运行打印机.就蓝屏 bbs.ikaka.com

ogim - 2006-10-27 21:43:00

系统日志:

2006-10-17,10:11:48

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><; ctfmon.exe> [Microsoft Corporation]
<BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; ; "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"> [N/A]
<caishowmanage><; ; C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE> [N/A]
<PcSync><; C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog> [N/A]
<Sony Ericsson PC Suite><; "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /Minimized> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<OfficeScanNT Monitor><"C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow> [Trend Micro Inc.]
<Synchronization Manager><; mobsync.exe /logon> [(Verified)Microsoft Corporation]
<Cmaudio><; ; RunDll32 cmicnfg.cpl,CMICtrlWnd> [N/A]
<CnsMHlp.exe><; ; C:\WINNT\Downloaded Program files\CnsMHlp.exe> [N/A]
<EXPLOEER><; ; C:\Program Files\Internet Explorer\Mui\0112_16.exe> [N/A]
<ezShieldProtector for Px><; ; C:\WINNT\system32\ezSP_Px.exe> [Easy Systems Japan Ltd.]
<hxgame-update><; C:\Program Files\hxupdate\hxgame-update.exe> [N/A]
<IESAddr><; ; C:\Program Files\Internet Explorer\Mui\0112_16.exe> [N/A]
<IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<ISUSPM Startup><; ; C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup> [InstallShield Software Corporation]
<ISUSScheduler><; ; "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start> [N/A]
<KService><; ; C:\WINNT\system32\KService.exe> [N/A]
<NetVideoNews><; ; C:\Program Files\BBsee\BBsee.exe> [N/A]
<RichMedia><; ; C:\WINNT\system32\Rundll32.exe "C:\PROGRA~1\HBClient\hbhelper.dll",WaitWindows> [N/A]
<Super Rabbit Desktop Set><; C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load> [Super Rabbit Software]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINNT\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<webwork><C:\WINNT\webwork\webwork.dll> [MSWebwork Cop.]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINNT\system32\sstext3d.scr> [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state]
<C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
<C:\WINNT\system32\drivers\CDAC11BA.EXE><Macrovision>
[Logical Disk Manager Administrative Service / dmadmin]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[JMediaService / JMediaService]
<C:\WINNT\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><Microsoft Corporation>
[MD Simple Burner Service / NetMDSB]
<C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe><Sony Corporation>
[OfficeScanNT 实时扫描 / ntrtscan]
<"C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe"><Trend Micro Inc.>
[OfficeScanNT 个人防火墙 / OfcPfwSvc]
<"C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe"><Trend Micro Inc.>
[PACSPTISVR / PACSPTISVR]
<"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[Sony SPTI Service / SPTISRV]
<"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[OfficeScanNT 侦听程序 / tmlisten]
<"C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe"><Trend Micro Inc.>

==================================
驱动程序
[Albus / Albus]
<\SystemRoot\system32\drivers\Albus.SYS><N/A>
[CdaC15BA / CdaC15BA]
<\??\C:\WINNT\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[C-Media WDM Audio Interface / cmuda]
<system32\drivers\cmuda.sys><C-Media Inc>
[dmboot / dmboot]
<System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
<\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
<\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[dtscsi / dtscsi]
<\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[InCD File System / InCDFs]
<system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass]
<system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm]
<system32\drivers\InCDRm.sys><N/A>
[Net MD / NETMDUSB]
<System32\Drivers\NETMDUSB.sys><Sony Corporation>
[Nokia USB Generic / Nokia USB Generic]
<system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent]
<system32\drivers\nmwcd.sys><Nokia>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv4 / nv4]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PCTINDIS5 NDIS Protocol Driver / PCTINDIS5]
<\??\C:\WINNT\system32\PCTINDIS5.SYS><N/A>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pwd_2K / pwd_2K]
<C:\WINNT\SYSTEM32\DRIVERS\pwd_2K.SYS><Roxio>
[PxHelp20 / PxHelp20]
<\SystemRoot\system32\DRIVERS\PxHelp20.sys><VERITAS Software, Inc.>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SiS AGP Filter / SISAGP]
<\SystemRoot\System32\DRIVERS\SISAGPx.sys><Silicon Integrated Systems Corporation>
[Sony USBSTOR.SYS Filter / SONYFILT]
<System32\Drivers\SonyUSBF.sys><Sony Corporation>
[Sony Memory Stick Driver(SONYPVM1) / SONYPVM1]
<\SystemRoot\System32\DRIVERS\SONYPVM1.SYS><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
<System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Sony USB Mass Storage Driver / SonySDK2]
<\SystemRoot\system32\DRIVERS\SonySDK2.sys><Sony Corporation>
[sptd / sptd]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Trend Micro Filter / TmFilter]
<\??\C:\Program Files\Trend Micro\OfficeScan Client\TmFilter.sys><Trend Micro Inc.>
[Trend Micro VSAPI NT / VSApiNt]
<\??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys><Trend Micro Inc.>
[Sony Ericsson W550 driver (WDM) / w550bus]
<system32\DRIVERS\w550bus.sys><N/A>
[Sony Ericsson W550 USB WMC Modem Filter / w550mdfl]
<system32\DRIVERS\w550mdfl.sys><N/A>

==================================

ogim - 2006-10-27 21:46:00

浏览器加载项
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[Edit Class]
{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINNT\system32\CMBEdit.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[导出到 Microsoft Office Excel(&X)]
<res://E:\工具目录\office\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 192][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 216][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 236][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 268][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 280][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011]
[PID: 460][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 484][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.7059]
[C:\WINNT\system32\E_SL2070.DLL] [SEIKO EPSON CORPORATION, 2, 8, 0, 0]
[C:\WINNT\system32\E_SL2602.DLL] [SEIKO EPSON CORPORATION, 1, 3, 0, 0]
[PID: 552][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 624][C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcDog.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[PID: 684][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972]
[PID: 744][C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\TMSOCK.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\libTmCAV.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcDog.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\TmUpdate.dll] [Trend Micro Inc., 2,63,0,1007]
[PID: 804][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[PID: 828][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 840][C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwCommon.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\ZLib.dll] [Trend Micro Inc., 1.31.0.1708]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[C:\Program Files\Trend Micro\OfficeScan Client\tmCfwApi.dll] [Trend Micro Inc., 1.2.0.1020]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 1100][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\webwork\webwork.nls] [MSWebwork Cop., 1, 0, 0, 1]
[C:\WINNT\system32\vp6dec_settings.cpl] [N/A, N/A]
[C:\WINNT\System\cmicnfg.cpl] [C-Media Corporation, 1, 0, 0, 14]
[C:\WINNT\system32\styleman.cpl] [Autodesk, Inc., 8.0.16.86]
[C:\WINNT\system32\plotman.cpl] [Autodesk, Inc., 8.0.16.86]
[E:\工具目录\Adobe Reader 7.07 简体中文版\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[E:\工具目录\压缩文件目录\rarext.dll] [N/A, N/A]
[PID: 652][C:\WINNT\TEMP\KFE98A.EXE] [N/A, N/A]
[PID: 1124][C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\ntmonres.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 1160][C:\WINNT\system32\ctfmon.exe] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 1408][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[PID: 1332][F:\杀毒软件\新建文件夹\sreng最新版\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

红夜鬼1 - 2006-10-27 22:29:00

查一线路,打印机的软件的问题
运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
JMediaService
，选择“删除服务”
点“设置”选择“否”
重启按F８进入安全模式下修复
显示隐藏文件
删除：
C:\PROGRA~1\MMSASS~1\MMSSVER.DLL

轩辕小聪 - 2006-10-28 6:33:00

结束进程并删除C:\WINNT\TEMP\KFE98A.EXE
在添加删除程序中卸载webwork，如果卸不掉，参考http://forum.ikaka.com/topic.asp?board=28&artid=8162782

ogim - 2006-11-9 13:55:00

2006-11-09,13:44:42

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><ctfmon.exe> [Microsoft Corporation]
<BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; ; "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"> [N/A]
<caishowmanage><; ; C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE> [N/A]
<PcSync><; C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog> [N/A]
<Sony Ericsson PC Suite><; "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /Minimized> [N/A]
<Super Rabbit IEPro><C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD> [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<OfficeScanNT Monitor><"C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow> [Trend Micro Inc.]
<Synchronization Manager><mobsync.exe /logon> [(Verified)Microsoft Corporation]
<CnsMHlp.exe><; ; C:\WINNT\Downloaded Program files\CnsMHlp.exe> [N/A]
<IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<ISUSPM Startup><; ; C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup> [InstallShield Software Corporation]
<ISUSScheduler><; ; "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start> [N/A]
<KService><; ; C:\WINNT\system32\KService.exe> [N/A]
<NetVideoNews><; ; C:\Program Files\BBsee\BBsee.exe> [N/A]
<Super Rabbit Desktop Set><; C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load> [Super Rabbit Software]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINNT\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINNT\system32\sstext3d.scr> [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state]
<C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
<C:\WINNT\system32\drivers\CDAC11BA.EXE><Macrovision>
[Logical Disk Manager Administrative Service / dmadmin]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[MD Simple Burner Service / NetMDSB]
<C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe><Sony Corporation>
[OfficeScanNT 实时扫描 / ntrtscan]
<"C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe"><Trend Micro Inc.>
[OfficeScanNT 个人防火墙 / OfcPfwSvc]
<"C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe"><Trend Micro Inc.>
[PACSPTISVR / PACSPTISVR]
<"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[Servicel / Servicel]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\jetspeed.dll><>
[Sony SPTI Service / SPTISRV]
<"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[OfficeScanNT 侦听程序 / tmlisten]
<"C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe"><Trend Micro Inc.>
[WMDM PMSP Service / WMDM PMSP Service]
<C:\WINNT\system32\mspmspsv.exe><Microsoft Corporation>

==================================
驱动程序
[CdaC15BA / CdaC15BA]
<\??\C:\WINNT\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[C-Media WDM Audio Interface / cmuda]
<system32\drivers\cmuda.sys><C-Media Inc>
[dmboot / dmboot]
<System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
<\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
<\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[dtscsi / dtscsi]
<\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[InCD File System / InCDFs]
<system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass]
<system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm]
<system32\drivers\InCDRm.sys><N/A>
[Net MD / NETMDUSB]
<System32\Drivers\NETMDUSB.sys><Sony Corporation>
[Nokia USB Generic / Nokia USB Generic]
<system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent]
<system32\drivers\nmwcd.sys><Nokia>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv4 / nv4]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PCTINDIS5 NDIS Protocol Driver / PCTINDIS5]
<\??\C:\WINNT\system32\PCTINDIS5.SYS><N/A>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pwd_2K / pwd_2K]
<C:\WINNT\SYSTEM32\DRIVERS\pwd_2K.SYS><Roxio>
[PxHelp20 / PxHelp20]
<\SystemRoot\system32\DRIVERS\PxHelp20.sys><VERITAS Software, Inc.>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SiS AGP Filter / SISAGP]
<\SystemRoot\System32\DRIVERS\SISAGPx.sys><Silicon Integrated Systems Corporation>
[Sony USBSTOR.SYS Filter / SONYFILT]
<System32\Drivers\SonyUSBF.sys><Sony Corporation>
[Sony Memory Stick Driver(SONYPVM1) / SONYPVM1]
<\SystemRoot\System32\DRIVERS\SONYPVM1.SYS><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
<System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Sony USB Mass Storage Driver / SonySDK2]
<\SystemRoot\system32\DRIVERS\SonySDK2.sys><Sony Corporation>
[sptd / sptd]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Trend Micro Filter / TmFilter]
<\??\C:\Program Files\Trend Micro\OfficeScan Client\TmFilter.sys><Trend Micro Inc.>
[Trend Micro VSAPI NT / VSApiNt]
<\??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys><Trend Micro Inc.>
[Sony Ericsson W550 driver (WDM) / w550bus]
<system32\DRIVERS\w550bus.sys><N/A>
[Sony Ericsson W550 USB WMC Modem Filter / w550mdfl]
<system32\DRIVERS\w550mdfl.sys><N/A>

==================================

ogim - 2006-11-9 13:56:00

浏览器加载项
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[Edit Class]
{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINNT\system32\CMBEdit.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[导出到 Microsoft Office Excel(&X)]
<res://E:\工具目录\office\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 192][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 216][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 236][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 268][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 280][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011]
[PID: 452][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 480][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.7059]
[C:\WINNT\system32\E_SL2070.DLL] [SEIKO EPSON CORPORATION, 2, 8, 0, 0]
[C:\WINNT\system32\E_SL2602.DLL] [SEIKO EPSON CORPORATION, 1, 3, 0, 0]
[PID: 540][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[c:\winnt\system32\jetspeed.dll] [, 1, 0, 0, 1]
[PID: 576][C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcDog.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[PID: 644][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972]
[PID: 668][C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\TMSOCK.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\libTmCAV.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcDog.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\TmUpdate.dll] [Trend Micro Inc., 2,63,0,1007]
[PID: 748][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[PID: 764][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 776][C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwCommon.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\ZLib.dll] [Trend Micro Inc., 1.31.0.1708]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[C:\Program Files\Trend Micro\OfficeScan Client\tmCfwApi.dll] [Trend Micro Inc., 1.2.0.1020]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 1052][C:\WINNT\TEMP\MCA0D0.EXE] [N/A, N/A]
[PID: 1176][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.0.0.86]
[E:\工具目录\Adobe Reader 7.07 简体中文版\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[E:\工具目录\压缩文件目录\rarext.dll] [N/A, N/A]
[C:\WINNT\system32\vp6dec_settings.cpl] [N/A, N/A]
[C:\WINNT\System\cmicnfg.cpl] [C-Media Corporation, 1, 0, 0, 14]
[C:\WINNT\system32\styleman.cpl] [Autodesk, Inc., 8.0.16.86]
[C:\WINNT\system32\plotman.cpl] [Autodesk, Inc., 8.0.16.86]
[PID: 1248][C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll] [N/A, N/A]
[C:\Program Files\Trend Micro\OfficeScan Client\ntmonres.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll] [Trend Micro Inc., 7.3.0.1028]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 1264][C:\WINNT\system32\ctfmon.exe] [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[PID: 1268][E:\工具目录\office\OFFICE11\WINWORD.EXE] [Microsoft Corporation, 11.0.5604]
[C:\WINNT\system32\JPWB.IME] [常诚研制, 4.00.950]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\EPTAK7AC.DLL] [SEIKO EPSON CORPORATION, 3.5.0]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\EPTAK7CC.DLL] [SEIKO EPSON CORPORATION, 3.5.0]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.0.0.86]
[C:\Program Files\Common Files\Microsoft Shared\Web Folders\2052\nsextint.dll] [N/A, N/A]
[E:\工具目录\Adobe Reader 7.07 简体中文版\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[PID: 1168][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106]
[C:\WINNT\system32\AcSignIcon.dll] [Autodesk, 16.0.0.86]
[C:\WINNT\system32\Macromed\Flash\Flash8a.ocx] [Macromedia, Inc., 8,0,24,0]
[PID: 880][F:\杀毒软件\sreng最新版\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================

瑞星卡卡安全论坛