瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 各位达人看看这是什么情况阿,我没办法了!!
corywind - 2008-5-27 11:27:00
:kaka7: 我的电脑中毒了,时间被篡改成2000年,卡巴因为这个失效,启动项中多了很多的exe文件,一删除就重新启动,启动后又重新恢复了,各位看看是什么原因吧,在线等!!!!:default8:

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322; InfoPath.2; .NET CLR 2.0.50727)
豪斯登堡新郎 - 2008-5-27 11:29:00
点击下载System Repair Engineer系统扫描工具软件
建议直接下载保存到系统文件夹内
扫描和上传日志的方法:
1、解压缩所下载的"sreng980.rar"压缩包;
2、打开已经解压缩的"SREng980"文件夹,双击运行其中的"我爱新郎.com";
3、依次按“智能扫描”、选中“检查进程模块的数字签名”、“扫描”、“保存报告”,将日志保存到桌面上;
4、把保存在桌面上的日志文件以附件形式传上来,请不要更改日志内容.
友情提示:
1、扫描日志前请先关闭所有打开的软件(如QQ、迅雷等程序和IE窗口,注意,是关闭而不是最小化窗口)
2、注意在没有进一步提示前,请勿用SRENG工具胡乱修复,否则系统可能变的情况更糟。
corywind - 2008-5-27 11:30:00
[CODE]

2000-05-27,11:24:00

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3, v.3300 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <msnmsgr><"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background>  [(Verified)Microsoft Corporation]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <issms32><C:\WINDOWS\issms32.exe>  []
    <anistio><C:\WINDOWS\anistio.exE>  []
    <fmsiocps><C:\WINDOWS\fmsiocps.exe>  []
    <ptshell><C:\WINDOWS\ptshell.exe>  []
    <fmsbbqi><C:\WINDOWS\fmsbbqi.exe>  []
    <mfchlp64><C:\WINDOWS\mfchlp64.exe>  []
    <ookjfesc><C:\WINDOWS\ojecsxgj.exe>  []
    <fmsjhif><C:\WINDOWS\fmsjhif.exe>  []
    <bincdwsa><C:\WINDOWS\bincdwsa.exe>  []
    <dbhlp32><C:\WINDOWS\dbhlp32.exe>  []
    <huifitc><C:\WINDOWS\huifitc.exe>  []
    <fmbiost><C:\WINDOWS\fmbiost.exe>  []
    <dndsioc><C:\WINDOWS\dndsioc.exe>  []
    <isndntio><C:\WINDOWS\isndntio.exe>  []
    <cinfonmc><C:\WINDOWS\cinfonmc.exe>  []
    <wipicdec><C:\WINDOWS\wipicdec.exe>  [N/A]
    <dionpis><C:\WINDOWS\dionpis.exe>  []
    <tciocp64><C:\WINDOWS\tciocp64.exe>  []
    <hefcndy><C:\WINDOWS\hefcndy.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><msosmhfp00.dll,msosdohs01.dll,nicozftp00.dll,fmsiocps.dll,msoscqit00.dll,msosmnsf00.dll,msosfmsq01.dll,msosjtio01.dll,msosptfs00.dll,yiyhgs.dll,akooid.dll,hprwrb.dll,ppllbc.dll,ihslgt.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Alcmtr><; ALCMTR.EXE>  [(Verified)Microsoft Windows Component Publisher]
    <AlcWzrd><; ALCWZRD.EXE>  [(Verified)Microsoft Windows Component Publisher]
    <ATIModeChange><; Ati2mdxx.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RTHDCPL><; RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
==================================
启动文件夹
[飞鸽传书]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\飞鸽传书.exe -->  [N/A]><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[卡巴斯基反病毒6.0 / AVP][Stopped/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
  <"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><Microsoft Corporation>
==================================
驱动程序
[2a5c67e43b6dd438 / 2a5c67e43b6dd438][Stopped/Manual Start]
  <\??\C:\2a5c67e43b6dd438.dat><N/A>
[694f19f41dcbe633 / 694f19f41dcbe633][Stopped/Manual Start]
  <\??\C:\694f19f41dcbe633.dat><N/A>
[a977274c907f5b80 / a977274c907f5b80][Stopped/Manual Start]
  <\??\C:\a977274c907f5b80.dat><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ced76becf57fa916 / ced76becf57fa916][Stopped/Manual Start]
  <\??\C:\ced76becf57fa916.dat><N/A>
[d33359d0c36a40bf / d33359d0c36a40bf][Stopped/Manual Start]
  <\??\C:\d33359d0c36a40bf.dat><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[msfpfis64 / msfpfis64][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\msosmsfpfis64.sys><N/A>
[msp2p32 / msp2p32][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\msosmsp2p32.sys><N/A>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[VMware Pointing Device / vmmouse][Running/Manual Start]
  <system32\DRIVERS\vmmouse.sys><VMware, Inc.>
[ea39e248eed86227 / ea39e248eed86227][Running/Manual Start]
  <\??\C:\ea39e248eed86227.dat><N/A>

==================================
==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Web反病毒保护]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin14.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.35.59.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
corywind - 2008-5-27 11:34:00
==================================
正在运行的进程
[PID: 720 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
[PID: 812 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 852 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2034)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4129]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 952 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 964 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2034)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 1220 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4129]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 1316 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 1536 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 1700 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\System32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\System32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\System32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 1844 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 196 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-0707)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.2175.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.2175.0]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 520 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4129]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 776 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\system32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\cinfonmc.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\issms32.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\khvaju.dll]  [N/A, ]
    [C:\WINDOWS\system32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\system32\tmgnke.dll]  [N/A, ]
    [C:\WINDOWS\system32\tciocp64.dll]  [N/A, ]
    [C:\WINDOWS\system32\mwajya.dll]  [N/A, ]
    [C:\WINDOWS\system32\eyundm.dll]  [N/A, ]
    [C:\WINDOWS\system32\qvixet.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
    [C:\WINDOWS\system32\vuyyns.dll]  [N/A, ]
    [C:\WINDOWS\system32\rszuww.dll]  [N/A, ]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.0.0.0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 8.0.0.0]
    [D:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\ernbej.dll]  [N/A, ]
    [C:\WINDOWS\system32\njmfbk.dll]  [N/A, ]
    [C:\WINDOWS\system32\uysnnb.dll]  [N/A, ]
    [C:\WINDOWS\system32\npgnuw.dll]  [N/A, ]
    [C:\WINDOWS\system32\hefcndy.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 12]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
[PID: 2348 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-0707)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 2500 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7Debug\csm.dll]  [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Common Files\Microsoft Shared\VS7Debug\msdbg2.dll]  [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 2740 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 2764 / Administrator][C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\飞鸽传书.exe]  [Azhi.net, 2.03]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\system32\cinfonmc.dll]  [N/A, ]
    [C:\WINDOWS\system32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\system32\khvaju.dll]  [N/A, ]
    [C:\WINDOWS\system32\issms32.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
    [C:\WINDOWS\system32\rszuww.dll]  [N/A, ]
    [C:\WINDOWS\system32\vuyyns.dll]  [N/A, ]
    [C:\WINDOWS\system32\qvixet.dll]  [N/A, ]
    [C:\WINDOWS\system32\eyundm.dll]  [N/A, ]
    [C:\WINDOWS\system32\mwajya.dll]  [N/A, ]
    [C:\WINDOWS\system32\tciocp64.dll]  [N/A, ]
    [C:\WINDOWS\system32\tmgnke.dll]  [N/A, ]
    [C:\WINDOWS\system32\uysnnb.dll]  [N/A, ]
    [C:\WINDOWS\system32\njmfbk.dll]  [N/A, ]
    [C:\WINDOWS\system32\ernbej.dll]  [N/A, ]
    [C:\WINDOWS\system32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\system32\npgnuw.dll]  [N/A, ]
[PID: 2916 / NETWORK SERVICE][C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe]  [Microsoft Corporation, 9.00.1399.00]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll]  [Microsoft Corporation,
2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6e1d26566883ac429eff35facfb0935b\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\d5243c96dcfaba41957d8fa08af95470\System.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MsDtsSrvr\23100ac21201cf4c9f5f766f9ec35a6e\MsDtsSrvr.ni.exe]  [Microsoft Corporation, 9.00.1399.00]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e116f3064cce0a41b5dac81eb646755f\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a8340b3c5a88144e8891a55848604263\Microsoft.SqlServer.MgdSqlDumper.ni.dll]  [Microsoft Corporation, 2005.090.3042.00]
    [C:\WINDOWS\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.MgdSqlDumper.dll]  [Microsoft Corporation, 2005.090.3042.00]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\da0597588a9b0f4588195e49ad46a154\System.Configuration.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7842679a2b77144c878975c777343720\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089\mscorlib.resources.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_zh-CHS_b77a5c561934e089\System.resources.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\2f32d5d9780efb42afc59bbbc06109b8\Microsoft.SqlServer.DtsServer.Interop.ni.dll]  [ , 9.0.242.0]
    [C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_zh-CHS_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 3592 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.RLL]  [Microsoft Corporation, 2005.090.1399.00]
日不懂啊 - 2008-5-27 11:34:00
把日志压缩,点“回复”

从附件发上来
corywind - 2008-5-27 11:35:00
[C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\2052\sqlevn70.RLL]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLOS.DLL]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\WINDOWS\system32\MSCOREE.DLL]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msfte.dll]  [Microsoft Corporation, 12.0.5626.1]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\dbghelp.dll]  [Microsoft Corporation, 6.5.0003.7 (vbl_core_fbrel(jshay).050527-1915)]
    [C:\WINDOWS\system32\sqlncli.dll]  [Microsoft Corporation, 2005.090.3042.00]
    [C:\WINDOWS\system32\SQLNCLIR.RLL]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftepxy.dll]  [Microsoft Corporation, 12.0.5626.1]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 3712 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\WINDOWS\system32\odbcbcp.dll]  [Microsoft Corporation, 2000.085.1132.00 (xpsp.080125-0707)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\XMLRW.dll]  [Microsoft Corporation, 2.00.3604.0 built by: (_sqlbld)]
    [C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\XMLRWBIN.dll]  [Microsoft Corporation, 2.00.3604.0 built by: (_sqlbld)]
    [C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\sqlboot.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\Resources\2052\msmdsrv.rll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmgdsrv.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6e1d26566883ac429eff35facfb0935b\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\d5243c96dcfaba41957d8fa08af95470\System.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\msmgdsrv\6b9ad16c5e8eae439691f36d0c74c0d4\msmgdsrv.ni.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 3820 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe]  [Microsoft Corporation, 9.00.1399.00]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6e1d26566883ac429eff35facfb0935b\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\d5243c96dcfaba41957d8fa08af95470\System.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e116f3064cce0a41b5dac81eb646755f\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesLibrary.dll]  [Microsoft Corporation, 9.00.1399.00]
    [C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_zh-CHS_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesNativeServer.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Reporting#\e2bbf41d2847ea42a6dbf18110d5b7bf\Microsoft.ReportingServices.Diagnostics.ni.dll]  [Microsoft Corporation, 9.00.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\zh-CHS\ReportingServicesLibrary.resources.dll]  [Microsoft Corporation, 9.00.1399.00]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\da0597588a9b0f4588195e49ad46a154\System.Configuration.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7842679a2b77144c878975c777343720\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)][C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089\mscorlib.resources.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Reporting#\f25aba3366452e46a949266ee368823a\Microsoft.ReportingServices.Interfaces.ni.dll]  [Microsoft Corporation, 9.00.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\zh-CHS\Microsoft.ReportingServices.Diagnostics.resources.dll]  [Microsoft Corporation, 9.00.1399.00]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\7995b1e26e1cdf43bde9ce3bbe47fc94\System.Web.ni.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ReportingServicesNa#\202f6e469d3a7c4099a47f0142d67e0e\ReportingServicesNativeClient.ni.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesNativeClient.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.Diagnostics.dll]  [Microsoft Corporation, 9.00.1399.00]
corywind - 2008-5-27 11:35:00
[C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.Interfaces.dll]  [Microsoft Corporation, 9.00.1399.00]
    [C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\Microsoft SQL Server\90\Shared\sqlboot.dll]  [Microsoft Corporation, 2005.090.3042.00]
    [C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_zh-CHS_b77a5c561934e089\System.Data.resources.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll]  [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 4012 / NETWORK SERVICE][C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe]  [Microsoft Corporation, 2005.090.3042.00]
    [C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\Program Files\Microsoft SQL Server\90\Shared\msmdredir.dll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\Program Files\Common Files\System\Ole DB\XMLRW.dll]  [Microsoft Corporation, 2.00.3604.0 built by: (_sqlbld)]
    [C:\Program Files\Common Files\System\Ole DB\XMLRWBIN.dll]  [Microsoft Corporation, 2.00.3604.0 built by: (_sqlbld)]
    [C:\Program Files\Microsoft SQL Server\90\Shared\Resources\2052\msmdsrv.rll]  [Microsoft Corporation, 2005.090.1399.00]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 4044 / SYSTEM][C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe]  [Microsoft Corporation, 2005.090.3042.00]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss_xp.dll]  [Microsoft Corporation, 2005.090.3042.00]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 556 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe]  [Microsoft Corporation, 12.0.5626.1]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\MSFTE.DLL]  [Microsoft Corporation, 12.0.5626.1]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\dbghelp.dll]  [Microsoft Corporation, 6.5.0003.7 (vbl_core_fbrel(jshay).050527-1915)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftepxy.dll]  [Microsoft Corporation, 12.0.5626.1]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 3808 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 4128 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-0707)]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\System32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\System32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\System32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\System32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 4628 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028)]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
corywind - 2008-5-27 11:35:00
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 8.0.0.2006102200]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 44]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 12]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.304]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 4908 / Administrator][C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe]  [Microsoft Corporation, 4.200.520.1]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
[PID: 4876 / Administrator][D:\Program\FlashFXP\flashfxp.exe]  [IniCom Networks, Inc., 3.2.0.1080]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [D:\Program\FlashFXP\libeay32.dll]  [N/A, ]
    [D:\Program\FlashFXP\ssleay32.dll]  [N/A, ]
    [C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\WINDOWS\system32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\system32\npgnuw.dll]  [N/A, ]
    [C:\WINDOWS\system32\uysnnb.dll]  [N/A, ]
    [C:\WINDOWS\system32\njmfbk.dll]  [N/A, ]
    [C:\WINDOWS\system32\ernbej.dll]  [N/A, ]
    [C:\WINDOWS\system32\rszuww.dll]  [N/A, ]
    [C:\WINDOWS\system32\vuyyns.dll]  [N/A, ]
    [C:\WINDOWS\system32\qvixet.dll]  [N/A, ]
    [C:\WINDOWS\system32\eyundm.dll]  [N/A, ]
    [C:\WINDOWS\system32\mwajya.dll]  [N/A, ]
    [C:\WINDOWS\system32\tciocp64.dll]  [N/A, ]
    [C:\WINDOWS\system32\tmgnke.dll]  [N/A, ]
    [C:\WINDOWS\system32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\system32\khvaju.dll]  [N/A, ]
    [C:\WINDOWS\system32\issms32.dll]  [N/A, ]
    [C:\WINDOWS\system32\cinfonmc.dll]  [N/A, ]
    [C:\WINDOWS\system32\dbhlp32.dlL]  [N/A, ]
[PID: 1836 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.734\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosmnsf00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosfmsq01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosjtio01.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosptfs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\yiyhgs.dll]  [N/A, ]
    [C:\WINDOWS\system32\akooid.dll]  [N/A, ]
    [C:\WINDOWS\system32\hprwrb.dll]  [N/A, ]
    [C:\WINDOWS\system32\ppllbc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ihslgt.dll]  [N/A, ]
    [C:\WINDOWS\system32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\system32\npgnuw.dll]  [N/A, ]
    [C:\WINDOWS\system32\uysnnb.dll]  [N/A, ]
    [C:\WINDOWS\system32\njmfbk.dll]  [N/A, ]
    [C:\WINDOWS\system32\ernbej.dll]  [N/A, ]
    [C:\WINDOWS\system32\rszuww.dll]  [N/A, ]
    [C:\WINDOWS\system32\vuyyns.dll]  [N/A, ]
    [C:\WINDOWS\system32\qvixet.dll]  [N/A, ]
    [C:\WINDOWS\system32\eyundm.dll]  [N/A, ]
    [C:\WINDOWS\system32\mwajya.dll]  [N/A, ]
    [C:\WINDOWS\system32\tciocp64.dll]  [N/A, ]
    [C:\WINDOWS\system32\tmgnke.dll]  [N/A, ]
    [C:\WINDOWS\system32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\system32\khvaju.dll]  [N/A, ]
    [C:\WINDOWS\system32\issms32.dll]  [N/A, ]
    [C:\WINDOWS\system32\cinfonmc.dll]  [N/A, ]
    [C:\WINDOWS\system32\dbhlp32.dlL]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.734\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
corywind - 2008-5-27 11:36:00
==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 776, C:\WINDOWS\EXPLORER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2764, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\「开始」菜单\程序\启动\飞鸽传书.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4876, D:\PROGRAM\FLASHFXP\FLASHFXP.EXE]

==================================
API HOOK
RVA  错误: LoadLibraryA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: GetProcAddress (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)

==================================
隐藏进程
N/A

==================================


[/CODE]
corywind - 2008-5-27 11:41:00
压缩了

附件: SREngLOG.rar
天月来了 - 2008-5-27 11:43:00
这贴里下载那个我在27楼提供的清理临时文件工具ATF-Cleaner-cn,全选所有项目,点击“立即清理” :
http://bbs.ikaka.com/showtopic-8442813.aspx

这 里 下 载 W i n d o w s 清 理 助 手 ,清理你那系统。
http://www.arswp.com/

下载完以后,升级清理助手,然后立即断网,重启电脑,尽量进安全模式下清理系统。

清理完以后,立即再扫描最新的SRENG日志,打扫残余病毒。

直接将日志文件以附件的形式发这论坛来。

一定以附件形式发这论坛来。
点击你自己的主题贴右下角的“引用”或最右下角的那个较大的“回复”然后就应该知道怎么发了。
豪斯登堡新郎 - 2008-5-27 11:45:00
1.用XDelBox勾选抑制再生后删除以下文件:(XDelBox1.7支持奥运版下载)
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。

c:\windows\system32\msosdohs01.dll
c:\windows\system32\msosmnsf00.dll
c:\windows\system32\akooid.dll
c:\windows\system32\fmsiocps.dll
c:\windows\system32\hprwrb.dll
c:\windows\system32\msoscqit00.dll
c:\windows\system32\msosdohs00.dll
c:\windows\system32\msosfmsq01.dll
c:\windows\system32\msosjtio01.dll
c:\windows\system32\msosmnsf01.dll
c:\windows\system32\msosptfs00.dll
c:\windows\system32\ppllbc.dll
c:\windows\system32\yiyhgs.dll
c:\windows\system32\cinfonmc.dll
c:\windows\system32\dbhlp32.dll
c:\windows\system32\dionpis.dll
c:\windows\system32\ernbej.dll
c:\windows\system32\eyundm.dll
c:\windows\system32\hefcndy.dll
c:\windows\system32\ihslgt.dll
c:\windows\system32\khvaju.dll
c:\windows\system32\mwajya.dll
c:\windows\system32\njmfbk.dll
c:\windows\system32\npgnuw.dll
c:\windows\system32\qvixet.dll
c:\windows\system32\rszuww.dll
c:\windows\system32\tciocp64.dll
c:\windows\system32\tmgnke.dll
c:\windows\system32\uysnnb.dll
c:\windows\system32\vuyyns.dll
c:\windows\system32\issms32.dll
c:\documents and settings\administrator\「开始」菜单\程序\启动\飞鸽传书.exe
c:\windows\system32\msosmhfp00.dll
c:\windows\system32\msosdohs01.dll
c:\windows\system32\nicozftp00.dll
c:\windows\system32\fmsiocps.dll
c:\windows\system32\msoscqit00.dll
c:\windows\system32\msosmnsf00.dll
c:\windows\system32\msosfmsq01.dll
c:\windows\system32\msosjtio01.dll
c:\windows\system32\msosptfs00.dll
c:\windows\system32\msosmhfp01.dll
c:\windows\system32\msosdohs02.dll
c:\windows\system32\nicozftp01.dll
c:\windows\system32\fmsiocps.dll
c:\windows\system32\msoscqit01.dll
c:\windows\system32\msosmnsf01.dll
c:\windows\system32\msosfmsq02.dll
c:\windows\system32\msosjtio02.dll
c:\windows\system32\msosptfs01.dll
c:\windows\system32\msosmhfp02.dll
c:\windows\system32\msosdohs00.dll
c:\windows\system32\nicozftp02.dll
c:\windows\system32\fmsiocps.dll
c:\windows\system32\msoscqit02.dll
c:\windows\system32\msosmnsf02.dll
c:\windows\system32\msosfmsq00.dll
c:\windows\system32\msosjtio00.dll
c:\windows\system32\msosptfs02.dll
c:\windows\hefcndy.exe
c:\windows\tciocp64.exe
c:\windows\dionpis.exe
c:\windows\wipicdec.exe
c:\windows\cinfonmc.exe
c:\windows\isndntio.exe
c:\windows\dndsioc.exe
c:\windows\fmbiost.exe
c:\windows\huifitc.exe
c:\windows\dbhlp32.exe
c:\windows\bincdwsa.exe
c:\windows\fmsjhif.exe
c:\windows\ojecsxgj.exe
c:\windows\mfchlp64.exe
c:\windows\fmsbbqi.exe
c:\windows\ptshell.exe
c:\windows\fmsiocps.exe
c:\windows\anistio.exe
c:\windows\issms32.exe
c:\2a5c67e43b6dd438.dat
c:\694f19f41dcbe633.dat
c:\a977274c907f5b80.dat
c:\ea39e248eed86227.dat
c:\windows\system32\drivers\msosmsp2p32.sys
c:\windows\system32\drivers\msosmsfpfis64.sys
c:\d33359d0c36a40bf.dat
c:\ced76becf57fa916.dat

2.删除重启后使用SREng修复下面各项:

    启动项目 -- 注册表之如下项删除:
注意该项[AppInit_DLLs]修改:把<msosmhfp00.dll,msosdohs01.dll,nicozftp00.dll,fmsiocps.dll,msoscqit00.dll,msosmnsf00.dll,msosfmsq01.dll,msosjtio01.dll,msosptfs00.dll,yiyhgs.dll,akooid.dll,hprwrb.dll,ppllbc.dll,ihslgt.dll>修改为<>即清空
[hefcndy] 
[tciocp64]
[dionpis] 
[wipicdec]
[cinfonmc]
[isndntio]
[dndsioc] 
[fmbiost] 
[huifitc] 
[dbhlp32] 
[bincdwsa]
[fmsjhif] 
[ookjfesc]
[mfchlp64]
[fmsbbqi] 
[ptshell] 
[fmsiocps]
[anistio] 
[issms32] 

    启动项目 -- 启动文件夹之如下项删除:
[飞鸽传书]   

    启动项目 -- 服务-- 驱动程序之如下项禁用:
[2a5c67e43b6dd438 / 2a5c67e43b6dd438] 
[694f19f41dcbe633 / 694f19f41dcbe633] 
[a977274c907f5b80 / a977274c907f5b80] 
[ea39e248eed86227 / ea39e248eed86227] 
[msp2p32 / msp2p32] 
[msfpfis64 / msfpfis64]   
[d33359d0c36a40bf / d33359d0c36a40bf] 
[ced76becf57fa916 / ced76becf57fa916] 

全部做完后下载以下软件清理一次:

清理系统临时文件和IE临时文件夹
http://www.atribune.org/public-beta/ATF-Cleaner.exe
用金山清理专家清理恶意软件
http://www.duba.net/zt/ksc/down.shtml
下载 windows清理助手清理一遍
http://www.arswp.com/download/arswp2/arswp2.zip

那个飞鸽传书的东西如果确认没问题可以不要删除
corywind - 2008-5-27 14:51:00
这个是完事得扫描,请过目

附件: SREngLOG(1).log
豪斯登堡新郎 - 2008-5-27 15:14:00
做的不错。。

下面这些再做下

一定先将c:\windows\system32\dllcache\ctfmon.exe复制粘贴到c:\windows\system32\文件夹里 


1.用XDelBox勾选抑制再生后删除以下文件:(XDelBox1.7支持奥运版下载)
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。

c:\windows\system32\wwurop
c:\windows\system32\dbbzwu

2.删除重启后使用SREng修复下面各项:

    启动项目 -- 服务-- 驱动程序之如下项删除:
[wwurop / wwurop]   
[dbbzwu / dbbzwu]
corywind - 2008-5-28 15:39:00
OK这回应该没问题了吧
corywind - 2008-5-28 15:40:00
杀完以后出了个问题,就是在网页中无法输入中文,在其他的聊天页面还是word中都可以写中文
1
查看完整版本: 各位达人看看这是什么情况阿,我没办法了!!
© 2000 - 2026 Rising Corp. Ltd.