【求助】高手帮忙看看日志，机器出问题了 bbs.ikaka.com

路人甲1981 - 2007-2-1 0:15:00

[CODE]

2007-01-31,23:58:58

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Internat.exe><internat.exe> [(Verified)Microsoft Corporation]
<H/PC Connection Agent><"C:\PROGRA~1\MICROS~4\wcescomm.exe"> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Synchronization Manager><mobsync.exe /logon> [(Verified)Microsoft Corporation]
<C-Media Mixer><Mixer.exe /startup> [(Verified)C-Media Electronic Inc. (www.cmedia.com.tw)]
<ASUS Probe><C:\Program Files\ASUS\Probe\AsusProb.exe> [N/A]
<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation]
<vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe> [(Verified)Symantec Corporation]
<StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<Logitech Utility><Logi_MwX.Exe> [(Verified)Logitech Inc.]
<snpstd3><C:\WINNT\vsnpstd3.exe> []
<360Safetray><C:\Program Files\360safe\safemon\360tray.exe> [奇虎网]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINNT\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<Network.ConnectionTray><C:\WINNT\system32\NETSHELL.dll> [(Verified)Microsoft Corporation]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Corporation]
<SysTray><stobject.dll> [(Verified)Microsoft Corporation]
<IPicture><c:\program files\internet explorer\PLUGINS\IPictureEx.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ActiveSync]
<WinlogonNotify: ActiveSync><WcesWlgn.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
<WinlogonNotify: NavLogon><C:\WINNT\system32\NavLogon.dll> [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wzcnotif]
<WinlogonNotify: wzcnotif><wzcdlg.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Corporation]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Corporation]

==================================
启动文件夹
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc][Stopped/Manual Start]
<"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Visual Studio Debugger Proxy Service / DbgProxy][Stopped/Manual Start]
<C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Packages\Debugger\dbgproxy.exe><N/A>
[Symantec AntiVirus Definition Watcher / DefWatch][Running/Auto Start]
<"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Machine Debug Manager / MDM][Running/Auto Start]
<"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"><Microsoft Corporation>
[Register DLL Driver / Register DLL Driver][Stopped/Auto Start]
<"C:\WINNT\regdll.exe"><N/A>
[SavRoam / SavRoam][Stopped/Manual Start]
<"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[System Event Notification / SENS][Others/Auto Start]
<C:\WINNT\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wgihfece.dll><N/A>
[Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start]
<"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus][Running/Auto Start]
<"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[aslm75 / aslm75][Running/Manual Start]
<\??\C:\WINNT\system32\drivers\aslm75.sys><N/A>
[C-Media PCI Audio Driver (WDM) / cmpci][Running/Manual Start]
<system32\drivers\cmaudio.sys><C-Media Inc>
[CO_Mon / CO_Mon][Stopped/Manual Start]
<\??\C:\WINNT\system32\Drivers\CO_Mon.sys><N/A>
[dmboot / dmboot][Stopped/Disabled]
<System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
<\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
<\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[EDSP Port Driver / Edspport][Running/Manual Start]
<System32\DRIVERS\es56hpi.sys><ESS Technology, Inc.>
[D-Link DFE-530TX PCI Fast Ethernet Adapter Driver / FETNDIS][Running/Manual Start]
<System32\DRIVERS\dlkfet5b.sys><D-Link>
[kmsinput / kmsinput][Stopped/Manual Start]
<\??\C:\WINNT\system32\drivers\kmsinput.sys><N/A>
[Logitech HID/USB Mouse Filter Driver / LHidFlt2][Running/Manual Start]
<system32\DRIVERS\LHidFlt2.Sys><Logitech, Inc.>
[Logitech USB Receiver device driver / LHidUsb][Running/Manual Start]
<System32\Drivers\LHidUsb.Sys><Logitech, Inc.>
[Logitech Mouse Class Filter Driver / LMouFlt2][Running/Manual Start]
<system32\DRIVERS\LMouFlt2.Sys><Logitech, Inc.>
[NAVENG / NAVENG][Running/Manual Start]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070124.024\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070124.024\navex15.sys><Symantec Corporation>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv4 / nv4][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SAVRT / SAVRT][Running/System Start]
<\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL][Running/Auto Start]
<\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[Prolific Serial port driver / Ser2pl][Stopped/Manual Start]
<system32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[USB PC Camera (SNPSTD3) / SNPSTD3][Stopped/Manual Start]
<system32\DRIVERS\snpstd3.sys><>
[SymEvent / SymEvent][Running/Manual Start]
<\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Running/Manual Start]
<\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
<\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[VIA AGP Bus Filter / viaagp][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[VIA AGP Bus Filter / viaagp1][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[wgihfece / wgihfece][Stopped/Auto Start]
<\??\C:\WINNT\system32\drivers\wgihfece.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

路人甲1981 - 2007-2-1 0:15:00

==================================
浏览器加载项
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Create Mobile Favorite]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <C:\PROGRA~1\MICROS~4\INetRepl.dll, Microsoft Corporation>
[Create Mobile Favorite]
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <C:\PROGRA~1\MICROS~4\INetRepl.dll, Microsoft Corporation>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[AddSHCARoot Control]
{098A3F72-3110-4004-B954-2F9DC44934B4} <C:\WINNT\DOWNLO~1\ADDCAR~1.OCX, SHECA>
[Edit Class]
{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINNT\system32\CMBEdit.dll, >
[CMBSafeHelper Class]
{26BCA338-BB94-4E8F-A082-3E5735875B79} <C:\WINNT\system32\CMBGUARD.dll, >
[Symantec AntiVirus scanner]
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} <C:\WINNT\Downloaded Program Files\avsniff.dll, Symantec Corporation>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINNT\system32\aliedit\AliEdit.dll, www.alipay.com>
[Symantec RuFSI Utility Class]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINNT\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[BDC Control]
{7253A666-8D4A-11D7-A4DC-00E04C504779} <C:\PROGRA~1\BDC\Bdc.ocx, BLUE>
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINNT\system32\3DShowVM.ocx, QQ>
[Office Update Installation Engine]
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <C:\WINNT\opuc.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINNT\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[SHLaunch Control]
{FA463B6E-93D5-4E02-B7F2-E0BA98DA73FC} <C:\WINNT\system32\SHLaunch.ocx, >
[Recorder Control]
{2423AB16-9F42-457B-A337-FE3B11964DB0} <C:\PROGRA~1\Bluesky\BLUESK~1\recorder.ocx, Bluesky Studio (http://www.bluesky.cn)>
[BlueskyVideo Control]
{2EA6D939-4445-43F1-A12B-8CB3DDA8B855} <C:\PROGRA~1\Bluesky\BLUESK~1\v2.ocx, 蓝天工作室(http://www.bluesky.cn)>
[Share Control]
{3072B1F1-0C4D-4E76-A7C6-FBAF129DBCC9} <C:\PROGRA~1\Bluesky\BLUESK~1\share.ocx, http://www.bluesky.cn>
[PP Control]
{7005341F-8E42-47E3-987B-3DBE6288048C} <C:\PROGRA~1\Bluesky\BLUESK~1\pp.ocx, Bluesky Studio (http://www.bluesky.cn)>
[Videohelp Control]
{75B75D86-D88B-4BEA-BC59-BFD9D7300518} <C:\PROGRA~1\Bluesky\BLUESK~1\VIDEOH~1.OCX, Bluesky Studio(http://www.bluesky.cn)>
[Filetran Control]
{88734439-46D0-42C0-A13F-7E881EE550CF} <C:\PROGRA~1\Bluesky\BLUESK~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Chat Control]
{94EFE58C-E678-4808-AD65-24CE4B94C1FE} <C:\PROGRA~1\Bluesky\BLUESK~1\chat.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Blueskyvoice Control]
{991481A7-4669-4e15-8C24-100404E1F5CB} <C:\PROGRA~1\Bluesky\BLUESK~1\BLUESK~2.OCX, 蓝天工作室(http://www.bluesky.cn)>
[Display Control]
{A1D97DB3-E564-4743-B2E7-6F5182CBF406} <C:\PROGRA~1\Bluesky\BLUESK~1\display.ocx, Bluesky Studio (http://www.bluesky.cn)>
[Tracechat Control]
{A40335C4-D3D1-4E7B-9130-039CDA5B603C} <C:\PROGRA~1\Bluesky\BLUESK~1\TRACEC~1.OCX, bluesky studio>
[Blueskyvoice Control]
{BA0F088C-72C1-475a-92F8-42391DEF6961} <C:\PROGRA~1\Bluesky\BLUESK~1\BLUESK~1.OCX, 蓝天工作室(http://www.bluesky.cn)>
[Client Control]
{C7B0C764-5D4E-433E-A854-591F28520577} <C:\PROGRA~1\Bluesky\BLUESK~1\client.ocx, >
[Play Control]
{CC20DDA1-9A21-4DEC-B5BE-E61E0351FCA9} <C:\PROGRA~1\Bluesky\BLUESK~1\play.ocx, Bluesky Studio (http://www.bluesky.cn)>
[&使用BitComet下载]
<res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
<res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
<res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>

路人甲1981 - 2007-2-1 0:18:00

==================================
正在运行的进程
[PID: 136][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 164][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 160][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[C:\WINNT\system32\NavLogon.dll] [Symantec Corporation, 9.0.0.338]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[PID: 212][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 224][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011]
[PID: 396][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 424][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.7059]
[PID: 452][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] [Symantec Corporation, 2.2.0.577]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 2.2.0.577]
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 2.2.0.577]
[PID: 464][C:\Program Files\Symantec AntiVirus\DefWatch.exe] [Symantec Corporation, 9.0.0.338]
[PID: 484][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 536][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe] [Microsoft Corporation, 7.10.3077]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[PID: 600][C:\WINNT\system32\regsvc.exe] [Microsoft Corporation, 5.00.2195.6701]
[PID: 504][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[PID: 632][C:\WINNT\system32\stisvc.exe] [Microsoft Corporation, 5.00.2195.6656]
[PID: 688][C:\Program Files\Symantec AntiVirus\Rtvscan.exe] [Symantec Corporation, 9.0.0.338]
[C:\WINNT\system32\CBA.DLL] [Intel? Corporation, 6.12.0.112 E]
[C:\WINNT\system32\MsgSys.dll] [Intel? Corporation, 6.12.0.112 E]
[C:\WINNT\system32\NTS.dll] [Intel? Corporation, 6.12.0.112 E]
[C:\WINNT\system32\PDS.DLL] [Intel? Corporation, 6.12.0.112 E]
[C:\Program Files\Symantec AntiVirus\NAVLU.dll] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Symantec AntiVirus\I2ldvp3.dll] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Symantec AntiVirus\ecmldr32.DLL] [Symantec Corp., 1.1.0.3]
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.3.0.28]
[C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] [Symantec Corporation, 9.0.0.338]
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070124.024\ecmsvr32.dll] [Symantec Corporation, 71.1.0.11]
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070124.024\NAVEX32a.DLL] [Symantec Corporation, 20071.1.0.15]
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070124.024\NAVENG32.DLL] [Symantec Corporation, 20071.1.0.15]
[C:\Program Files\Symantec AntiVirus\IMail.dll] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Symantec AntiVirus\NotesExt.dll] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Symantec AntiVirus\vpmsece.dll] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Symantec AntiVirus\DecSDK.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2ID.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2ZIP.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2SS.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2GZIP.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2CAB.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2LHA.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2ARJ.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2TNEF.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2LZ.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2AMG.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2TAR.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2RTF.dll] [Symantec Corporation, 3.02.11.32]
[C:\Program Files\Symantec AntiVirus\Dec2Text.dll] [Symantec Corporation, 3.02.11.32]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[PID: 740][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[PID: 756][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] [Symantec Corporation, 2.2.0.577]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 2.2.0.577]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 2.2.0.577]

路人甲1981 - 2007-2-1 0:18:00

[PID: 776][C:\WINNT\system32\inetsrv\inetinfo.exe] [Microsoft Corporation, 5.00.0984]
[PID: 996][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[PID: 1072][C:\WINNT\Mixer.exe] [C-Media Electronic Inc. (www.cmedia.com.tw), 1.53]
[C:\WINNT\System32\cmnprop.dll] [C-Media Corporation, 5.00.2195.11]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[PID: 1104][C:\Program Files\ASUS\Probe\AsusProb.exe] [N/A, N/A]
[C:\WINNT\system\VCL35.bpl] [Borland International, 3.0.3.70]
[C:\WINNT\system\cp3240mt.dll] [Borland International, 4.0]
[C:\WINNT\system\borlndmm.dll] [Borland International, 3.0.3.70]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\ASUS\Probe\CODISK.DLL] [N/A, N/A]
[C:\Program Files\ASUS\Probe\DiskIco.dll] [N/A, N/A]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\ASUS\Probe\COLM7578.DLL] [N/A, N/A]
[C:\WINNT\system\bcbsmp35.bpl] [, 1.0.0.0]
[C:\WINNT\system\vclx35.bpl] [Borland International, 3.0.3.70]
[C:\Program Files\ASUS\Probe\Asus.dll] [ASUS, 3, 0, 0, 2]
[C:\Program Files\ASUS\Probe\ASMIAHD.dll] [ASUS, 3, 0, 0, 1]
[C:\Program Files\ASUS\Probe\AsmiCtrl.dll] [ASUS, 3, 0, 0, 1]
[C:\Program Files\ASUS\Probe\ASMIDMI.dll] [ASUS, 3, 1, 0, 1]
[C:\Program Files\ASUS\Probe\AsmiEnum.dll] [ASUS, 3, 0, 0, 1]
[C:\Program Files\ASUS\Probe\AsmiHwIo.dll] [ASUS, 3, 1, 0, 1]
[C:\Program Files\ASUS\Probe\AsmiVia.dll] [N/A, N/A]
[C:\Program Files\ASUS\Probe\AsmiAsus.dll] [ASUS, 4, 0, 0, 2]
[C:\Program Files\ASUS\Probe\COLMIco.dll] [N/A, N/A]
[C:\Program Files\ASUS\Probe\CODMI.DLL] [N/A, N/A]
[PID: 1048][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 2.2.0.577]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 2.2.0.577]
[C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL] [Symantec Corporation, 2.0.39.0]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL] [Symantec Corporation, 2.0.39.0]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 2.2.0.577]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 2.2.0.577]
[C:\WINNT\system32\SYMREDIR.dll] [Symantec Corporation, 5.3.0.46]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 2.2.0.577]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 2.2.0.577]
[C:\Program Files\Symantec AntiVirus\SavEmail.dll] [Symantec Corporation, 9.0.0.338]
[PID: 1112][C:\PROGRA~1\SYMANT~1\VPTray.exe] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.3.0.28]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\Symantec AntiVirus\Cliscan.dll] [Symantec Corporation, 9.0.0.338]
[C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Symantec AntiVirus\Cliproxy.dll] [Symantec Corporation, 9.0.0.338]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[PID: 1136][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3510]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[PID: 1196][C:\Program Files\Logitech\MouseWare\system\em_exec.exe] [Logitech Inc., 9.79.019]
[C:\Program Files\Logitech\MouseWare\system\EVENTEX.dll] [Logitech Inc., 9.79.019]
[C:\WINNT\system32\COMNCTR.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\Logitech\MouseWare\system\ccresrce.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\Logitech\MouseWare\system\GlbResLt.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\Logitech\MouseWare\System\devices.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\Logitech\MouseWare\system\ccstmglb.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\Logitech\MouseWare\system\ccustom.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\Logitech\MouseWare\system\ccmsghk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[PID: 1156][C:\WINNT\vsnpstd3.exe] [, 1, 0, 2, 2]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[PID: 1220][C:\Program Files\360safe\safemon\360tray.exe] [奇虎网, 1, 0, 1, 1002]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\360safe\safemon\SafeKrnl.dll] [奇虎网, 1, 0, 0, 1001]
[C:\Program Files\360safe\AntiAdwa.dll] [360Safe.com, 2, 2, 2, 1000]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[PID: 1232][C:\WINNT\system32\internat.exe] [Microsoft Corporation, 5.00.2920.0000]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[PID: 1260][C:\PROGRA~1\MICROS~4\wcescomm.exe] [Microsoft Corporation, 4.1.4841.0]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll] [N/A, N/A]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[PID: 1284][C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe] [Adobe Systems Incorporated, 7.0.5.2005092300]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[PID: 1304][C:\PROGRA~1\MICROS~4\rapimgr.exe] [Microsoft Corporation, 4.1.4841.0]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll] [N/A, N/A]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[PID: 1712][D:\gwbn.exe] [, 0, 0, 7, 0]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]
[PID: 1376][D:\sreng2_PConline\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll] [Logitech Inc., 9.79.019]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll] [Logitech Inc., 1.1.0]
[C:\WINNT\system32\ZLBFJV.DAT] [N/A, N/A]
[C:\WINNT\system32\KGTCGV.DAT] [N/A, N/A]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
API HOOK
警告！System Repair Engineer 提醒
你下面的函数内容与预期值不符，他
们可能被一些恶意的软件所修改：
入口点错误：NtQuerySystemInformation
入口点错误：NtTerminateProcess
入口点错误：ZwTerminateProcess
入口点错误：RegEnumKeyExA
入口点错误：RegEnumKeyExW
入口点错误：FindFirstFileW
入口点错误：FindNextFileA
入口点错误：FindNextFileW
入口点错误：CreateProcessA
入口点错误：CreateProcessW

==================================

[/CODE]

瑞星卡卡安全论坛