瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】偶发上扫描日志,请帮看看是否中毒???

1   1  /  1  页   跳转

【求助】偶发上扫描日志,请帮看看是否中毒???

收藏
newyn
头像
初生襁褓狮
  • 帖子:29
  • 注册: 2006-08-22
  • 来自:
发表于: 2007-04-20 11:19 | 显示全部 短消息 资料
字号: 1楼

【求助】偶发上扫描日志,请帮看看是否中毒???

[CODE]

2007-04-20,11:11:31

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Internat.exe><internat.exe>  [(Verified)Microsoft Windows 2000 Publisher]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Windows 2000 Publisher]
    <SKYNET Personal FireWall><C:\PROGRA~1\SkyNet\Firewall\pfw.exe>  [广州众达天网技术有限公司]
    <BDMCon><"C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg>  [SOFTWIN S.R.L.]
    <BDAgent><"C:\Program Files\Softwin\BitDefender10\bdagent.exe">  [SOFTWIN S.R.L.]
    <RunShadowTip><C:\winnt\system32\Shadow\ShadowTip.exe>  [PowerShadow]
    <AntiArpSniffer><C:\AntiArpSniffer3\AntiArpSniffer.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows 2000 Publisher]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><sockspy.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\System Safety Monitor]
    <WinlogonNotify: System Safety Monitor><SSMWinlogonEx.dll>  [(Verified)System Safety Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Windows Media Player><C:\WINNT\system32\setup\wmpocm.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\winnt\system32\scrnsave.scr>  [(Verified)Microsoft Windows 2000 Publisher]

==================================
启动文件夹
[System Safety Monitor]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\System Safety Monitor.lnk --> C:\PROGRA~1\SYSTEM~1\SysSafe.exe [System Safety Limited]><N>

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\winnt\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[BitDefender Scan Server / bdss][Running/Auto Start]
  <"C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service><N/A>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\winnt\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[BitDefender Desktop Update Service / LIVESRV][Running/Auto Start]
  <"C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service><SOFTWIN S.R.L.>
[Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><>
[MSSQLSERVER / MSSQLSERVER][Stopped/Manual Start]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  <C:\winnt\system32\nvsvc32.exe><NVIDIA Corporation>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
[[Sentry5]Monitor Web-Activities / Sentry5AgentA][Running/Auto Start]
  <E:\Program Files\softbar.com\Sentry5\SentryAgentA.exe><N/A>
[[Sentry5]Monitor Web-Files / Sentry5AgentB][Running/Auto Start]
  <E:\Program Files\softbar.com\Sentry5\SentryAgentB.exe><N/A>
[[Sentry5]Data Communication / Sentry5AgentC][Running/Auto Start]
  <E:\Program Files\softbar.com\Sentry5\SentryAgentC.exe><N/A>
[[Sentry5]Monitor SentryServices / Sentry5Dog][Running/Auto Start]
  <E:\Program Files\softbar.com\Sentry5\SentryDog.exe><N/A>
[[Sentry5]Internet connection sharing(NAT) / Sentry5NAT][Running/Auto Start]
  <E:\Program Files\softbar.com\Sentry5\SentryNAT.exe><N/A>
[Shadow System Service / ShadowSystemService][Running/Auto Start]
  <C:\winnt\system32\shadow\ShadowService.exe><N/A>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
[BitDefender Virus Shield / VSSERV][Running/Auto Start]
  <"C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service><SOFTWIN S.R.L.>
[BitDefender Communicator / XCOMM][Running/Auto Start]
  <"C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service><Softwin>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[bdfdll / bdfdll][Running/Manual Start]
  <\??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys><N/A>
[BDFSDRV / BDFSDRV][Running/Manual Start]
  <\??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys><N/A>
[bdpredir / bdpredir][Running/System Start]
  <\??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys><Softwin SRL>
[BDRSDRV / BDRSDRV][Running/Auto Start]
  <\??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys><N/A>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[HOOKAPI / HOOKAPI][Stopped/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookApi.Sys><N/A>
[MEMSCAN / MEMSCAN][Stopped/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS><N/A>
[NetGroup Packet Filter Driver / NPF][Running/Manual Start]
  <system32\drivers\npf.sys><Politecnico di Torino>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[WAN 微型端口 (PPP over Ethernet 协议) / RMSPPPOE][Running/Manual Start]
  <system32\DRIVERS\RMSPPPOE.SYS><Robert Schlabbach>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[System Safety Monitor 2.0 Core Engine / safemon][Running/Boot Start]
  <\SystemRoot\system32\drivers\safemon.sys><System Safety Limited>
[SKNFW / SKNFW][Running/System Start]
  <\??\C:\WINNT\system32\Drivers\SKNFW.sys><N/A>
[TDDI / TDDI][Running/Auto Start]
  <\??\C:\winnt\system32\drivers\tddi.sys><SafeNet China Ltd.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINNT\system32\xunleibho_v13.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\PROGRA~1\FlashGet\getflash.dll, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\winnt\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>

==================================
最后编辑2007-04-20 11:10:21
分享到:
gototop
 
newyn
头像
初生襁褓狮
  • 帖子:29
  • 注册: 2006-08-22
  • 来自:
发表于: 2007-04-20 11:20 | 显示全部 短消息 资料
字号: 2楼

【回复“newyn”的帖子】
正在运行的进程
[PID: 144][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 168][\??\C:\winnt\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 1304][C:\winnt\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\winnt\AppPatch\AcLayers.DLL]  [Microsoft Corporation, 5.00.2195.6717]
    [C:\winnt\system32\wdmaud.drv]  [Microsoft Corporation, 5.00.2195.6673]
    [C:\winnt\system32\msacm32.drv]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.7.2006011200]
    [C:\winnt\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
[PID: 1528][C:\PROGRA~1\SkyNet\Firewall\pfw.exe]  [广州众达天网技术有限公司, 2.7.5.1000]
    [C:\PROGRA~1\SkyNet\Firewall\SKYMISC.DLL]  [N/A, ]
    [C:\winnt\system32\wdmaud.drv]  [Microsoft Corporation, 5.00.2195.6673]
    [C:\winnt\system32\msacm32.drv]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1536][C:\Program Files\Softwin\BitDefender10\bdmcon.exe]  [SOFTWIN S.R.L., 10, 2, 0, 15]
    [C:\winnt\system32\XCOMM.dll]  [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Softwin\BitDefender10\procinf.dll]  [SOFTWIN S.R.L., 10, 2, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\TxTools.dll]  [SOFTWIN S.R.L, 10, 2, 0, 0]
    [C:\Program Files\Softwin\BitDefender10\BDGUICtl.dll]  [Softwin, 10, 2, 0, 21]
    [C:\Program Files\Softwin\BitDefender10\bdutils.dll]  [, 10, 2, 0, 9]
    [C:\winnt\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\winnt\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\winnt\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll]  [Softwin, 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdch.dll]  [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll]  [SOFTWIN, 1,2,0, 200]
    [C:\Program Files\Softwin\BitDefender10\NAG.dll]  [SOFTWIN S.R.L., 10.2.0.0]
    [C:\winnt\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\popup.dll]  [SOFTWIN S.R.L., 10, 0, 0, 9]
    [C:\Program Files\Softwin\BitDefender10\agentreg.dll]  [TODO: <Company name>, 10.2.0.3]
    [C:\Program Files\Softwin\BitDefender10\getfile.dll]  [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\WSLib.dll]  [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bdusers.dll]  [TODO: <Company name>, 10.1.0.0]
    [C:\Program Files\Softwin\BitDefender10\main.dll]  [SOFTWIN S.R.L., 10, 3, 0, 35]
    [C:\Program Files\Softwin\BitDefender10\antivirus.dll]  [SOFTWIN S.R.L., 10, 1, 0, 24]
    [C:\Program Files\Softwin\BitDefender10\firewall.dll]  [SOFTWIN S.R.L., 10, 2, 0, 61]
    [C:\Program Files\Softwin\BitDefender10\Wizards.dll]  [SOFTWIN S.R.L., 10, 3, 0, 0]
    [C:\Program Files\Softwin\BitDefender10\dbokf.dll]  [SOFTWIN, 10.2.0.1]
    [C:\Program Files\Softwin\BitDefender10\antispam.dll]  [SOFTWIN S.R.L, 10.0.0.1]
    [C:\Program Files\Softwin\BitDefender10\antispy.dll]  [SOFTWIN S.R.L., 10, 1, 0, 29]
    [C:\Program Files\Softwin\BitDefender10\live.dll]  [SOFTWIN S.R.L., 10, 2, 0, 21]
    [C:\Program Files\Softwin\BitDefender10\vshield.dll]  [SOFTWIN S.R.L., 10, 2, 1, 129]
    [C:\Program Files\Softwin\BitDefender10\vscan.dll]  [SOFTWIN S.R.L., 10, 1, 0, 34]
    [C:\Program Files\Softwin\BitDefender10\quar.dll]  [SOFTWIN S.R.L., 10, 2, 1, 18]
    [C:\Program Files\Softwin\BitDefender10\quarcore.dll]  [SOFTWIN S.R.L., 10, 2, 1, 16]
    [C:\Program Files\Softwin\BitDefender10\NTTools.dll]  [SOFTWIN S.R.L., 10, 1, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\bwlist.dll]  [SOFTWIN S.R.L., 10.0.0.0]
    [C:\Program Files\Softwin\BitDefender10\UnicoWS.dll]  [Microsoft Corporation, 1.0.4018.0]
    [C:\Program Files\Softwin\BitDefender10\ashield.dll]  [SOFTWIN S.R.L., 10, 2, 0, 92]
    [C:\Program Files\Softwin\BitDefender10\privintf.dll]  [SOFTWIN S.R.L., 10, 2, 0, 25]
    [C:\Program Files\Softwin\BitDefender10\sysinfo.dll]  [SOFTWIN S.R.L., 10, 2, 0, 1057]
    [C:\Program Files\Softwin\BitDefender10\BDElev.DLL]  [SOFTWIN S.R.L., 1.0.0.1]
[PID: 1544][C:\Program Files\Softwin\BitDefender10\bdagent.exe]  [SOFTWIN S.R.L., 10, 2, 0, 16]
    [C:\Program Files\Softwin\BitDefender10\bdch.dll]  [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll]  [SOFTWIN, 1,2,0, 200]
    [C:\winnt\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\winnt\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Softwin\BitDefender10\bdutils.dll]  [, 10, 2, 0, 9]
    [C:\winnt\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\winnt\system32\XCOMM.dll]  [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Softwin\BitDefender10\procinf.dll]  [SOFTWIN S.R.L., 10, 2, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\BDGUICtl.dll]  [Softwin, 10, 2, 0, 21]
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll]  [Softwin, 10, 2, 0, 1]
    [C:\winnt\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\bdoe.dll]  [SOFTWIN S.R.L., 10, 2, 0, 6]
    [C:\Program Files\Softwin\BitDefender10\mimeinf.dll]  [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bwlist.dll]  [SOFTWIN S.R.L., 10.0.0.0]
    [C:\Program Files\Softwin\BitDefender10\UnicoWS.dll]  [Microsoft Corporation, 1.0.4018.0]
[PID: 1552][C:\winnt\system32\Shadow\ShadowTip.exe]  [PowerShadow, 1, 0, 0, 1]
    [C:\winnt\system32\Shadow\pDeskTop.dll]  [N/A, ]
[PID: 1560][C:\AntiArpSniffer3\AntiArpSniffer.exe]  [N/A, ]
[PID: 1568][C:\winnt\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 1472][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_zh-CN.dll]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll]  [Google Inc., 1, 2, 1128, 5462]
[PID: 580][C:\Program Files\Maxthon\Maxthon.exe]  [Maxthon International Ltd., 1, 5, 6, 42]
    [C:\Program Files\Maxthon\maxzlib.dll]  [ , 1, 0, 0, 2]
    [C:\winnt\system32\sockspy.dll]  [N/A, ]
    [C:\winnt\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\winnt\Microsoft.NET\Framework\v1.1.4322\CorperfmonExt.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\winnt\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\MICROS~4\MSSQL\BINN\SQLCTR80.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\winnt\system32\wdmaud.drv]  [Microsoft Corporation, 5.00.2195.6673]
    [C:\winnt\system32\msacm32.drv]  [Microsoft Corporation, 5.00.2134.1]
    [C:\winnt\system32\msadp32.acm]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\winnt\system32\msratelc.dll]  [Microsoft Corporation, 6.00.2800.1106]
[PID: 1924][C:\winnt\system32\conime.exe]  [Microsoft Corporation, 5.00.2195.6655]
    [C:\winnt\system32\sockspy.dll]  [N/A, ]
[PID: 1984][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\winnt\system32\sockspy.dll]  [N/A, ]
[PID: 1992][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.547\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\winnt\system32\sockspy.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.547\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. ["f:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
入口点错误:LoadLibraryA (危险等级: 一般,  被下面模块所HOOK: C:\winnt\system32\sockspy.dll)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT