系统进程中出现好多个IEXPLORE.EXE SYSTEM是什么状况?中病毒? bbs.ikaka.com

123321 - 2007-1-20 15:50:00

HijackThis_815汉化版扫描日志 V1.99.1
保存于 15:36:36, 日期 2007-1-20
操作系统： Windows XP SP1 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\conime.exe
E:\杀毒\Hijackthis1991\HijackThis1991zww.exe

O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [WinFoxV2] C:\WINDOWS\System32\WF2K.EXE Initial
O4 - 启动项HKLM\\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [Logitech Utility] Logi_MwX.Exe
O4 - 启动项HKLM\\Run: [KAVPersonal50] D:\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\qq\QQ.exe
O4 - Startup: QQ游戏启动加速程序.lnk = C:\Program Files\Tencent\QQGame\Accel.exe
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\qq\SendMMS.htm
O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - F:\浩方对战平台\GameClient.exe
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\qq\QQ.EXE
O16 - DPF: {05DA0521-0B6B-458C-BFB1-1EFEF1F3C8FF} (SSOClientAgent Class) - http://member.segame.com/common/SEGAme.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149257215906
O17 - HKLM\System\CCS\Services\Tcpip\..\{DCC5E002-1FAA-478A-AA77-1D1EFFBE1FFF}: NameServer = 202.96.209.134 202.96.209.6
O23 - NT 服务: Provisioning Service Transaction (h2k3_3333) - Unknown owner - C:\WINDOWS\System32\winloginb.exe (file missing)
O23 - NT 服务: kavsvc - Kaspersky Lab - D:\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - NT 服务: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: Windows Accounts Driver Extensions (RemoteStorage) - Unknown owner - C:\WINDOWS\System32\winloginc.exe (file missing)

高歌猛进 - 2007-1-20 16:03:00

日志是开了几个网页扫的？

断网，勾选修复：
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O23 - NT 服务: Provisioning Service Transaction (h2k3_3333) - Unknown owner - C:\WINDOWS\System32\winloginb.exe (file missing)
O23 - NT 服务: Windows Accounts Driver Extensions (RemoteStorage) - Unknown owner - C:\WINDOWS\System32\winloginc.exe (file missing)

安全模式，删除（自己确认，最好先备份）：
C:\WINDOWS\System32\winloginc.exe
C:\WINDOWS\System32\winloginb.exe

123321 - 2007-1-20 17:02:00

这2个解决了问题是现在系统进程里出现好多了IEXPLORE.EXE 是什么问题?

水树雨下 - 2007-1-20 17:03:00

mizuki.ys168.com下载sreng2,关闭不必要的程序后扫个日志上来，一次贴不完分段贴，不要修改

123321 - 2007-1-20 17:53:00

CODE]

2007-01-20,17:41:05

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<WinFoxV2><C:\WINDOWS\System32\WF2K.EXE Initial> [N/A]
<WinFast2KLoadDefault><rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings> [Leadtek Research Inc.]
<StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]
<Logitech Utility><Logi_MwX.Exe> [(Verified)Logitech Inc.]
<KAVPersonal50><D:\Kaspersky Anti-Virus Personal\kav.exe /minimize> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<twin><C:\WINDOWS\System32\twunk32.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\System32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]

==================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\xwq\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\qq\QQ.exe [TENCENT]><N>
[QQ游戏启动加速程序]
<C:\Documents and Settings\xwq\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\Tencent\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Provisioning Service Transaction / h2k3_3333][Stopped/Auto Start]
<C:\WINDOWS\System32\winloginb.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[kavsvc / kavsvc][Stopped/Auto Start]
<D:\Kaspersky Anti-Virus Personal\kavsvc.exe><Kaspersky Lab>
[WinFast(R) Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Windows Accounts Driver Extensions / RemoteStorage][Stopped/Auto Start]
<C:\WINDOWS\System32\winloginc.exe><N/A>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD Processor Driver / AmdK8][Running/System Start]
<System32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[Cdsys / Cdsys][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\cdcd.sys><N/A>
[EagleNT / EagleNT][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\drivers\EagleNT.sys><N/A>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
<\??\K:\INSTALL\GMSIPCI.SYS><N/A>
[Klif / Klif][Running/System Start]
<System32\drivers\klif.sys><Kaspersky Labs>
[Klmc / Klmc][Running/System Start]
<System32\drivers\klmc.sys><Kaspersky Lab>
[kmsinput / kmsinput][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\drivers\kmsinput.sys><N/A>
[Logitech PS/2 Mouse Filter Driver / L8042pr2][Running/Manual Start]
<System32\DRIVERS\L8042pr2.Sys><Logitech, Inc.>
[Logitech Mouse Class Filter Driver / LMouFlt2][Running/Manual Start]
<System32\DRIVERS\LMouFlt2.Sys><Logitech, Inc.>
[MSICPL / MSICPL][Stopped/Manual Start]
<\??\L:\install4\MSICPL.sys><N/A>
[Netpas Win32 Virtual Network Adapter / netpasadapter1][Running/Manual Start]
<System32\DRIVERS\netpas.sys><Netpas>
[npkcrypt / npkcrypt][Stopped/Auto Start]
<\??\C:\Program Files\Tencent\qq\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\C:\Program Files\Tencent\qq\npkycryp.sys><N/A>
[NTACCESS / NTACCESS][Stopped/Manual Start]
<\??\L:\NTACCESS.sys><N/A>
[nv / nv][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
<System32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<System32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><N/A>
[SetupNTGLM7X / SetupNTGLM7X][Stopped/Manual Start]
<\??\L:\NTGLM7X.sys><N/A>
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Labs>
[WiseGroup device driver / VendorJoystickEnabler][Running/Manual Start]
<System32\DRIVERS\psjoy.sys><Beijing WiseGrup.,Ltd (gamepad.yeah.net)>
[Via4in1 / Via4in1][Stopped/Manual Start]
<\??\K:\DATA\fscommand\Via4in1.sys><N/A>
[WINFOXIO / WINFOXIO][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\Drivers\WINFOXIO.SYS><Leadtek Research Inc.>

123321 - 2007-1-20 17:53:00

浏览器加载项
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[浩方对战平台]
{0A155D3C-68E2-4215-A47A-E800A446447A} <F:\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\qq\QQ.EXE, TENCENT>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[SSOClientAgent Class]
{05DA0521-0B6B-458C-BFB1-1EFEF1F3C8FF} <, N/A>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[使用网际快车下载]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\qq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 428][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 488][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 512][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 560][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 572][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 732][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[PID: 820][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 960][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 988][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1192][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1460][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.80.019]
[C:\WINDOWS\System32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.7750]
[C:\WINDOWS\System32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.7750]
[C:\WINDOWS\System32\nvshell.dll] [NVIDIA Corporation, 6.14.10.10523]
[PID: 1712][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.80.019]
[PID: 1732][C:\Program Files\Logitech\MouseWare\system\em_exec.exe] [Logitech Inc., 9.80.019]
[C:\Program Files\Logitech\MouseWare\system\EVENTEX.dll] [Logitech Inc., 9.80.019]
[C:\WINDOWS\System32\COMNCTR.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Logitech\MouseWare\system\ccresrce.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Logitech\MouseWare\system\GlbResLt.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\Logitech\MouseWare\System\devices.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Logitech\MouseWare\system\ccstmglb.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Logitech\MouseWare\system\ccustom.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Logitech\MouseWare\system\ccmsghk.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.80.019]
[PID: 1740][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1816][C:\WINDOWS\System32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.7750]
[PID: 1700][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[PID: 1376][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[PID: 1748][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[PID: 1352][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[PID: 604][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.80.019]
[C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll] [Xiang Feng Technology, 2, 2, 0, 1612]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[D:\Kaspersky Anti-Virus Personal\avpscrch.dll] [Kaspersky Lab, 1.0.142.342]
[D:\Kaspersky Anti-Virus Personal\concl.dll] [Kaspersky Lab, 1.0.142.3]
[D:\Kaspersky Anti-Virus Personal\FSSync.dll] [Kaspersky Lab, 5.0.0.0]
[D:\Kaspersky Anti-Virus Personal\ipc.dll] [Kaspersky Lab, 5.0.142.0]
[C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx] [Macromedia, Inc., 8,0,24,0]
[PID: 1588][C:\WINDOWS\System32\conime.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[PID: 304][C:\Program Files\Windows NT\Accessories\WORDPAD.EXE] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[PID: 3676][E:\杀毒\sreng2\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.80.019]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A
HOSTS 文件
127.0.0.1 localhost

==================================
API HOOK
警告！System Repair Engineer 提醒
你下面的函数内容与预期值不符，他
们可能被一些恶意的软件所修改：
RVA 错误： LoadLibraryA
RVA 错误： LoadLibraryExA
RVA 错误： LoadLibraryExW
RVA 错误： LoadLibraryW

==================================

[/CODE]

瑞星卡卡安全论坛