收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 软件区 解疑答难区 帮我看看日志有没有问题
返回列表 发新帖
查看: 1400|回复: 8
收起左侧

[已解决] 帮我看看日志有没有问题

 关闭 [复制链接]
Graybird
发表于 2007-12-4 11:20:18 | 显示全部楼层 |阅读模式
  1. 2007-12-04,11:16:18
  2. System Repair Engineer 2.5.16.900
  3. Smallfrogs (http://www.KZTechs.com)
  4. Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
  5. 以下内容被选中:
  6.     所有的启动项目(包括注册表、启动文件夹、服务等)
  7.     浏览器加载项
  8.     正在运行的进程(包括进程模块信息)
  9.     文件关联
  10.     Winsock 提供者
  11.     Autorun.inf
  12.     HOSTS 文件
  13.     进程特权扫描

  15. 启动项目
  16. 注册表
  17. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  18.     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
  19. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  20.     <FY_FireWall><D:\FengYun\FYFireWall.exe>  [www.218.cc]
  21.     <avgnt><"F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min>  [Avira GmbH]
  22. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  23.     <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
  24.     <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
  25. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  26.     <AppInit_DLLs><>  [N/A]
  27. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  28.     <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
  29. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
  30.     <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
  31. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
  32.     <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
  33. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
  34.     <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
  35. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
  36.     <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
  37. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
  38.     <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
  39. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
  40.     <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
  41. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
  42.     <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
  43. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
  44.     <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
  45. [HKEY_CURRENT_USER\Control Panel\Desktop]
  46.     <SCRNSAVE.EXE><C:\WINDOWS\system32\PARTIC~1.SCR>  [Longbow Digital Arts]
  47. ==================================
  48. 启动文件夹
  49. N/A
  50. ==================================
  51. 服务
  52. [AntiVir PersonalEdition Classic Scheduler / AntiVirScheduler][Running/Auto Start]
  53.   <"F:\AntiVir\Avira\AntiVir PersonalEdition Classic\sched.exe"><Avira GmbH>
  54. [AntiVir PersonalEdition Classic Guard / AntiVirService][Running/Auto Start]
  55.   <"F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avguard.exe"><Avira GmbH>
  56. [Human Interface Device Access / HidServ][Stopped/Disabled]
  57.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  58. ==================================
  59. 驱动程序
  60. [A320RAID / A320RAID][Stopped/Boot Start]
  61.   <\SystemRoot\System32\Drivers\a320raid.sys><Adaptec, Inc.>
  62. [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  63.   <system32\drivers\ac97intc.sys><Intel Corporation>
  64. [adpu160m / adpu160m][Running/Boot Start]
  65.   <\SystemRoot\System32\Drivers\adpu160m.sys><Microsoft Corporation>
  66. [ADPU320 / ADPU320][Stopped/Boot Start]
  67.   <\SystemRoot\System32\Drivers\adpu320.sys><Adaptec, Inc.>
  68. [ahci8086 / ahci8086][Running/Boot Start]
  69.   <\SystemRoot\System32\Drivers\ahci8086.sys><ATI Technologies Inc.>
  70. [aic78u2 / aic78u2][Running/Boot Start]
  71.   <\SystemRoot\System32\Drivers\aic78u2.sys><Microsoft Corporation>
  72. [aic78xx / aic78xx][Running/Boot Start]
  73.   <\SystemRoot\System32\Drivers\aic78xx.sys><Microsoft Corporation>
  74. [AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
  75.   <System32\drivers\amdk8.sys><Advanced Micro Devices>
  76. [avgio / avgio][Running/System Start]
  77.   <\??\F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avgio.sys><Avira GmbH>
  78. [avgntflt / avgntflt][Running/Manual Start]
  79.   <\??\F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avgntflt.sys><Avira GmbH>
  80. [avipbb / avipbb][Running/System Start]
  81.   <system32\DRIVERS\avipbb.sys><AVIRA GmbH>
  82. [CSB6IDE / CSB6IDE][Running/Boot Start]
  83.   <\SystemRoot\System32\Drivers\csb6ide.sys><ServerWorks Corporation>
  84. [FASTTRAK / FASTTRAK][Running/Boot Start]
  85.   <\SystemRoot\System32\Drivers\fasttrak.sys><Promise Technology, Inc.>
  86. [VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Stopped/Manual Start]
  87.   <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
  88. [FTSATA2 / FTSATA2][Running/Boot Start]
  89.   <\SystemRoot\System32\Drivers\ftsata2.sys><Promise Technology, Inc.>
  90. [FYTdifltDrv / FYTdifltDrv][Running/System Start]
  91.   <\??\D:\FengYun\FYTdiDrv.sys><N/A>
  92. [HSFHWBS2 / HSFHWBS2][Running/Manual Start]
  93.   <system32\DRIVERS\HSFBS2S2.sys><Conexant Systems, Inc.>
  94. [HSF_DP / HSF_DP][Running/Manual Start]
  95.   <system32\DRIVERS\HSFDPSP2.sys><Conexant Systems, Inc.>
  96. [IASTOR / IASTOR][Running/Boot Start]
  97.   <\SystemRoot\System32\Drivers\iaStor.sys><Intel Corporation>
  98. [ITERAID / ITERAID][Stopped/Boot Start]
  99.   <\SystemRoot\System32\Drivers\iteraid.sys><Integrated Technology Express, Inc.>
  100. [JRAID / JRAID][Running/Boot Start]
  101.   <\SystemRoot\System32\Drivers\JRAID.SYS><JMicron Technology Corp.>
  102. [M5228 / M5228][Stopped/Boot Start]
  103.   <\SystemRoot\System32\Drivers\m5228.sys><ALi Corporation.>
  104. [M5281 / M5281][Running/Boot Start]
  105.   <\SystemRoot\System32\Drivers\m5281.sys><ALi Corporation>
  106. [M5289 / M5289][Running/Boot Start]
  107.   <\SystemRoot\System32\Drivers\m5289.sys><ULi Electronics Inc.>
  108. [mdmxsdk / mdmxsdk][Running/Auto Start]
  109.   <system32\DRIVERS\mdmxsdk.sys><Conexant>
  110. [NVATABUS / NVATABUS][Running/Boot Start]
  111.   <\SystemRoot\System32\Drivers\NVATABUS.SYS><NVIDIA Corporation>
  112. [Service for NVIDIA(R) nForce(TM) MIDI UART / nvmpu401][Running/Manual Start]
  113.   <system32\drivers\nvmpu401.sys><NVIDIA Corporation>
  114. [NVRAID / NVRAID][Running/Boot Start]
  115.   <\SystemRoot\System32\Drivers\NVRAID.SYS><NVIDIA Corporation>
  116. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  117.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  118. [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  119.   <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
  120. [Secdrv / Secdrv][Stopped/Manual Start]
  121.   <system32\DRIVERS\secdrv.sys><N/A>
  122. [SI3112R / SI3112R][Stopped/Boot Start]
  123.   <\SystemRoot\System32\Drivers\SI3112r.sys><Silicon Image, Inc>
  124. [SI3114R / SI3114R][Stopped/Boot Start]
  125.   <\SystemRoot\SYSTEM32\Drivers\SI3114R.sys><Silicon Image, Inc>
  126. [SI3114R5 / SI3114R5][Stopped/Boot Start]
  127.   <\SystemRoot\System32\Drivers\Si3114r5.sys><Silicon Image, Inc>
  128. [SI3124 / SI3124][Stopped/Boot Start]
  129.   <\SystemRoot\SYSTEM32\Drivers\SI3124.sys><Silicon Image, Inc.>
  130. [SI3124R / SI3124R][Stopped/Boot Start]
  131.   <\SystemRoot\SYSTEM32\Drivers\SI3124R.sys><Silicon Image, Inc>
  132. [SI3124R5 / SI3124R5][Stopped/Boot Start]
  133.   <\SystemRoot\SYSTEM32\Drivers\Si3124r5.sys><Silicon Image, Inc>
  134. [SI3132 / SI3132][Stopped/Boot Start]
  135.   <\SystemRoot\System32\Drivers\SI3132.sys><Silicon Image, Inc.>
  136. [SI3132R5 / SI3132R5][Stopped/Boot Start]
  137.   <\SystemRoot\System32\Drivers\Si3132r5.sys><Silicon Image, Inc>
  138. [SiS315 / SiS315][Running/Manual Start]
  139.   <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
  140. [SISRAID2 / SISRAID2][Stopped/Boot Start]
  141.   <\SystemRoot\System32\Drivers\SiSRaid2.sys><Silicon Integrated Systems Corp>
  142. [SISRAID4 / SISRAID4][Stopped/Boot Start]
  143.   <\SystemRoot\System32\Drivers\SiSRaid4.sys><Silicon Integrated Systems>
  144. [ssmdrv / ssmdrv][Running/System Start]
  145.   <system32\DRIVERS\ssmdrv.sys><Avira GmbH>
  146. [SYMMPI / SYMMPI][Stopped/Boot Start]
  147.   <\SystemRoot\System32\Drivers\symmpi.sys><LSI Logic>
  148. [sym_hi / sym_hi][Running/Boot Start]
  149.   <\SystemRoot\System32\Drivers\sym_hi.sys><LSI Logic>
  150. [sym_u3 / sym_u3][Running/Boot Start]
  151.   <\SystemRoot\System32\Drivers\sym_u3.sys><LSI Logic>
  152. [ULSATA / ULSATA][Running/Boot Start]
  153.   <\SystemRoot\System32\Drivers\ulsata.sys><Promise Technology, Inc.>
  154. [ULSATA2 / ULSATA2][Running/Boot Start]
  155.   <\SystemRoot\System32\Drivers\ulsata2.sys><Promise Technology, Inc.>
  156. [VIAMRAID / VIAMRAID][Stopped/Boot Start]
  157.   <\SystemRoot\System32\Drivers\viamraid.sys><VIA Technologies inc,.ltd>
  158. [vmscsi / vmscsi][Stopped/Boot Start]
  159.   <\SystemRoot\System32\Drivers\vmscsi.sys><VMware, Inc.>
  160. [winachsf / winachsf][Running/Manual Start]
  161.   <system32\DRIVERS\HSFCXTS2.sys><Conexant Systems, Inc.>
  162. ==================================
  163. 浏览器加载项
  164. [雨林木风]
  165.   {7550D5D5-D85C-414F-B623-0AD223AEC216} <http://www.ylmf.com, N/A>
  166. [Windows Genuine Advantage Validation Tool]
  167.   {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
  168. [WUWebControl Class]
  169.   {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
  170. [导出到 Microsoft Office Excel(&X)]
  171.   <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
  172. [添加到QQ表情]
  173.   <E:\QQ\AddEmotion.htm, N/A>
  174. ==================================
  175. 正在运行的进程
  176. [PID: 432 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  177. [PID: 492 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  178. [PID: 516 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  179.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  180. [PID: 560 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  181. [PID: 572 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  182. [PID: 708 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  183. [PID: 776 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  184. [PID: 840 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  185. [PID: 900 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  186. [PID: 972 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  187. [PID: 1172 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
  188. [PID: 1208 / SYSTEM][F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avguard.exe]  [Avira GmbH, 7.00.00.82]
  189.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avgio.dll]  [Avira GmbH, 7.00.00.01]
  190.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avevtlog.dll]  [Avira GmbH, 7.00.00.20]
  191.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\guardmsg.dll]  [Avira GmbH, 7.00.11.00]
  192.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\sqlite3.dll]  [, 3, 3, 17, 1]
  193.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  194.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\AVPREF.DLL]  [Avira GmbH, 7.00.02.02]
  195.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\SMTPLIB.DLL]  [Avira GmbH, 1.02.00.17]
  196.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\AVPACK32.DLL]  [Avira GmbH, 7.03.00.15]
  197.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\unacev2.dll]  [N/A, ]
  198.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avipc.dll]  [Avira GmbH, 1.00.00.04]
  199.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\AVEWIN32.DLL]  [Avira GmbH, 7.6.0.34]
  200. [PID: 1396 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  201.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  202.     [D:\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
  203.     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
  204.     [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
  205.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\shlext.dll]  [Avira GmbH, 7.00.00.10]
  206.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
  207.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  208.     [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)]
  209. [PID: 1548 / Administrator][D:\FengYun\FYFireWall.exe]  [www.218.cc, 1.2.6.0]
  210.     [D:\FengYun\arpinfo.dll]  [N/A, ]
  211.     [D:\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
  212. [PID: 1556 / Administrator][F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avgnt.exe]  [Avira GmbH, 7.02.00.16]
  213.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
  214.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  215.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\cclib.dll]  [Avira GmbH, 7.02.00.03]
  216.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
  217.     [f:\antivir\avira\antivir personaledition classic\ccgen.dll]  [Avira GmbH, 7.02.00.10]
  218.     [f:\antivir\avira\antivir personaledition classic\ccgenrc.dll]  [Avira GmbH, 7.02.04.02]
  219.     [f:\antivir\avira\antivir personaledition classic\ccguard.dll]  [Avira GmbH, 7.00.01.35]
  220.     [f:\antivir\avira\antivir personaledition classic\ccgrdrc.dll]  [Avira GmbH, 7.00.06.00]
  221.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avipc.dll]  [Avira GmbH, 1.00.00.04]
  222.     [f:\antivir\avira\antivir personaledition classic\ccupdate.dll]  [Avira GmbH, 7.02.00.04]
  223.     [f:\antivir\avira\antivir personaledition classic\ccupdrc.dll]  [Avira GmbH, 7.02.01.00]
  224.     [f:\antivir\avira\antivir personaledition classic\cclic.dll]  [Avira GmbH, 7.02.00.04]
  225.     [f:\antivir\avira\antivir personaledition classic\cclicrc.dll]  [Avira GmbH, 7.02.01.00]
  226.     [f:\antivir\avira\antivir personaledition classic\ccmsg.dll]  [Avira GmbH, 7.00.00.00]
  227.     [D:\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
  228. [PID: 1564 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  229.     [D:\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
  230. [PID: 348 / SYSTEM][F:\AntiVir\Avira\AntiVir PersonalEdition Classic\sched.exe]  [Avira GmbH, 7.00.00.62]
  231.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  232.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
  233.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\schedr.dll]  [Avira GmbH, 7.00.24.00]
  234.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avevtlog.dll]  [Avira GmbH, 7.00.00.20]
  235.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\sqlite3.dll]  [, 3, 3, 17, 1]
  236.     [F:\AntiVir\Avira\AntiVir PersonalEdition Classic\avipc.dll]  [Avira GmbH, 1.00.00.04]
  237. [PID: 1404 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  238. [PID: 3476 / Administrator][D:\TW\TheWorld 2.0\TheWorld.exe]  [Phoenix Studio, 2, 1, 0, 1]
  239.     [D:\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
  240.     [D:\TW\THEWOR~1.0\Plugin\SysState\SysState.dll]  [Phoenix Stdio, 1, 0, 0, 7]
  241.     [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
  242.     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
  243.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  244.     [C:\WINDOWS\system32\msdmo.dll]  [, ]
  245.     [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
  246.     [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
  247. [PID: 2420 / Administrator][E:\sreng\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
  248.     [D:\FengYun\fymon.dll]  [www.218.cc, 1.2.3.75]
  249.     [E:\sreng\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
  250. ==================================
  251. 文件关联
  252. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  253. .EXE  OK. ["%1" %*]
  254. .COM  OK. ["%1" %*]
  255. .PIF  OK. ["%1" %*]
  256. .REG  OK. [regedit.exe "%1"]
  257. .BAT  OK. ["%1" %*]
  258. .SCR  OK. ["%1" /S]
  259. .CHM  OK. ["C:\WINDOWS\hh.exe" %1]
  260. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  261. .INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  262. .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  263. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  264. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  265. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
  266. ==================================
  267. Winsock 提供者
  268. N/A
  269. ==================================
  270. Autorun.inf
  271. N/A
  272. ==================================
  273. HOSTS 文件
  274. 127.0.0.1       localhost
  275. ==================================
  276. 进程特权扫描
  277. 特殊特权被允许: SeLoadDriverPrivilege [PID = 1208, F:\ANTIVIR\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE]
  278. 特殊特权被允许: SeSystemtimePrivilege [PID = 1548, D:\FENGYUN\FYFIREWALL.EXE]
  279. 特殊特权被允许: SeDebugPrivilege [PID = 1548, D:\FENGYUN\FYFIREWALL.EXE]
  280. 特殊特权被允许: SeLoadDriverPrivilege [PID = 1548, D:\FENGYUN\FYFIREWALL.EXE]
  281. 特殊特权被允许: SeSystemtimePrivilege [PID = 1556, F:\ANTIVIR\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGNT.EXE]
  282. 特殊特权被允许: SeDebugPrivilege [PID = 1556, F:\ANTIVIR\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGNT.EXE]
  283. 特殊特权被允许: SeLoadDriverPrivilege [PID = 1556, F:\ANTIVIR\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGNT.EXE]
  284. 特殊特权被允许: SeSystemtimePrivilege [PID = 3476, D:\TW\THEWORLD 2.0\THEWORLD.EXE]
  285. 特殊特权被允许: SeDebugPrivilege [PID = 3476, D:\TW\THEWORLD 2.0\THEWORLD.EXE]
  286. 特殊特权被允许: SeLoadDriverPrivilege [PID = 3476, D:\TW\THEWORLD 2.0\THEWORLD.EXE]
  287. ==================================
  288. API HOOK
  289. N/A
  290. ==================================
  291. 隐藏进程
  292. N/A
  293. ==================================
复制代码

[ 本帖最后由 Graybird 于 2007-12-4 11:58 编辑 ]
回复

举报

wj321314
发表于 2007-12-4 11:26:15 | 显示全部楼层
沙发都没人坐啦????

偶看不懂!
回复

举报

command
发表于 2007-12-4 11:28:34 | 显示全部楼层
日志没有问题啊!

评分

参与人数 1经验 +2 收起 理由
etly + 2 感谢支持,欢迎常来: )

查看全部评分

回复

举报

fzhaaaa
头像被屏蔽
发表于 2007-12-4 11:42:03 | 显示全部楼层
吐血~~~~日志看太多头晕~
回复

举报

伊の星
发表于 2007-12-4 11:47:59 | 显示全部楼层
原帖由 command 于 2007-12-4 11:28 发表
日志没有问题啊!

日志确实没什么问题,
楼主维护得真好
回复

举报

Graybird
 楼主| 发表于 2007-12-4 11:52:32 | 显示全部楼层

回复 5楼 etly 的帖子

没问题~ 我就放心了~
回复

举报

jpzy
发表于 2007-12-4 11:59:40 | 显示全部楼层
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
这里似乎是启动后安装一个Active控件,安装文件在系统文件夹system32下面,文件名叫shmgrate.exe,请你确定这个东西没问题!
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
这里跟上面一样,是安装这个控件到Outlook Express!
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
这个不知道是做什么的!你是不是自己安装什么美化界面了?!我记得windows的主题控件是uxthemes.dll,不知道这个启动就注册的themeui.dll是什么东西!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
对了,你是不是刚装完Outlook Express或者Office,并且还没有重启啊!

    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
这里的几个,表面上看起来没问题,不过,正常情况下应该没有这些东西的!再次怀疑,Lz是否安装了什么windows组件,并且没有重启!
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\PARTIC~1.SCR>  [Longbow Digital Arts]
控制面板项目,似乎是某个软件安装的控制面板项目!是不是某些软件安装完,提示重启,还没有重启啊?!

基本上LZ的日志看不出什么问题,红伞+风云的组合应该比较安全了!
回复

举报

伊の星
发表于 2007-12-4 12:14:46 | 显示全部楼层

回复 7楼 jpzy 的帖子

shmgrate.exe有两个,一个是outlook的,一个是ie的
刚装完的原版xp就有。应该没有问题。
[td]<%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
也是如此.......
随便附上没装任何软件的xp报告。
不过报告不代表一切。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

jpzy
发表于 2007-12-4 12:23:47 | 显示全部楼层
那就没问题了~!
估计重启以后,这些东西应该就没有了~!
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-26 09:52 , Processed in 0.143944 second(s), 19 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表