瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 流氓软件!桌面又出现http://www.sms591.com/

1   1  /  1  页   跳转

流氓软件!桌面又出现http://www.sms591.com/

收藏
西瓜芥末
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-01-26 13:02 | 只看楼主 短消息 资料
字号: 1楼

流氓软件!桌面又出现http://www.sms591.com/

请版主帮忙,这个情况跟本BBS上某兄弟的情况一样,见帖子http://forum.ikaka.com/topic.asp?board=36&artid=8256189&page=1
就是这个网站,http://www.sms591.com/
最后编辑2007-01-29 08:33:49
分享到:
gototop
 
西瓜芥末
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-01-26 13:05 | 只看楼主 短消息 资料
字号: 2楼

[CODE]

2007-01-25,19:14:53

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <igfxtray><C:\WINNT\System32\igfxtray.exe>  [(Verified)Intel Corporation]
    <igfxhkcmd><C:\WINNT\System32\hkcmd.exe>  [(Verified)Intel Corporation]
    <igfxpers><C:\WINNT\System32\igfxpers.exe>  [(Verified)Intel Corporation]
    <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Analog Devices, Inc.]
    <Realtime Monitor><C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s>  [(Verified)Computer Associates International, Inc.]
    <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{630BECDD-ABE8-46E9-A043-E5A657BE7476}><C:\WINNT\system32\zt.dll>  [N/A]
    <{1A404685-7563-4d02-B0F6-58B308A406A9}><c:\program files\ca\etrust antivirus\atypggmi.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PCANotify]
    <WinlogonNotify: PCANotify><PCANotify.dll>  [Symantec Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINNT\system32\logon.scr>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[腾讯通]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\腾讯通.lnk --> D:\PROGRA~1\Tencent\RTX\rtxc.exe [Tencent]><N>

==================================
服务
[7EA996FF / 7EA996FF][Stopped/Auto Start]
  <C:\WINNT\system32\7EA996FF.EXE -service><Microsoft Corporation>
[pcAnywhere Host Service / awhost32][Stopped/Manual Start]
  <C:\Program Files\Symantec\pcAnywhere\awhost32.exe><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[eTrust Antivirus RPC Server / InoRPC][Running/Auto Start]
  <"C:\Program Files\CA\eTrust Antivirus\InoRpc.exe"><Computer Associates International, Inc.>
[eTrust Antivirus Realtime Server / InoRT][Running/Auto Start]
  <"C:\Program Files\CA\eTrust Antivirus\InoRT.exe"><Computer Associates International, Inc.>
[eTrust Antivirus Job Server / InoTask][Running/Auto Start]
  <"C:\Program Files\CA\eTrust Antivirus\InoTask.exe"><Computer Associates International, Inc.>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINNT\system32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>

==================================
驱动程序
[awlegacy / awlegacy][Running/System Start]
  <\SystemRoot\System32\Drivers\awlegacy.sys><Symantec Corporation>
[AW_HOST / AW_HOST][Stopped/Disabled]
  <system32\drivers\aw_host5.sys><Symantec Corporation>
[Broadcom NetXtreme 57xx Gigabit Controller / b57w2k][Running/Manual Start]
  <System32\DRIVERS\b57w2k.sys><Broadcom Corporation>
[cdnprot / cdnprot][Running/Auto Start]
  <system32\drivers\cdnprot.sys><N/A>
[cdntran / cdntran][Running/Auto Start]
  <system32\drivers\cdntran.sys><N/A>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[gwiopm / gwiopm][Stopped/Manual Start]
  <\??\C:\Program Files\Wom\gwiopm.sys><N/A>
[ialm / ialm][Running/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[INO_FLPY / INO_FLPY][Running/Boot Start]
  <\SystemRoot\system32\Drivers\ino_flpy.sys><Computer Associates>
[INO_FLTR / INO_FLTR][Running/Auto Start]
  <\??\C:\WINNT\system32\Drivers\ino_fltr.sys><Computer Associates>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[npkcusb / npkcusb][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQ\npkcusb.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[senfilt / senfilt][Running/Manual Start]
  <system32\drivers\senfilt.sys><Creative Technology Ltd.>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[SymEvent / SymEvent][Stopped/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[CNNIC_IDN]
  {35980F6E-A137-4E50-953D-813BB8556899} <C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll, >
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[CNNIC_IDN]
  {35980F6E-A137-4E50-953D-813BB8556899} <C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[iNotes Class]
  {1E2941E3-8E63-11D4-9D5A-00902742D6E0} <C:\WINNT\Downloaded Program Files\inotes.dll, IBM Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINNT\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[百度-搜索MP3]
  <res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUMP3.HTM, N/A>
[百度-搜索图片]
  <res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUIMG.HTM, N/A>
[百度-搜索新闻]
  <res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM, N/A>
[百度-搜索歌词]
  <res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDULYRIC.HTM, N/A>
[百度-搜索网页]
  <res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUSEARCH.HTM, N/A>
[百度-搜索贴吧]
  <res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUPOST.HTM, N/A>
[百度-词典搜索]
  <res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDU_DIC.HTM, N/A>
gototop
 
西瓜芥末
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-01-26 13:07 | 只看楼主 短消息 资料
字号: 3楼

==================================
正在运行的进程
[PID: 144][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 172][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 168][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6898]
    [C:\WINNT\system32\PCANotify.dll]  [Symantec Corporation, 10.5.0.477]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
    [c:\program files\ca\etrust antivirus\atypggmi.dll]  [, 1, 0, 0, 11]
    [C:\WINNT\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.4396]
[PID: 220][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.6700]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
[PID: 232][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.6902]
[PID: 424][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
[PID: 456][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.6659]
    [C:\WINNT\system32\awmon.dll]  [Symantec Corporation, 9.2.1]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\HPBF332E.DLL]  [Hewlett-Packard Company, 4.19.0.3]
[PID: 508][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 524][C:\Program Files\CA\eTrust Antivirus\InoRpc.exe]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
    [C:\Program Files\CA\eTrust Antivirus\secAddIn.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InocAdn.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InDrvCfg.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\secAPI.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\poldecod.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\polAdn.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAdn.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\NameAPIX.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAPI.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InoAlert.dll]  [Computer Associates International, Inc., 7.0.139.0]
[PID: 560][C:\Program Files\CA\eTrust Antivirus\InoRT.exe]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\arclib.dll]  [Computer Associates International, Inc., 7.0.139.44]
    [C:\Program Files\CA\SharedComponents\ScanEngine\Avh32dll.dll]  [N/A, N/A]
[PID: 588][C:\Program Files\CA\eTrust Antivirus\InoTask.exe]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InoAlert.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAPI.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\InDrvCfg.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\eTrust Antivirus\secAPI.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  [Computer Associates International, Inc., 7.0.139.0]
[PID: 672][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.6701]
[PID: 716][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6704]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
[PID: 864][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 948][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1044][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [c:\program files\ca\etrust antivirus\atypggmi.dll]  [, 1, 0, 0, 11]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdnspie.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\IDNCONV.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaconv.dll]  [cnnic, 2, 0, 0, 0]
    [D:\Program files\Tencent\RTX\BQQHook.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\RTXOLAss.dll]  [ìú??????óD?T1???, 1, 0, 0, 1]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\RTXShl.dll]  [Tencent, 1, 0, 0, 1]
    [C:\Program Files\CA\eTrust Antivirus\InoShell.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
[PID: 1224][C:\WINNT\System32\hkcmd.exe]  [Intel Corporation, 3.0.0.4396]
    [C:\WINNT\System32\hccutils.DLL]  [Intel Corporation, 3.0.0.4396]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\WINNT\System32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4396]
    [C:\WINNT\System32\igfxres.dll]  [Intel Corporation, 3.0.0.4396]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
gototop
 
西瓜芥末
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-01-26 13:09 | 只看楼主 短消息 资料
字号: 4楼

[PID: 1276][C:\WINNT\System32\igfxpers.exe]  [Intel Corporation, 3.0.0.4396]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\WINNT\System32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4396]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
[PID: 1304][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 5, 2, 0, 5]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 5, 2, 3, 000]
    [C:\WINNT\system32\EDCrypt.DLL]  [Analog Devices Incorporated, 1.0.0.8]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnspie.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\IDNCONV.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaconv.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
[PID: 1340][C:\PROGRA~1\CA\ETRUST~1\realmon.exe]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\PROGRA~1\CA\ETRUST~1\InConfig.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\PROGRA~1\CA\ETRUST~1\INOCORE.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\PROGRA~1\CA\ETRUST~1\InoOEM.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\PROGRA~1\CA\ETRUST~1\InDrvCfg.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\PROGRA~1\CA\ETRUST~1\secAPI.dll]  [Computer Associates International, Inc., 7.0.139.0]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
[PID: 1320][C:\Program Files\CNNIC\Cdn\cdnup.exe]  [, 2, 0, 0, 0]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnglo.dll]  [, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\IDNCONV.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaconv.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdnspie.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\CNNIC\Cdn\cdntdns.dll]  [N/A, N/A]
[PID: 1352][C:\WINNT\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdnspie.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\IDNCONV.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaconv.dll]  [cnnic, 2, 0, 0, 0]
    [D:\Program files\Tencent\RTX\BQQHook.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\RTXOLAss.dll]  [ìú??????óD?T1???, 1, 0, 0, 1]
[PID: 1388][D:\Program files\Tencent\RTX\rtxc.exe]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\RTXDbug.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\Utility.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\UILib.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\Crypt.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\BqqZip.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\QQRes.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnspie.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\IDNCONV.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaconv.dll]  [cnnic, 2, 0, 0, 0]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\Core.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\MPBase.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\RTXProxy.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\ProxySock.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\Psr.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\MsgRec.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\MsgDb.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\libdb42.dll]  [Sleepycat Software, 4.2.52]
    [D:\Program files\Tencent\RTX\BQQApi.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\Store.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\ClientAPI.dll]  [Tencent, 3,4,0,32]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
    [D:\Program files\Tencent\RTX\RtxP2pMgr.dll]  [Tencent, 3,4,0,31]
    [D:\Program files\Tencent\RTX\P2pMgr.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\QQSkin.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\NewSkin.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\RTXOLAss.dll]  [ìú??????óD?T1???, 1, 0, 0, 1]
    [D:\Program files\Tencent\RTX\BQQHook.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\DeptHideSet.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\RTCBuddy.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\MiniRTXPrj.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\RTXInfoComm.dll]  [Tencent, 3,4,0,32]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\IM.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\RecentRecord.dll]  [Tencent, 3,4,0,32]
    [D:\Program files\Tencent\RTX\BQQAVPlugin.dll]  [Tencent, 3,4,0,32]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
    [D:\Program files\Tencent\RTX\Envelope.dll]  [Tencent, 3,4,0,32]
    [D:\PROGRA~1\Tencent\RTX\RTXOle.dll]  [Tencent, 3,4,0,32]
    [c:\program files\ca\etrust antivirus\atypggmi.dll]  [, 1, 0, 0, 11]
[PID: 1184][C:\WINNT\system32\wuauclt.exe]  [Microsoft Corporation, 5.4.3630.2554 built by: lab04_n]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnspie.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\IDNCONV.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaconv.dll]  [cnnic, 2, 0, 0, 0]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
[PID: 1468][C:\WINNT\system32\conime.exe]  [Microsoft Corporation, 5.00.2195.6655]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnspie.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\IDNCONV.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaconv.dll]  [cnnic, 2, 0, 0, 0]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
[PID: 860][C:\Documents and Settings\Administrator\桌面\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnspie.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [cnnic, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\IDNCONV.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaconv.dll]  [cnnic, 2, 0, 0, 0]
    [C:\WINNT\system32\zt.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [, 2, 0, 0, 0]
    [D:\Program files\Tencent\RTX\BQQHook.dll]  [N/A, N/A]
    [D:\Program files\Tencent\RTX\RTXOLAss.dll]  [ìú??????óD?T1???, 1, 0, 0, 1]
    [C:\WINNT\system32\cdnns.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1    localhost
10.200.0.35  app1.hub
10.200.0.34  app2.hub
10.72.0.32    app1.nn
10.72.0.33    nn3.oa.net
10.72.0.33    oa3.nn
10.72.0.65      cxsrv2
10.72.0.56cxcwsrv
10.72.0.37      nncx
10.72.0.60cxsrv1
10.72.0.70      nncpic
10.72.1.88nnyhqz
10.200.7.1 finance.hq.cpic.com  finance
10.200.7.3 finapp1.hq.cpic.com  finapp1
10.200.7.4 finapp2.hq.cpic.com  finapp2
10.200.0.75 p07trn.hq.cpic.com
10.200.14.27 cpicnms1
10.200.14.28 cpicnms2
10.200.14.29 cpicnms3
10.200.14.30 cpicnms4

==================================
API HOOK
N/A

==================================
gototop
 
西瓜芥末
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-01-26 17:29 | 只看楼主 短消息 资料
字号: 5楼

顶起来高高的,给领导看看先
gototop
 
朱朱4349
头像
初生襁褓狮
  • 帖子:16
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-01-26 18:18 | 短消息 资料
字号: 6楼

去下一个windows清理助手就行了,我的电脑犯病就是下了它弄好的。杰哥那里有。
gototop
 
西瓜芥末
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-01-29 08:43 | 只看楼主 短消息 资料
字号: 7楼

顶起来高高的,给领导看看
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT