1   1  /  1  页   跳转

跪求高人指点!!!!!!!!!!!!

收藏
chdzh2001
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2006-11-22
  • 来自:
发表于: 2006-11-24 12:33 | 只看楼主 短消息 资料
字号: 1楼

跪求高人指点!!!!!!!!!!!!

我的机子近来发现进程很多都变成大写的,开启了卡巴的实时监控,前俩天发现卡巴都启动不了了,就恢复了系统,发现进程名变小写了而且还有大写的进程,O是菜鸟,跪求高人指点!!!先谢了.
Logfile of HijackThis v1.99.1
Scan saved at 10:46:27, on 2006-11-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\taskmgr.exe
D:\系统工具\ha_hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Norton AntiVirus 自动防护服务 (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

---------------------------------------
下边那俩个文件是不是有问题呢?


C:\WINDOWS\Explorer.EXE  怎麽是大写呢?
C:\WINDOWS\SOUNDMAN.EXE  网上说是声卡驱动,它的位置对吗?不在system32下吗?
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe 是什么呢?
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
是不是有问题呀?
c:\ProgramFiles\WinPcap\下有三个文件daemon-mgm.exe ,npf-mgm.exe,rpcapd.exe

最后编辑2006-11-26 21:33:01
分享到:
gototop
 
chdzh2001
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2006-11-22
  • 来自:
发表于: 2006-11-24 12:37 | 只看楼主 短消息 资料
字号: 2楼

下面是System Repair Engineer 2.2.6.605扫的日志
Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <preload><C:\Windows\RUNXMLPL.exe>  [Wistron]
    <igfxtray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <igfxpers><C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Intel Corporation]
    <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe>  [(Verified)Synaptics, Inc.]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc.]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <SSC_UserPrompt><C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe>  [(Verified)Symantec Corporation]
    <NAV CfgWiz><"C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT">  [(Verified)Symantec Corporation]
    <RemoteControl><"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe">  [Cyberlink Corp.]
    <LaunchAp><"C:\Program Files\Launch Manager\LaunchAp.exe">  [N/A]
    <LManager><"C:\Program Files\Launch Manager\HotkeyApp.exe">  [Wistron]
    <CtrlVol><"C:\Program Files\Launch Manager\CtrlVol.exe">  [Wistron]
    <LMgrOSD><"C:\Program Files\Launch Manager\OSDCtrl.exe">  [N/A]
    <Wbutton><"C:\Program Files\Launch Manager\Wbutton.exe">  [N/A]
    <EPM-DM><c:\acer\Empowering Technology\ePower\epm-dm.exe>  [N/A]
    <Acer ePower Management><C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot>  [N/A]
    <eRecoveryService><C:\Acer\Empowering Technology\eRecovery\Monitor.exe>  [acer Inc.]
    <ADMTray.exe><"C:\Acer\Empowering Technology\admtray.exe">  [Avocent Inc.]
    <eDataSecurity Loader><C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe>  [HiTRUST]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\acer.SCR>  [N/A]

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>

==================================
gototop
 
chdzh2001
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2006-11-22
  • 来自:
发表于: 2006-11-24 12:38 | 只看楼主 短消息 资料
字号: 3楼

==================================
服务
[Application Management / AppMgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[AdminWorks Agent X6 / AWService]
  <"C:\Acer\Empowering Technology\admServ.exe"><Avocent Inc.>
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Intel(R) PROSet/Wireless Event Log / EvtEng]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Norton AntiVirus 自动防护服务 / navapsvc]
  <"C:\Program Files\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[Norton AntiVirus Firewall Monitor Service / NPFMntor]
  <"C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"><Symantec Corporation>
[Norton Protection Center Service / NSCService]
  <"C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"><Symantec Corporation>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Intel(R) PROSet/Wireless Service / S24EventMonitor]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Symantec AVScan / SAVScan]
  <"C:\Program Files\Norton AntiVirus\SAVScan.exe"><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[SPBBCSvc / SPBBCSvc]
  <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[Symantec Core LC / Symantec Core LC]
  <"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation>

==================================
驱动程序
[abp480n5 / abp480n5]
  <\SystemRoot\system32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[adpu160m / adpu160m]
  <\SystemRoot\system32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.4.9.0 / AegisP]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Aha154x / Aha154x]
  <\SystemRoot\system32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
  <\SystemRoot\system32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
  <\SystemRoot\system32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc]
  <\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p]
  <\SystemRoot\system32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550]
  <\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[cd20xrnt / cd20xrnt]
  <\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde]
  <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k]
  <\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
  <\SystemRoot\system32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[Acer EPM Power Scheme Driver / EpmPsd]
  <\??\C:\WINDOWS\system32\drivers\epm-psd.sys><Acer Value Labs, USA>
[Acer EPM System Hardware Driver / EpmShd]
  <\??\C:\WINDOWS\system32\drivers\epm-shd.sys><Acer Value Labs, USA>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Hotkey / Hotkey]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Hotkey.SYS><N/A>
[HSFHWICH / HSFHWICH]
  <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV]
  <system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[ini910u / ini910u]
  <\SystemRoot\system32\DRIVERS\ini910u.sys><Microsoft Corporation>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[mraid35x / mraid35x]
  <\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050912.024\NAVENG.SYS><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050912.024\NAVEX15.SYS><Symantec Corporation>
[OSA NdisFilter Protocol / NdisFilt]
  <System32\Drivers\NdisFilt.sys><OSA Technologies>
[Acer NetMonitor Protocol / NETMNT]
  <system32\DRIVERS\NETMNT.sys><N/A>
[NetGroup Packet Filter Driver / NPF]
  <system32\drivers\npf.sys><CACE Technologies>
[NSC Infrared Device Driver / NSCIRDA]
  <system32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[Upper Class Filter Driver / NTIDrvr]
  <system32\DRIVERS\NTIDrvr.sys><NewTech Infosystems, Inc.>
[OsaFsLoc / OsaFsLoc]
  <\??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys><OSA Technologies>
[osaio / osaio]
  <\??\C:\WINDOWS\system32\drivers\osaio.sys><OSA Technologies, An Avocent Company>
[osanbm / osanbm]
  <\??\C:\WINDOWS\system32\drivers\osanbm.sys><Windows (R) 2000 DDK provider>
[Padus ASPI Shell / pfc]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
  <\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
  <\SystemRoot\system32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
  <\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
  <\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp]
  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[WLAN 传输 / s24trans]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[SAVRT / SAVRT]
  <\??\C:\Program Files\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
  <\??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SIS AGP Bus Filter / sisagp]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Sparrow / Sparrow]
  <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[SPBBCDrv / SPBBCDrv]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[symc810 / symc810]
  <\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
  <\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[symlcbrd / symlcbrd]
  <\??\C:\WINDOWS\system32\drivers\symlcbrd.sys><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[sym_hi / sym_hi]
  <\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
  <\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TosIde / TosIde]
  <\SystemRoot\system32\DRIVERS\toside.sys><Microsoft Corporation>
[UBHelper / UBHelper]
  <C:\WINDOWS\SYSTEM32\DRIVERS\UBHelper.SYS><N/A>
[ultra / ultra]
  <\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51]
  <system32\DRIVERS\w29n51.sys><Intel? Corporation>
[Wbutton / Wbutton]
  <\SystemRoot\system32\drivers\Wbutton.sys><N/A>
[winachsf / winachsf]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>

==================================
gototop
 
chdzh2001
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2006-11-22
  • 来自:
发表于: 2006-11-24 12:43 | 只看楼主 短消息 资料
字号: 4楼

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[CNavExtBho Class]
  {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Norton AntiVirus]
  {C4069E3A-68F1-403E-B40E-20066696354B} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Acer eDataSecurity Management]
  {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} <C:\WINDOWS\system32\eDStoolbar.dll, HiTRUST>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Acer eDataSecurity Management]
  {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} <C:\WINDOWS\system32\eDStoolbar.dll, HiTRUST>
[CNavExtBho Class]
  {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Norton AntiVirus]
  {C4069E3A-68F1-403E-B40E-20066696354B} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>

==================================
正在运行的进程
[PID: 568][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 636][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 716][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 928][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 976][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe]  [Intel Corporation, 10, 1, 0, 1]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
[PID: 1124][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe]  [Intel Corporation , 10, 1, 0, 33]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL]  [N/A, N/A]
[PID: 1156][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1256][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1464][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  [Symantec Corporation, 104.0.1.17]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.1.17]
[PID: 1492][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  [Symantec Corporation, 104.0.1.17]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  [Symantec Corporation, 2,0,0,73]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\NORTON~1\HPPEVT32.DLL]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\HPPRES32.loc]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\NAVEVENT.DLL]  [Symantec Corporation, 12.0.0.94]
[PID: 1576][C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe]  [Symantec Corporation, 2,0,0,73]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 2,0,0,73]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll]  [Symantec Corporation, 2,0,0,73]
[PID: 1688][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1884][C:\Acer\Empowering Technology\admServ.exe]  [Avocent Inc., 1.5.28.78]
    [C:\Acer\Empowering Technology\OsaFsLoc.dll]  [OSA Technologies Inc. Taiwan Branch, 2, 0, 0, 1]
    [C:\Acer\Empowering Technology\osaiodll.dll]  [OSA Technologies Inc. Taiwan Branch, 1, 1, 2, 16]
    [C:\Acer\Empowering Technology\IpmiTrans.dll]  [OSA Technologies Inc. Taiwan Branch, 1, 0, 3, 14]
    [C:\Acer\Empowering Technology\SYSAPI.dll]  [OSA Technologies Inc. Taiwan Branch, 1, 0, 5, 17]
    [C:\Acer\Empowering Technology\SMBIOSAPI.dll]  [OSA Technologies Inc. Taiwan Branch, 1, 0, 6, 7]
    [C:\Acer\Empowering Technology\cpuid_dll.dll]  [ OSA Technologies, Inc., 1, 0, 6, 13]
    [C:\Acer\Empowering Technology\NBAPI.dll]  [OSA Technologies Inc. Taiwan Branch, 1, 0, 1, 2]
    [C:\Acer\Empowering Technology\NetMonitor.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9818.0]
    [C:\Acer\Empowering Technology\s_lm85m.dll]  [OSA Technologies, An Avocent Company, 1, 2, 2, 5]
    [C:\Acer\Empowering Technology\s_smsc47m1.dll]  [OSA Technologies, An Avocent Company, 1, 2, 4, 9]
    [C:\Acer\Empowering Technology\s_it87.dll]  [OSA Technologies, An Avocent Company, 1, 2, 2, 3]
[PID: 252][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSNChatHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\sysenv.dll]  [HiTRUST, 1, 20, 0, 1]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\ActiveToolBand.dll]  [HiTRUST, 1, 20, 0, 0]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\eDSshellExt.dll]  [HiTRUST, 1, 20, 0, 0]
[PID: 404][C:\Program Files\Norton AntiVirus\navapsvc.exe]  [Symantec Corporation, 12.0.0.94]
gototop
 
chdzh2001
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2006-11-22
  • 来自:
发表于: 2006-11-24 12:43 | 只看楼主 短消息 资料
字号: 5楼

[PID: 404][C:\Program Files\Norton AntiVirus\navapsvc.exe]  [Symantec Corporation, 12.0.0.94]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Norton AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.7.0.10]
    [C:\Program Files\Norton AntiVirus\navapsvc.loc]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll]  [Symantec Corporation, 3.1.30.0]
[PID: 420][C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe]  [Symantec Corporation, 12.0.0.94]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Norton AntiVirus\IWP\iwp.dll]  [Symantec Corporation, 12.0.0.94]
[PID: 496][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe]  [Intel Corporation, 10, 1, 0, 1]
[PID: 1236][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4384]
[PID: 1304][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4384]
[PID: 1312][C:\WINDOWS\system32\igfxpers.exe]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4384]
    [C:\WINDOWS\system32\MSNChatHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\sysenv.dll]  [HiTRUST, 1, 20, 0, 1]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1320][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\WINDOWS\system32\SynCOM.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1328][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\WINDOWS\system32\SynCOM.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\WINDOWS\system32\SynTPAPI.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1336][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.38]
[PID: 1344][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 104.0.1.17]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCTRAY.DLL]  [Symantec Corporation, 2006.1.0.107]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCTRAY.LOC]  [Symantec Corporation, 2006.1.0.107]
    [C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL]  [Symantec Corporation, 104.0.1.17]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRA~1\NORTON~1\DEFALERT.DLL]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\NORTON~1\HPP32.DLL]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\PROGRA~1\NORTON~1\HPPRES32.loc]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\IWP\IWP.DLL]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\NAVAPW32.DLL]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\apwutil.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\navapw32.loc]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\NAVOPTRF.DLL]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\STATUSHP.DLL]  [Symantec Corporation, 12.0.0.94]
    [C:\PROGRA~1\NORTON~1\apwutil.loc]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Norton AntiVirus\apwcmdnt.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Norton AntiVirus\apwcmdNT.loc]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Norton AntiVirus\Navlcom.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Norton AntiVirus\NAVError.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Norton AntiVirus\HPPEVT32.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\Program Files\Norton AntiVirus\naverror.loc]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 2,0,0,73]
    [C:\WINDOWS\system32\SYMREDIR.DLL]  [Symantec Corporation, 6.0.0.99]
    [C:\WINDOWS\system32\MSNChatHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\sysenv.dll]  [HiTRUST, 1, 20, 0, 1]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Norton AntiVirus\ccAVMail.dll]  [Symantec Corporation, 104.0.1.17]
    [C:\Program Files\Norton AntiVirus\NAVEvent.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Norton AntiVirus\NAVOpts.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Norton AntiVirus\navopts.loc]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Norton AntiVirus\NAVAPSCR.dll]  [Symantec Corporation, 12.0.0.94]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom_2_7.DLL]  [Symantec Corporation, 2.7.39.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS_2_7.DLL]  [Symantec Corporation, 2.7.39.0]
[PID: 1368][C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe]  [Cyberlink Corp., 6.00.1027]
    [C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll]  [CyberLink Corp., 3.2.2021 ]
[PID: 1376][C:\Program Files\Launch Manager\LaunchAp.exe]  [, 1, 0, 1, 0]
[PID: 1384][C:\Program Files\Launch Manager\HotkeyApp.exe]  [Wistron, 1, 0, 7, 4, 1]
    [C:\Program Files\Launch Manager\AlchemyXML.dll]  [Wistron Corporation, 1, 0, 0, 3]
    [C:\Program Files\Launch Manager\KBHOOK.dll]  [Wistron Corp., 1, 6, 0, 0]
    [C:\WINDOWS\system32\MSNChatHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\sysenv.dll]  [HiTRUST, 1, 20, 0, 1]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1400][C:\Program Files\Launch Manager\OSDCtrl.exe]  [, 1, 0, 1, 2]
[PID: 1408][C:\Program Files\Launch Manager\Wbutton.exe]  [, 1, 0, 7, 3]
[PID: 1416][C:\acer\Empowering Technology\ePower\epm-dm.exe]  [Acer Inc, 2.80]
[PID: 1432][C:\Acer\Empowering Technology\eRecovery\Monitor.exe]  [acer Inc., 1.3.9.2]
    [C:\Acer\Empowering Technology\eRecovery\Cdrw32.dll]  [NewTech Infosystems, Inc., 3, 1, 0, 61]
    [C:\Acer\Empowering Technology\eRecovery\CdrMmc32.dll]  [NewTech Infosystems, Inc., 3, 1, 0, 146]
    [C:\Acer\Empowering Technology\eRecovery\CdrwEx32.dll]  [NewTech Infosystems, Inc., 3, 1, 0, 78]
    [C:\Acer\Empowering Technology\eRecovery\ImagFile.dll]  [NewTech Infosystems, Inc., 1, 0, 0, 4]
    [C:\Acer\Empowering Technology\eRecovery\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Acer\Empowering Technology\eRecovery\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Acer\Empowering Technology\eRecovery\Data32.dll]  [NewTech Infosystems, Inc., 2, 0, 0, 49]
    [C:\Acer\Empowering Technology\eRecovery\DataEx32.dll]  [NewTech Infosystems, Inc., 2, 1, 0, 27]
    [C:\Acer\Empowering Technology\eRecovery\NtiAspi.dll]  [NewTech Infosystems, Inc., 2, 5, 0, 2]
    [C:\Acer\Empowering Technology\eRecovery\extResource.dll]  [acer, 1, 1, 7, 0]
    [C:\Acer\Empowering Technology\eRecovery\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 1444][C:\Acer\Empowering Technology\admtray.exe]  [Avocent Inc., 1.6.23.36]
    [C:\Acer\Empowering Technology\ServiceControl.dll]  [N/A, N/A]
    [C:\Acer\Empowering Technology\OsaFsLoc.dll]  [OSA Technologies Inc. Taiwan Branch, 2, 0, 0, 1]
    [C:\Acer\Empowering Technology\InstallNdis.dll]  [OSA Technologies Inc. Taiwan Branch, 1, 0, 1, 3]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
    [C:\WINDOWS\system32\MSNChatHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\sysenv.dll]  [HiTRUST, 1, 20, 0, 1]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1452][C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe]  [HiTRUST, 1, 20, 0, 0]
gototop
 
chdzh2001
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2006-11-22
  • 来自:
发表于: 2006-11-24 12:44 | 只看楼主 短消息 资料
字号: 6楼

[PID: 1452][C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe]  [HiTRUST, 1, 20, 0, 0]
    [C:\WINDOWS\system32\MSNChatHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\sysenv.dll]  [HiTRUST, 1, 20, 0, 1]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 1288][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1296][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3000]
[PID: 2564][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2876][C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe]  [Symantec Corporation, 1.9.1.762]
    [C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll]  [Symantec Corporation, 1.9.1.762]
    [C:\WINDOWS\system32\MSVCR71.DLL]  [Microsoft Corporation, 7.10.3052.4]
[PID: 3016][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3468][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSNChatHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\sysenv.dll]  [HiTRUST, 1, 20, 0, 1]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]
[PID: 3700][D:\杀毒工具\streng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\MSNChatHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\sysenv.dll]  [HiTRUST, 1, 20, 0, 1]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.13.2 04Feb05]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
gototop
 
chdzh2001
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2006-11-22
  • 来自:
发表于: 2006-11-24 12:45 | 只看楼主 短消息 资料
字号: 7楼

急待高人指点!!!!!
gototop
 
chdzh2001
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2006-11-22
  • 来自:
发表于: 2006-11-26 21:41 | 只看楼主 短消息 资料
字号: 8楼

怎没人帮看看呢?郁闷!!!!
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT