广告广告
  加入我的最爱 设为首页 风格修改
首页 首尾
 手机版   订阅   地图  繁体 
您是第 15619 个阅读者
 
<< 上页  1   2   3   4   5   6  下页 >>(共 6 页)
发表文章 发表投票 回覆文章
  可列印版   加为IE收藏   收藏主题   上一主题 | 下一主题   
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

请楼主一下述的资讯依路径找到档案..然后上传至免空给我好吗?

Boot Items
Registry
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Corporation]

Drivers
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>
[U3sHlpDr / U3sHlpDr][Running/Auto Start]
<\??\C:\WINDOWS\System32\Drivers\U3sHlpDr.sys><N/A>

Browser Add-ons
[网页]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>

另外刚刚又重看了一次.楼主您下述这一样还是没清除到喔!
Browser Add-ons
[EF2KRSE.ctlEF2KRSE]
{CF265377-E224-11D4-ACE8-0080C8D96040} <C:\WINDOWS\Downloaded Program Files\EF2KRSE.ocx, Data Systems Consulting Co., Ltd.>


[ 此文章被彗星风采在2007-04-04 09:48重新编辑 ]



献花 x0 回到顶端 [20 楼] From:台湾中华电信 | Posted:2007-04-04 00:13 |
Rich0401
数位造型
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x1 鲜花 x28
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

昨天电脑关机呈现正在关机中,然后就任它一直处于这种状态,

今天来看电源依然开着,它并没有关机,但是出现了按

Ctl+Alt+Del 开机提示,结果开机后,就非常顺畅,

但是依然没音效。

目前出现左下角【开始】钮没反应 表情

msmsgs.exe;klif.sys;scieplugin.dll;U3sHlpDr.sys查找结果
http://app04.bonpoo.com/cgi-bin/download?...DB8ABA3A618E215873

msmsgs.exe
http://app04.bonpoo.com/cgi-bin/download?...DB8AEB378F8E215873

scieplugin.dll
http://app04.bonpoo.com/cgi-bin/download?...DBAC09E5948E215873

U3sHlpDr.sys
http://app04.bonpoo.com/cgi-bin/download?...DBA6FD84828E215873

-------------------------------------------------------------------------------
Browser Add-ons
[EF2KRSE.ctlEF2KRSE]
{CF265377-E224-11D4-ACE8-0080C8D96040} <C:\WINDOWS\Downloaded Program Files\EF2KRSE.ocx, Data Systems Consulting Co., Ltd.>

这个我用SREng清不掉,后来用Hijack清掉

-------------------------------------------------------------------------------

复制程式

2007-04-04,09:15:13

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 1 (Build 2600) - 

Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, 

Services and so on)
    Browser Add-ons
    Runing Processes (Including process model 

information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVers

ion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  

[(Verified)Microsoft Windows XP Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" 

/background>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows 

NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVer

sion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" 

/Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft 

Windows XP Publisher]
    <CJIMETIPSYNC><C:\Program Files\Common 

Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE 

/CJIMETIPSync>  [(Verified)Microsoft Corporation]
    <PHIMETIPSYNC><C:\Program Files\Common 

Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE 

/PHIMETIPSync>  [(Verified)Microsoft Corporation]
    <OfficeScanNT Monitor><"C:\Program Files\Trend 

Micro\OfficeScan Client\pccntmon.exe" -HideWindow>  

[Trend Micro Inc.]
    <Matrox Powerdesk><C:\WINDOWS\System32

\PDesk\PDesk.exe /Autolaunch>  [(Verified)Microsoft 

Windows XP Publisher]
    <avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe>  

[(Verified)ALWIL Software]
    <Outpost Firewall><C:\PROGRA~1\Agnitum\OUTPOS~1.0

\outpost.exe /waitservice>  [Agnitum]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows 

NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows 

XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  

[(Verified)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows 

NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows 

NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows 

XP Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\AVASTSS.scr>  

[ALWIL Software]

==================================
Startup Folders
[REBECCA]
  <C:\Documents and Settings\sinotech.54-573\「开始」功能

表\程式集\启动\REBECCA.lnk --> 

E:\RIMARTS\REBECCA\REBECCA.EXE [RimArts, Inc.]><N>
[Reminder]
  <C:\Documents and Settings\sinotech.54-573\「开始」功能

表\程式集\启动\Reminder.lnk --> E:\REMINDER\Reminder.exe 

[Kana Solution]><N>
[标点符号.exe]
  <C:\Documents and Settings\sinotech.54-573\「开始」功能

表\程式集\启动\标点符号.exe.lnk --> E:\原DISK~1

\C\game\FU\标点符号.exe [台湾钜软科技 HZYSoft 

Corporation]><N>

==================================
Services
[ASP.NET State Service / aspnet_state][Stopped/Manual 

Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322

\aspnet_state.exe><Microsoft Corporation>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto 

Start]
  <"C:\Program Files\Alwil Software\Avast4

\aswUpdSv.exe"><N/A>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4

\ashServ.exe"><>
[avast! Mail Scanner / avast! Mail Scanner]

[Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" 

/service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual 

Start]
  <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" 

/service><ALWIL Software>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard]

[Stopped/Disabled]
  <><N/A>
[Human Interface Device Access / HidServ]

[Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%

SystemRoot%\System32\hidserv.dll><N/A>
[MGABGEXE / MGABGEXE][Running/Auto Start]
  <C:\WINDOWS\System32\mgabg.exe><Matrox Graphics Inc.>
[OfficeScanNT 即时扫瞄 / ntrtscan][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan 

Client\ntrtscan.exe><Trend Micro Inc.>
[OfficeScanNT 防火墙 / OfcPfwSvc][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPfwSvc.exe><Trend Micro Inc.>
[Outpost Firewall Service / OutpostFirewall][Running/Auto 

Start]
  <C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe 

/service><Agnitum>
[OfficeScanNT Listener / tmlisten][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan 

Client\tmlisten.exe><Trend Micro Inc.>

==================================
Drivers
[Intel(r) 82801 Audio Driver Install Service (WDM) / 

ac97intc][Running/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Outpost Firewall PlugIn (CONTENT.DLL) / CONTENT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\CONTENT.DLL><Agnitum>
[CO_Mon / CO_Mon][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\Drivers\CO_Mon.sys><N/A>
[Outpost Firewall PlugIn (DNSCACHE.DLL) / DNSCACHE.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\DNSCACHE.DLL><Agnitum>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual 

Start]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[Filseclab Dynamic Defense System Driver / filar]

[Stopped/System Start]
  <\??\C:\PROGRA~1\COMMON~1\FILSEC~1\filar.sys><N/A>
[Outpost Firewall PlugIn (FTPFILT.DLL) / FTPFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\FTPFILT.DLL><Agnitum>
[G400 / G400][Stopped/Manual Start]
  <System32\DRIVERS\G400m.sys><Matrox Graphics Inc.>
[G400DH / G400DH][Running/Manual Start]
  <System32\DRIVERS\g400dhm.sys><Matrox Graphics Inc.>
[Outpost Firewall PlugIn (HTMLFILT.DLL) / HTMLFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\HTMLFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (HTTPFILT.DLL) / HTTPFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\HTTPFILT.DLL><Agnitum>
[i81x / i81x][Stopped/Manual Start]
  <System32\DRIVERS\i81xnt5.sys><Intel Corporation>
[iAimFP0 / iAimFP0][Stopped/Manual Start]
  <System32\DRIVERS\wADV01nt.sys><Intel Corporation>
[iAimFP1 / iAimFP1][Stopped/Manual Start]
  <System32\DRIVERS\wADV02NT.sys><Intel Corporation>
[iAimFP2 / iAimFP2][Stopped/Manual Start]
  <System32\DRIVERS\wADV05NT.sys><Intel Corporation>
[iAimFP3 / iAimFP3][Stopped/Manual Start]
  <System32\DRIVERS\wSiINTxx.sys><Intel Corporation>
[iAimFP4 / iAimFP4][Stopped/Manual Start]
  <System32\DRIVERS\wVchNTxx.sys><Intel Corporation>
[iAimTV0 / iAimTV0][Stopped/Manual Start]
  <System32\DRIVERS\wATV01nt.sys><Intel Corporation>
[iAimTV1 / iAimTV1][Stopped/Manual Start]
  <System32\DRIVERS\wATV02NT.sys><Intel Corporation>
[iAimTV2 / iAimTV2][Stopped/Manual Start]
  <System32\DRIVERS\wATV03nt.sys><Intel Corporation>
[iAimTV3 / iAimTV3][Stopped/Manual Start]
  <System32\DRIVERS\wATV04nt.sys><Intel Corporation>
[iAimTV4 / iAimTV4][Stopped/Manual Start]
  <System32\DRIVERS\wCh7xxNT.sys><Intel Corporation>
[Outpost Firewall PlugIn (IMAPFILT.DLL) / IMAPFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\IMAPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (MAILFILT.DLL) / MAILFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\MAILFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (NNTPFILT.DLL) / NNTPFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\NNTPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (POP3FILT.DLL) / POP3FILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\POP3FILT.DLL><Agnitum>
[Outpost Firewall PlugIn (PROTECT.DLL) / PROTECT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\PROTECT.DLL><Agnitum>
[直接平行连接埠连结驱动程式 / Ptilink][Running/Manual 

Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, 

Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Trend Micro Filter / TmFilter][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan 

Client\TmXPFlt.sys><Trend Micro Inc.>
[Trend Micro PreFilter / TmPreFilter][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan 

Client\TmPreFlt.sys><Trend Micro Inc.>
[TSP / TSP][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>
[U3sHlpDr / U3sHlpDr][Running/Auto Start]
  <\??\C:\WINDOWS\System32\Drivers\U3sHlpDr.sys><N/A>
[Outpost Firewall Kernel Driver / VFILT][Running/System 

Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\2000

\FILTNT.SYS><Agnitum>
[Trend Micro VSAPI NT / VSApiNt][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan 

Client\VSApiNt.sys><Trend Micro Inc.>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program 

Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe 

Systems Incorporated>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents 

and Settings\All Users\Application 

Data\Microsoft\PCTools\pctools.dll, N/A>
[网页]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program 

Files\Kaspersky Internet Security 6.0\Kaspersky Internet 

Security 6.0\scieplugin.dll, Kaspersky Lab>
[参考资料(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1

\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@C:\Program Files\Messenger\Msgslang.dll,-61144]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program 

Files\Messenger\msmsgs.exe, Microsoft Corporation>
[收音机(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} 

<C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[CKAVWebScan Object]
  {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <, N/A>
[Symantec AntiVirus scanner]
  {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} 

<C:\WINDOWS\Downloaded Program Files\avsniff.dll, 

Symantec Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} 

<C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Symantec RuFSI Utility Class]
  {644E432F-49D3-41A1-8DD5-E099162EEEC5} 

<C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec 

Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} 

<C:\WINDOWS\System32\muweb.dll, Microsoft Corporation>
[WScanCtl Class]
  {7B297BFD-85E4-4092-B2AF-16A91B2EA103} 

<C:\WINDOWS\Downloaded Program Files\webscan.dll, CA>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} 

<C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe 

Systems, Inc.>
[McFreeScan Class]
  {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} 

<C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll, McAfee, 

Inc.>
[汇出至 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, 

N/A>

==================================
Running Processes
[PID: 552][\SystemRoot\System32\smss.exe]  [Microsoft 

Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 656][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft 

Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 220][C:\WINDOWS\Explorer.EXE]  [Microsoft 

Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
    [C:\WINDOWS\System32\PDesk\PDKERNEL.DLL]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDTOOLS.DLL]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDRESENG.DLL]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\Program Files\Adobe\Acrobat 7.0

\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Alwil Software\Avast4\ashShell.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 

7.0.0.2004121400]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft 

Corporation, 7.10.3052.4]
[PID: 324][C:\Program Files\Trend Micro\OfficeScan 

Client\pccntmon.exe]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\loadhttp.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\Pwd.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPIPC.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\TimeString.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\ntmonres.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
[PID: 332][C:\WINDOWS\System32\PDesk\PDesk.exe]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDTOOLS.DLL]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDRESENG.DLL]  [Matrox 

Graphics Inc., 6.93.009]
[PID: 360][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]  [, 

4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft 

Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft 

Corporation, 7.10.3052.4]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast4

\English\Base.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast4

\English\Lang.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\WINDOWS\System32\MFC71.DLL]  [Microsoft 

Corporation, 7.10.3077.0]
    [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruimai.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll]  [Codejock 

Software, 1, 9, 4, 0]
    [c:\program files\alwil software\avast4\ahruimes.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruins.dll]  

[ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruiout.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruip2p.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruistd.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruiws.dll]  

[ALWIL Software, 4, 7, 936, 0]
[PID: 392][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft 

Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 628][E:\原Disk J\C\game\FU\标点符号.exe]  [台湾钜软

科技 HZYSoft Corporation, 3. 0. 0. 0]
[PID: 1096][C:\Program Files\Trend Micro\OfficeScan 

Client\Pop3Trap.exe]  [Trend Micro Incorporated., 

10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\POP3UTIL.dll]  [Trend Micro Incorporated., 

10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\tmdbg.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\pewnt2.dll]  [Trend Micro Incorporated., 

10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\tmCfwApi.dll]  [Trend Micro Inc., 1.2.0.1020]
[PID: 2448][C:\WINDOWS\System32\wuauclt.exe]  [Microsoft 

Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 2820][E:\soft\电脑检测\sreng2\SREng.EXE]  

[Smallfrogs Studio, 2.4.12.806]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================




[ 此文章被Rich0401在2007-04-04 10:43重新编辑 ]


一人论命,命师曰︰『即将走名声运。』,不久报纸头版果登其照,原是通缉犯落网。名声有好有坏,端看个人作为。
献花 x0 回到顶端 [21 楼] From:台湾中华HiNet | Posted:2007-04-04 10:33 |
LostDream
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x6
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

C:\WINDOWS\System32\Drivers\U3sHlpDr.sys
C:\WINDOWS\system32\drivers\klif.sys
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dll

全部都是正常的。


献花 x0 回到顶端 [22 楼] From:台湾 | Posted:2007-04-04 18:13 |
ken2659 手机
个人文章 个人相簿 个人日记 个人地图
小有名气
级别: 小有名气 该用户目前不上站
推文 x57 鲜花 x620
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

我感觉还是重新安装一下作业系统应会比较好吧! 表情


★★★请回覆或推荐一下啰!!! ★★★
        感恩了!!
http://bbs.mychat.to/index.php?u=304870
献花 x0 回到顶端 [23 楼] From:台湾中华HiNet | Posted:2007-04-04 18:30 |
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片



献花 x0 回到顶端 [24 楼] From:台湾中华电信HINET | Posted:2007-04-04 19:48 |
LostDream
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x6
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

不是所有状况都是威胁造成的,若不是威胁造成,SREngLog中自然看不出异样。


献花 x0 回到顶端 [25 楼] From:台湾 | Posted:2007-04-04 20:05 |
Rich0401
数位造型
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x1 鲜花 x28
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

请问如果找不到以下档案

C:\WINDOWS\system32\drivers\klif.sys

可在SREng中删除它吗? 表情

我在网上找文,也有同样情形的受害者,音效不见,他是说被注入dll,

但是后辈才疏学浅,实在看不出所以然来啊~~~ 表情


[ 此文章被Rich0401在2007-04-05 00:26重新编辑 ]


一人论命,命师曰︰『即将走名声运。』,不久报纸头版果登其照,原是通缉犯落网。名声有好有坏,端看个人作为。
献花 x0 回到顶端 [26 楼] From:东森 Cable | Posted:2007-04-05 00:03 |
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

Drivers
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>
Browser Add-ons
[网页]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
这2项我之前有列过了?不过忘记提醒楼主说要删除.. 表情
这2项都是卡巴的元件..因为楼主没再用卡巴了..所以可以删除了... 表情
另外楼主您的XP也都没有做更新喔...还在SP1....赶紧去更新喔...

PS..我不知道在这边贴连结到别论坛算不算违规....不过最好还是不要喔....请尽速更改吧 表情


献花 x0 回到顶端 [27 楼] From:台湾中华电信HINET | Posted:2007-04-05 00:11 |
Rich0401
数位造型
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x1 鲜花 x28
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

但是我看[ 防毒防骇讨论 奖励与公告 ]

第一条有说可以贴文,而且要载明出处,我不知道还有限制不能贴别的论坛,真失礼啦~~ 表情

http://bbs.mychat.to/thread.php?fid=254
1. 转贴文章须注明出处, 和写30个字以上有建设性的心得, 新闻类设自删。


有问题的那台电脑要下礼拜二才碰的到,我再试试 表情


一人论命,命师曰︰『即将走名声运。』,不久报纸头版果登其照,原是通缉犯落网。名声有好有坏,端看个人作为。
献花 x0 回到顶端 [28 楼] From:东森 Cable | Posted:2007-04-05 00:22 |
Rich0401
数位造型
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x1 鲜花 x28
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

舞了一个早上

Browser Add-ons
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>

依然不动如山,机码删不掉,Icewords也不能用,

-------------------------------------------------------

Drivers
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>
Browser Add-ons
[网页]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
这2项我也删了

-------------------------------------------------------

音效依然呈现死寂状态,我败了 表情


以下是最新出炉的SREngLOG,敬请赐教。

-------------------------------------------------------

复制程式

2007-04-10,12:46:43

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 1 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
    <CJIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync>  [(Verified)Microsoft Corporation]
    <PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync>  [(Verified)Microsoft Corporation]
    <OfficeScanNT Monitor><"C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow>  [Trend Micro Inc.]
    <Matrox Powerdesk><C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe>  [(Verified)ALWIL Software]
    <Outpost Firewall><C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe /waitservice>  [Agnitum]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\AVASTSS.scr>  [ALWIL Software]

==================================
Startup Folders
[REBECCA]
  <C:\Documents and Settings\sinotech.54-573\「开始」功能表\程式集\启动\REBECCA.lnk --> E:\RIMARTS\REBECCA\REBECCA.EXE [RimArts, Inc.]><N>
[Reminder]
  <C:\Documents and Settings\sinotech.54-573\「开始」功能表\程式集\启动\Reminder.lnk --> E:\REMINDER\Reminder.exe [Kana Solution]><N>
[标点符号.exe]
  <C:\Documents and Settings\sinotech.54-573\「开始」功能表\程式集\启动\标点符号.exe.lnk --> E:\原DISK~1\C\game\FU\标点符号.exe [台湾钜软科技 HZYSoft Corporation]><N>

==================================
Services
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><N/A>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Disabled]
  <><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MGABGEXE / MGABGEXE][Running/Auto Start]
  <C:\WINDOWS\System32\mgabg.exe><Matrox Graphics Inc.>
[OfficeScanNT 即时扫瞄 / ntrtscan][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe><Trend Micro Inc.>
[OfficeScanNT 防火墙 / OfcPfwSvc][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe><Trend Micro Inc.>
[Outpost Firewall Service / OutpostFirewall][Running/Auto Start]
  <C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe /service><Agnitum>
[OfficeScanNT Listener / tmlisten][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe><Trend Micro Inc.>

==================================
Drivers
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Outpost Firewall PlugIn (CONTENT.DLL) / CONTENT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\CONTENT.DLL><Agnitum>
[CO_Mon / CO_Mon][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\Drivers\CO_Mon.sys><N/A>
[Outpost Firewall PlugIn (DNSCACHE.DLL) / DNSCACHE.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\DNSCACHE.DLL><Agnitum>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[Filseclab Dynamic Defense System Driver / filar][Stopped/System Start]
  <\??\C:\PROGRA~1\COMMON~1\FILSEC~1\filar.sys><N/A>
[Outpost Firewall PlugIn (FTPFILT.DLL) / FTPFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\FTPFILT.DLL><Agnitum>
[G400 / G400][Stopped/Manual Start]
  <System32\DRIVERS\G400m.sys><Matrox Graphics Inc.>
[G400DH / G400DH][Running/Manual Start]
  <System32\DRIVERS\g400dhm.sys><Matrox Graphics Inc.>
[Outpost Firewall PlugIn (HTMLFILT.DLL) / HTMLFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\HTMLFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (HTTPFILT.DLL) / HTTPFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\HTTPFILT.DLL><Agnitum>
[i81x / i81x][Stopped/Manual Start]
  <System32\DRIVERS\i81xnt5.sys><Intel Corporation>
[iAimFP0 / iAimFP0][Stopped/Manual Start]
  <System32\DRIVERS\wADV01nt.sys><Intel Corporation>
[iAimFP1 / iAimFP1][Stopped/Manual Start]
  <System32\DRIVERS\wADV02NT.sys><Intel Corporation>
[iAimFP2 / iAimFP2][Stopped/Manual Start]
  <System32\DRIVERS\wADV05NT.sys><Intel Corporation>
[iAimFP3 / iAimFP3][Stopped/Manual Start]
  <System32\DRIVERS\wSiINTxx.sys><Intel Corporation>
[iAimFP4 / iAimFP4][Stopped/Manual Start]
  <System32\DRIVERS\wVchNTxx.sys><Intel Corporation>
[iAimTV0 / iAimTV0][Stopped/Manual Start]
  <System32\DRIVERS\wATV01nt.sys><Intel Corporation>
[iAimTV1 / iAimTV1][Stopped/Manual Start]
  <System32\DRIVERS\wATV02NT.sys><Intel Corporation>
[iAimTV2 / iAimTV2][Stopped/Manual Start]
  <System32\DRIVERS\wATV03nt.sys><Intel Corporation>
[iAimTV3 / iAimTV3][Stopped/Manual Start]
  <System32\DRIVERS\wATV04nt.sys><Intel Corporation>
[iAimTV4 / iAimTV4][Stopped/Manual Start]
  <System32\DRIVERS\wCh7xxNT.sys><Intel Corporation>
[Outpost Firewall PlugIn (IMAPFILT.DLL) / IMAPFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\IMAPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (MAILFILT.DLL) / MAILFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\MAILFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (NNTPFILT.DLL) / NNTPFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\NNTPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (POP3FILT.DLL) / POP3FILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\POP3FILT.DLL><Agnitum>
[Outpost Firewall PlugIn (PROTECT.DLL) / PROTECT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\PROTECT.DLL><Agnitum>
[直接平行连接埠连结驱动程式 / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Trend Micro Filter / TmFilter][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys><Trend Micro Inc.>
[Trend Micro PreFilter / TmPreFilter][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys><Trend Micro Inc.>
[U3sHlpDr / U3sHlpDr][Running/Auto Start]
  <\??\C:\WINDOWS\System32\Drivers\U3sHlpDr.sys><N/A>
[Outpost Firewall Kernel Driver / VFILT][Running/System Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\2000\FILTNT.SYS><Agnitum>
[Trend Micro VSAPI NT / VSApiNt][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys><Trend Micro Inc.>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>
[参考资料(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@C:\Program Files\Messenger\Msgslang.dll,-61144]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[收音机(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[CKAVWebScan Object]
  {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <, N/A>
[Symantec AntiVirus scanner]
  {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\avsniff.dll, Symantec Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Symantec RuFSI Utility Class]
  {644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\System32\muweb.dll, Microsoft Corporation>
[WScanCtl Class]
  {7B297BFD-85E4-4092-B2AF-16A91B2EA103} <C:\WINDOWS\Downloaded Program Files\webscan.dll, CA>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[McFreeScan Class]
  {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} <C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll, McAfee, Inc.>
[汇出至 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 556][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 672][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1668][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
    [C:\WINDOWS\System32\PDesk\PDKERNEL.DLL]  [Matrox Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDTOOLS.DLL]  [Matrox Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDRESENG.DLL]  [Matrox Graphics Inc., 6.93.009]
    [C:\Program Files\Alwil Software\Avast4\ashShell.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 1996][C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan Client\ntmonres.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
[PID: 2004][C:\WINDOWS\System32\PDesk\PDesk.exe]  [Matrox Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDTOOLS.DLL]  [Matrox Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDRESENG.DLL]  [Matrox Graphics Inc., 6.93.009]
[PID: 2012][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]  [, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast4\English\Base.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast4\English\Lang.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\WINDOWS\System32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruimai.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll]  [Codejock Software, 1, 9, 4, 0]
    [c:\program files\alwil software\avast4\ahruimes.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruins.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruiout.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruip2p.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruistd.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruiws.dll]  [ALWIL Software, 4, 7, 936, 0]
[PID: 2028][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1196][C:\Program Files\Trend Micro\OfficeScan Client\Pop3Trap.exe]  [Trend Micro Incorporated., 10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan Client\POP3UTIL.dll]  [Trend Micro Incorporated., 10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan Client\pewnt2.dll]  [Trend Micro Incorporated., 10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmCfwApi.dll]  [Trend Micro Inc., 1.2.0.1020]
[PID: 2720][E:\soft\电脑检测\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================




一人论命,命师曰︰『即将走名声运。』,不久报纸头版果登其照,原是通缉犯落网。名声有好有坏,端看个人作为。
献花 x0 回到顶端 [29 楼] From:台湾中华HiNet | Posted:2007-04-10 12:58 |

<< 上页  1   2   3   4   5   6  下页 >>(共 6 页)
首页  发表文章 发表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.080827 second(s),query:16 Gzip disabled
本站由 瀛睿律师事务所 担任常年法律顾问 | 免责声明 | 本网站已依台湾网站内容分级规定处理 | 连络我们 | 访客留言