【求助】电脑中了病毒，安全模式无法进入 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】电脑中了病毒，安全模式无法进入

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

【求助】电脑中了病毒，安全模式无法进入

年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	发表于： 2007-07-25 10:54 \| 显示全部短消息资料字号：小中大 1楼【求助】电脑中了病毒，安全模式无法进入 Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <msnmsgr><"C:\Program Files\MSN Messenger\msnmsgr.exe" /background> [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher] <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher] <SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe> [Analog Devices, Inc.] <SoundMAX><C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.] <EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe> [IBM Corp.] <TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe> [] <TpShocks><TpShocks.exe> [IBM Corp.] <TPKMAPHELPER><C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper> [IBM Corp.] <PWRMGRTR><rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor> [IBM Corp.] <BLOG><rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog> [] <TP4EX><tp4ex.exe> [IBM Corporation] <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <QCTray><C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE> [IBM Corp.] <QCWLIcon><C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE> [IBM Corp.] <IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation] <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe> [(Verified)Symantec Corporation] <AccChecker><"C:\AccChecker\AccChecker.EXE" -s> [] <IrmTool><"C:\IrmTool\IrmTool.EXE" -s> [Huawei Technologies Co., Ltd.] <StatusClient><C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto> [Hewlett-Packard] <TomcatStartup><C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe> [] <HPLJ Config><C:\Program Files\Hewlett-Packard\hp LaserJet 1150_1300\SetConfig.exe -c Network -p hpLaserJet1300n -pn "hp LaserJet 1300n PCL 6" -n 0 -l 1033 -sl 120000> [Hewlett-Packard Inc.] <LmtSysMonitor><"D:\HW LMT\tray\bin\ilmt_tray.exe"> [] <BigDogPath><C:\WINDOWS\VM_STI.EXE USB PC Camera 301P> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] <WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll> [(Verified)Symantec Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina] <WinlogonNotify: QConGina><QConGina.dll> [IBM Corp.] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey] <WinlogonNotify: tphotkey><tphklock.dll> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation] 2007-07-25 14:00:40
年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	分享到：

年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	发表于： 2007-07-25 10:59 \| 显示全部短消息资料字号：小中大 2楼 ================================== Startup Folders [SPES Agent] <C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SPES Agent.lnk --> C:\PROGRA~1\SPES\SPES.exe [Huawei Technologies Co., Ltd. ]><N> [金山词霸 2003] <C:\Documents and Settings\All Users\Start Menu\Programs\Startup\金山词霸 2003.lnk --> C:\PROGRA~1\Kingsoft\POWERW~1\Xdict.exe [Kingsoft Co, Ltd.]><N> ================================== Services [5537E986 / 5537E986][Stopped/Auto Start] <C:\WINDOWS\system32\C689ECE9.EXE -k><N/A> [ACU Configuration Service / ACS][Stopped/Manual Start] <C:\WINDOWS\system32\acs.exe><N/A> [Symantec Event Manager / ccEvtMgr][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation> [Symantec Settings Manager / ccSetMgr][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation> [Symantec AntiVirus Definition Watcher / DefWatch][Running/Auto Start] <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation> [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [IBM PM Service / IBMPMSVC][Running/Auto Start] <C:\WINDOWS\system32\ibmpmsvc.exe><N/A> [LiveUpdate / LiveUpdate][Stopped/Manual Start] <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation> [Multi-user Cleanup Service / Multi-user Cleanup Service][Running/Auto Start] <D:\NOTES\ntmulti.exe><IBM Corp> [Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Manual Start] <C:\WINDOWS\system32\HPZipm12.exe><HP> [QCONSVC / QCONSVC][Running/Auto Start] <System32\QCONSVC.EXE><N/A> [SavRoam / SavRoam][Running/Auto Start] <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec> [Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation> [SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start] <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.> [Symantec SPBBCSvc / SPBBCSvc][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation> [Symantec AntiVirus / Symantec AntiVirus][Running/Auto Start] <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation> [IBM HDD APS Logging Service / TPHDEXLGSVC][Running/Auto Start] <System32\TPHDEXLG.EXE><N/A> [IBM KCU Service / TpKmpSVC][Running/Auto Start] <C:\WINDOWS\system32\TpKmpSVC.exe><N/A>
年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:

年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	发表于： 2007-07-25 11:00 \| 显示全部短消息资料字号：小中大 3楼 ================================== Drivers [aeaudio / aeaudio][Running/Manual Start] <system32\drivers\aeaudio.sys><Andrea Electronics Corporation> [AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP][Running/Auto Start] <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications> [ANC / ANC][Running/System Start] <System32\drivers\ANC.SYS><IBM Corp.> [Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start] <system32\DRIVERS\b57xp32.sys><Broadcom Corporation> [bootdrv / bootdrv][Stopped/Boot Start] <\SystemRoot\System32\Drivers\bootdrv.sys><N/A> [Symantec Eraser Control driver / eeCtrl][Running/System Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation> [EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys><Symantec Corporation> [HSFHWICH / HSFHWICH][Running/Manual Start] <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.> [HSF_DP / HSF_DP][Running/Manual Start] <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.> [ialm / ialm][Running/Manual Start] <system32\DRIVERS\ialmnt5.sys><Intel Corporation> [IBMPMDRV / IBMPMDRV][Running/Manual Start] <system32\DRIVERS\ibmpmdrv.sys><IBM Corp.> [IBMTPCHK / IBMTPCHK][Running/System Start] <System32\drivers\IBMBLDID.SYS><N/A> [mdmxsdk / mdmxsdk][Running/Auto Start] <system32\DRIVERS\mdmxsdk.sys><Conexant> [NAVENG / NAVENG][Running/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070723.018\naveng.sys><Symantec Corporation> [NAVEX15 / NAVEX15][Running/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070723.018\navex15.sys><Symantec Corporation> [NSC Infrared Device Driver / NSCIRDA][Running/Manual Start] <system32\DRIVERS\nscirda.sys><National Semiconductor Corporation> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [QCNDISIF / QCNDISIF][Stopped/Manual Start] <System32\drivers\qcndisif.SYS><IBM Corporation.> [SAVRT / SAVRT][Running/System Start] <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation> [SAVRTPEL / SAVRTPEL][Running/System Start] <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><N/A> [Smapint / Smapint][Running/System Start] <System32\drivers\Smapint.sys><Microsoft Corporation> [smwdm / smwdm][Running/Manual Start] <system32\drivers\smwdm.sys><Analog Devices, Inc.> [SPBBCDrv / SPBBCDrv][Running/System Start] <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation> [SymEvent / SymEvent][Running/Manual Start] <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation> [SYMREDRV / SYMREDRV][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation> [SYMTDI / SYMTDI][Running/System Start] <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation> [Synaptics TouchPad Driver / SynTP][Running/Manual Start] <system32\DRIVERS\SynTP.sys><Synaptics, Inc.> [TDSMAPI / TDSMAPI][Running/System Start] <System32\drivers\TDSMAPI.SYS><N/A> [TPInput / TPInput][Running/Manual Start] <System32\DRIVERS\TPInput.sys><IBM Corporation> [NSC Integrated Trusted Platform Module 1.1 / TPM11][Running/Manual Start] <system32\DRIVERS\nsctpm11.sys><National Semiconductor Corp.> [TPPWRIF / TPPWRIF][Running/System Start] <System32\drivers\Tppwrif.sys><N/A> [TSMAPIP / TSMAPIP][Running/System Start] <System32\drivers\TSMAPIP.SYS><N/A> [Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP / w29n51][Stopped/Manual Start] <system32\DRIVERS\w29n51.sys><Intel? Corporation> [winachsf / winachsf][Running/Manual Start] <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.> [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation> [USB PC Camera 301P / ZSMC301b][Running/Manual Start] <System32\Drivers\usbVM31b.sys><VM> ==================================
年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:

年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	发表于： 2007-07-25 11:01 \| 显示全部短消息资料字号：小中大 4楼 Browser Add-ons [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [Navcot Class] {116AE73A-7D10-4EC2-A46D-52CA50D5197F} <C:\WINDOWS\system32\navcoy.dll, > [Skype add-on (mastermind)] {22BF413B-C6D2-4d91-82A9-A0F997BA588C} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.> [Skype add-on (button)] {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.> [&Research] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation> [PowerWord] {9A687CA6-D585-4947-9ED9-BE96071F5CD9} <C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll, 金山软件股份有限公司> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation> [axOptixGroupAuth Control] {857C2FF7-FB9F-4A93-916C-9056FB75547E} <C:\WINDOWS\DOWNLO~1\PAXOPT~1.OCX, > [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [Navcot Class] {116AE73A-7D10-4EC2-A46D-52CA50D5197F} <C:\WINDOWS\system32\navcoy.dll, > [Skype add-on (mastermind)] {22BF413B-C6D2-4D91-82A9-A0F997BA588C} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.> [Skype add-on (button)] {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.> [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash.ocx, Macromedia, Inc.> [E&xport to Microsoft Excel] <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> ==================================
年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:

年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	发表于： 2007-07-25 11:03 \| 显示全部短消息资料字号：小中大 5楼 Running Processes [PID: 632][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 696][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 720][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\tphklock.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\NavLogon.dll] [Symantec Corporation, 10.1.4.4000] [PID: 764][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 776][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mscomm.dll] [N/A, ] [PID: 936][C:\WINDOWS\system32\ibmpmsvc.exe] [N/A, ] [PID: 960][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1028][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1060][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mscomm.dll] [N/A, ] [PID: 1916][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\shell16.dll] [, 1, 0, 2003, 616] [C:\WINDOWS\system32\svohost.dll] [, 2, 0, 2006, 125] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\mscomm.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL] [IBM Corp., 1, 0, 0, 0] [C:\PROGRA~1\ThinkPad\UTILIT~1\US\PWRMGRRT.DLL] [N/A, ] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL] [N/A, ] [C:\WINDOWS\system32\Sensor.dll] [IBM Corporation, 1.30.1.0] [C:\WINDOWS\system32\OEMDSPIF.DLL] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\IrmTool\IrmToolContextMenuApp.dll] [, 1, 0, 2006, 102] [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll] [Symantec Corporation, 10.1.4.4000] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200] [C:\WINDOWS\system32\navcoy.dll] [, 1, 0, 0, 1] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [PID: 1104][C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe] [Analog Devices, Inc., 5, 0, 2, 2] [C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll] [Analog Devices, Inc., 5, 0, 2, 008] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [PID: 1356][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe] [IBM Corp., 1, 0, 0, 0] [C:\PROGRA~1\ThinkPad\UTILIT~1\US\EzMApRes.dll] [N/A, ] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [PID: 2216][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe] [N/A, ] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\n2hwfu.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll] [N/A, ] [C:\WINDOWS\system32\Oemdspif.dll] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4317] [C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7.dll] [N/A, ] [PID: 2224][C:\WINDOWS\system32\TpShocks.exe] [IBM Corp., 1, 3, 2, 0] [C:\Program Files\ThinkPad\TpShocks\MUI\0409\TpShocks.dll] [IBM Corp., 1, 3, 2, 0] [C:\WINDOWS\system32\Sensor.dll] [IBM Corporation, 1.30.1.0] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [PID: 2244][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe] [N/A, ] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [PID: 2252][C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe] [IBM Corporation, 1.14] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\n2hwfu.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2280][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL] [IBM Corp., 1, 0, 0, 0] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\PROGRA~1\ThinkPad\UTILIT~1\US\PWRMGRRT.DLL] [N/A, ] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL] [N/A, ] [C:\WINDOWS\system32\Sensor.dll] [IBM Corporation, 1.30.1.0] [C:\WINDOWS\system32\OEMDSPIF.DLL] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4317] [PID: 2400][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [PID: 2472][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [PID: 2516][C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE] [IBM Corp., 3, 7, 1, 0] [C:\Program Files\ThinkPad\ConnectUtilities\QCON.dll] [IBM Corp., 3, 7, 1, 0] [C:\Program Files\ThinkPad\ConnectUtilities\MerlinC201.dll] [Novatel Wireless Inc., 1, 0, 0, 1] [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\TrayRes.dll] [N/A, ] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\Program Files\ThinkPad\ConnectUtilities\ANCA.dll] [IBM Corp., 8.3] [C:\Program Files\ThinkPad\ConnectUtilities\ANC.dll] [IBM Corp., 8.3] [PID: 2536][C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE] [IBM Corp., 3, 7, 1, 0] [C:\Program Files\ThinkPad\ConnectUtilities\QCON.dll] [IBM Corp., 3, 7, 1, 0] [C:\Program Files\ThinkPad\ConnectUtilities\MerlinC201.dll] [Novatel Wireless Inc., 1, 0, 0, 1] [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\IconRes.dll] [N/A, ] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [PID: 2556][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4317] [C:\WINDOWS\system32\igfxhk.dll] [Intel Corporation, 3.0.0.4317] [PID: 2632][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 104.0.8.3] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.8.3] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\n2hwfu.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.8.3] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 104.0.8.3] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 104.0.8.3] [C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll] [Symantec Corporation, 104.0.8.3] [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 104.0.8.3] [C:\WINDOWS\system32\SYMREDIR.DLL] [Symantec Corporation, 6.0.2.211] [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 104.0.8.3] [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 104.0.8.3] [C:\Program Files\Symantec AntiVirus\SavEmail.dll] [Symantec Corporation, 10.1.4.4000] [C:\WINDOWS\system32\mscomm.dll] [N/A, ]
年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:

年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	发表于： 2007-07-25 11:03 \| 显示全部短消息资料字号：小中大 6楼 [PID: 2672][C:\PROGRA~1\SYMANT~1\VPTray.exe] [Symantec Corporation, 10.1.4.4000] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL40.dll] [Symantec Corporation, 104.0.8.3] [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.7.1.4] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\n2hwfu.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 104.0.8.3] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 104.0.8.3] [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 104.0.8.3] [C:\Program Files\Common Files\Symantec Shared\ccAlert.dll] [Symantec Corporation, 104.0.8.3] [C:\Program Files\Symantec AntiVirus\Cliproxy.dll] [Symantec Corporation, 10.1.4.4000] [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] [Symantec Corporation, 10.1.4.4000] [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 104.0.8.3] [c:\program files\common files\symantec shared\ssc\ScsComms.dll] [Symantec Corporation, 10.1.4.4000] [C:\WINDOWS\system32\nts.dll] [LANDesk Software Ltd., 6.12.0.142 E] [C:\WINDOWS\system32\cba.dll] [LANDesk Software Ltd., 6.12.0.142 E] [C:\WINDOWS\system32\MsgSys.dll] [LANDesk Software Ltd., 6.12.0.142 E] [C:\WINDOWS\system32\PDS.DLL] [LANDesk Software Ltd., 6.12.0.142 E] [PID: 2856][C:\IrmTool\IrmTool.EXE] [Huawei Technologies Co., Ltd., 1, 5011, 2007, 112] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\n2hwfu.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mscomm.dll] [N/A, ] [PID: 2876][C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe] [Hewlett-Packard, 00.00.13] [C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\hpptui0.dll] [Hewlett-Packard, 01.00.35] [C:\WINDOWS\system32\mscomm.dll] [N/A, ] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [PID: 2948][D:\HW LMT\tray\bin\ilmt_tray.exe] [N/A, ] [D:\HW LMT\tray\bin\MFC70.DLL] [Microsoft Corporation, 7.00.9466.0] [D:\HW LMT\tray\bin\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [D:\HW LMT\tray\bin\ServiceManagerENG.dll] [, 1, 0, 0, 1] [D:\HW LMT\tray\bin\ServiceManagerCHN.dll] [, 1, 0, 0, 1] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\n2hwfu.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2964][C:\WINDOWS\VM_STI.EXE] [VM., 4.2.610.4] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\WINDOWS\system32\msdmo.dll] [, ] [C:\WINDOWS\system32\devenum.dll] [, ] [C:\WINDOWS\system32\VM31bPrp.Ax] [VM, 4.2.711.31] [PID: 2988][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [PID: 3128][C:\Program Files\MSN Messenger\msnmsgr.exe] [Microsoft Corporation, 8.1.0178.00] [C:\Program Files\MSN Messenger\MSNCore.dll] [Microsoft Corporation, 8.1.0178.00] [C:\Program Files\MSN Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1] [C:\Program Files\MSN Messenger\ContactsUX.dll] [Microsoft Corporation, 8.1.0178.00] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04] [C:\WINDOWS\system32\XWVUPO.dll] [N/A, ] [C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00] [C:\Program Files\MSN Messenger\msgsres.dll] [Microsoft Corporation, 8.1.0178.00] [C:\Program Files\MSN Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)] [C:\WINDOWS\system32\msdmo.dll] [, ] [C:\Program Files\MSN Messenger\lcres.dll] [Microsoft Corporation, 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)] [C:\Program Files\MSN Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\devenum.dll] [, ] [C:\WINDOWS\system32\quartz.dll] [, ] [C:\WINDOWS\system32\n2hwfu.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\mscomm.dll] [N/A, ] [C:\Program Files\MSN Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.1.0178.00] [C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corp., 8.1.0178.00] [C:\WINDOWS\system32\VM31bPrp.Ax] [VM, 4.2.711.31] [C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL] [Microsoft Corporation, 8.1.0178.00]
年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:

年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	发表于： 2007-07-25 11:05 \| 显示全部短消息资料字号：小中大 7楼 ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider MSAPI Tcpip [TCP/IP] C:\WINDOWS\system32\mscomm.dll(, N/A) MSAPI Tcpip [UDP/IP] C:\WINDOWS\system32\mscomm.dll(, N/A) ================================== Autorun.Inf N/A ================================== HOSTS File 125.91.1.20 www.37021.net 125.91.1.20 37021.net 125.91.1.20 5235.net 125.91.1.20 www.5235.net 10.193.5.30 rms.huawei.com # modified by IrmTool at 2007-07-23 23:09:45 ================================== API HOOK Entrypoint Error: RegEnumValueA (Dangerous Level: High, Hooked by Module: C:\WINDOWS\system32\XWVUPO.dll) Entrypoint Error: RegEnumValueW (Dangerous Level: High, Hooked by Module: C:\WINDOWS\system32\XWVUPO.dll) ================================== Hidden Process N/A ==================================
年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:

年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:	发表于： 2007-07-25 13:56 \| 显示全部短消息资料字号：小中大 8楼怎么没有人回复啊。。。郁闷
年糕317 初生襁褓狮帖子:9 注册: 2006-11-19 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT