1   1  /  1  页   跳转

卡卡无法随机启动

收藏
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 15:59 | 显示全部 短消息 资料
字号: 1楼

卡卡无法随机启动

瑞星卡卡电脑诊断日志 v1.30 (2007-7-16 15:37:49)  北京瑞星科技股份有限公司

注释:    [A]表示该文件存在自启动关联;
    [M]表示该文件在内存中;

+ 注册表自运行项目
  + 系统服务
    + HKLM\System\CurrentControlSet\Services
      lxdmg
        [AM] 1. c:\program files\common files\devicemanager\devicemanager.exe
          DeviceManager Microsoft 基础类应用程序
          .text,.rdata,.data,.rsrc,


      lxswitch
        [AM] 2. c:\happyhome\幸福飞梭\lxswitch.exe
          TGELogonSrv Microsoft 基础类应用程序
          .text,.rdata,.data,.rsrc,


      NVSvc
        [AM] 3. c:\windows\system32\nvsvc32.exe
          NVIDIA Corporation
          NVIDIA Driver Helper Service, Version 43.51
          .text,.rdata,.data,.rsrc,


      UMWdf
        [A ] 4. c:\windows\system32\wdfmgr.exe
          Microsoft Corporation
          Windows User Mode Driver Manager
          .text,.data,.rsrc,


      UPHClean
        [AM] 5. d:\program files\uphclean\uphclean.exe
          Microsoft Corporation
          User Profile Hive Cleanup Service
          .text,.rdata,.data,.rsrc,


      usnjsvc
        [A ] 6. c:\program files\msn messenger\usnsvc.exe
          Microsoft Corporation
          Messenger Sharing USN Journal Reader Service
          .text,.data,.rsrc,


      WmdmPmSN
        [A ] 7. c:\windows\system32\mspmsnsv.dll
          Microsoft Corporation
          Microsoft Media Device Service Provider
          .text,.data,.rsrc,.reloc,




  + 内核驱动
    + HKLM\System\CurrentControlSet\Services
      Afc
        [A ] 8. c:\windows\system32\drivers\afc.sys
          Arcsoft, Inc.
          Arcsoft(R) ASPI Shell
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      ALCXWDM
        [A ] 9. c:\windows\system32\drivers\alcxwdm.sys
          Realtek Semiconductor Corp.
          Realtek AC'97 Audio Driver (WDM)
          .text,_LTEXT,_PTEXT,.rdata,.data,.CRT,_LDATA,_PDATA,.data1,PAGE,INIT,.rsrc,.reloc,


      BT848
        [A ] 10. c:\windows\system32\drivers\cxvcap.sys
          Windows (R) 2000 DDK provider
          WDM Video Capture Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      CXTUNER
        [A ] 11. c:\windows\system32\drivers\cxtuner.sys
          Conexant Systems, Inc.
          CxTuner, Tuner Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      CXXBAR
        [A ] 12. c:\windows\system32\drivers\cxxbar.sys
          Conexant Systems, Inc.
          CxXBar, Crossbar Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      GT680x
        [A ] 13. c:\windows\system32\drivers\gt680x.sys
           
          USB Scanner Driver
          .text,.data,INIT,.rsrc,.reloc,


      HSFHWBS2
        [A ] 14. c:\windows\system32\drivers\hsfhwbs2.sys
          Conexant Systems
          HSF_HWB2 WDM driver
          .text,GLOBAL_I,.rdata,.data,.CRT,GLOBAL_I,PAGE,INIT,.rsrc,.reloc,


      HSF_DP
        [A ] 15. c:\windows\system32\drivers\hsf_dp.sys
          Conexant Systems
          HSF_DP driver
          .text,_PARA_DA,.rdata,.data,.CRT,PAGE,INIT,.rsrc,.reloc,


      mdmxsdk
        [A ] 16. c:\windows\system32\drivers\mdmxsdk.sys
          Conexant
          Diagnostic Interface DRIVER
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      NPF
        [A ] 17. c:\windows\system32\drivers\npf.sys
          CACE Technologies
          npf
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      npkcrypt
        [A ] 18. d:\program files\tencent\qq\npkcrypt.sys
          INCA Internet Co., Ltd.
          nProtect KeyCrypt Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      pfc
        [A ] 19. c:\windows\system32\drivers\pfc.sys
          Padus, Inc.
          Padus(R) ASPI Shell
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      RsAntiSpyware
        [A ] 20. c:\windows\system32\drivers\rsboot.sys
          Beijing Rising Technology Co., Ltd.
          Anti-RootKit Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      safemon
        [A ] 21. c:\windows\system32\drivers\safemon.sys
          System Safety Limited
          System Safety Monitor 2.0 extension for Windows security layer
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      Secdrv
        [A ] 22. c:\windows\system32\drivers\secdrv.sys
          .text,.data,INIT,.reloc,


      Skkbdf
        [A ] 23. c:\windows\system32\drivers\skkbdf.sys
          Silitek Corp.
          PS/2 Keyboard Filter Driver for Win2000
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      SkyProcs
        [A ] 24. d:\program files\skynet\firewall\skyprocs.sys
          .text,.rdata,.data,INIT,.reloc,


      snpshot
        [A ] 25. c:\windows\system32\drivers\snpshot.sys
          PowerShadow
          Shadow System
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      UIUSys
        [A ] 26. c:\windows\system32\drivers\uiusys.sys
          Conexant
          Diagnostic Interface DRIVER
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      usbehci
        [A ] 27. c:\windows\system32\drivers\usbehci.sys
          Microsoft Corporation
          EHCI eUSB Miniport Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      winachsf
        [A ] 28. c:\windows\system32\drivers\hsf_cnxt.sys
          Conexant Systems
          WinACHSF driver
          .text,_LTEXT,.rdata,.data,_LDATA,PAGESER,INIT,.rsrc,.reloc,




  + 系统登陆自运行
    + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
      System Safety Monitor
        [AM] 29. c:\windows\system32\ssmwinlogonex.dll
          System Safety Limited
          System Safety Manager
          .text,.rdata,.data,.rsrc,.reloc,




  + IE浏览器加载模块
    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
      {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
        [A ] 30. d:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
          Adobe Systems Incorporated
          Adobe Acrobat IE Helper Version 7.0 for ActiveX
          .text,.rdata,.data,.rsrc,.reloc,


      {2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
        [A ] 31. d:\program files\flashget\jccatch.dll
          www.flashget.com
          Flashget CatchUrl Module
          .text,.rdata,.data,.rsrc,.reloc,


      {9030D464-4C02-4ABF-8ECC-5164760863C6}
        [A ] 32. c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
          Microsoft Corporation
          WindowsLiveLogin.dll
          .text,.data,.rsrc,.reloc,


      {B69F34DD-F0F9-42DC-9EDD-957187DA688D}
        [AM] 33. d:\program files\360safe\safemon\safemon.dll
          360安全卫士实时保护模块
          .text,.rdata,.data,.share,.rsrc,.reloc,


      {F156768E-81EF-470C-9057-481BA8380DBA}
        [A ] 34. d:\program files\flashget\getflash.dll
          www.flashget.com
          Flashget GetFlash Module
          .text,.rdata,.data,.rsrc,.reloc,



    + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
      Script
        [A ] 35. c:\windows\web\related.htm


      Exec
        [A ] 36. d:\program files\flashget\flashget.exe
          FlashGet.com
          FlashGet
          .text,.rdata,.data,.rsrc,




  + 资源管理器加载模块
    + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
      livecall
        [A ] 37. c:\program files\msn messenger\msgrapp.8.1.0178.00.dll
          Microsoft Corporation
          MSN Messenger Protocol Handler
          .text,.data,.rsrc,.reloc,


      msnim
        [A ] 37. c:\program files\msn messenger\msgrapp.8.1.0178.00.dll
          Microsoft Corporation
          MSN Messenger Protocol Handler
          .text,.data,.rsrc,.reloc,



    + HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers
      {F9DB5320-233E-11D1-9F84-707F02C10627}
        [A ] 38. d:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
          Adobe Systems, Inc.
          PDF Shell Extension
          .text,.rdata,.data,.rsrc,.reloc,



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
      HyperTerminal Icon Ext
        [A ] 39. c:\windows\system32\hticons.dll
          Hilgraeve, Inc.
          HyperTerminal Applet Library
          .text,.data,.rsrc,.reloc,


      Auto Update Property Sheet Extension
        [A ] 40. c:\windows\system32\wuaucpl.cpl
          Microsoft Corporation
          Automatic Updates Control Panel
          .text,.data,.rsrc,.reloc,


      Desktop Explorer
        [A ] 41. c:\windows\system32\nvshell.dll
          NVIDIA Corporation
          NVIDIA Desktop Explorer, Version 43.51
          .text,.rdata,.data,.idata,.shared,.rsrc,.reloc,


      Desktop Explorer Menu
        [A ] 41. c:\windows\system32\nvshell.dll
          NVIDIA Corporation
          NVIDIA Desktop Explorer, Version 43.51
          .text,.rdata,.data,.idata,.shared,.rsrc,.reloc,


      Messenger Sharing Folders
        [A ] 42. c:\program files\msn messenger\fsshext.8.1.0178.00.dll
          Microsoft Corporation
          Messenger File Sharing Shell Extensions
          .text,.data,.rsrc,.reloc,


      Portable Media Devices
        [A ] 43. c:\windows\system32\audiodev.dll
          Microsoft Corporation
          便携媒体设备命令行解释器扩展
          .text,.data,.rsrc,.reloc,


      Portable Media Devices Menu
        [A ] 43. c:\windows\system32\audiodev.dll
          Microsoft Corporation
          便携媒体设备命令行解释器扩展
          .text,.data,.rsrc,.reloc,


      WinRAR shell extension
        [AM] 44. d:\program files\winrar\rarext.dll
          .text,.data,.tls,.idata,.edata,.rsrc,.reloc,


      Shell Extensions for RealOne Player
        [A ] 45. d:\program files\real\realplayer\rpshell.dll
          RealNetworks, Inc.
          RealPlayer Shell Extensions
          .text,.rdata,.data,.rsrc,.reloc,



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
      {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
        [A ] 46. c:\windows\system32\shlhook.dll
          Beijing Rising Technology Co., Ltd.
          shlhook Module
          .text,.rdata,.data,.rsrc,.reloc,
最后编辑2007-07-16 17:11:31
分享到:
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:01 | 显示全部 短消息 资料
字号: 2楼

+ 用户登陆自运行项目
    + HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      nwiz
        [A ] 47. c:\windows\system32\nwiz.exe
          NVIDIA Corporation
          NVIDIA nView Wizard, Version 43.51
          .text,.rdata,.data,.rsrc,


      SoundMan
        [A ] 48. c:\windows\soundman.exe
          Realtek Semiconductor Corp.
          Realtek Sound Manager
          .text,.rdata,.data,.rsrc,


      runeip
        [AM] 49. d:\program files\rising\antispyware\runiep.exe
          Beijing Rising Technology Co., Ltd.
          Rising AntiSpyware Monitor
          .text,.rdata,.data,.rsrc,



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
      KKDelay
        [A ] 50. d:\program files\rising\antispyware\runonce.exe
          Beijing Rising Technology Co., Ltd.
          RunOnce Application
          .text,.rdata,.data,.rsrc,




  + 开机执行
    + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
      BootExecute
        [A ] 51. c:\windows\system32\kknative.exe
          Beijing Rising Technology Co., Ltd.
          NativeAp
          .text,.data,.rsrc,.reloc,




  + 映像劫持
    + HKCR\.bat
      batfile\edit\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      batfile\print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,



    + HKCR\.log
      txtfile\open\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      txtfile\print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      txtfile\printto\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,



    + HKCR\.txt
      txtfile\open\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      txtfile\print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      txtfile\printto\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,



    + HKCR\.cmd
      cmdfile\edit\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      cmdfile\print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,



    + HKCR\.reg
      regfile\edit\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      regfile\print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,



    + HKCR\.vbs
      vbsfile\Edit\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      vbsfile\Print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,



    + HKCR\.js
      jsfile\Edit\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      jsfile\Print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,



    + HKCR\.ini
      inifile\open\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      inifile\print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,



    + HKCR\.inf
      inffile\open\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,


      inffile\print\Command
        [A ] 52. c:\windows\system32\notepad.exe
          Microsoft Corporation
          记事本
          .text,.data,.rsrc,
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:01 | 显示全部 短消息 资料
字号: 3楼

+ 其他自启动项目
  +
    Ice.exe
      [A ] 53. d:\ice.exe
        IceSword
        .text,.rdata,.data,.rsrc,.aspack,.adata,


    SREng.EXE
      [A ] 54. d:\sreng.exe
        Smallfrogs Studio
        System Repair Engineer
        .text,.rsrc,



  +
    Ice.exe
      [A ] 53. d:\ice.exe
        IceSword
        .text,.rdata,.data,.rsrc,.aspack,.adata,


    SREng.EXE
      [A ] 54. d:\sreng.exe
        Smallfrogs Studio
        System Repair Engineer
        .text,.rsrc,



  + C:\Documents and Settings\All Users\「开始」菜单\程序\启动
    联想键盘驱动程序.lnk
      [AM] 55. c:\program files\legend\联想标准功能键盘驱动程序安装\skdaemon.exe
        Skdaemon Microsoft 基础类应用程序
        .text,.rdata,.data,.rsrc,


    Adobe Gamma Loader.lnk
      [A ] 56. c:\program files\common files\adobe\calibration\adobe gamma loader.exe
        Adobe Systems, Inc.
        Adobe Gamma Loader
        .text,.rdata,.data,.rsrc,



  + C:\windows\Tasks
    AppleSoftwareUpdate.job
      [A ] 57. c:\program files\apple software update\softwareupdate.exe
        Apple Computer, Inc.
        Software Application
        .text,.rdata,.data,.rsrc,




+ 正在运行的进程
  + 000000c0(192) Explorer.EXE
    72C90000[00009000]
      [ M] 58. c:\windows\system32\wdmaud.drv
        Microsoft Corporation
        WDM Audio driver mapper
        .text,.data,.rsrc,.reloc,


    72C80000[00008000]
      [ M] 59. c:\windows\system32\msacm32.drv
        Microsoft Corporation
        Microsoft Sound Mapper
        .text,.data,.rsrc,.reloc,


    013B0000[0001C000]
      [AM] 33. d:\program files\360safe\safemon\safemon.dll
        360安全卫士实时保护模块
        .text,.rdata,.data,.share,.rsrc,.reloc,


    00FA0000[0001B000]
      [ M] 60. d:\program files\rising\antispyware\ieprot.dll
        Beijing Rising Technology Co., Ltd.
        IE Protector
        .text,.rdata,.data,.rsrc,.reloc,


    03720000[0000E000]
      [ M] 61. d:\program files\arcsoft\software suite\photoimpression\share\pihook.dll
        .text,.rdata,.data,Shared,.reloc,


    019D0000[0002B000]
      [AM] 44. d:\program files\winrar\rarext.dll
        .text,.data,.tls,.idata,.edata,.rsrc,.reloc,



  + 000000d0(208) runiep.exe
    00400000[00012000]
      [AM] 49. d:\program files\rising\antispyware\runiep.exe
        Beijing Rising Technology Co., Ltd.
        Rising AntiSpyware Monitor
        .text,.rdata,.data,.rsrc,


    00CF0000[0001B000]
      [ M] 60. d:\program files\rising\antispyware\ieprot.dll
        Beijing Rising Technology Co., Ltd.
        IE Protector
        .text,.rdata,.data,.rsrc,.reloc,



  + 00000170(368) ctfmon.exe
    10000000[0001B000]
      [ M] 60. d:\program files\rising\antispyware\ieprot.dll
        Beijing Rising Technology Co., Ltd.
        IE Protector
        .text,.rdata,.data,.rsrc,.reloc,



  + 00000184(388) skdaemon.exe
    00400000[0000A000]
      [AM] 55. c:\program files\legend\联想标准功能键盘驱动程序安装\skdaemon.exe
        Skdaemon Microsoft 基础类应用程序
        .text,.rdata,.data,.rsrc,


    10000000[0003B000]
      [ M] 62. c:\program files\legend\联想标准功能键盘驱动程序安装\macfun.dll
        Silitek
        MacFun
        .text,.rdata,.data,.idata,.rsrc,.reloc,


    00410000[00036000]
      [ M] 63. c:\program files\legend\联想标准功能键盘驱动程序安装\opendriver.dll
        Silitek
        OpenDrive
        .text,.rdata,.data,.idata,.rsrc,.reloc,


    003E0000[00011000]
      [ M] 64. c:\program files\legend\联想标准功能键盘驱动程序安装\osd.dll
        silitek
        OSD
        .text,.rdata,.data,.rsrc,.reloc,


    00450000[00008000]
      [ M] 65. c:\windows\system32\lxkeyled.dll
        Silitek
        SetLight(int nLight)
        .text,.rdata,.data,myshared,.rsrc,.reloc,


    72C90000[00009000]
      [ M] 58. c:\windows\system32\wdmaud.drv
        Microsoft Corporation
        WDM Audio driver mapper
        .text,.data,.rsrc,.reloc,


    72C80000[00008000]
      [ M] 59. c:\windows\system32\msacm32.drv
        Microsoft Corporation
        Microsoft Sound Mapper
        .text,.data,.rsrc,.reloc,


    01040000[0001B000]
      [ M] 60. d:\program files\rising\antispyware\ieprot.dll
        Beijing Rising Technology Co., Ltd.
        IE Protector
        .text,.rdata,.data,.rsrc,.reloc,



  + 000001b8(440) smss.exe

  + 000001f8(504) csrss.exe

  + 00000218(536) winlogon.exe
    03100000[00011000]
      [AM] 29. c:\windows\system32\ssmwinlogonex.dll
        System Safety Limited
        System Safety Manager
        .text,.rdata,.data,.rsrc,.reloc,


    72C90000[00009000]
      [ M] 58. c:\windows\system32\wdmaud.drv
        Microsoft Corporation
        WDM Audio driver mapper
        .text,.data,.rsrc,.reloc,


    72C80000[00008000]
      [ M] 59. c:\windows\system32\msacm32.drv
        Microsoft Corporation
        Microsoft Sound Mapper
        .text,.data,.rsrc,.reloc,



  + 0000024c(588) services.exe

  + 00000258(600) lsass.exe

  + 00000310(784) svchost.exe

  + 00000330(816) svchost.exe

  + 000003e8(1000) svchost.exe

  + 00000408(1032) spoolsv.exe
    00930000[00005000]
      [ M] 66. c:\windows\system32\spool\prtprocs\w32x86\vprproc.dll
        Windows (R) 2000 DDK provider
        Windows DDK Print DLL
        .text,.data,.rsrc,.reloc,



  + 00000468(1128) alg.exe

  + 0000048c(1164) lxswitch.exe
    00400000[00006000]
      [AM] 2. c:\happyhome\幸福飞梭\lxswitch.exe
        TGELogonSrv Microsoft 基础类应用程序
        .text,.rdata,.data,.rsrc,



  + 000004a8(1192) nvsvc32.exe
    00400000[00013000]
      [AM] 3. c:\windows\system32\nvsvc32.exe
        NVIDIA Corporation
        NVIDIA Driver Helper Service, Version 43.51
        .text,.rdata,.data,.rsrc,



  + 00000510(1296) svchost.exe

  + 0000056c(1388) uphclean.exe
    00400000[00030000]
      [AM] 5. d:\program files\uphclean\uphclean.exe
        Microsoft Corporation
        User Profile Hive Cleanup Service
        .text,.rdata,.data,.rsrc,



  + 000005a0(1440) DeviceManager.exe
    00400000[00008000]
      [AM] 1. c:\program files\common files\devicemanager\devicemanager.exe
        DeviceManager Microsoft 基础类应用程序
        .text,.rdata,.data,.rsrc,


    00EF0000[00022000]
      [ M] 67. c:\program files\ahead\nero\wnaspi32.dll
        Ahead Software AG

im Stoeckmaedle 18

76307 Karlsbad, Germany

Fax: ++49-7248-911-888

e-mail: info@nero.com
        Nero Aspi Library
        .text,_LTEXT,.rdata,.data,.rsrc,.reloc,



  + 000007b4(1972) taskmgr.exe
    00B50000[0001B000]
      [ M] 60. d:\program files\rising\antispyware\ieprot.dll
        Beijing Rising Technology Co., Ltd.
        IE Protector
        .text,.rdata,.data,.rsrc,.reloc,


    10000000[0001C000]
      [AM] 33. d:\program files\360safe\safemon\safemon.dll
        360安全卫士实时保护模块
        .text,.rdata,.data,.share,.rsrc,.reloc,



  + 00000940(2368) Ras.exe
    00400000[0013F000]
      [ M] 68. d:\program files\rising\antispyware\ras.exe
        Beijing Rising Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,


    10000000[0001C000]
      [AM] 33. d:\program files\360safe\safemon\safemon.dll
        360安全卫士实时保护模块
        .text,.rdata,.data,.share,.rsrc,.reloc,


    00E20000[000A3000]
      [ M] 69. d:\program files\rising\antispyware\rasgui.dll
        Beijing Rising Technology Co., Ltd.
        RasGUI
        .text,.rdata,.data,.rsrc,.reloc,


    018A0000[0001B000]
      [ M] 60. d:\program files\rising\antispyware\ieprot.dll
        Beijing Rising Technology Co., Ltd.
        IE Protector
        .text,.rdata,.data,.rsrc,.reloc,


    02810000[0002F000]
      [ M] 70. d:\program files\rising\antispyware\engine.dll
        Beijing Rising Technology Co., Ltd.
        kaka engine
        .text,.rdata,.data,.rsrc,.reloc,


    02940000[00012000]
      [ M] 71. d:\program files\rising\antispyware\zip.dll
        rising
        zip
        UPX0,UPX1,.rsrc,



  + 00000a78(2680) 360tray.exe
    00400000[00029000]
      [ M] 72. d:\program files\360safe\safemon\360tray.exe
        奇虎网
        360安全卫士实时保护模块
        .text,.rdata,.data,.rsrc,


    10000000[0001C000]
      [AM] 33. d:\program files\360safe\safemon\safemon.dll
        360安全卫士实时保护模块
        .text,.rdata,.data,.share,.rsrc,.reloc,


    00BD0000[0000C000]
      [ M] 73. d:\program files\360safe\safemon\safekrnl.dll
        奇虎网
        360安全卫士实时保护模块
        .text,.rdata,.data,.rsrc,.reloc,


    00BE0000[00022000]
      [ M] 74. d:\program files\360safe\antiadwa.dll
        360Safe.com
        360安全卫士检测模块
        .text,.rdata,.data,.rsrc,.reloc,


    00C10000[0001B000]
      [ M] 60. d:\program files\rising\antispyware\ieprot.dll
        Beijing Rising Technology Co., Ltd.
        IE Protector
        .text,.rdata,.data,.rsrc,.reloc,
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:04 | 显示全部 短消息 资料
字号: 4楼

[CODE]

2007-07-15,23:42:50

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 1 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\windows\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows XP Publisher]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows XP Publisher]
    <nwiz><nwiz.exe /install>  [(Verified)Microsoft Windows XP Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows XP Publisher]
    <NewRmtService ><C:\Program Files\NewRemoteControl\NewRmtService.exe>  [Bitland Information Technology Co.,Ltd]
    <lxdevclient><C:\Program Files\Common Files\DeviceManager\lxdevclient.exe>  []
    <runeip><"D:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <360Safetray><D:\Program Files\360safe\safemon\360tray.exe>  [奇虎网]
    <mppds><C:\windows\mppds.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows XP Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\System32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows XP Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows XP Publisher]
    <WebCheck><%SystemRoot%\System32\webcheck.dll>  [(Verified)Microsoft Windows XP Publisher]
    <SysTray><C:\WINDOWS\System32\stobject.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\System Safety Monitor]
    <WinlogonNotify: System Safety Monitor><SSMWinlogonEx.dll>  [(Verified)System Safety Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows XP Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\windows\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\logon.scr>  [(Verified)Microsoft Windows XP Publisher]

==================================
启动文件夹
[联想键盘驱动程序]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\联想键盘驱动程序.lnk --> C:\PROGRA~1\LEGEND\联想标~1\Skdaemon.exe []><N>
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
服务
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\windows\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[DE7C283C / DE7C283C][Stopped/Auto Start]
  <C:\windows\System32\D95111CE.EXE -k><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\windows\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[LEGEND DeviceManager Service / lxdmg][Stopped/Auto Start]
  <C:\Program Files\Common Files\DeviceManager\DeviceManager.exe><>
[lxswitch / lxswitch][Stopped/Auto Start]
  <C:\happyhome\幸福飞梭\lxswitch.exe><>
[NVIDIA Driver Helper Service / NVSvc][Stopped/Auto Start]
  <C:\windows\System32\nvsvc32.exe><NVIDIA Corporation>
[User Profile Hive Cleanup / UPHClean][Stopped/Auto Start]
  <D:\Program Files\UPHClean\uphclean.exe><Microsoft Corporation>

==================================
驱动程序
[PPdus ASPI Shell / Afc][Running/Manual Start]
  <system32\drivers\Afc.sys><Arcsoft, Inc.>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[basic2 / basic2][Stopped/Manual Start]
  <System32\DRIVERS\HSF_BSC2.sys><Conexant>
[Legend Capture Card - Video / BT848][Stopped/Auto Start]
  <system32\drivers\cxvcap.sys><Windows (R) 2000 DDK provider>
[BITC CxTuner, WDM TvTuner / CXTUNER][Stopped/Auto Start]
  <system32\drivers\CXTUNER.sys><Conexant Systems, Inc.>
[Legend Capture Card - Crossbar / CXXBAR][Stopped/Auto Start]
  <system32\drivers\CXXBAR.sys><Conexant Systems, Inc.>
[GrandTechICNameNT / GT680x][Stopped/Manual Start]
  <System32\Drivers\gt680x.sys><>
[HSFHWBS2 / HSFHWBS2][Stopped/Manual Start]
  <System32\DRIVERS\HSFHWBS2.sys><Conexant Systems>
[HSF_DP / HSF_DP][Stopped/Manual Start]
  <System32\DRIVERS\HSF_DP.sys><Conexant Systems>
[hsf_msft / hsf_msft][Stopped/Manual Start]
  <System32\DRIVERS\HSF_MSFT.sys><Conexant>
[mdmxsdk / mdmxsdk][Stopped/Auto Start]
  <System32\DRIVERS\mdmxsdk.sys><Conexant>
[Netgroup Packet Filter / NPF][Stopped/Disabled]
  <System32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\D:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Stopped/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rksample / Rksample][Stopped/Manual Start]
  <System32\DRIVERS\HSF_SAMP.sys><Conexant>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\System32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139/810X Family PCI Fast Ethernet NIC NT Driver / rtl8139][Stopped/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[System Safety Monitor 2.0 Core Engine / safemon][Running/Boot Start]
  <\SystemRoot\system32\drivers\safemon.sys><System Safety Limited>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[PS/2 Keyboard Filter Driver for WinXp / Skkbdf][Running/Manual Start]
  <System32\DRIVERS\Skkbdf.sys><Silitek Corp.>
[SkyProcs / SkyProcs][Stopped/Manual Start]
  <\??\D:\Program Files\SkyNet\Firewall\SkyProcs.sys><N/A>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
  <system32\drivers\UIUSys.sys><Conexant>
[winachsf / winachsf][Stopped/Manual Start]
  <System32\DRIVERS\HSF_CNXT.sys><Conexant Systems>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:04 | 显示全部 短消息 资料
字号: 5楼

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[FGCatchUrl]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360safe\safemon\safemon.dll, >
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <D:\PROGRA~1\FLASHGET\getflash.dll, www.flashget.com>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\PROGRA~1\FLASHGET\FlashGet.exe, FlashGet.com>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\windows\System32\msdxm.ocx, Microsoft Corporation>
[FavImport Class]
  {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} <C:\WINDOWS\Downloaded Program Files\ImportAx.dll, Microsoft Corp.>
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\System32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\System32\LegitCheckControl.DLL, Microsoft Corporation>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[163Uploader Control]
  {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\WINDOWS\System32\163UPL~1.OCX, 广州网易互动娱乐有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:06 | 显示全部 短消息 资料
字号: 6楼

==================================
正在运行的进程
[PID: 128][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 180][\??\C:\windows\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\CSRSRV.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\basesrv.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\winsrv.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\KERNEL32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.1230 (xpsp2.030527-2026)]
    [C:\windows\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\USP10.dll]  [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\sxs.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 204][\??\C:\windows\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.1230 (xpsp2.030527-2026)]
    [C:\windows\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\NDdeApi.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\windows\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\PROFMAP.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\REGAPI.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\USP10.dll]  [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\MSGINA.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\COMCTL32.dll]  [Microsoft Corporation, 5.82 (xpsp1.020828-1920)]
    [C:\windows\System32\ODBC32.dll]  [Microsoft Corporation, 3.520.9030.0]
    [C:\windows\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\odbcint.dll]  [Microsoft Corporation, 3.520.7713.0]
    [C:\windows\System32\SHSVCS.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.1243 (xpsp2.030702-2125)]
    [C:\windows\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\cscdll.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\WlNotify.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WinSCard.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.1029 (xpsp1.020426-1800)]
    [C:\windows\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SSMWinlogonEx.dll]  [System Safety Limited, 2.2.0.602]
    [C:\windows\System32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.42]
    [C:\windows\system32\OLEAUT32.dll]  [Microsoft Corporation, 3.50.5016.0]
    [C:\windows\System32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.42]
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:06 | 显示全部 短消息 资料
字号: 7楼

[PID: 672][C:\windows\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.1230 (xpsp2.030527-2026)]
    [C:\windows\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.1243 (xpsp2.030702-2125)]
    [C:\windows\system32\OLEAUT32.dll]  [Microsoft Corporation, 3.50.5016.0]
    [C:\windows\System32\BROWSEUI.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\SHDOCVW.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\USP10.dll]  [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp1.020828-1920)]
    [C:\windows\System32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.42]
    [C:\windows\System32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.42]
    [C:\windows\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\themeui.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Msimtf.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\msutb.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\LINKINFO.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\ntshrui.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\ATL.DLL]  [Microsoft Corporation, 3.00.9435]
    [C:\windows\System32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\shimgvw.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\system32\NETSHELL.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\system32\credui.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2 (xpsp1.020828-1920)]
    [C:\windows\System32\msi.dll]  [Microsoft Corporation, 3.1.4000.2435]
    [C:\windows\System32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\WININET.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.7]
    [C:\windows\System32\browselc.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\drprov.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\ntlanman.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\NETUI0.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\NETUI1.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\NETRAP.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\davclnt.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\MSGINA.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\ODBC32.dll]  [Microsoft Corporation, 3.520.9030.0]
    [C:\windows\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\odbcint.dll]  [Microsoft Corporation, 3.520.7713.0]
    [C:\windows\System32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 764][C:\windows\System32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.1230 (xpsp2.030527-2026)]
    [C:\windows\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2 (xpsp1.020828-1920)]
    [C:\windows\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\VDMDBG.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\USP10.dll]  [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\ole32.dll]  [Microsoft Corporation, 5.1.2600.1243 (xpsp2.030702-2125)]
    [C:\windows\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Msimtf.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\netapi32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:06 | 显示全部 短消息 资料
字号: 8楼

[PID: 928][D:\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\windows\System32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.1230 (xpsp2.030527-2026)]
    [C:\windows\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\oledlg.dll]  [Microsoft Corporation, 1.0 (XPClient.010817-1148)]
    [C:\windows\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.1243 (xpsp2.030702-2125)]
    [C:\windows\system32\OLEAUT32.dll]  [Microsoft Corporation, 3.50.5016.0]
    [C:\windows\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\windows\System32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\WININET.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\USP10.dll]  [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1211]
    [C:\windows\System32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Msimtf.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\sfc.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Sensapi.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.1029 (xpsp1.020426-1800)]
    [C:\windows\system32\userenv.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\netapi32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.42]
    [C:\windows\System32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.42]
    [C:\windows\System32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\windows\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:07 | 显示全部 短消息 资料
字号: 9楼

========Content========
[PID: 928][D:\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\windows\System32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.1230 (xpsp2.030527-2026)]
    [C:\windows\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\oledlg.dll]  [Microsoft Corporation, 1.0 (XPClient.010817-1148)]
    [C:\windows\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.1243 (xpsp2.030702-2125)]
    [C:\windows\system32\OLEAUT32.dll]  [Microsoft Corporation, 3.50.5016.0]
    [C:\windows\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\windows\System32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\WININET.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\USP10.dll]  [Microsoft Corporation, 1.0409.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1211]
    [C:\windows\System32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Msimtf.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\sfc.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\windows\System32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.0 (xpclient.010817-1148)]
    [C:\windows\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Sensapi.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.1029 (xpsp1.020426-1800)]
    [C:\windows\system32\userenv.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\netapi32.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\windows\System32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.42]
    [C:\windows\System32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.42]
    [C:\windows\System32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\windows\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
limilaw
头像
初生襁褓狮
  • 帖子:28
  • 注册: 2006-09-24
  • 来自:
发表于: 2007-07-16 16:59 | 显示全部 短消息 资料
字号: 10楼

找到问题症结了,原来是启动项的值前面多了个分号……
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT