PID: 1688][c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  [Symantec Corporation, 2,0,0,73]
    [C:\WINDOWS\SYSTEM32\SYMNETI.DLL]  [Symantec Corporation, 6.0.0.99]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASSPMEVT.DLL]  [Symantec Corporation, 2006.2.00.153]
gototop
 
gaodedong
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2005-12-15
  • 来自:
发表于: 2006-12-20 21:26 | 只看楼主 短消息 资料
字号: 3楼

[C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCPXYEVT.DLL]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\NORTON~1\ISSVC.DLL]  [Symantec Corporation, 9.0.3.4]
    [C:\PROGRA~1\NORTON~1\NORTON~1\HPPEVT32.DLL]  [Symantec Corporation, 12.0.2.5]
    [C:\PROGRA~1\NORTON~1\NORTON~1\HPPRES32.loc]  [Symantec Corporation, 12.0.2.5]
    [C:\PROGRA~1\NORTON~1\NORTON~1\NAVEVENT.DLL]  [Symantec Corporation, 12.0.2.5]
    [c:\Program Files\Norton Internet Security\ObrkData.dll]  [Symantec Corporation, 9.0.3.4]
[PID: 1824][c:\Program Files\Common Files\Symantec Shared\ccProxy.exe]  [Symantec Corporation, 104.0.1.17]
    [C:\WINDOWS\system32\SYMREDIR.dll]  [Symantec Corporation, 6.0.0.99]
    [C:\WINDOWS\system32\SymNeti.DLL]  [Symantec Corporation, 6.0.0.99]
    [c:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\rcProxy.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
    [c:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\DPHTML.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\DPJS.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\DPVBS.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\PFMisc.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\PFPriv.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\PFRes.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Norton Internet Security\SYMURL.DLL]  [Symantec Corporation, 9.0.3.4]
    [c:\Program Files\Norton Internet Security\NISRES.DLL]  [Symantec Corporation, 9.0.3.4]
    [c:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\PFSec.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\PxyHTTP.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\DPHTTP.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\PxyIM.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\PxyNNTP.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccLogin.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom_2_7.DLL]  [Symantec Corporation, 2.7.39.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS_2_7.DLL]  [Symantec Corporation, 2.7.39.0]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegComPS_2_7.DLL]  [Symantec Corporation, 2.7.39.0]
[PID: 1840][c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe]  [Symantec Corporation, 6.0.0.99]
    [c:\WINDOWS\system32\SymNeti.dll]  [Symantec Corporation, 6.0.0.99]
[PID: 1908][c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe]  [Symantec Corporation, 2,0,0,73]
    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 2,0,0,73]
    [c:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll]  [Symantec Corporation, 2,0,0,73]
[PID: 144][C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe]  [Symantec Corporation, 1.9.1.762]
    [C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll]  [Symantec Corporation, 1.9.1.762]
[PID: 484][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 672][C:\Program Files\InterBase7\bin\ibserver.exe]  [Borland Software Corporation, WI-V7.0.1.1]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
[PID: 692][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.4.52.1]
[PID: 816][C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0194.00]
[PID: 832][c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe]  [Symantec Corporation, 12.0.2.5]
    [c:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.7.0.10]
    [c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.loc]  [Symantec Corporation, 12.0.2.5]
    [c:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll]  [Symantec Corporation, 3.1.30.0]
[PID: 864][C:\Program Files\Eset\nod32krn.exe]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\nod32krr.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\ps_amon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\ps_dmon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_dmon.dll]  [N/A, N/A]
    [C:\Program Files\Eset\ps_emon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_emon.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
    [C:\Program Files\Eset\ps_mirr.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_mirr.dll]  [N/A, N/A]
    [C:\Program Files\Eset\ps_nod32.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\ps_upd.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_upd.dll]  [N/A, N/A]
[PID: 952][C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE]  [Symantec Corporation, 2006.1.1.2]
[PID: 1380][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1424][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1216][C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\USBDeviceService.exe]  [, 1, 0, 0, 1]
[PID: 1696][C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe]  [Hewlett-Packard Development Company, L.P., 2, 0, 1, 2]
[PID: 2076][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
[PID: 2892][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 12.0.2.5]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.4421]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4421]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\软件\ewido anti-spyware 4.0\ewido anti-spyware 4.0\shellexecutehook.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 2984][C:\Program Files\Eset\nod32kui.exe]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\nod32rui.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\Program Files\Eset\pu_amon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pu_dmon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_dmon.dll]  [N/A, N/A]
    [C:\Program Files\Eset\pu_emon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_emon.dll]  [N/A, N/A]
    [C:\Program Files\Eset\pu_imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]
    [C:\Program Files\Eset\pu_mirr.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_mirr.dll]  [N/A, N/A]
    [C:\Program Files\Eset\pu_nod32.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pu_upd.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_upd.dll]  [N/A, N/A]
[PID: 3032][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 4028][C:\Documents and Settings\onw\My Documents\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
NOD32 protected [MSAFD Tcpip [TCP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)

==================================
Autorun.inf
[C:\]
[AutoRun]
Open=xiaoshen.exe
shellexecute=xiaoshen.exe
shell\Auto\command=xiaoshen.exe
[D:\]
[AutoRun]
Open=xiaoshen.exe
shellexecute=xiaoshen.exe
shell\Auto\command=xiaoshen.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
gototop
 
水树雨下
头像
横据古稀狮
  • 帖子:8397
  • 注册: 2006-07-26
  • 来自:
发表于: 2006-12-20 21:32 | 短消息 资料
字号: 4楼

参考http://forum.ikaka.com/topic.asp?board=28&artid=8208472
gototop
 
☆★雨泪★☆
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2006-12-20
  • 来自:
发表于: 2006-12-20 22:04 | 短消息 资料
字号: 5楼

不要着急,我的右键也多了个auto,而且好多.EXE的文件都是熊猫头像,听说是熊猫升级版病毒!不知道能不能把这个auto修复掉,老是右键点击盘来进入好麻烦的!
gototop
 
光头小二
头像
初生襁褓狮
  • 帖子:27
  • 注册: 2006-09-11
  • 来自:
发表于: 2006-12-22 09:55 | 短消息 资料
字号: 6楼

熊猫烧香?我的是.exe文件都变成了setup.exe安装图标的模样
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT