1   1  /  1  页   跳转

【求助】急求斑斑分析日志

收藏
蛙面
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-01-30
  • 来自:
发表于: 2008-01-30 16:13 | 只看楼主 短消息 资料
字号: 1楼

【求助】急求斑斑分析日志

该机是终端服务器,下挂了10来个终端。
前几天突然出现CUP一直100%,仔细观察了进程,发现explorer.exe、taskmgr.exe,这2个进程一直在吃CUP,并不占内存,2GB内存,只用了200MB多。什么杀毒、杀流氓之类的能用都用过了,还是这样,无赖之下,只好求助于高手了。
先行谢过!!




系统提示:发帖字节过长!
我放在附件,麻烦了,斑斑!
最后编辑2008-01-30 16:33:03
分享到:
gototop
 
蛙面
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-01-30
  • 来自:
发表于: 2008-01-30 16:16 | 只看楼主 短消息 资料
字号: 2楼

诊断时间: 2008-01-30  14:02:34
诊断平台: Microsoft Windows Server 2003  Service Pack 1
IE版本: Internet Explorer V6.0.3790.1830 Build:63790.1830
计算机物理内存: 2GB - 当前可用内存: 2GB

100 - 未知 - Process: smss.exe [] - C:\Documents and Settings\Administrator\WINDOWS\System32\smss.exe
100 - 未知 - Process: explorer.exe [Windows Explorer] - C:\WINDOWS\Explorer.EXE
100 - 未知 - Process: lserver.exe [Microsoft(R) Terminal Server Licensing] - C:\WINDOWS\system32\lserver.exe
O8 - 未知 - Extra context menu item:  ←设置内容 - D:\soft\downbank070109 350greensoftware\350greensoftware\实用推荐区\BBS帖

子精灵2.1\html\SetContent.htm
O8 - 未知 - Extra context menu item:  ←设置标题 - D:\soft\downbank070109 350greensoftware\350greensoftware\实用推荐区\BBS帖

子精灵2.1\html\SetTitle.htm
O8 - 未知 - Extra context menu item:  →提取全部图片 - D:\soft\downbank070109 350greensoftware\350greensoftware\实用推荐区

\BBS帖子精灵2.1\html\GetAllPic.htm
O8 - 未知 - Extra context menu item:  →提取图片 - D:\soft\downbank070109 350greensoftware\350greensoftware\实用推荐区\BBS帖

子精灵2.1\html\GetPic.htm
O8 - 未知 - Extra context menu item:  →提取链接 - D:\soft\downbank070109 350greensoftware\350greensoftware\实用推荐区\BBS帖

子精灵2.1\html\GetHref.htm
O8 - 未知 - Extra context menu item:  →获取Flash列表 - D:\soft\downbank070109 350greensoftware\350greensoftware\实用推荐区

\BBS帖子精灵2.1\html\ListFlash.htm
O8 - 未知 - Extra context menu item:  →获取内容 - D:\soft\downbank070109 350greensoftware\350greensoftware\实用推荐区\BBS帖

子精灵2.1\html\GetContent.htm
O8 - 未知 - Extra context menu item:  →获取标题 - D:\soft\downbank070109 350greensoftware\350greensoftware\实用推荐区\BBS帖

子精灵2.1\html\GetTitle.htm
O8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - 未知 - Extra context menu item: 使用Web迅雷下载 - D:\soft\WebThunder\WebThunder\GetUrl.htm
O8 - 未知 - Extra context menu item: 使用Web迅雷下载全部链接 - D:\soft\WebThunder\WebThunder\GetAllUrl.htm
O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - 未知 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - 未知 - Extra button: 信息检索(HKLM) - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - 未知 - Extra button: 启动Web迅雷(HKLM) - http://my.xunlei.com
O10 - 未知 - Winsock LSP: [] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{9D60A9E0-337A-11D0-BD88-0000C082E69A}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{9D60A9E0-337A-11D0-BD88-0000C082E69A}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\Documents and

Settings\Administrator\WINDOWS\system32\mswsock.dll
O16 - 未知 - DPF: 无效的CLSID:{3C38DEE8-BE1A-4DEC-B232-2C78706CC7EA} ({3C38DEE8-BE1A-4DEC-B232-2C78706CC7EA}) -

http://ps.itv.mop.com/update/update/GUpdate-1.0.0.10-signed.cab
O16 - 未知 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl) -

http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170658722783
O16 - 未知 - DPF: {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} (Tencent Safety Online Base Module) - http://safe.qq.com/cgi-

bin/tso/TSOBase.ocx
O16 - 未知 - DPF: {D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} (WebBasedClientInstall) - http://156.23.0.2/savdeploy/webinst.cab
O16 - 未知 - DPF: {E847C78C-C210-4195-8799-FBF3BF89797D} (金山毒霸在线产品升级) - http://www.duba.net/cab/KOSInit.cab
O23 - 未知 - Service: CCALib8 [Canon Camera Access Library 8] - C:\Program Files\Canon\CAL\CALMAIN.exe - (not running)
O23 - 未知 - Service: helpsvc [启用在此计算机上运行帮助和支持中心。如果停止服务,帮助和支持中心将不可用。如果禁用服务,任何直

接依赖于此服务的服务将无法启动。] - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - (running)
O23 - 未知 - Service: TermServLicensing [为终端服务客户端提供注册的许可证。如果停止此服务,客户端请求时服务器无法将终端服务器

许可证颁发给客户端。] - C:\WINDOWS\system32\lserver.exe - (running)
O23 - 未知 - Service: TrkSvr [启用同域内的分布式链接跟踪客户端服务,以便在同域内提供更高的可靠性和有效维护。如果此服务被禁用

,任何依赖于它的服务将无法启用。] - C:\WINDOWS\system32\trksvr.dll - (not running)
O30 - 未知 - HKLM\..\Winlogon: [Shell] [Windows Explorer] EXPLORER.EXE

=======================================
gototop
 
蛙面
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-01-30
  • 来自:
发表于: 2008-01-30 16:17 | 只看楼主 短消息 资料
字号: 3楼

=======================================

100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe

ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32

\svchost.exe -k rpcss
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32

\svchost.exe -k termsvcs
100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32

\svchost.exe -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32

\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32

\svchost.exe -k LocalService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32

\svchost.exe -k netsvcs
100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe
100 - 安全 - Process: conime.exe [console ime ime输入法控制台软件。] - C:\WINDOWS\system32\conime.exe
100 - 安全 - Process: ccSetMgr.exe [Symantec公司网络安全套装的一部分。] - C:\Program Files\Common Files\Symantec

Shared\ccSetMgr.exe
100 - 安全 - Process: ccEvtMgr.exe [Norton Internet Security网络安全套装的一部分,该进程会同反病毒与防火墙程序同时安装。] -

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: msdtc.exe [microsoft distributed transaction coordinator控制多个服务器的传输,被安装在microsoft

personal web server和microsoft sql server。] - C:\WINDOWS\system32\msdtc.exe
100 - 安全 - Process: DefWatch.exe [norton anti-virus扫描你的文件和email以检查病毒。] - C:\Program Files\Symantec

AntiVirus\DefWatch.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32

\svchost.exe -k WinErr
100 - 安全 - Process: LSSrvc.exe [一款名为LightScribe(光雕技术)的刻录机,可以在光盘上光雕个性化图案。] - C:\Program

Files\Common Files\LightScribe\LSSrvc.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32

\svchost.exe -k regsvc
100 - 安全 - Process: SavRoam.exe [赛门铁克公司出品的防病毒软件的相关程序。] - C:\Program Files\Symantec

AntiVirus\SavRoam.exe
100 - 安全 - Process: ccApp.exe [symantec公用应用客户端包含在norton antivirus 2003和norton personal firewall 2003。] -

C:\Program Files\Common Files\Symantec Shared\ccApp.exe
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: wmiprvse.exe [wmi 提供程序 (wmi provider) 在 wmi 和操作系统、应用程序以及其他系统的组件之间充当中介.此

进程为合法的系统进程。] - C:\WINDOWS\system32\wbem\wmiprvse.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32

\svchost.exe -k tapisrv
100 - 安全 - Process: taskmgr.exe [windows自带的任务管理器程序,用于察看系统中的进程信息。] - C:\WINDOWS\system32\taskmgr.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - C:\Program Files\360safe\360Safe.exe
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=res://shdoclc.dll/softAdmin.htm
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
O2 - 安全 - BHO: (AcroIEHlprObj Class) - [Adobe Reader, 查看和打印 Adobe 便携文档格式 (PDF) 文件。] - {06849E9F-C8D7-4D59-

B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - 安全 - HKLM\..\Run: [IMJPMIG8.1] [微软Microsoft输入法编辑器程序。] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil

/RemAdvDef /Migration32
O4 - 安全 - HKLM\..\Run: [IMEKRMIG6.1] [一种输入法] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - 安全 - HKLM\..\Run: [PHIME2002ASync] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 安全 - HKLM\..\Run: [PHIME2002A] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 安全 - HKLM\..\Run: [ccApp] [诺顿杀毒或诺顿防火墙客户端软件] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - 安全 - HKLM\..\Run: [vptray] [诺顿在任务栏显示病毒防护盾牌图标的程序] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O16 - 安全 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (Windows升级工具V5) -

http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170657729251
O16 - 安全 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Flash播放器) -

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft

Shared\OFFICE11\MSOXMLMF.DLL
O18 - 安全 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11

\OWC11.DLL
O23 - 安全 - Service: Ati HotKey Poller [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe - (running)
O23 - 安全 - Service: ccEvtMgr [诺顿防病毒软件相关程序。] - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" -

(running)
O23 - 安全 - Service: ccPwdSvc [诺顿防病毒软件相关程序。] - "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" -

(not running)
O23 - 安全 - Service: ccSetMgr [诺顿防病毒软件相关程序。] - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" -

(running)
O23 - 安全 - Service: DefWatch [诺顿防毒软件相关程序。] - "C:\Program Files\Symantec AntiVirus\DefWatch.exe" - (running)
O23 - 安全 - Service: LightScribeService [一个来自dvd刻录机\\\"光雕\\\"软件的相关程序,通过用户许可协议安装。] - "C:\Program

Files\Common Files\LightScribe\LSSrvc.exe" - (running)
O23 - 安全 - Service: NtFrs [在多个服务器间维护文件目录内容的文件同步。] - C:\WINDOWS\system32\ntfrs.exe - (not running)
O23 - 安全 - Service: SavRoam [诺顿防毒软件相关程序] - "C:\Program Files\Symantec AntiVirus\SavRoam.exe" - (running)
O23 - 安全 - Service: SNDSrvc [诺顿防毒软件相关程序。] - "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" - (not

running)
O23 - 安全 - Service: Symantec AntiVirus [诺顿防毒软件相关程序。] - "C:\Program Files\Symantec AntiVirus\Rtvscan.exe" - (not

running)

=======================================
gototop
 
蛙面
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-01-30
  • 来自:
发表于: 2008-01-30 16:18 | 只看楼主 短消息 资料
字号: 4楼

=======================================

O31 - 未知 - Other Autoruns: Posix - C:\WINDOWS\system32\psxss.exe -  -  -  - 0 -
O31 - 未知 - Other Autoruns:  - C:\WINDOWS\Explorer.exe /e -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {88895560-9AA2-1069-930E-00AA0030EBC8} - hticons.dll -  -  -  - 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 126464 -

31ec564b36818bde9f893d6521d596cf
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Terminal Server Redirected Drive -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:NOD32 Context Menu Shell Extension -  -  -  -  - 0 -
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 126464 -

31ec564b36818bde9f893d6521d596cf
O31 - 未知 - LSA: Notification Packages - DCSVC.dll -  -  -  - 0 -
O31 - 未知 - LSA: Notification Packages - cecli.dll -  -  -  - 0 -
O31 - 未知 - LSA: Security Packages - sv1_0.dll -  -  -  - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll -  -  -  - 0 -

=======================================


=======================================

O41 - ACPI - ACPI - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ACPI.sys - (running) -  -  -
O41 - AFD - AFD - C:\Documents and Settings\Administrator\WINDOWS\System32\drivers\afd.sys - (running) -  -  -
O41 - atapi - atapi - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\atapi.sys - (running) -  -  -
O41 - ati2mtag - ati2mtag - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ati2mtag.sys - (running) -  -  -
O41 - audstub - audstub - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\audstub.sys - (running) -  -  -
O41 - b57w2k - b57w2k - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\b57xp32.sys - (running) -  -  -
O41 - Cdrom - Cdrom - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\cdrom.sys - (running) -  -  -
O41 - crcdisk - crcdisk - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\crcdisk.sys - (running) -  -  -
O41 - DfsDriver - DfsDriver - C:\Documents and Settings\Administrator\WINDOWS\system32\drivers\Dfs.sys - (running) -  -  -
O41 - Disk - Disk - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\disk.sys - (running) -  -  -
O41 - dmio - dmio - C:\Documents and Settings\Administrator\WINDOWS\System32\drivers\dmio.sys - (running) -  -  -
O41 - dmload - dmload - C:\Documents and Settings\Administrator\WINDOWS\System32\drivers\dmload.sys - (running) -  -  -
O41 - FltMgr - FltMgr - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\fltMgr.sys - (running) -  -  -
O41 - FsVga - FsVga - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\fsvga.sys - (running) -  -  -
O41 - Ftdisk - Ftdisk - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ftdisk.sys - (running) -  -  -
O41 - Gpc - Gpc - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\msgpc.sys - (running) -  -  -
O41 - i8042prt - i8042prt - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\i8042prt.sys - (running) -  -  -
O41 - intelppm - intelppm - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\intelppm.sys - (running) -  -  -
O41 - IPSec - IPSec - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ipsec.sys - (running) -  -  -
O41 - isapnp - isapnp - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\isapnp.sys - (running) -  -  -
O41 - Kbdclass - Kbdclass - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\kbdclass.sys - (running) -  -  -
O41 - Mouclass - Mouclass - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\mouclass.sys - (running) -  -  -
O41 - MRxSmb - MRxSmb - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\mrxsmb.sys - (running) -  -  -
O41 - mssmbios - mssmbios - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\mssmbios.sys - (running) -  -  -
O41 - NdisTapi - NdisTapi - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ndistapi.sys - (running) -  -  -
O41 - Ndisuio - Ndisuio - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ndisuio.sys - (running) -  -  -
O41 - NdisWan - NdisWan - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ndiswan.sys - (running) -  -  -
O41 - NetBIOS - NetBIOS - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\netbios.sys - (running) -  -  -
O41 - NetBT - NetBT - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\netbt.sys - (running) -  -  -
O41 - npkcrypt - nProtect KeyCrypt Driver - C:\Program Files\Tencent\QQ\npkcrypt.sys - (running) - nProtect KeyCrypt Driver -

INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - Parport - Parport - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\parport.sys - (running) -  -  -
O41 - Parvdm - Parvdm - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\parvdm.sys - (running) -  -  -
O41 - PCI - PCI - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\pci.sys - (running) -  -  -
O41 - PCIIde - PCIIde - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\pciide.sys - (running) -  -  -
O41 - PptpMiniport - PptpMiniport - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\raspptp.sys - (running)

-  -  -
gototop
 
蛙面
头像
初生襁褓狮
  • 帖子:5
  • 注册: 2008-01-30
  • 来自:
发表于: 2008-01-30 16:18 | 只看楼主 短消息 资料
字号: 5楼

O41 - Ptilink - Ptilink - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ptilink.sys - (running) -  -  -
O41 - RasAcd - RasAcd - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\rasacd.sys - (running) -  -  -
O41 - Rasl2tp - Rasl2tp - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\rasl2tp.sys - (running) -  -  -
O41 - RasPppoe - RasPppoe - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\raspppoe.sys - (running) -  -  -
O41 - Raspti - Raspti - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\raspti.sys - (running) -  -  -
O41 - Rdbss - Rdbss - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\rdbss.sys - (running) -  -  -
O41 - RDPCDD - RDPCDD - C:\Documents and Settings\Administrator\WINDOWS\System32\DRIVERS\RDPCDD.sys - (running) -  -  -
O41 - rdpdr - rdpdr - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\rdpdr.sys - (running) -  -  -
O41 - redbook - redbook - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\redbook.sys - (running) -  -  -
O41 - serenum - serenum - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\serenum.sys - (running) -  -  -
O41 - Serial - Serial - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\serial.sys - (running) -  -  -
O41 - Srv - Srv - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\srv.sys - (running) -  -  -
O41 - swenum - swenum - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\swenum.sys - (running) -  -  -
O41 - symmpi - symmpi - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\symmpi.sys - (running) -  -  -
O41 - SYMTDI - SYMTDI - C:\Documents and Settings\Administrator\WINDOWS\System32\Drivers\SYMTDI.SYS - (running) -  -  -
O41 - Tcpip - Tcpip - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\tcpip.sys - (running) -  -  -
O41 - TermDD - TermDD - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\termdd.sys - (running) -  -  -
O41 - Update - Update - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\update.sys - (running) -  -  -
O41 - usbehci - usbehci - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\usbehci.sys - (running) -  -  -
O41 - usbhub - usbhub - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\usbhub.sys - (running) -  -  -
O41 - usbuhci - usbuhci - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\usbuhci.sys - (running) -  -  -
O41 - VgaSave - VgaSave - C:\Documents and Settings\Administrator\WINDOWS\System32\drivers\vga.sys - (running) -  -  -
O41 - VolSnap - VolSnap - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\volsnap.sys - (running) -  -  -
O41 - Wanarp - Wanarp - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\wanarp.sys - (running) -  -  -
O41 - AsyncMac - AsyncMac - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\asyncmac.sys - (not running) - 

-  -
O41 - Atmarpc - Atmarpc - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\atmarpc.sys - (not running) -  - 

-
O41 - ATSpy - ATSpy - C:\WINDOWS\system32\ATSpy.sys - (not running) -  -  -
O41 - ClusDisk - ClusDisk - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ClusDisk.sys - (not running) - 

-  -
O41 - dmboot - dmboot - C:\Documents and Settings\Administrator\WINDOWS\System32\drivers\dmboot.sys - (not running) -  -  -
O41 - HTTP - HTTP - C:\Documents and Settings\Administrator\WINDOWS\System32\Drivers\HTTP.sys - (not running) -  -  -
O41 - imapi - imapi - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\imapi.sys - (not running) -  -  -
O41 - Ip6Fw - Ip6Fw - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\Ip6Fw.sys - (not running) -  -  -
O41 - IpFilterDriver - IpFilterDriver - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ipfltdrv.sys - (not

running) -  -  -
O41 - IpInIp - IpInIp - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ipinip.sys - (not running) -  -  -
O41 - IpNat - IpNat - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\ipnat.sys - (not running) -  -  -
O41 - mmPsy - System, file, registry, network and user monitor - C:\Documents and Settings\Administrator\WINDOWS\System32

\rspmmpsy.sys - (not running) - System, file, registry, network and user monitor - Resplendence -

eabbeb21c300138a0dab423ca50460b0
O41 - MRxDAV - MRxDAV - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\mrxdav.sys - (not running) -  -  -
O41 - Secdrv - Secdrv - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\secdrv.sys - (not running) -  -  -
O41 - SONYPVU1 - SONYPVU1 - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\SONYPVU1.SYS - (not running) - 

-  -
O41 - SYMREDRV - SYMREDRV - C:\Documents and Settings\Administrator\WINDOWS\System32\Drivers\SYMREDRV.SYS - (not running) - 

-  -
O41 - usbscan - usbscan - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\usbscan.sys - (not running) -  - 

-
O41 - USBSTOR - USBSTOR - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\USBSTOR.SYS - (not running) -  - 

-
O41 - vga - vga - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\vgapnp.sys - (not running) -  -  -
O41 - WLBS - WLBS - C:\Documents and Settings\Administrator\WINDOWS\system32\DRIVERS\wlbs.sys - (not running) -  -  -
gototop
 
流星陨落
头像
初生襁褓狮
  • 帖子:1
  • 注册: 2008-04-17
  • 来自:
发表于: 2008-01-30 16:44 | 短消息 资料
字号: 6楼

日志鉴定没问题,再发个sreng看看
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT