瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 请斑斑高手们帮忙看看扫描出的log

1   1  /  1  页   跳转

[求助] 请斑斑高手们帮忙看看扫描出的log

收藏
芥墨子
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2005-07-05
  • 来自:
发表于: 2008-10-08 12:00 | 只看楼主 短消息 资料
字号: 1楼

请斑斑高手们帮忙看看扫描出的log

请帮忙看看,不胜感激!
[CODE]

2008-10-08,11:22:24

System Repair Engineer 2.6.12.1018
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <SandboxieControl><"C:\Program Files\Sandboxie\SbieCtrl.exe">  [tzuk]
    <Google Update><"C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c>  [(Verified)Google Inc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <egui><"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice>  [(Verified)"ESET, spol. s r.o."]
    <High Definition Audio Property Page Shortcut><HDAShCut.exe>  [(Verified)Microsoft Windows XP Publisher]
    <AlcWzrd><ALCWZRD.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe">  [(Verified)"Adobe Systems, Incorporated"]
    <ATIPTA><; "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe">  [ATI Technologies, Inc.]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [File is missing]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Update For Windows / Autoupdate][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\Autoupdate.dll><N/A>
[Cmb WebProtect Support / CMBWPS][Running/Auto Start]
  <C:\Program Files\CMBCHINA\WebProtect\WPService.exe /start><China Merchants Bank>
[Eset HTTP Server / EhttpSrv][Stopped/Manual Start]
  <"C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe"><ESET>
[Eset Service / ekrn][Running/Auto Start]
  <"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"><ESET>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Basic Service / kaccore][Running/Auto Start]
  <"C:\Program Files\kingsoft\kac\service\kaccore.exe"><Kingsoft Corporation>
[Sandboxie Service / SbieSvc][Running/Auto Start]
  <C:\Program Files\Sandboxie\SbieSvc.exe><tzuk>

==================================
驱动程序
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[CMB8100 / CMB8100][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CertClient.dat><N/A>
[CMBProtector / CMBProtector][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat><N/A>
[eamon / eamon][Running/Auto Start]
  <system32\DRIVERS\eamon.sys><ESET>
[easdrv / easdrv][Running/System Start]
  <system32\DRIVERS\easdrv.sys><ESET>
[epfw / epfw][Running/Auto Start]
  <system32\DRIVERS\epfw.sys><ESET>
[Eset Personal Firewall / Epfwndis][Running/Manual Start]
  <system32\DRIVERS\Epfwndis.sys><ESET>
[epfwtdi / epfwtdi][Running/System Start]
  <system32\DRIVERS\epfwtdi.sys><ESET>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SbieDrv / SbieDrv][Running/Manual Start]
  <\??\C:\Program Files\Sandboxie\SbieDrv.sys><tzuk>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[urlmon Class]
  {FFFFEECE-FF18-8222-2FB0-2935B9EA0830} <C:\WINDOWS\system32\1031\urlmon.dll, Microsoft Corporation>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[CCtInf Class]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Microsoft Office Template and Media Control]
  {02BCC737-B171-4746-94C9-0D8A0B2C0089} <C:\PROGRA~1\MICROS~2\Office12\IEAWSDC.DLL, (Signed) >
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[STSUpld UploadCtl Class]
  {07B06095-5687-4D13-9E32-12B4259C9813} <C:\PROGRA~1\MICROS~2\Office12\STSUPLD.DLL, (Signed) Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[CEnroll Class]
  {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, (Signed) Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[InformationCardSigninHelper Class]
  {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XSL Template]
  {2933BF94-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, (Signed) Microsoft Corporation>
[XML Schema Cache]
  {373984C9-B845-449B-91E7-45AC83036ADE} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[SharePoint Spreadsheet Launcher]
  {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} <C:\PROGRA~1\MICROS~2\Office12\OWSSUPP.DLL, (Signed) Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[Microsoft Terminal Services Client Control (redist)]
  {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
  {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[SharePoint Export Database Launcher]
  {62B4D041-4667-40B6-BB50-4BC0A5043A73} <C:\PROGRA~1\MICROS~2\Office12\OWSSUPP.DLL, (Signed) Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Microsoft Shell UI Helper]
  {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Microsoft Office List 12.0]
  {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} <C:\Program Files\Microsoft Office\Office12\STSLIST.DLL, (Signed) Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[CCtInf Class]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\Program Files\WangWang\WangWangX6.dll, (Signed) 阿里巴巴软件(上海)有限公司>
[Microsoft Terminal Services Client Control (redist)]
  {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
  {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[SharepointOpenXMLDocuments]
  {8075631E-5146-11D5-A672-00B0D022E945} <C:\Program Files\Microsoft Office\Office12\INLAUNCH.DLL, (Signed) Microsoft Corporation>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XML DOM Document 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 6.0]
  {88D96A06-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML Schema Cache 6.0]
  {88D96A07-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XSL Template 6.0]
  {88D96A08-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
  {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[SharePoint OpenDocuments Class]
  {9203C2CB-1DC1-482D-967E-597AFF270F0D} <C:\PROGRA~1\MICROS~2\Office12\OWSSUPP.DLL, (Signed) Microsoft Corporation>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[Google Update Plugin]
  {94ABC7C9-4D4C-43FC-9CD5-0C3CEA47622B} <C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Update\1.2.131.19\npGoogleOneClick6.dll, (Signed) Google Inc.>
[SharePoint OpenDocuments Class]
  {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[OWSClientEventSubscription Class]
  {BDEADE3E-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OWSClientMiscApis Class]
  {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OWSClientCommentThread Class]
  {BDEADE40-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OWSClientComment Class]
  {BDEADE42-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OWSBrowserUI Class]
  {BDEADE43-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[讨论(&D)]
  {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} <shdocvw.dll, Microsoft Corporation>
[OWS Post Data]
  {BDEADE98-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[SharePoint Spreadsheet Launcher]
  {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[Web Discussions]
  {BDEADEB3-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[Web Discussions]
  {BDEADEB4-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[Web Discussions]
  {BDEADEB5-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OWSDiscussionServers Class]
  {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OWSClientCollaboration Class]
  {BDEADEB8-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OSE.Discussion]
  {BDEADEDA-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OSE.Discussions]
  {BDEADEDB-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OSE.DiscussionServer]
  {BDEADEDC-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OSE.DiscussionServers]
  {BDEADEDD-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OSE Global Class]
  {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[OWSDiscussionBar Class]
  {BDEADEE0-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSCLT.DLL, (Signed) Microsoft Corporation>
[SharePoint OpenDocuments Class]
  {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} <, >
[SharePoint Stssync Handler]
  {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} <, >
[SharePoint Stssync Handler]
  {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office12\OWSSUPP.DLL, (Signed) Microsoft Corporation>
[Microsoft Office 12 Authorization Control]
  {C9712B19-838B-45A5-ABF2-9A315DDDED50} <C:\PROGRA~1\MICROS~2\Office12\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[Adobe PDF Reader]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[STSUpld CopyCtl Class]
  {CDEC13B2-0B3C-400E-B909-E27EE89C6799} <C:\PROGRA~1\MICROS~2\Office12\STSUPLD.DLL, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>

用户系统信息:Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.2.149.30 Safari/525.13
最后编辑芥墨子 最后编辑于 2008-10-08 12:03:07
分享到:
gototop
 
芥墨子
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2005-07-05
  • 来自:
发表于: 2008-10-08 12:00 | 只看楼主 短消息 资料
字号: 2楼

回复:请帮忙看看描述出的log

[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[OISClientLauncher Class]
  {E543A17A-F212-49C0-B63D-BF09B460250E} <C:\Program Files\Microsoft Office\Office12\oisctrl.dll, (Signed) Microsoft Corporation>
[PersonalSite Class]
  {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} <C:\PROGRA~1\COMMON~1\MICROS~1\Portal\PORTAL~1.DLL, (Signed) >
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Scripting.Dictionary]
  {EE09B103-97E0-11CF-978F-00A02463E06F} <C:\WINDOWS\system32\scrrun.dll, (Signed) Microsoft Corporation>
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\PersonalBankMain.ocx, China Merchants Bank>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML Schema Cache 3.0]
  {F5078F34-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML Data Source Object 3.0]
  {F5078F39-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document]
  {F6D90F12-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML Data Source Object ]
  {F6D90F14-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[urlmon Class]
  {FFFFEECE-FF18-8222-2FB0-2935B9EA0830} <C:\WINDOWS\system32\1031\urlmon.dll, Microsoft Corporation>
[使用迅雷下载]
  <D:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Program Files\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\TM2008\Bin\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 760 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 808 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 840 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4123]
    [C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.8.0031.9]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 884 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 896 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1064 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4123]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2499]
[PID: 1076 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1168 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1288 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.2.6001.784 (winmain_oob/wu_wsuswlc(wmbla).080718-1904)]
[PID: 1404 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1532 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[PID: 1664 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 1828 / ESSE][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4123]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2499]
[PID: 2008 / ESSE][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1024 / SYSTEM][C:\Program Files\CMBCHINA\WebProtect\WPService.exe]  [China Merchants Bank, 1, 0, 0, 1]
    [C:\Program Files\CMBCHINA\WebProtect\WebProtectPlus.dll]  [China Merchants Bank, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[PID: 1028 / ESSE][C:\Program Files\ESET\ESET Smart Security\egui.exe]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\eguiScan.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\eguiAmon.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\eguiEmon.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\eguiEpfw.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\eguiSmon.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\eguiUpdate.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\eguiMailPlugins.dll]  [ESET, 3.0.669 ]
[PID: 1240 / SYSTEM][C:\Program Files\ESET\ESET Smart Security\ekrn.exe]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\ekrnScan.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\ekrnAmon.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\ekrnEmon.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\ekrnEpfw.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\ekrnSmon.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\ekrnUpdate.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\updater.dll]  [ESET, 3.0.669 ]
    [C:\Program Files\ESET\ESET Smart Security\ekrnMailPlugins.dll]  [ESET, 3.0.669 ]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[PID: 1356 / SYSTEM][C:\Program Files\kingsoft\kac\service\kaccore.exe]  [Kingsoft Corporation, 2008,09,11,261]
    [C:\Program Files\kingsoft\kac\service\corehelper.dll]  [Kingsoft Corporation, 2008,09,17,269]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[PID: 1380 / ESSE][C:\WINDOWS\ALCWZRD.EXE]  [RealTek Semicoductor Corp., 1.1.0.36]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1336 / ESSE][C:\WINDOWS\ALCMTR.EXE]  [Realtek Semiconductor Corp., 1.6.0.2]
[PID: 1460 / ESSE][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1468 / ESSE][C:\Program Files\Sandboxie\SbieCtrl.exe]  [tzuk, 3.30]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [C:\Program Files\Sandboxie\SbieDll.dll]  [tzuk, 3.30]
    [C:\Program Files\Sandboxie\SbieMsg.dll]  [tzuk, 3.30]
[PID: 1488 / ESSE][C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe]  [Google Inc., 1.2.131.7]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Update\1.2.131.19\goopdate.dll]  [Google Inc., 1.2.131.19]
[PID: 1700 / SYSTEM][C:\Program Files\Sandboxie\SbieSvc.exe]  [tzuk, 3.30]
    [C:\Program Files\Sandboxie\SbieDll.dll]  [tzuk, 3.30]
[PID: 2492 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 3160 / ESSE][C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe]  [Google Inc., 0.0.0.0]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\chrome.dll]  [Google Inc., 0.2.149.30]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\icudt38.dll]  [IBM Corporation and others, 3, 8, 0, 0]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\locales\zh-CN.dll]  [N/A, ]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\themes\default.dll]  [N/A, ]
    [c:\documents and settings\esse\local settings\application data\google\chrome\application\plugins\gears\gears.dll]  [Google Inc., 0.4.17.0]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\rlz.dll]  [N/A, ]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [C:\WINDOWS\system32\CHENHU4.IME]  [chenhu, 5.8]
[PID: 1956 / ESSE][D:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQHelperDll.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [TENCENT, 8,0,1248,1851]
    [D:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [D:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [D:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [D:\Program Files\Tencent\QQ\QQAPI.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\TM2008\Bin\TXPFProxy.dll]  [N/A, ]
    [D:\Program Files\Tencent\QQ\LoginCtrl.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQRes.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQMainFrame.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Tencent\QQ\UnReadMsgMgr.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQAllInOne.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [D:\Program Files\Tencent\QQ\CameraDll.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\CQQApplication.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\NewSkin.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\MailSummary.dll]  [TENCENT, 8,0,1234,1851]
    [D:\Program Files\Tencent\QQ\QQSpace.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [D:\Program Files\Tencent\QQ\msdmo.dll]  [, ]
    [D:\Program Files\Tencent\QQ\QQAvatar.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\OEMApplication.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQGroupMng.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQPlugin.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQPet.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQCustomFace.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QRingMng.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQMagicFace.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\ImageOle.dll]  [TENCENT, 8,0,1249,1853]
    [C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL]  [Microsoft Corporation, 12.0.4518.1014]
    [D:\Program Files\Tencent\QQ\QQLiveQMng.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\LongConnection.dll]  [TENCENT, 8,0,1249,1851]
    [D:\Program Files\Tencent\QQ\PhoneAPI.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\CHENHU4.IME]  [chenhu, 5.8]
    [D:\Program Files\Tencent\QQ\BQQApplication.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\CommercesMng.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [D:\Program Files\Tencent\QQ\QQSceneMng.dll]  [TENCENT, 8,0,1249,1853]
    [D:\Program Files\Tencent\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 2, 1, 16]
[PID: 900 / ESSE][D:\Program Files\Tencent\TM2008\Bin\TXPlatform.exe]  [Tencent, 1, 10, 260, 0]
    [D:\Program Files\Tencent\TM2008\Bin\TXPFProxy.dll]  [N/A, ]
[PID: 2020 / ESSE][C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe]  [Google Inc., 0.0.0.0]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\chrome.dll]  [Google Inc., 0.2.149.30]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\icudt38.dll]  [IBM Corporation and others, 3, 8, 0, 0]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\locales\zh-CN.dll]  [N/A, ]
[PID: 3876 / ESSE][C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe]  [Google Inc., 0.0.0.0]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\chrome.dll]  [Google Inc., 0.2.149.30]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\icudt38.dll]  [IBM Corporation and others, 3, 8, 0, 0]
    [C:\Documents and Settings\ESSE\Local Settings\Application Data\Google\Chrome\Application\0.2.149.30\locales\zh-CN.dll]  [N/A, ]
    [c:\windows\system32\macromed\flash\npswf32.dll]  [, ]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3816 / ESSE][C:\Program Files\WinRAR\WinRAR.exe]  [Alexander Roshal, 3.71]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[PID: 1012 / ESSE][C:\DOCUME~1\ESSE\LOCALS~1\Temp\Rar$EX00.859\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.12.1018]
[PID: 2812 / ESSE][C:\DOCUME~1\ESSE\LOCALS~1\Temp\Rar$EX00.859\SRE91e5aedf.EXE]  [Smallfrogs Studio, 2.6.12.1018]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
    [C:\DOCUME~1\ESSE\LOCALS~1\Temp\Rar$EX00.859\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1468, C:\PROGRAM FILES\SANDBOXIE\SBIECTRL.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1700, C:\PROGRAM FILES\SANDBOXIE\SBIESVC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3160, C:\DOCUMENTS AND SETTINGS\ESSE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3876, C:\DOCUMENTS AND SETTINGS\ESSE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3816, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1012, C:\DOCUME~1\ESSE\LOCALS~1\TEMP\RAR$EX00.859\SRENGLDR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
zihouse
头像
健康舞勺狮
  • 帖子:386
  • 注册: 2008-07-22
  • 来自:
发表于: 2008-10-08 12:20 | 短消息 资料
字号: 3楼

回复:请斑斑高手们帮忙看看扫描出的log

描述下问题,。。。。。。
gototop
 
芥墨子
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2005-07-05
  • 来自:
发表于: 2008-10-08 12:28 | 只看楼主 短消息 资料
字号: 4楼

回复:请斑斑高手们帮忙看看扫描出的log

具体的问题是,每天电脑正常启动一次后,再启动都正常。
但是晚上关机以后,早上要想正常启动,就不容易了,连安全模式都不给进,只能重开机,起码一两钟以后,好不容易正常启动了,会提示2个错误:提示wauclt.exe出错,还有临时文件夹C:\DOCUME~1\ESSE\LOCALS~1\TEMP\**文件出错。
gototop
 
激流涌进
头像
强壮不惑狮
  • 帖子:1131
  • 注册: 2007-11-22
  • 来自:
发表于: 2008-10-08 12:59 | 短消息 资料
字号: 5楼

回复:请斑斑高手们帮忙看看扫描出的log

日志正常,未发现可疑文件。
建议用卡卡助手,清理临时文件,方法:
打开卡卡助手--高级工具---垃圾文件清理;下次提交的时候用附件的方式发上来,回复时选右上解“+回复”,然后浏览附件提交
gototop
 
芥墨子
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2005-07-05
  • 来自:
发表于: 2008-10-08 13:07 | 只看楼主 短消息 资料
字号: 6楼

回复:请斑斑高手们帮忙看看扫描出的log

好的,收到,下次用附件提交。谢谢了。
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT