今天刚刚会用SRE·扫了一下，貌似有问题，是不中毒了么？

显示全部楼层 · 发表于 2007-4-5 21:04:04

======

显示全部楼层 · 发表于 2007-4-5 21:04:44

下面的是日志：

2007-04-05,15:19:01
System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Zone Labs Client><C:\Program Files\CA\eTrust Internet Security Suite\eTrust Personal Firewall\ca.exe> [(Verified)Check Point Software Technologies Inc.]
<AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"> [Kaspersky Lab]
<Vistadrv><C:\Program Files\Vista\systool\Vistadrive\vsdrv.exe> []
<360Safetray><D:\精品优化系统软件\360safe_3.0b3\360safe_3.0b3\safemon\360Tray.exe /start> [奇虎网]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><"\Program Files\Logonui\Logonui.exe"> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows]
==================================
启动文件夹
N/A
==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[卡巴斯基反病毒6.0 / AVP][Running/Auto Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[TrueVector Internet Monitor / vsmon][Running/Auto Start]
<C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service><Zone Labs, LLC>
==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[HelloNet PPPoE 虚拟网卡 / BRPPPOE][Running/Manual Start]
<system32\DRIVERS\brpppoe.sys><N/A>
[713x_Genius TV Card Capture / Cap7134][Running/Manual Start]
<system32\DRIVERS\Cap7134.sys><Philips Semiconductors>
[DSDrv4 / DSDrv4][Stopped/Manual Start]
<\??\c:\PROGRA~1\DScaler\DSDrv4.sys><>
[kl1 / kl1][Running/Boot Start]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[nvatabus / nvatabus][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[NVIDIA Disk Cache Filter Driver / nvcchflt][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\nvcchflt.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
<system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[Philips WDM TVTuner (FM1216ME) / PhTVTune][Running/Manual Start]
<system32\DRIVERS\PhTVTune.sys><Philips Semiconductors>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[vsdatant / vsdatant][Running/System Start]
<System32\vsdatant.sys><Zone Labs, LLC>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
==================================
浏览器加载项
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\Program Files\MagicSet\haokanbar.dll, Xiang Feng Technology>
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\精品优化系统软件\360safe_3.0b3\360safe_3.0b3\safemon\safemon.dll, N/A>
[IE7pro ToolsExt]
{0026439F-A980-4f18-8C95-4F1CBBF9C1D8} <, N/A>
[Web反病]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\Program Files\MagicSet\haokanbar.dll, Xiang Feng Technology>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[IE7pro BHO]
{00011268-E188-40DF-A514-835FCD78B1BF} <, N/A>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\Program Files\MagicSet\haokanbar.dll, Xiang Feng Technology>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\Program Files\MagicSet\haokanbar.dll, Xiang Feng Technology>
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\精品优化系统软件\360safe_3.0b3\360safe_3.0b3\safemon\safemon.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[使用迅雷下载]
<D:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<D:\Program Files\Thunder\Program\getallurl.htm, N/A>
[用比特精灵下载(&B)]
<D:\BitSpirit_3.2.2.160\BitSpirit\bsurl.htm, N/A>
==================================
正在运行的进程
[PID: 712][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4116]
[C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 6.0.1.411]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1056][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1084][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1272][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4116]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 1312][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1392][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1476][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[PID: 1988][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll] [Kaspersky Lab, 1.0.6.411]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[c:\windows\ContextBG.dll] [Grigri, 1, 0, 0, 1]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll] [Kaspersky Lab, 6.0.1.411]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll] [Kaspersky Lab, 6.0.1.411]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.1.411]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\HSTxtCap.dll] [Hyperionics Technology LLC, 1, 0, 3, 0]
[PID: 552][D:\精品优化系统软件\360safe_3.0b3\360safe_3.0b3\safemon\360Tray.exe] [奇虎网, 3, 2, 1, 1001]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[D:\精品优化系统软件\360safe_3.0b3\360safe_3.0b3\safemon\SafeKrnl.dll] [奇虎网, 3, 2, 0, 1001]
[D:\精品优化系统软件\360safe_3.0b3\360safe_3.0b3\AntiAdwa.dll] [360Safe.com, 3, 2, 0, 1001]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[D:\精品优化系统软件\360safe_3.0b3\360safe_3.0b3\live.dll] [360safe.COM, 1, 0, 0, 1011]
[PID: 564][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 492][C:\Program Files\ADSL拨号王\HNMainUI.exe] [, 2, 3, 0, 1]
[C:\Program Files\ADSL拨号王\HNKernel.dll] [HelloNet, 2.2.0.1]
[C:\Program Files\ADSL拨号王\HNUtils.dll] [, 2, 2, 0, 1]
[C:\Program Files\ADSL拨号王\HNRes_0804.dll] [, 2, 2, 0, 1]
[C:\Program Files\ADSL拨号王\plugins\Diagnose.dll] [HelloNet, 2.2.0.1]
[PID: 736][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll] [Kaspersky Lab, 1.0.6.411]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[c:\windows\ContextBG.dll] [Grigri, 1, 0, 0, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll] [Kaspersky Lab, 6.0.1.411]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[PID: 348][D:\Program Files\Thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5, 5, 4, 268]
[D:\Program Files\Thunder\Program\msgmanage.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[D:\Program Files\Thunder\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
[D:\Program Files\Thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 12, 2, 44]
[D:\Program Files\Thunder\Program\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 12, 2, 44]
[D:\Program Files\Thunder\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 8]
[D:\Program Files\Thunder\Program\FloatBar.dll] [Giganology Inc., 1, 0, 0, 2]
[D:\Program Files\Thunder\Program\iTargetAD.dll] [N/A, ]
[D:\Program Files\Thunder\Components\DiagnoseHelper\DiagnoseHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
[D:\Program Files\Thunder\Components\PortVerify\PortVerify.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[D:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[D:\Program Files\Thunder\Components\DTAG\DTAG.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[D:\Program Files\Thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1, 0, 3, 14]
[D:\Program Files\Thunder\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 2, 1, 43]
[D:\Program Files\Thunder\Components\VPSHELL\VPSHELL.dll] [, 1, 0, 0, 1]
[D:\Program Files\Thunder\Components\VPSHELL\VideoPicture.dll] [XunLei, 1, 0, 0, 1]
[D:\Program Files\Thunder\Plugins\TingTing\TingTing.dll] [Thunder Networking Technologies,LTD, 1, 1, 1, 12]
[D:\Program Files\Thunder\Plugins\BhoAdv\bho_adv.dll] [深圳市迅雷网络技术有限公司, 1.0.1.0]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\HSTxtCap.dll] [Hyperionics Technology LLC, 1, 0, 3, 0]
[PID: 2620][D:\Program Files\GreenBrowser380112_DIY\GreenBrowser\GreenBrowser.ExE] [MoreQuick, 1, 0, 0, 0]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll] [Kaspersky Lab, 1.0.6.411]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.1.411]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll] [Kaspersky Lab, 6.0.1.411]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.1.411]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.1.411]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.1.411]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.1.411]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.1.411]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\HSTxtCap.dll] [Hyperionics Technology LLC, 1, 0, 3, 0]
[PID: 2892][D:\System Repair Engineer\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\HSTxtCap.dll] [Hyperionics Technology LLC, 1, 0, 3, 0]
[PID: 3832][D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\HprSnap6.exe] [Hyperionics Technology LLC, 6, 11, 2, 0]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LTFIL10N.DLL] [LEAD Technologies, Inc., 10.0.0.024]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LTKRN10N.dll] [LEAD Technologies, Inc., 10.0.0.024]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LTIMG10N.dll] [LEAD Technologies, Inc., 10.0.0.018]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LTDIS10N.dll] [LEAD Technologies, Inc., 10.0.0.024]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LTTWN10N.dll] [LEAD Technologies, Inc., 10.0.0.024]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LTDLG10N.dll] [LEAD Technologies, Inc., 10.0.0.024]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LTEFX10N.dll] [LEAD Technologies, Inc., 10.0.0.018]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\HprRes6.dll] [Hyperionics Technology LLC, 6, 10, 1, 0]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\HSTxtCap.dll] [Hyperionics Technology LLC, 1, 0, 3, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll] [Kaspersky Lab, 1.0.6.411]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LFFAX10N.DLL] [LEAD Technologies, Inc., 10.0.0.018]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LFCMP10N.DLL] [LEAD Technologies, Inc., 10.0.0.024]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LFTIF10N.DLL] [LEAD Technologies, Inc., 10.0.0.022]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LFLMB10N.DLL] [LEAD Technologies, Inc., 10.0.0.011]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LFBMP10N.DLL] [LEAD Technologies, Inc., 10.0.0.013]
[D:\Program Files\专业级屏幕抓图工具、可支持游戏和视频\LFPCX10N.DLL] [LEAD Technologies, Inc., 10.0.0.009]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
API HOOK
RVA 错误： LoadLibraryA (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0xAAE1BB25)
RVA 错误： LoadLibraryExA (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0xAAE1BD67)
RVA 错误： LoadLibraryExW (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0xAAE1BF0B)
RVA 错误： LoadLibraryW (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0xAAE1BC49)
RVA 错误： GetProcAddress (危险等级: 高, 被下面模块所HOOK: Dest Addr: 0xAAE1BE8F)
==================================
隐藏进程
N/A
==================================

复制代码

显示全部楼层 · 发表于 2007-4-5 21:05:05

各位大大帮忙看一下吧？？？

显示全部楼层 · 发表于 2007-4-5 21:32:35

是卡巴的启动画面
没有问题

显示全部楼层 · 发表于 2007-4-5 21:51:05

<UIHost><"\Program Files\Logonui\Logonui.exe"> [N/A]
把这个修改为 <UIHost><Logonui.exe>

显示全部楼层 · 发表于 2007-4-5 21:58:40

原帖由 wangjay1980 于 2007-4-5 21:51 发表
[N/A]
把这个修改为

这样修改，我也试过
但是，重启时WINDOWS会出现一个'BOOT.in'非法的提示画面
倒是可以正常启动
不知道是怎么回事？
会不会是系统优化软件把什么地方改的不能完全恢复了

显示全部楼层 · 发表于 2007-4-5 23:09:37

你是不是用什么软件修改了启动画面

显示全部楼层 · 发表于 2007-4-5 23:15:12

用SRE查看你的BOOT.ini，是不是正常的内容

显示全部楼层 · 发表于 2007-4-6 01:33:55

原帖由 wangjay1980 于 2007-4-5 23:09 发表
你是不是用什么软件修改了启动画面

我的确是把原来系统的启动画面给换了··怎么，

是这个的原因么？

显示全部楼层 · 发表于 2007-4-6 08:39:53

那就正常了，你还是用这个吧<UIHost><"\Program Files\Logonui\Logonui.exe"> [N/A]这个就是你修改后造成的