跪求高人指点!!!!!!!!!!!! bbs.ikaka.com

chdzh2001 - 2006-11-24 12:33:00

我的机子近来发现进程很多都变成大写的，开启了卡巴的实时监控，前俩天发现卡巴都启动不了了，就恢复了系统，发现进程名变小写了而且还有大写的进程，Ｏ是菜鸟，跪求高人指点！！！先谢了．
Logfile of HijackThis v1.99.1
Scan saved at 10:46:27, on 2006-11-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\taskmgr.exe
D:\系统工具\ha_hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Norton AntiVirus 自动防护服务 (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－
下边那俩个文件是不是有问题呢？

C:\WINDOWS\Explorer.EXE　　怎麽是大写呢？
C:\WINDOWS\SOUNDMAN.EXE　　网上说是声卡驱动，它的位置对吗？不在system32下吗？
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe　是什么呢？
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
是不是有问题呀？
c:\ProgramFiles\WinPcap\下有三个文件daemon-mgm.exe ,npf-mgm.exe,rpcapd.exe

chdzh2001 - 2006-11-24 12:37:00

下面是System Repair Engineer 2.2.6.605扫的日志
Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<preload><C:\Windows\RUNXMLPL.exe> [Wistron]
<igfxtray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Intel Corporation]
<igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Intel Corporation]
<igfxpers><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Intel Corporation]
<SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Synaptics, Inc.]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Synaptics, Inc.]
<SoundMan><SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp.]
<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation]
<SSC_UserPrompt><C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe> [(Verified)Symantec Corporation]
<NAV CfgWiz><"C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"> [(Verified)Symantec Corporation]
<RemoteControl><"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [Cyberlink Corp.]
<LaunchAp><"C:\Program Files\Launch Manager\LaunchAp.exe"> [N/A]
<LManager><"C:\Program Files\Launch Manager\HotkeyApp.exe"> [Wistron]
<CtrlVol><"C:\Program Files\Launch Manager\CtrlVol.exe"> [Wistron]
<LMgrOSD><"C:\Program Files\Launch Manager\OSDCtrl.exe"> [N/A]
<Wbutton><"C:\Program Files\Launch Manager\Wbutton.exe"> [N/A]
<EPM-DM><c:\acer\Empowering Technology\ePower\epm-dm.exe> [N/A]
<Acer ePower Management><C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot> [N/A]
<eRecoveryService><C:\Acer\Empowering Technology\eRecovery\Monitor.exe> [acer Inc.]
<ADMTray.exe><"C:\Acer\Empowering Technology\admtray.exe"> [Avocent Inc.]
<eDataSecurity Loader><C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe> [HiTRUST]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Intel Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\acer.SCR> [N/A]

==================================
启动文件夹
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>

==================================

chdzh2001 - 2006-11-24 12:38:00

==================================
服务
[Application Management / AppMgmt]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[AdminWorks Agent X6 / AWService]
<"C:\Acer\Empowering Technology\admServ.exe"><Avocent Inc.>
[Symantec Event Manager / ccEvtMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Intel(R) PROSet/Wireless Event Log / EvtEng]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Norton AntiVirus 自动防护服务 / navapsvc]
<"C:\Program Files\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[Norton AntiVirus Firewall Monitor Service / NPFMntor]
<"C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"><Symantec Corporation>
[Norton Protection Center Service / NSCService]
<"C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"><Symantec Corporation>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Intel(R) PROSet/Wireless Service / S24EventMonitor]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Symantec AVScan / SAVScan]
<"C:\Program Files\Norton AntiVirus\SAVScan.exe"><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc]
<"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[SPBBCSvc / SPBBCSvc]
<"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[Symantec Core LC / Symantec Core LC]
<"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation>

==================================
驱动程序
[abp480n5 / abp480n5]
<\SystemRoot\system32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[adpu160m / adpu160m]
<\SystemRoot\system32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.4.9.0 / AegisP]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Aha154x / Aha154x]
<\SystemRoot\system32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
<\SystemRoot\system32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
<\SystemRoot\system32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp]
<\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc]
<\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p]
<\SystemRoot\system32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550]
<\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[cd20xrnt / cd20xrnt]
<\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k]
<\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
<\SystemRoot\system32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[Acer EPM Power Scheme Driver / EpmPsd]
<\??\C:\WINDOWS\system32\drivers\epm-psd.sys><Acer Value Labs, USA>
[Acer EPM System Hardware Driver / EpmShd]
<\??\C:\WINDOWS\system32\drivers\epm-shd.sys><Acer Value Labs, USA>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Hotkey / Hotkey]
<C:\WINDOWS\SYSTEM32\DRIVERS\Hotkey.SYS><N/A>
[HSFHWICH / HSFHWICH]
<system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
<system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV]
<system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[ialm / ialm]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[ini910u / ini910u]
<\SystemRoot\system32\DRIVERS\ini910u.sys><Microsoft Corporation>
[mdmxsdk / mdmxsdk]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[mraid35x / mraid35x]
<\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NAVENG / NAVENG]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050912.024\NAVENG.SYS><Symantec Corporation>
[NAVEX15 / NAVEX15]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050912.024\NAVEX15.SYS><Symantec Corporation>
[OSA NdisFilter Protocol / NdisFilt]
<System32\Drivers\NdisFilt.sys><OSA Technologies>
[Acer NetMonitor Protocol / NETMNT]
<system32\DRIVERS\NETMNT.sys><N/A>
[NetGroup Packet Filter Driver / NPF]
<system32\drivers\npf.sys><CACE Technologies>
[NSC Infrared Device Driver / NSCIRDA]
<system32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[Upper Class Filter Driver / NTIDrvr]
<system32\DRIVERS\NTIDrvr.sys><NewTech Infosystems, Inc.>
[OsaFsLoc / OsaFsLoc]
<\??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys><OSA Technologies>
[osaio / osaio]
<\??\C:\WINDOWS\system32\drivers\osaio.sys><OSA Technologies, An Avocent Company>
[osanbm / osanbm]
<\??\C:\WINDOWS\system32\drivers\osanbm.sys><Windows (R) 2000 DDK provider>
[Padus ASPI Shell / pfc]
<system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
<\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
<\SystemRoot\system32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
<\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
<\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp]
<system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[WLAN 传输 / s24trans]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[SAVRT / SAVRT]
<\??\C:\Program Files\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
<\??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[SIS AGP Bus Filter / sisagp]
<\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Sparrow / Sparrow]
<\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[SPBBCDrv / SPBBCDrv]
<\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[symc810 / symc810]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[SymEvent / SymEvent]
<\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[symlcbrd / symlcbrd]
<\??\C:\WINDOWS\system32\drivers\symlcbrd.sys><Symantec Corporation>
[SYMREDRV / SYMREDRV]
<\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
<\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[sym_hi / sym_hi]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TosIde / TosIde]
<\SystemRoot\system32\DRIVERS\toside.sys><Microsoft Corporation>
[UBHelper / UBHelper]
<C:\WINDOWS\SYSTEM32\DRIVERS\UBHelper.SYS><N/A>
[ultra / ultra]
<\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51]
<system32\DRIVERS\w29n51.sys><Intel? Corporation>
[Wbutton / Wbutton]
<\SystemRoot\system32\drivers\Wbutton.sys><N/A>
[winachsf / winachsf]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>

==================================

chdzh2001 - 2006-11-24 12:43:00

==================================
浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[CNavExtBho Class]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Norton AntiVirus]
{C4069E3A-68F1-403E-B40E-20066696354B} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Acer eDataSecurity Management]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} <C:\WINDOWS\system32\eDStoolbar.dll, HiTRUST>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Acer eDataSecurity Management]
{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} <C:\WINDOWS\system32\eDStoolbar.dll, HiTRUST>
[CNavExtBho Class]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Norton AntiVirus]
{C4069E3A-68F1-403E-B40E-20066696354B} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>

==================================
正在运行的进程
[PID: 568][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 636][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 716][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 928][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 976][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 10, 1, 0, 1]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 0, 5]
[PID: 1124][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 10, 1, 0, 33]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 0, 5]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, N/A]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10, 1, 0, 2]
[C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL] [N/A, N/A]
[PID: 1156][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1256][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1464][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] [Symantec Corporation, 104.0.1.17]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 104.0.1.17]
[PID: 1492][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] [Symantec Corporation, 104.0.1.17]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 104.0.1.17]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 2,0,0,73]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL] [Symantec Corporation, 104.0.1.17]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 104.0.1.17]
[C:\PROGRA~1\NORTON~1\HPPEVT32.DLL] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\HPPRES32.loc] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\NAVEVENT.DLL] [Symantec Corporation, 12.0.0.94]
[PID: 1576][C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe] [Symantec Corporation, 2,0,0,73]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll] [Symantec Corporation, 2,0,0,73]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll] [Symantec Corporation, 2,0,0,73]
[PID: 1688][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1884][C:\Acer\Empowering Technology\admServ.exe] [Avocent Inc., 1.5.28.78]
[C:\Acer\Empowering Technology\OsaFsLoc.dll] [OSA Technologies Inc. Taiwan Branch, 2, 0, 0, 1]
[C:\Acer\Empowering Technology\osaiodll.dll] [OSA Technologies Inc. Taiwan Branch, 1, 1, 2, 16]
[C:\Acer\Empowering Technology\IpmiTrans.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 3, 14]
[C:\Acer\Empowering Technology\SYSAPI.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 5, 17]
[C:\Acer\Empowering Technology\SMBIOSAPI.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 6, 7]
[C:\Acer\Empowering Technology\cpuid_dll.dll] [ OSA Technologies, Inc., 1, 0, 6, 13]
[C:\Acer\Empowering Technology\NBAPI.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 1, 2]
[C:\Acer\Empowering Technology\NetMonitor.dll] [N/A, N/A]
[C:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9818.0]
[C:\Acer\Empowering Technology\s_lm85m.dll] [OSA Technologies, An Avocent Company, 1, 2, 2, 5]
[C:\Acer\Empowering Technology\s_smsc47m1.dll] [OSA Technologies, An Avocent Company, 1, 2, 4, 9]
[C:\Acer\Empowering Technology\s_it87.dll] [OSA Technologies, An Avocent Company, 1, 2, 2, 3]
[PID: 252][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\MSNChatHook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\sysenv.dll] [HiTRUST, 1, 20, 0, 1]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\Program Files\Norton AntiVirus\NavShExt.dll] [Symantec Corporation, 12.0.0.94]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400]
[C:\WINDOWS\system32\ActiveToolBand.dll] [HiTRUST, 1, 20, 0, 0]
[C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\WINDOWS\system32\eDSshellExt.dll] [HiTRUST, 1, 20, 0, 0]
[PID: 404][C:\Program Files\Norton AntiVirus\navapsvc.exe] [Symantec Corporation, 12.0.0.94]

chdzh2001 - 2006-11-24 12:43:00

[PID: 404][C:\Program Files\Norton AntiVirus\navapsvc.exe] [Symantec Corporation, 12.0.0.94]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Norton AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.7.0.10]
[C:\Program Files\Norton AntiVirus\navapsvc.loc] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll] [Symantec Corporation, 3.1.30.0]
[PID: 420][C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe] [Symantec Corporation, 12.0.0.94]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Norton AntiVirus\IWP\iwp.dll] [Symantec Corporation, 12.0.0.94]
[PID: 496][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 10, 1, 0, 1]
[PID: 1236][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4384]
[PID: 1304][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4384]
[PID: 1312][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4384]
[C:\WINDOWS\system32\MSNChatHook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\sysenv.dll] [HiTRUST, 1, 20, 0, 1]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1320][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1328][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1336][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.38]
[PID: 1344][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 104.0.1.17]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.1.17]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 104.0.1.17]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 104.0.1.17]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCTRAY.DLL] [Symantec Corporation, 2006.1.0.107]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCTRAY.LOC] [Symantec Corporation, 2006.1.0.107]
[C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL] [Symantec Corporation, 104.0.1.17]
[C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\NORTON~1\DEFALERT.DLL] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll] [Symantec Corporation, 104.0.1.17]
[C:\PROGRA~1\NORTON~1\HPP32.DLL] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 104.0.1.17]
[C:\PROGRA~1\NORTON~1\HPPRES32.loc] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\IWP\IWP.DLL] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\NAVAPW32.DLL] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\apwutil.dll] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\navapw32.loc] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\NAVOPTRF.DLL] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\STATUSHP.DLL] [Symantec Corporation, 12.0.0.94]
[C:\PROGRA~1\NORTON~1\apwutil.loc] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Norton AntiVirus\apwcmdnt.dll] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Norton AntiVirus\apwcmdNT.loc] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Norton AntiVirus\Navlcom.dll] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Norton AntiVirus\NAVError.dll] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Norton AntiVirus\HPPEVT32.dll] [Symantec Corporation, 12.0.0.94]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\Program Files\Norton AntiVirus\naverror.loc] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll] [Symantec Corporation, 2,0,0,73]
[C:\WINDOWS\system32\SYMREDIR.DLL] [Symantec Corporation, 6.0.0.99]
[C:\WINDOWS\system32\MSNChatHook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\sysenv.dll] [HiTRUST, 1, 20, 0, 1]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Norton AntiVirus\ccAVMail.dll] [Symantec Corporation, 104.0.1.17]
[C:\Program Files\Norton AntiVirus\NAVEvent.dll] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Norton AntiVirus\NAVOpts.dll] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Norton AntiVirus\navopts.loc] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Norton AntiVirus\NAVAPSCR.dll] [Symantec Corporation, 12.0.0.94]
[C:\Program Files\Symantec\LiveUpdate\ProductRegCom_2_7.DLL] [Symantec Corporation, 2.7.39.0]
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS_2_7.DLL] [Symantec Corporation, 2.7.39.0]
[PID: 1368][C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe] [Cyberlink Corp., 6.00.1027]
[C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll] [CyberLink Corp., 3.2.2021 ]
[PID: 1376][C:\Program Files\Launch Manager\LaunchAp.exe] [, 1, 0, 1, 0]
[PID: 1384][C:\Program Files\Launch Manager\HotkeyApp.exe] [Wistron, 1, 0, 7, 4, 1]
[C:\Program Files\Launch Manager\AlchemyXML.dll] [Wistron Corporation, 1, 0, 0, 3]
[C:\Program Files\Launch Manager\KBHOOK.dll] [Wistron Corp., 1, 6, 0, 0]
[C:\WINDOWS\system32\MSNChatHook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\sysenv.dll] [HiTRUST, 1, 20, 0, 1]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1400][C:\Program Files\Launch Manager\OSDCtrl.exe] [, 1, 0, 1, 2]
[PID: 1408][C:\Program Files\Launch Manager\Wbutton.exe] [, 1, 0, 7, 3]
[PID: 1416][C:\acer\Empowering Technology\ePower\epm-dm.exe] [Acer Inc, 2.80]
[PID: 1432][C:\Acer\Empowering Technology\eRecovery\Monitor.exe] [acer Inc., 1.3.9.2]
[C:\Acer\Empowering Technology\eRecovery\Cdrw32.dll] [NewTech Infosystems, Inc., 3, 1, 0, 61]
[C:\Acer\Empowering Technology\eRecovery\CdrMmc32.dll] [NewTech Infosystems, Inc., 3, 1, 0, 146]
[C:\Acer\Empowering Technology\eRecovery\CdrwEx32.dll] [NewTech Infosystems, Inc., 3, 1, 0, 78]
[C:\Acer\Empowering Technology\eRecovery\ImagFile.dll] [NewTech Infosystems, Inc., 1, 0, 0, 4]
[C:\Acer\Empowering Technology\eRecovery\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Acer\Empowering Technology\eRecovery\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Acer\Empowering Technology\eRecovery\Data32.dll] [NewTech Infosystems, Inc., 2, 0, 0, 49]
[C:\Acer\Empowering Technology\eRecovery\DataEx32.dll] [NewTech Infosystems, Inc., 2, 1, 0, 27]
[C:\Acer\Empowering Technology\eRecovery\NtiAspi.dll] [NewTech Infosystems, Inc., 2, 5, 0, 2]
[C:\Acer\Empowering Technology\eRecovery\extResource.dll] [acer, 1, 1, 7, 0]
[C:\Acer\Empowering Technology\eRecovery\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[PID: 1444][C:\Acer\Empowering Technology\admtray.exe] [Avocent Inc., 1.6.23.36]
[C:\Acer\Empowering Technology\ServiceControl.dll] [N/A, N/A]
[C:\Acer\Empowering Technology\OsaFsLoc.dll] [OSA Technologies Inc. Taiwan Branch, 2, 0, 0, 1]
[C:\Acer\Empowering Technology\InstallNdis.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 1, 3]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[C:\WINDOWS\system32\MSNChatHook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\sysenv.dll] [HiTRUST, 1, 20, 0, 1]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[PID: 1452][C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe] [HiTRUST, 1, 20, 0, 0]

chdzh2001 - 2006-11-24 12:44:00

[PID: 1452][C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe] [HiTRUST, 1, 20, 0, 0]
[C:\WINDOWS\system32\MSNChatHook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\sysenv.dll] [HiTRUST, 1, 20, 0, 1]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1288][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1296][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.3000]
[PID: 2564][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2876][C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe] [Symantec Corporation, 1.9.1.762]
[C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll] [Symantec Corporation, 1.9.1.762]
[C:\WINDOWS\system32\MSVCR71.DLL] [Microsoft Corporation, 7.10.3052.4]
[PID: 3016][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3468][C:\WINDOWS\system32\taskmgr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\MSNChatHook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\sysenv.dll] [HiTRUST, 1, 20, 0, 1]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 3700][D:\杀毒工具\streng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\system32\MSNChatHook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\sysenv.dll] [HiTRUST, 1, 20, 0, 1]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.2 04Feb05]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================

瑞星卡卡安全论坛