出现问题，求助！！！！

taisa911

1. 
   
2. 2007-03-27,23:14:37
   
3. System Repair Engineer 2.3.13.690
   
4. Smallfrogs (http://www.KZTechs.com)
   
5. Windows XP Professional Service Pack 2 (Build 2600)
   
6. - 管理权限用户 - 完整功能
   
7. 以下内容被选中：
   
8.     所有的启动项目（包括注册表、启动文件夹、服务等）
   
9.     浏览器加载项
   
10.     正在运行的进程（包括进程模块信息）
    
11.     文件关联
    
12.     Winsock 提供者
    
13.     Autorun.inf
    
14.     HOSTS 文件
    
15. 
    
16. 启动项目
    
17. 注册表
    
18. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    
19.     <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    
20.     <MsnMsgr><"D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [(Verified)Microsoft Corporation]
    
21. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    
22.     <IMJPMIG8.1><"D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    
23.     <PHIME2002ASync><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    
24.     <PHIME2002A><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    
25.     <DAEMON Tools-2052><"D:\Program Files\D-Tools\daemon.exe"  -lang 2052>  [DAEMON'S HOME]
    
26.     <kis><"D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe">  [Kaspersky Lab]
    
27.     <360Safetray><D:\Program Files\360safe\safemon\360Tray.exe /start>  [奇虎网]
    
28. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    
29.     <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    
30.     <Userinit><D:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
    
31.     <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
    
32. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    
33.     <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Corporation]
    
34. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    
35.     <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation]
    
36.     <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation]
    
37.     <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation]
    
38.     <SysTray><D:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Corporation]
    
39. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    
40.     <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Corporation]
    
41. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    
42.     <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Corporation]
    
43. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    
44.     <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Corporation]
    
45. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    
46.     <WinlogonNotify: klogon><D:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
    
47. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    
48.     <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Corporation]
    
49. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    
50.     <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Corporation]
    
51. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    
52.     <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Corporation]
    
53. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    
54.     <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Corporation]
    
55. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    
56.     <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Corporation]
    
57. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    
58.     <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Corporation]
    
59. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    
60.     <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation]
    
61.     <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation]
    
62. [HKEY_CURRENT_USER\Control Panel\Desktop]
    
63.     <SCRNSAVE.EXE><D:\WINDOWS\system32\logon.scr>  [(Verified)Microsoft Corporation]
    
64. ==================================
    
65. 启动文件夹
    
66. N/A
    
67. ==================================
    
68. 服务
    
69. [ASP.NET State Service / aspnet_state][Stopped/Manual Start]
    
70.   <D:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
    
71. [卡巴斯基互联网安全套装 6.0 / AVP][Running/Auto Start]
    
72.   <"D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
    
73. [Human Interface Device Access / HidServ][Stopped/Disabled]
    
74.   <D:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
    
75. [Windows Media Connect Service / WMConnectCDS][Stopped/Manual Start]
    
76.   <D:\Program Files\Windows Media Connect 2\wmccds.exe><Microsoft Corporation>
    
77. [Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
    
78.   <D:\WINDOWS\System32\svchost.exe -k netsvcs-->D:\WINDOWS\system32\mspmsnsv.dll><Microsoft Corporation>
    
79. ==================================
    
80. 驱动程序
    
81. [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
    
82.   <system32\drivers\ac97intc.sys><Intel Corporation>
    
83. [d347bus / d347bus][Running/Boot Start]
    
84.   <\SystemRoot\system32\DRIVERS\d347bus.sys><>
    
85. [d347prt / d347prt][Running/Boot Start]
    
86.   <\SystemRoot\System32\Drivers\d347prt.sys><>
    
87. [kl1 / kl1][Running/Boot Start]
    
88.   <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
    
89. [klif / klif][Running/System Start]
    
90.   <\??\D:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
    
91. [nv / nv][Running/Manual Start]
    
92.   <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
    
93. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    
94.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
    
95. [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
    
96.   <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
    
97. [Secdrv / Secdrv][Running/Auto Start]
    
98.   <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
    
99. ==================================
    
100. 浏览器加载项
     
101. [Windows Live Sign-in Helper]
     
102.   {9030D464-4C02-4ABF-8ECC-5164760863C6} <D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
     
103. [NavigatMon Class]
     
104.   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360safe\safemon\safemon.dll, >
     
105. [Web反病毒保护]
     
106.   {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
     
107. [Messenger]
     
108.   {FB5F1910-F110-11d2-BB9E-00C04F795683} <D:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
     
109. [Java Plug-in]
     
110.   {8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
     
111. [Java Plug-in]
     
112.   {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
     
113. [Java Plug-in 1.5.0_06]
     
114.   {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <D:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
     
115. [Shell Name Space]
     
116.   {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
     
117. [SSVHelper Class]
     
118.   {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
     
119. [Windows Live Sign-in Helper]
     
120.   {9030D464-4C02-4ABF-8ECC-5164760863C6} <D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
     
121. [NavigatMon Class]
     
122.   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360safe\safemon\safemon.dll, >
     
123. [Shockwave Flash Object]
     
124.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\flash.ocx, Macromedia, Inc.>
     
125. ==================================
     
126. 正在运行的进程
     
127. N/A
     
128. ==================================
     
129. 文件关联
     
130. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
     
131. .EXE  OK. ["%1" %*]
     
132. .COM  OK. ["%1" %*]
     
133. .PIF  OK. ["%1" %*]
     
134. .REG  OK. [regedit.exe "%1"]
     
135. .BAT  OK. ["%1" %*]
     
136. .SCR  OK. ["%1" /S]
     
137. .CHM  OK. ["D:\WINDOWS\hh.exe" %1]
     
138. .HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
     
139. .INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
     
140. .INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
     
141. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
     
142. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
     
143. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
     
144. ==================================
     
145. Winsock 提供者
     
146. N/A
     
147. ==================================
     
148. Autorun.inf
     
149. N/A
     
150. ==================================
     
151. HOSTS 文件
     
152. 127.0.0.1       localhost
     
153. ==================================
     
154. API HOOK
     
155. 警告！System Repair Engineer 提醒
     
156. 你下面的函数内容与预期值不符，他
     
157. 们可能被一些恶意的软件所修改：
     
158. RVA  错误： LoadLibraryA
     
159. RVA  错误： LoadLibraryExA
     
160. RVA  错误： LoadLibraryExW
     
161. RVA  错误： LoadLibraryW
     
162. 入口点错误：CreateProcessA
     
163. 入口点错误：CreateProcessW
     
164. ==================================
     

复制代码

wangjay1980

什么问题

taisa911

MSN经常暂时无法输入文字