机子自动重启的问题

显示全部楼层 · 发表于 2007-10-4 13:26:23

xp sp2 所有补丁都打齐了，有时候会自动重启，不知道什么原因。

在我的电脑——>高级——>启动和故障修复的设置里已经把重启的勾勾删了

在管理的事件查看器里找不到任何重启原因的记录。

电脑里装着NOD32，大蜘蛛绿色版，和小红伞杀毒软件，后NOD32卸载了，还有风云防火墙

查毒没有发现病毒。

有谁知道什么原因吗？

显示全部楼层 · 发表于 2007-10-4 14:12:44

我遇到过显卡agp不兼容重启，8x情况下会重启或死机，4x就好了，，还有主板设置里调节超频或者内存性能过高也会重启

显示全部楼层 · 发表于 2007-10-4 14:12:57

System Repair Engineer2.5(SREng)或者System Repair Engineer2.5(SREng)下载System Repair Engineer2.5扫描日志上来.
如果不能运行将下载的SREngPS.EXE重命名为SREngPS.com(SREngPS.scr\SREngPS.bat\SREngPS.pif)或者改名为11BD.abc等等自己随便改运行.
sreng——智能扫描——扫描——保存日志——打开日志记事本SREngLOG——Ctrl+A——Ctrl+C——到论坛回复——Ctrl+V。

显示全部楼层 · 发表于 2007-10-4 15:10:04

风云的原因的可能比较大

显示全部楼层 · 发表于 2007-10-4 19:09:42

[CODE]

2007-10-04,19:08:55

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<msnmsgr><"C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background>  [(Verified)Microsoft Corporation]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<FY_FireWall><D:\Program Files\FengYun\FYFireWall.exe>  [www.218.cc]
<avgnt><"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min>  [Avira GmbH]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
<UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[AntiVir PersonalEdition Premium MailGuard / AntiVirMailService][Stopped/Auto Start]
  <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe"><Avira GmbH>
[AntiVir PersonalEdition Premium Scheduler / AntiVirScheduler][Running/Auto Start]
  <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe"><Avira GmbH>
[AntiVir PersonalEdition Premium Guard / AntiVirService][Running/Auto Start]
  <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe"><Avira GmbH>
[AntiVir PersonalEdition Premium MailGuard helper service / AVEService][Stopped/Auto Start]
  <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe"><Avira GmbH>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Disabled]
  <D:\AVG Anti-Spyware\guard.exe><GRISOFT s.r.o.>
[Cmb WebProtect Support / CMBWPS][Running/Auto Start]
  <C:\Program Files\CMBCHINA\WebProtect\WPService.exe /start><China Merchants Bank>
[Google Updater Service / gusvc][Stopped/Disabled]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[StyleXPService / StyleXPService][Running/Auto Start]
  <"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe"><>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[avgio / avgio][Running/System Start]
  <\??\C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
  <\??\C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
  <system32\DRIVERS\avipbb.sys><AVIRA GmbH>
[D-Link DFE-530TX PCI Fast Ethernet Adapter Driver Service / FETNDISB][Stopped/Manual Start]
  <system32\DRIVERS\dlkfet5b.sys><D-Link>
[FYTdifltDrv / FYTdifltDrv][Running/System Start]
  <\??\D:\Program Files\FengYun\FYTdiDrv.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Stopped/Manual Start]
  <system32\drivers\nvax.sys><NVIDIA Corporation>
[NVIDIA nForce MCP Networking Controller Driver / NVENET][Running/Manual Start]
  <system32\DRIVERS\NVENET.sys><NVIDIA Corporation>
[Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Stopped/Manual Start]
  <system32\drivers\nvapu.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Driver for rockusb Device / rockusb][Stopped/Manual Start]
  <system32\DRIVERS\rockusb.sys><Fuzhou Rockchip Electronics Co,Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SkyProcs / SkyProcs][Stopped/Manual Start]
  <\??\D:\PROGRA~1\SKYNET\FIREWALL\SkyProcs.sys><N/A>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[ssmdrv / ssmdrv][Running/System Start]
  <system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[StyleXPHelper / StyleXPHelper][Running/System Start]
  <\??\C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe><Windows (R) 2000 DDK provider>
[xAntiArpSpoof Service / xAntiArp][Stopped/Manual Start]
  <system32\DRIVERS\xAntiArp.sys><N/A>
[4894593 / 4894593][Running/]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <D:\Program Files\FlashGetX\ComDlls\FGXCATCH.dll, N/A>
[FGCatchUrl]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\Program Files\FlashGet\jccatch.dll, N/A>
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, China Merchants Bank>
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <D:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[Java Plug-in 1.5.0]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\Program Files\FlashGet\flashget.exe, FlashGet.com>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[Java Plug-in 1.5.0]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0]
  {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.>
[ThunderServer.WebThunder]
  {1DE5794D-B609-4A3E-9E40-22594D5BEAAC} <D:\Thunder\ComDlls\Faker.dll, N/A>
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <D:\Program Files\FlashGetX\ComDlls\FGXCATCH.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Thunder Browser Helper]
  {2F364305-AA45-47B5-9F9D-39A8B94E7EF7} <, N/A>
[FGCatchUrl]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\Program Files\FlashGet\jccatch.dll, N/A>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Thunder\ComDlls\ThunderAgent_Now.dll, N/A>
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, China Merchants Bank>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[JetCar.Netscape]
  {69C7BEA7-0A70-4291-81ED-405D19AEE270} <D:\Thunder\ComDlls\Faker.dll, N/A>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\Program Files\360safe\live.dll, 360safe.com>
[MSNShell4 Control]
  {BFB06F62-190C-42F6-91B1-3CB03560FE2D} <D:\PROGRA~1\MSNShell\BIN\MSNSHE~1.DLL, MSNShell Team>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[QQIEHelper.QQRightClick]
  {E654770F-10E4-47BC-A309-4CAD96A096E6} <D:\Thunder\ComDlls\Faker.dll, N/A>
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <D:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[FGAutoLive]
  {F90D830D-C175-4bbe-82C7-FF94669A4C42} <D:\Program Files\FlashGet\fgupdate.dll, www.flashget.com>
[FGCatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <D:\Program Files\FlashGet\jccatch.dll, N/A>
[&使用快车(FlashGet)下载]
  <D:\Program Files\FlashGet\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <D:\Program Files\FlashGet\jc_all.htm, N/A>
[使用迅雷下载]
  <D:\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Excel(&X)]
  <res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000, N/A>
[设为 Messenger Live 头像]
  <D:\Program Files\MSNShell\Bin\SetMSNDP.htm, N/A>

显示全部楼层 · 发表于 2007-10-4 19:10:21

==================================
正在运行的进程
[PID: 440][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 596][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 740][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 908][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 984][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1076][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\oracle\product\10.2.0\client_1\bin\oci.dll]  [Oracle Corporation, 10.2.0.1.0]
[C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1108][C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe]  [, 0, 20, 0, 3000]
[PID: 1132][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1216][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1380][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1424][C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe]  [Avira GmbH, 7.00.00.81]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgio.dll]  [Avira GmbH, 7.00.00.01]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 7.00.00.20]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\guardmsg.dll]  [Avira GmbH, 7.00.11.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\sqlite3.dll]  [, 3, 3, 17, 1]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVPREF.DLL]  [Avira GmbH, 7.00.02.02]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\SMTPLIB.DLL]  [Avira GmbH, 1.02.00.17]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVPACK32.DLL]  [Avira GmbH, 7.03.00.15]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\unacev2.dll]  [N/A, ]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVEWIN32.DLL]  [Avira GmbH, 7.6.0.18]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avipc.dll]  [Avira GmbH, 1.00.00.04]
[PID: 1720][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[D:\Program Files\IDM Computer Solutions\UltraEdit-32\ue32ctmn.dll]  [, 1, 0, 0, 2]
[D:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll]  [TuneUp Software GmbH, 2.0.0.2]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\shlext.dll]  [Avira GmbH, 7.00.00.10]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\contmenu.dll]  [N/A, ]
[D:\Program Files\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 4, 1007]
[PID: 1876][D:\Program Files\FengYun\FYFireWall.exe]  [www.218.cc, 1.2.6.0]
[D:\Program Files\FengYun\arpinfo.dll]  [N/A, ]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[D:\Program Files\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 4, 1007]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1884][C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe]  [Avira GmbH, 7.02.00.13]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\cclib.dll]  [Avira GmbH, 7.02.00.03]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[c:\program files\avira\antivir personaledition premium\ccgen.dll]  [Avira GmbH, 7.02.00.10]
[c:\program files\avira\antivir personaledition premium\ccgenrc.dll]  [Avira GmbH, 7.02.04.02]
[c:\program files\avira\antivir personaledition premium\ccguard.dll]  [Avira GmbH, 7.00.01.34]
[c:\program files\avira\antivir personaledition premium\ccgrdrc.dll]  [Avira GmbH, 7.00.06.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avipc.dll]  [Avira GmbH, 1.00.00.04]
[c:\program files\avira\antivir personaledition premium\ccupdate.dll]  [Avira GmbH, 7.02.00.04]
[c:\program files\avira\antivir personaledition premium\ccupdrc.dll]  [Avira GmbH, 7.02.01.00]
[c:\program files\avira\antivir personaledition premium\cclic.dll]  [Avira GmbH, 7.02.00.04]
[c:\program files\avira\antivir personaledition premium\cclicrc.dll]  [Avira GmbH, 7.02.01.00]
[c:\program files\avira\antivir personaledition premium\ccmsg.dll]  [Avira GmbH, 7.00.00.00]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[PID: 1892][C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe]  [Microsoft Corporation, 8.5.1288.0816]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\MSNCore.dll]  [Microsoft Corporation, 8.5.1288.0816]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\msidcrl40.dll]  [Microsoft Corporation, 4.100.313.1]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\ContactsUX.dll]  [Microsoft Corporation, 8.5.1288.0816]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\CRYPTNET.dll]  [N/A, ]
[D:\Program Files\MSNShell\Bin\ShellDll02.dll]  [MSNShell Team, 4.2.28.30]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\msgslang.8.5.1288.0816.dll]  [Microsoft Corporation, 8.5.1288.0816]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\msgsres.dll]  [Microsoft Corporation, 8.5.1288.0816]
[D:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, ]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGSWCAM.dll]  [Microsoft Corporation, 8.5.1288.0816]
[C:\WINDOWS\system32\sirenacm.dll]  [Microsoft Corporation, 8.5.1288.0816]
[C:\WINDOWS\system32\msdmo.dll]  [, ]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\lmcdata.dll]  [Microsoft Corporation, 8.5.1288.0816]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[D:\Program Files\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 4, 1007]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\custsat.dll]  [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\abssm.dll]  [Microsoft Corporation, 8.5.1288.0816]
[C:\PROGRA~1\WINDOW~4\MESSEN~1\contact.dll]  [Microsoft Corporation, 8.5.1288.0816]
[PID: 1900][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[PID: 2036][C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe]  [Avira GmbH, 7.00.00.62]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\schedr.dll]  [Avira GmbH, 7.00.24.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 7.00.00.20]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\sqlite3.dll]  [, 3, 3, 17, 1]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avipc.dll]  [Avira GmbH, 1.00.00.04]
[PID: 192][C:\Program Files\CMBCHINA\WebProtect\WPService.exe]  [China Merchants Bank, 1, 0, 0, 1]
[C:\Program Files\CMBCHINA\WebProtect\WebProtectPlus.dll]  [China Merchants Bank, 1, 0, 0, 1]
[PID: 256][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.4403]
[PID: 1288][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2300][D:\TheWorld2.0\TheWorld.exe]  [Phoenix Studio, 2, 0, 6, 3]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[D:\THEWOR~1.0\Plugin\WeatherPlus\WeatherPlus.dll]  [henryouly, 1, 0, 0, 2]
[C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\SOGOUPY.IME]  [Sohu.com Inc., 3, 0, 3, 0]
[C:\Program Files\SogouInput\Plugin\SgImeWord.dll]  [, 1, 0, 0, 31]
[C:\WINDOWS\system32\RealMediaSplitter.ax]  [Gabest, 1, 0, 1, 1]
[C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[D:\Program Files\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 4, 1007]
[PID: 3692][D:\Program Files\FlashGet\flashget.exe]  [FlashGet.com, 1, 9, 6, 1073]
[D:\Program Files\FlashGet\FGBTCORE.dll]  [, 1, 0, 0, 36]
[D:\Program Files\FlashGet\FGEMCORE.dll]  [, 1, 0, 3, 1002]
[D:\Program Files\FlashGet\debugrpt.dll]  [flashget, 1, 0, 0, 1006]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[D:\Program Files\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 4, 1007]
[D:\Program Files\FlashGet\fgupdate.dll]  [www.flashget.com, 1, 8, 1, 1003]
[PID: 2740][D:\Notepad++\notepad++.exe]  [Don HO don.h@free.fr, 4.3]
[D:\Notepad++\SciLexer.DLL]  [Neil Hodgson neilh@scintilla.org, 1.73]
[D:\Program Files\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 4, 1007]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[D:\Notepad++\plugins\ConvertExt.dll]  [Full of Madeness Co., 1.1 RC1]
[D:\Notepad++\plugins\FunctionList.dll]  [jens.plugin.npp@gmx.de, 1.2]
[D:\Notepad++\plugins\HexEditor.dll]  [jens.plugin.npp@gmx.de, 0.8.3]
[D:\Notepad++\plugins\LightExplorer.dll]  [, 1, 4, 0, 0]
[D:\Notepad++\plugins\NppExec.dll]  [Full of Madness Co., 0, 2, 0, 4]
[D:\Notepad++\plugins\NPPTextFX.dll]  [Chris Severance, 0.24a]
[D:\Notepad++\plugins\QuickText.dll]  [, 0, 0, 2, 0]
[D:\Notepad++\plugins\SpellChecker.dll]  [jens.plugin.npp@gmx.de, 1, 1, 0, 0]
[D:\Notepad++\plugins\NPPTextFX\libTidy.dll]  [N/A, ]
[PID: 348][D:\Kmplayer\KMPlayer.exe]  [With Force!!, 2.9.3.1378]
[D:\Program Files\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 4, 1007]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[C:\WINDOWS\system32\msdmo.dll]  [, ]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[D:\Kmplayer\Plugins\IN_MP3.DLL]  [N/A, ]
[D:\Kmplayer\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
[D:\Kmplayer\Plugins\in_mp4.dll]  [N/A, ]
[D:\Kmplayer\Plugins\in_nsv.dll]  [N/A, ]
[D:\Kmplayer\Plugins\in_vorbis.dll]  [N/A, ]
[D:\Kmplayer\Plugins\in_wm.dll]  [N/A, ]
[D:\Kmplayer\Plugins\gen_hotkeys.dll]  [N/A, ]
[D:\Kmplayer\Plugins\gen_ml.dll]  [N/A, ]
[D:\Kmplayer\PProcDLL.dll]  [TODO: <?? ??>, 1.0.0.1]
[D:\Kmplayer\drvc.dll]  [RealNetworks, Inc., 10.0.0.1707]
[D:\Kmplayer\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
[D:\Kmplayer\LibDTS.dll]  [N/A, ]
[D:\Kmplayer\COOK.dll]  [RealNetworks, Inc., 10.0.0.2313]
[D:\Kmplayer\libmplay.dll]  [N/A, ]
[D:\Kmplayer\libcodec.dll]  [N/A, ]
[PID: 2132][C:\Documents and Settings\yangjingchen\桌面\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
[D:\Program Files\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
[D:\Program Files\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 4, 1007]
[C:\Documents and Settings\yangjingchen\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1    localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1424, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\AVGUARD.EXE]
特殊特权被允许： SeSystemtimePrivilege [PID = 1876, D:\PROGRAM FILES\FENGYUN\FYFIREWALL.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1876, D:\PROGRAM FILES\FENGYUN\FYFIREWALL.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1876, D:\PROGRAM FILES\FENGYUN\FYFIREWALL.EXE]
特殊特权被允许： SeSystemtimePrivilege [PID = 1884, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\AVGNT.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1884, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\AVGNT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1884, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\AVGNT.EXE]
特殊特权被允许： SeSystemtimePrivilege [PID = 2300, D:\THEWORLD2.0\THEWORLD.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2300, D:\THEWORLD2.0\THEWORLD.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2300, D:\THEWORLD2.0\THEWORLD.EXE]
特殊特权被允许： SeSystemtimePrivilege [PID = 3692, D:\PROGRAM FILES\FLASHGET\FLASHGET.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 3692, D:\PROGRAM FILES\FLASHGET\FLASHGET.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3692, D:\PROGRAM FILES\FLASHGET\FLASHGET.EXE]
特殊特权被允许： SeSystemtimePrivilege [PID = 2740, D:\NOTEPAD++\NOTEPAD++.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2740, D:\NOTEPAD++\NOTEPAD++.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2740, D:\NOTEPAD++\NOTEPAD++.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================

[/CODE]

显示全部楼层 · 发表于 2007-10-4 22:50:30

无毒。今晚好多报告，眼都花簕。。

显示全部楼层 · 发表于 2007-10-6 16:47:43

靠，我知道无毒，就是不知道为什么重启

[已解决] 机子自动重启的问题

浏览过的版块