瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 病毒巨多。。。也不知道哪来的还有隐藏进程。。请高手帮忙看看日志

1   1  /  1  页   跳转

病毒巨多。。。也不知道哪来的还有隐藏进程。。请高手帮忙看看日志

收藏
凌づ天
头像
初生襁褓狮
  • 帖子:97
  • 注册: 2004-10-21
  • 来自:
发表于: 2007-07-07 16:39 | 显示全部 短消息 资料
字号: 1楼

病毒巨多。。。也不知道哪来的还有隐藏进程。。请高手帮忙看看日志

[CODE]

2006-02-09,16:16:57

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [(Verified)Microsoft Windows 2000 Publisher]
    <ProxyCap><C:\PROGRA~1\PROXYL~1\ProxyCap\ProxyCap.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Windows 2000 Publisher]
    <IgfxTray><C:\WINNT\system32\igfxtray.exe>  [(Verified)Microsoft Windows 2000 Publisher]
    <HotKeysCmds><C:\WINNT\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Microsoft Corporation]
    <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>  [(Verified)Symantec Corporation]
    <360Safetray><C:\Program Files\360safe\safemon\360Tray.exe /start>  [奇虎网]
    <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>  [CNNIC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows 2000 Publisher]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINNT\system32\NavLogon.dll>  [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer 访问><"C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express 访问><"C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015C}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.W95>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
    <Internet 连接向导><rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINDOWS\INF\icw.inf,PerUserStub,,36>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserStub>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Address Book 5><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINNT\system32\Rundll32.exe C:\WINNT\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
    <CRLUpdate><%SystemRoot%\system32\updcrl.exe -e -u %SystemRoot%\system32\verisignpub1.crl>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk, Inc.>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch][Running/Auto Start]
  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"><Macrovision Corporation>
[LiveUpdate / LiveUpdate][Stopped/Manual Start]
  <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation>
[MSCSPTISRV / MSCSPTISRV][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe"><Sony Corporation>
[ms ddraw / msddraw][Running/Auto Start]
  <C:\WINNT\system32\ddraw.exe><N/A>
[PACSPTISVR / PACSPTISVR][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[PPPoE Service / PPPoEService][Stopped/Auto Start]
  <e:\郑旭峰\ppo\app\pppoeservice.exe><N/A>
[SavRoam / SavRoam][Running/Auto Start]
  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec SPBBCSvc / SPBBCSvc][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[spkrmon / spkrmon][Running/Auto Start]
  <C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe><>
[Sony SPTI Service / SPTISRV][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[Symantec AntiVirus / Symantec AntiVirus][Running/Auto Start]
  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[Windows system backup / Windows system backup][Stopped/Auto Start]
  <C:\WINNT\sysbakmap.exe><N/A>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[aeaudio / aeaudio][Running/Manual Start]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
  <system32\DRIVERS\b57w2k.sys><Broadcom Corporation>
[cdnprot / cdnprot][Running/Boot Start]
  <\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[cdntran / cdntran][Running/Auto Start]
  <system32\drivers\cdntran.sys><CNNIC>
[deifiegh / deifiegh][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\deifiegh.sys><N/A>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[Symantec Eraser Control driver / eeCtrl][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
[EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys><Symantec Corporation>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070706.017\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070706.017\navex15.sys><Symantec Corporation>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\F:\独自等待\运行\124324\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkcusb / npkcusb][Running/Auto Start]
  <\??\F:\独自等待\运行\124324\npkcusb.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[WAN 微型端口 (PPP over Ethernet 协议) / RMSPPPOE][Running/Manual Start]
  <system32\DRIVERS\RMSPPPOE.SYS><Robert Schlabbach>
[SAVRT / SAVRT][Running/System Start]
  <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL][Running/System Start]
  <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sony USBSTOR.SYS Filter / SONYFILT][Stopped/Manual Start]
  <System32\Drivers\SonyUSBF.sys><Sony Corporation>
[SPBBCDrv / SPBBCDrv][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
最后编辑2007-07-07 17:49:18
分享到:
gototop
 
凌づ天
头像
初生襁褓狮
  • 帖子:97
  • 注册: 2004-10-21
  • 来自:
发表于: 2007-07-07 16:43 | 显示全部 短消息 资料
字号: 2楼

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <F:\新建文件夹 (1\WebThunderBHO_Now.dll, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Cbho Object]
  {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\PROGRA~1\360safe\safemon\safemon.dll, >
[OAid Class]
  {DCC24EBC-B348-485D-9B32-CFE4B4163E84} <C:\WINNT\system32\danim.ocx, microsoft>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\运行\QQ\QQ.EXE, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINNT\system32\aliedit\aliedit.dll, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINNT\DOWNLO~1\INPUTC~1.DLL, >
[AcDcToday 控件]
  {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} <C:\WINNT\DOWNLO~1\ACDCTO~1.OCX, Autodesk>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[WebBasedClientInstall Class]
  {D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} <C:\WINNT\Downloaded Program Files\WebInst.Dll, Symantec Corporation>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINNT\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[AcPreview 控件]
  {F281A59C-7B65-11D3-8617-0010830243BD} <C:\WINNT\DOWNLO~1\ACPREV~1.OCX, Autodesk>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <F:\新建文件夹 (1\ComDlls\ThunderAgent_Now.dll, N/A>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360safe.com>
[上传到QQ网络硬盘]
  <F:\独自等待\运行\124324\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <F:\新建文件夹 (1\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <F:\新建文件夹 (1\GetAllUrl.htm, N/A>
[添加到QQ自定义面板]
  <F:\独自等待\运行\124324\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\独自等待\运行\124324\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\独自等待\运行\124324\SendMMS.htm, N/A>
[访问通用网址]
  <C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>

==================================
正在运行的进程
[PID: 152][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 176][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 172][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
    [C:\WINNT\system32\wdmaud.drv]  [Microsoft Corporation, 5.00.2195.6673]
    [C:\WINNT\system32\NavLogon.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\msacm32.drv]  [Microsoft Corporation, 5.00.2134.1]
[PID: 224][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
[PID: 236][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
[PID: 404][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 432][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  [Symantec Corporation, 104.0.11.1]
    [C:\WINNT\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.11.1]
[PID: 460][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  [Symantec Corporation, 104.0.11.1]
    [C:\WINNT\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  [Symantec Corporation, 2.2.0.7]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 104.0.11.1]
[PID: 548][C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe]  [Symantec Corporation, 2.2.0.7]
    [C:\WINNT\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 2.2.0.7]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll]  [Symantec Corporation, 2.2.0.7]
[PID: 576][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
    [C:\WINNT\system32\HPBMMON.DLL]  [Hewlett-Packard, 10.00.16]
    [C:\WINNT\system32\hpdomon.dll]  [Hewlett-Packard, 03.42.00]
    [C:\WINNT\system32\HPBHealr.dll]  [N/A, ]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
[PID: 612][C:\Program Files\Symantec AntiVirus\DefWatch.exe]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
[PID: 684][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\unimdm.tsp]  [Microsoft Corporation, 5.00.2195.6601]
    [C:\WINNT\system32\kmddsp.tsp]  [Microsoft Corporation, 5.00.2150.1]
    [C:\WINNT\system32\ndptsp.tsp]  [Microsoft Corporation, 5.00.2143.1]
    [C:\WINNT\system32\ipconf.tsp]  [Microsoft Corporation, 5.00.2143.1]
    [C:\WINNT\system32\h323.tsp]  [Microsoft Corporation, 5.00.2195.6901]
[PID: 744][C:\WINNT\system32\ddraw.exe]  [N/A, ]
[PID: 784][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.6701]
[PID: 840][C:\Program Files\Symantec AntiVirus\SavRoam.exe]  [symantec, 10.1.5.5000]
gototop
 
凌づ天
头像
初生襁褓狮
  • 帖子:97
  • 注册: 2004-10-21
  • 来自:
发表于: 2007-07-07 16:45 | 显示全部 短消息 资料
字号: 3楼

[C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINNT\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Symantec Shared\SSC\Transman.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\CBA.DLL]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\NTS.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.142 E]
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 752][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6972]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.1.63.0]
[PID: 900][C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe]  [, 1, 0, 0, 4]
    [C:\WINNT\system32\wdmaud.drv]  [Microsoft Corporation, 5.00.2195.6673]
[PID: 924][C:\Program Files\Symantec AntiVirus\Rtvscan.exe]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINNT\system32\CBA.DLL]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\NTS.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\Program Files\Symantec AntiVirus\NAVLU.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Symantec AntiVirus\I2ldvp3.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec Corporation, 10.1.5.5000]
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccDec.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll]  [Symantec Corporation, 3.02.14.10]
    [C:\Program Files\Common Files\Symantec Shared\ccScan.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  [Symantec Corporation, 51.3.0.11]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070706.017\ccEraser.dll]  [Symantec Corporation, 107.2.1.6]
    [C:\Program Files\Symantec AntiVirus\DefUtDCD.dll]  [Symantec Corporation, 3.1.13a.0]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070706.017\ecmsvr32.dll]  [Symantec Corporation, 71.2.0.12]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070706.017\NAVEX32a.DLL]  [Symantec Corporation, 20071.2.0.18]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070706.017\NAVENG32.DLL]  [Symantec Corporation, 20071.2.0.18]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.7.2.3]
    [C:\Program Files\Symantec AntiVirus\IMail.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\Program Files\Symantec AntiVirus\NotesExt.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\Program Files\Symantec AntiVirus\vpmsece4.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\Program Files\Symantec AntiVirus\SymProtectStorage.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 2.2.0.7]
[PID: 984][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 1040][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1144][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\AppPatch\AcLayers.DLL]  [Microsoft Corporation, 5.00.2195.6717]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.1.63.0]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.1.63.0]
    [C:\WINNT\system32\wdmaud.drv]  [Microsoft Corporation, 5.00.2195.6673]
    [C:\WINNT\system32\msacm32.drv]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll]  [Nero AG, 1.1.1.1]
    [C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [C:\Progra~1\Baidu\bar\BaiDuBar.dll]  [Baidu.com, Inc., 2, 0, 2, 144]
    [C:\WINNT\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
    [C:\WINNT\system32\msadp32.acm]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\dfshim.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINNT\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\PROGRA~1\360safe\safemon\safemon.dll]  [, 3, 5, 0, 1001]
    [C:\WINNT\system32\danim.ocx]  [microsoft, 1.0.0.1]
[PID: 1152][C:\WINNT\system32\rundll32.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\cmdl32.dll]  [mcsoft, 1, 0, 0, 0]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
[PID: 1200][C:\Program Files\CNNIC\Cdn\cdnup.exe]  [CNNIC, 2, 5, 0, 8]
    [C:\Program Files\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\Program Files\CNNIC\Cdn\cdnprh.dll]  [CNNIC, 2, 4, 0, 7]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.1.63.0]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdntdns.dll]  [CNNIC, 2, 2, 0, 3]
[PID: 1396][C:\WINNT\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3889]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\WINNT\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\igfxhk.dll]  [Intel Corporation, 3.0.0.3889]
    [C:\WINNT\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3889]
[PID: 1380][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 104.0.11.1]
gototop
 
凌づ天
头像
初生襁褓狮
  • 帖子:97
  • 注册: 2004-10-21
  • 来自:
发表于: 2007-07-07 16:45 | 显示全部 短消息 资料
字号: 4楼

[C:\WINNT\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 104.0.11.1]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 104.0.11.1]
    [C:\WINNT\system32\SYMREDIR.DLL]  [Symantec Corporation, 6.0.4.402]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
[PID: 1440][C:\PROGRA~1\SYMANT~1\VPTray.exe]  [Symantec Corporation, 10.1.5.5000]
    [C:\WINNT\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINNT\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.7.2.3]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccAlert.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 10.1.5.5000]
    [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec Corporation, 10.1.5.5000]
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 10.1.5.5000]
[PID: 1484][C:\WINNT\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
[PID: 1216][C:\WINNT\system32\conime.exe]  [Microsoft Corporation, 5.00.2195.6655]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
[PID: 1636][C:\WINNT\system32\zfimnjg.exe]  [N/A, ]
[PID: 1948][C:\Documents and Settings\Administrator\桌面\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Documents and Settings\Administrator\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINNT\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINNT\system32\w2pxdrv.dll]  [Proxy Labs, 3, 0, 1, 0]
    [C:\WINNT\system32\MSISIP.DLL]  [Microsoft Corporation, 3.1.4000.1823]
    [C:\WINNT\system32\wshCHS.DLL]  [Microsoft Corporation, 5.6.0.6626]

==================================
文件关联
.TXT  Error. [C:\WINNT\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  Error. [AutoCADScriptFile]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINNT\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
PROXYCAP MSAFD Tcpip [TCP/IP]
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP MSAFD Tcpip [UDP/IP]
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP RSVP UDP Service Provider
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP RSVP TCP Service Provider
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP LSP
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
10.136.1.1        zpepchu01
10.136.122.220      nbepma01

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 744, C:\WINNT\SYSTEM32\DDRAW.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 900, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SPKRMON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1200, C:\PROGRAM FILES\CNNIC\CDN\CDNUP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1636, C:\WINNT\SYSTEM32\ZFIMNJG.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
    [1376] C:\WINNT\system32\calc.exe

==================================


[/CODE]
gototop
 
凌づ天
头像
初生襁褓狮
  • 帖子:97
  • 注册: 2004-10-21
  • 来自:
发表于: 2007-07-07 17:49 | 显示全部 短消息 资料
字号: 5楼

ddd
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT